General Internet Safety Recommendations

A few friends have been writing me and asking for advice on how to keep their computers safe on the internet.  Some have written, and didn't even know they did (wink, wink), usually under the guise of a link that "I just gotta follow...". While there is no real safety on the internet, below is the list that I at least try to stick to in my house.

  • Rule 1: The only truly safe computer is the one that won't ever exist.
  • Rule 2: Everyone on the Internet wants to exploit you in some way, everyone.
  • Rule 3: Every computer must have anti-virus software installed.  Free is available, but a paid version is recommended simply because by being a revenue stream for the AVS company, they'll make the effort to make sure you don't forget to continue being a paid subscriber (so exploit their business model).  I prefer the ease of Avira.
  • Rule 4: Never follow unsolicited links in emails, even if you trust the source.  Consider links the big red button that when pushed will destroy the world (although that would make computers safe.).  If you solicited the email AND link, then copy&paste the link into your web-broswer instead, if you can.  Just so you are aware, a link can "say" anything its author wants, so it "may" look like a valid address, but it can take you anywhere the author wants when clicked.  For example, the following link actually takes you to an RCMP website but looks like it takes you to the Royal Bank http://www.rbcroyalbank.com.  By copying the link, you'll copy the "text", not the underlying "link destination".  But even this isn't always safe, because anyone can have a domain name and make it look safe such as: http://rbcroyalbank.trust.me when copied and pasted would actually take you to a trust.me controlled website, which could be something malicious.
  • Rule 5: Just because a website can "look" legitimate, it can be fake, and really it just wants you to enter in your login information so they can steal your life from the real website.
  • Rule 6: No email that you get telling you that "I can't believe what they're saying about you..." should be followed up by following the link provided.  Follow up with a phone call.  And don't reply to the email.
  • Rule 7: Have a separate email address for website accounts and use another one for friends and families.
  • Rule 8: Don't be lazy about your security, the people that want to exploit you (see rule 2 to find out just who that is) are always just a little less lazy than you.
  • Rule 9: Never ever give anyone your passwords to anything.  No legitimate website or friend will ask you for your password, or to remotely control your computer unsolicited.  Consider them like your Will, it will be exploited if you share it.
  • Rule 10: Keep separate passwords for work and play, but one no less safe than the other.
  • Rule 11: Stay off of immoral websites; the risk of being exploited is 4000% more likely (yes, I made that number up, and I think it is likely more conservative than exaggerated).
  • Rule 12: Google images is not necessarily a safe place to search.  The pretty pictures of flower gardens may actually link to a malicious website that when visited, attempts to infect unprotected computers (I have see this happen to the safest people with a non-updated AVS running on their computer and using an old browser).
  • Rule 13: Update your web browser.  There is no "great" browser, Chrome is fast but owned by Google, Firefox is good for techies but getting quite bloated, IE is just as good as any other but the obvious target of hackers simply by numbers.