Security Question

My last computer got hacked and and fried. It was awful. So now I am back with a vengence, but I want to make sure not to make the same mistake twice.

I was wondering if there was anyone here, maybe, who could point me in the right direction…

I have been using Win XP, and it comes with a firewall, but I am worried it isn’t strong enough.

I am thinking about getting Zonealarm’s DataLock data encryption software. Basically I think that for laptops, it is a good way to make sure that if it gets stolen or I lose it (the reality is more like forget it) that nobody can access my data. It seems to run in the back ground so that you don’t know it is actually running.

They say that it uses a pre-boot authentication in which users must provide the correct username and password before the operating system boot process will even begin. They also have a 24/7 password recovery service incase you forget your password.

A couple of questions:

  1. Is this pre-boot authentication something that will help keep the data secure?
  2. What kind of encryption is used?
  3. How hard will DataLock make getting the data from my hard drive?

If you’re worried about security why are you using XP? Upgrade to Win 7 as it has much improved security including bitlocker to encryot your whole HDD. All third party FW software are about the same, go for a hardware based FW (which most routers have nowadays).

Nothing is hack proof, but keeping your OS up to date (i.e. installing latest updates) is your best bet.

[QUOTE=dingshan;2560252]My last computer got hacked and and fried. It was awful. So now I am back with a vengence[/quote] Did you report this incident to the police? If not, why not?

I have been using Win XP, and it comes with a firewall, but I am worried it isn’t strong enough.
Xp can be pretty strong locked down, but you will need to educate yourself a little. Normal use of the firewall is sufficient if you do not use a lot of strange programs. Get to know a lot more about TCP/IP filtering as well.

am thinking about getting Zonealarm’s DataLock data encryption software. Basically I think that for laptops, it is a good way to make sure that if it gets stolen or I lose it (the reality is more like forget it) that nobody can access my data. It seems to run in the back ground so that you don’t know it is actually running.

Try TrueCrypt. It can encrypt your entire harddisk (even your system disk) and is completely FREE. I run it on all my laptops.

They say that it uses a pre-boot authentication in which users must provide the correct username and password before the operating system boot process will even begin.
So does TrueCrypt.

They also have a 24/7 password recovery service incase you forget your password
Which is STUPID. Just don’t forget it. You can make totally safe passwords very easy:

  • Think of a nice small text sentence. Example: The quick brown fox jumped 15 feet

  • Now use the first letter of each word: Tqbfj1f

  • Now shift right (or left, or down, or up) the keys 1 place from the keyboard. Example when using right shift: Ywnhk2g

There, easy to remember almost impossible to guess password!

  1. Is this pre-boot authentication something that will help keep the data secure?
    In case of theft: Yes. In case of getting hacked: No

Once someone is logged in and that someone is doing something a hacker can benefit from (not patching, tempting to click that attachement) it may get hacked.

[QUOTE=dingshan;2560252]My last computer got hacked and and fried. It was awful. So now I am back with a vengence, but I want to make sure not to make the same mistake twice.

I was wondering if there was anyone here, maybe, who could point me in the right direction…

I have been using Win XP, and it comes with a firewall, but I am worried it isn’t strong enough.[/quote]Security software can’t help very much apart from a warm feeling.
Don’t use an account with administrative permissions and lock down your system with Software Restriction Policies (something "ready-to-run: http://home.arcor.de/skanthak/download/XP_SAFER.INF - copy all to a new text document and save it as XP_SAFER.INF. Then right-click and select “install”).
Use strong passwords (Password generator: PC Tools random password generator).

I am thinking about getting Zonealarm’s DataLock data encryption software.
Better use an Open Source solution like Truecrypt: http://www.truecrypt.org/ They also have a good documentation, something you will not find with most commercial solutions.

Michael

[QUOTE=mciahel;2560318]Security software can’t help very much apart from a warm feeling.
Don’t use an account with administrative permissions and lock down your system with Software Restriction Policies (something "ready-to-run: http://home.arcor.de/skanthak/download/XP_SAFER.INF - copy all to a new text document and save it as XP_SAFER.INF. Then right-click and select “install”).
Use strong passwords (Password generator: PC Tools random password generator).

Better use an Open Source solution like Truecrypt: http://www.truecrypt.org/ They also have a good documentation, something you will not find with most commercial solutions.

