Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My computer rules


  • Please log in to reply
20 replies to this topic

#1 scotty_ncc1701

scotty_ncc1701

  • Members
  • 520 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:38 AM

Posted 12 August 2014 - 10:17 PM

I've had people ask me about what guidelines, or as I call them, "rules" I follow.  So I've decided to share them.

These are the rules I use on our computers, or computer related tasks.  Keep in mind, that I'm just putting what is in my head "on paper", so this list will be change later as I add more.  These rules aren't in any specific order, they were just put in here, as I remembered them.

Now I know that there will be people that won't agree with my "rules", and that's perfectly fine.  However, remember that these "rules", which are the current ones, has evolved over the years, and they've kept our systems virus, malware and hack free since around October/November, 1995.

Remember, a computer to me is only a  tool.  I don't use them for games, etc.

Here we go:

1.  The basis of all these stem from is that the protection of us and our assets are paramount in all cases, as well as protecting my wife and I from any liabilities.  Additionally, it is 100% irrelevant on what others think about the rules, or what they think their rights are (note 1).  I comes down to that these are our computers, phones, etc, and they have no right to access our stuff without our permission.  If they don't like that, tuff.

2.  No one uses any of our computers, no matter the circumstances.  I have my own computers, and my wife has her own computer.

3.  When working on my wife's computer, at her request, I insist she is there seeing what I'm doing.  This applies whether I'm sitting at her desk, or she's watches me when I access it remotely.  When I sign onto her computer remotely, she gets a notice on the screen to that effect.

4.  My computer has no remote access by anyone.

5.  No one can use our home network, unless our computers are completely turned off, then they're limited normally to one hour per day.

6.  No programs are installed on our live computers, until thoroughly tested on the desktop (test) machine, or on a virtual machine.

7.  Nothing is transferred from the test or virtual machines to our live computers.

8.  Sample viruses/malware - Do not release the location(s) of where I downloaded the sample viruses from or any information concerning them, regardless of how innocuous it may be, except test results percentages.  This is to protect not only myself (liability reasons), but others from getting their computers infected, because proper preventative steps weren't taken.  This rule forces the individual(s) to find sample viruses/malware on their own, and thus makes them solely responsible.

9.  I will not just uninstall a program to remove it from the computer.  I will backup the computer, restore the computer to the image just before the program is installed, and reinstall everything from that point forward.  This is one reason all programs are tested, before installing them on our live computers.

10.  Use e-mail forwarding to reduce the chance of SPAM or my e-mails being compromised.

11.  Backup computers AT LEAST once per week.

12.  Nuke, pave and partition new computers immediately, or ASAP (attempt within 30 days) after purchase.

13.  Don't install web-cam software.

14.  Disable Microsoft defender, better programs are used.

15.  Disable Microsoft windows search, better programs are used.

16.  Disable Microsoft restore point, I've tested it out, and Microsoft has people bamboozled on thinking it is such a good program.

17.  Do not use automatic updates except for AVAST and Malwarebytes, and then just the definitions, not the programs.  All other programs  must be manually updated.  This constitutes a partial rebuild.

18.  Before installing or testing a program verify owner/author, and the country of origin.  If the country of origin can't be determined, then it is presumed that the author is a hacker, spammer, etc or from one of the bad countries.  In other words, hands off.

19.  As much as possible, don't download programs from third party sites.  There are  few exceptions to this, like Avast; they use CNET as their primary download.  As of 2014_07, I have the direct download link from AVAST.

20.  If a site uses a third party site for download purposes, and the third party site is flagged by Avast, Malwarebytes, etc as having malware, both the third party site, and the author's site is blocked, yes, GUILT BY ASSOCIATION.  It was the software author's decision to use the third party site, so they're responsible (guilty).

21.  Tech support individuals (e.g. from the ISP) aren't allowed to access our computers.  If they aren't willing to walk me through something, then take it to the CEO/President's office.  Then if they're fired, it's their fault.

22.  Keep Apache Server turned off, unless being used (for development).  Disable hard wire and/or wireless before turning on.

23.  Use passwords AT LEAST 15 characters long including numbers, mixed case and special characters.

24.  Change passwords AT LEAST monthly.

25.  Keep speakers turned off, unless listening to music or videos (which is rare).  If used, remember to turn them off when done.

26.  Turn off all warnings from Action Center.

27.  No programs, documents, etc are received directly from any friend, business acquaintance, etc.  They must be downloaded personally.  Accepting items from a business acquaintance is what got me hit with viruses in 1995.  Even then, run a scan on the major virus scan site.  The only computers I trust is my computer and my wife's computer, but they are scanned also.

28.  Once a site is placed on my black list, it will never be removed.

29.  Once an e-mail, be it specific or wild-carded, is placed on my blacklist, it will never be removed.

30.  Except for the Microsoft Update, or Microsoft Catalog applets, no ActiveX applets are ran on our computers.

31.  Java will not be installed.

32.  Although it is possible to receive faxes on our computers, we will not do so, for security reasons.  Nor will I pay to get a fax, so whatever "fax" the originator wants to send, it must be sent in plain text, via e-mail, or sent via snail mail.

33.  All e-mails are read in plain text.

34.  In general terms, most e-mails with attachments are automatically deleted at the server level, before they even get into our mailboxes.  To handle the few exceptions that must be considered, very specifically, license for software purchased on line, the following steps are taken:
34.1.  The e-mail I use when I purchase software has a special filter, just above the one that deletes attachments.  This filter drops all license e-mails into a special folder on the server.
34.2.  So far in all cases where the license information hasn't been displayed on my computer screen, so I create a PDF, text and screen capture of the license.
34.3.  Once I confirm all of the copies were saved correctly in a "license" folder on my hard drive, then the e-mails on the server are deleted.  If I know that there aren't any attachments, then I activate the "license" e-mail in the mail checking program, and my pop e-mail program, download the e-mails, then deactivate the "license" e-mail in the mail checking program and pop e-mail program.
34.4.  In all cases, the above steps have only had to be done in maybe 1% of the time, since around 1999.  So for all practical purposes, it basically non-existent.

35.  Don't use GMail, they are well known for scanning e-mails and performing targeted marketing.

36.  Rebuild computers from scratch AT LEAST every 6 months.

37.  Don't create, use, or go to sites using url shortners.

38.  JAVA:
38.1.  Don't use any programs requiring JAVA.
38.2.  Don't install JAVA.
38.3.  Don't use sites requiring JAVA.

39.  Bank:
39.1.  Always use the cyber token for bank access.
39.2.  Change website (and debit card) pin AT LEAST monthly.
39.2.1.  Don't repeat pins for AT LEAST 36 months.
39.3.  Keep old pins in an encrypted file, on a USB drive, in the safe.

40.  Don't use Skype.

41.  Don't use IM software.

42.  Do an in-depth defrag AT LEAST once per week.

43.  Change the SSID and password on the wireless AT LEAST once per month.

44.  Change the admin password on the router/modem, AT LEAST once per month.

45.  Download all Windows updates, and install from local files.

NOTES:
1.  What I'm referring to here is people may think, for example, they have the right to my e-mail, and to do what they want with it.  They would be wrong.
 



BC AdBot (Login to Remove)

 


#2 1PW

1PW

  • Members
  • 316 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North of the 38th parallel.
  • Local time:01:38 AM

Posted 13 August 2014 - 01:18 PM

Hello scotty_ncc1701:
 
Thank you for your list.
 

25. Keep speakers turned off, unless listening to music or videos (which is rare). If used, remember to turn them off when done.

 
I admit, this peaked my curiosity. Is your concern that a speaker can also be used as a microphone?
 
But yes - run your computer systems like they were installed in the deepest bowels of a big government's black site. 
 
Does data encryption play a part in any of your computing?


Edited by 1PW, 13 August 2014 - 01:21 PM.

All viruses are malware but not all malware are viruses and if the malware doesn't self replicate it just isn't a virus.


#3 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:38 AM

Posted 13 August 2014 - 03:19 PM

Your virtual machines, you only use them for test? Not for production?

 

I do all my financial transactions in a virtual machine. This has one extra protection against malware compared to physical machines:

a substantial amount of malware does not become active on virtual machines.

When such malware detects it is running on a VM, it does not exhibit its malicious behavior.

This is thought to be a defense mechanism used by malware authors against malware analysts.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#4 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:06:38 PM

Posted 14 August 2014 - 12:16 AM

There is a very simple trick that you have missed that subverts a lot of malware scotty...

 

Use group policy to prevent executable files being executed from anywhere on your system except your program and system files directories.

 

A very high percentage of malware packages depend upon temp/random location file execution... when you take this away you leave them very little to work with.

 

I manage 100 machines, and between that and my inbound only proxy rules I haven't seen malware on-site in a long time.



#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:38 AM

Posted 14 August 2014 - 02:35 AM

Use group policy to prevent executable files being executed from anywhere on your system except your program and system files directories.


You mean SRP/AppLocker?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#6 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:06:38 PM

Posted 14 August 2014 - 03:07 AM

No, just group policy.

 

I had to make quite a few specific exceptions for applications like AutoCad and PDFXchange. It took a couple of weeks to teeth out. All good now though.



#7 scotty_ncc1701

scotty_ncc1701
  • Topic Starter

  • Members
  • 520 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:38 AM

Posted 14 August 2014 - 10:52 PM

To answer SOME of the questions.

1.  Speakers - personal preference, I hate all the dings, bings, and voices (like Avast).  Turning the speakers off is easier than turning off sounds, if allowed, in each program.

2.  As I've said before, about 19 years (1995_10 or 1995_11) without viruses, malware or being hacked, all the efforts are worth it.

3.  Without going into detail, data encryption, yes.

4.  Virtual machines - other than testing, an idea to consider.

Have a great day!
:bananas: :bounce:
 



#8 rp88

rp88

  • Members
  • 3,060 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:38 AM

Posted 15 August 2014 - 12:55 PM

rule 19: i find it most bizarre that even AVG uses a third party site for it's downloads. i strongly agree with your "distrust third party downloads" but wish they would realize that and host their own download server.

 

rule 37 is also very true, i always assume a bit.ly (or tinyurl or other similar type) link is leading to malware. there is no reason to shorten a url other than do do something dark and dirty. 

 

rule 25 doesn't make much sense, i mean turning off speakers won't do any harm but i can't see how leaving them on will either.

 

rule 18 makes sense from a "verify author" perspective but "country of origin" should be irrelevant. any and every country contains good and bad individuals, an address to a real world location (which you can verify by a separate means like google earth) does a lot to make a tech company more believable though. an email they readily respond to (by human not by automated rubbish) also does a lot to improve both their trustworthiness and their overall reputation.

 

also i'm surprised you haven't created any rules for yourselves about methods of maintaining privacy/anonymity online, even if not very sophisticated stuff there are still small steps you can take to stop advertisers tracking you etc, and others to avoid spilling certain personal information.


Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#9 scotty_ncc1701

scotty_ncc1701
  • Topic Starter

  • Members
  • 520 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:38 AM

Posted 15 August 2014 - 03:23 PM

RP88 Quotes

rule 25 doesn't make much sense, i mean turning off speakers won't do any harm but i can't see how leaving them on will either.

Look in item #7.

rule 18 makes sense from a "verify author" perspective but "country of origin" should be irrelevant. any and every country contains good and bad individuals, an address to a real world location (which you can verify by a separate means like google earth) does a lot to make a tech company more believable though. an email they readily respond to (by human not by automated rubbish) also does a lot to improve both their trustworthiness and their overall reputation.

This is were we'll always disagree.  If people would take the time, they would see the underhanded things people do.  For instance, a few months ago, there was a program that I thought, based on description was something I'd used.  But the facts were:

1.  The author was from Russia.
2.  Their "address" was was in Florida.  However, several mapping sites put them in an empty lot, as proven by satellite pictures.
3.  Their phone was in New York.
4.  But the phone number was a bad number.

The problem that you (in the general sense), if people use programs like flag fox (geotool), they only look at the flag on the addressbar, and don't do the research.  They see the US flag there, and immediately presume that it is a US site.  However that just shows were the site is located, not who owns it (e.g. Chinese owner, Russian owner, etc).  Even when you look at the site statistics, they don't look any further than that.  So if a Chinese, Russian, etc site owner has their site in the US, and distribute malware, the US will get the blame, instead of the real country.

also i'm surprised you haven't created any rules for yourselves about methods of maintaining privacy/anonymity online, even if not very sophisticated stuff there are still small steps you can take to stop advertisers tracking you etc, and others to avoid spilling certain personal information.

At the beginning of my post, look at what I said, specifically: "Keep in mind, that I'm just putting what is in my head "on paper"..."  Over 1/2 of my browser add-ons are security related, I even listed some of them in the series of 7 posts in General Security.

My rules have kept my/our systems clean now for about 19 years, thus they're stood the test of fire.

Have a great day!
:bananas: :bounce:

 



#10 rp88

rp88

  • Members
  • 3,060 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:38 AM

Posted 15 August 2014 - 04:08 PM

if there is a chance of "things" being carried via sounds then turning off the speakers suddenly makes sense. 

as for your country points what you say in your latest has something to it, not that you think software from certain nations is automatically dodgy but that you think anyone lying about their country is suspicious, which makes sense. why would a legit person feel the need to say they were somewhere quite different to their true location.


Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#11 scotty_ncc1701

scotty_ncc1701
  • Topic Starter

  • Members
  • 520 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:38 AM

Posted 16 August 2014 - 08:27 AM

if there is a chance of "things" being carried via sounds then turning off the speakers suddenly makes sense. 

as for your country points what you say in your latest has something to it, not that you think software from certain nations is automatically dodgy but that you think anyone lying about their country is suspicious, which makes sense. why would a legit person feel the need to say they were somewhere quite different to their true location.

I've been real busy the past few days, but now allow me to make my FINAL COMMENTS IN THIS THREAD, WHEN I REFER TO CHOOSING SOFTWARE, BASED ON COUNTRY OF ORIGIN.

1.  I always verify the author's country of origin.

2.  If it's on my list of countries I won't use software from, even if geo-location says it is in another country.

3.  If I can't determine the country of origin, I presume it is on the list, and won't use the software, even if geo-location says it is in a country that isn't on my list.

4.  The example given in the previous post, is just an example of why I always verify the country of origin.  This person lied about his location, so what else is he lying about?  Like one TV personality said, "I wouldn't believe them if their tongue came notarized".

5.  Most, but not all of the countries on my list are known to the the top countries that distribute viruses/malware.  So it is guilt by association (location).

6.  Most of people I've helped, that was having issues, had their issues resolved.  I told them that software "X", "Y", or "Z" was removed (or not installed) and they had no issues.  But as soon as they loaded other software from the countries on my list, they started to have issues again.

7.  My general rule of thumb is that people I help will be told that if they load software from the list of countries I have.  If trouble ensues, then they're cut off from any additional help, unless they were willing to pay at least $400 cash, up front (I knew they wouldn't pay it).  First help is free (usually), after that, they're cut off.

Have a great day!
:bananas: :bounce:

 


Edited by scotty_ncc1701, 16 August 2014 - 08:29 AM.


#12 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,086 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:09:38 AM

Posted 23 August 2014 - 08:48 AM

Hi Scotty,

 

You mention a list of countries of which you will not use programs which came from those countries, but as far as I know you have not posted the list. I am curious to find out which countries you will not use programs from.

 

xXToffeeXx~


Edited by xXToffeeXx, 23 August 2014 - 08:49 AM.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:38 AM

Posted 23 August 2014 - 10:41 AM

Bleeping Computer members are comprised of folks from all over the globe...not just the USA. While an individual member may have a problem with or not want to use products from certain countries, I don't feel as if that should be a general rule tossed out there for everyone else to adhere to.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:03:38 AM

Posted 23 August 2014 - 10:57 AM

You forgot to mention:

If you have children and they have their own computers or devices that connect to the internet YOU as the parent, the one who pays your ISP, the one who has to clean up their devices when they get infected, HAVE THE RIGHT TO MONITOR WHAT THEY DO ON THE DEVICE. YOU have the right to restrict access or take away the devices.

It isn't all about keeping the device clean, it can also be a SAFETY issue. Kids think nothing will ever happen to them. Everyone they talk to on the internet is their "friend". Unfortunately, all to often those "friends" are predators who will cause harm to the kids they talk to. Children think nothing of giving out their phone number, home address, email address, where they go to school, sending pictures of themselves, etc, to strangers.

#15 scotty_ncc1701

scotty_ncc1701
  • Topic Starter

  • Members
  • 520 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:38 AM

Posted 23 August 2014 - 04:40 PM

Bleeping Computer members are comprised of folks from all over the globe...not just the USA. While an individual member may have a problem with or not want to use products from certain countries, I don't feel as if that should be a general rule tossed out there for everyone else to adhere to.

 

Remember that I said "I've had people ask me about what guidelines, or as I call them, "rules" I follow", key words "I follow".  If they want to do the same, or not, it is their choice.  No one has to adhere to what I put up, it is what I do.

Have a great day!
:bananas: :bounce:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users