Michael[/QUOTE]

Seems like a good program. Question? Is it easy to use?

Thanks
Mr. Bill :slight_smile:

[QUOTE=Mr.Bill;2560324]Seems like a good program. Question? Is it easy to use?[/QUOTE]Which one? :confused:

Michael

[QUOTE=mciahel;2560333]Which one? :confused:

Michael[/QUOTE]

Sorry about that. I was interested in truecrypt. Is it very easy to use. Thanks Michael.?

Mr. Bill :slight_smile:

Hi,[QUOTE=Mr.Bill;2560344]Sorry about that. I was interested in truecrypt. Is it very easy to use. Thanks Michael.[/QUOTE]I have no personal experience with truecrypt. At least the method to encrypt a folder seems rather straightforward. But note, in case the container file (which then holds your encrypted stuff) gets damaged, then all is lost. So back up often (unencrypted).

You may go to the projects website and have a look at the documentation offered there.

Michael

[QUOTE=mciahel;2560347]Hi,I have no personal experience with truecrypt. At least the method to encrypt a folder seems rather straightforward. But note, in case the container file (which then holds your encrypted stuff) gets damaged, then all is lost. So back up often (unencrypted).

You may go to the projects website and have a look at the documentation offered there.

Michael[/QUOTE]

O.K. Thanks. I will check out the web site.

Mr. Bill :cool:

The windows xp firewall is a joke. I would reccomend three simple things. First is to make sure you set an admistrators password and log in each time you use the PC or use a guest account like Michael was saying. Secondly use a good free antivirus like Avast, its completely free, you simply register it each year and get a free serial number. Thirdly is to use a good firewall like Comodo’s firewall, its also… FREE. The comodo software doesn’t require any registering at all, I just reccomend to install ONLY the firewall option and don’t use any of the other options. If you have both of those running you can completely disable the XP security center because it is a total joke.

Try TrueCrypt. It can encrypt your entire harddisk (even your system disk) and is completely FREE. I run it on all my laptops.

Agreed.

i been using TrueCrypt since 2005 and it’s been very stable. although i have not used it’s ‘drive encryption’ at all but if it’s anything like the regular ‘file container’ is then it’s most likely very stable :wink:

[QUOTE=eric93se;2560351]The windows xp firewall is a joke.[/quote]:confused: Huh? Unlike most other products, it does exactly, what it is supposed to do. And no, you can’t prevent any malicious outgoing traffic at all, regardless of the product.
“Negative” point of Windows integrated firewall: There are no “attack blocked” popups :cool:

First is to make sure you set an admistrators password and log in each time you use the PC or use a guest account like Michael was saying.
Guest account is not necessary. “Restricted user” is what you want.

Secondly use a good free antivirus like Avast, its completely free, you simply register it each year and get a free serial number.
Why not simply use Windows built-in mechanisms to prevent any malware from execution? :bigsmile:

Thirdly is to use a good firewall like Comodo’s firewall
See my statement above.

Michael

[QUOTE=mciahel;2560347]Hi,I have no personal experience with truecrypt. At least the method to encrypt a folder seems rather straightforward. But note, in case the container file (which then holds your encrypted stuff) gets damaged, then all is lost. So back up often (unencrypted).[/quote] Using unencrypted backups kinda defeats the purpose. It leaves traces and is never up to date. Better synch your folders real time with some network storage.

Truecrypt is amazingly simple and can be as complex you want it to be. It is very much possible to make completely hidden irrecoverable encrypted containers. It all depends on the level of security you want.

For normal use, it’s sufficient to encrypt all your physical disks, especiall on laptops. If they get stolen you can be pretty sure the data on it can never be read.

I have looked at both Truecrypt and Dalalock, and I am leaning toward Datalock.

Reasons:

Truecrypt is free, but my experience with free and open sourced programs has not been very good. Money mean support, and that is what I think Datalock offers that Truecrypt doesn’t.

Now, for the highly technical, this support might not mean much, but for those who just want to pick up the phone and have support at the other end, it could mean a lot.

[QUOTE=shesaidshehad1;2563028]
Reasons:

Truecrypt is free, but my experience with free and open sourced programs has not been very good. Money mean support, and that is what I think Datalock offers that Truecrypt doesn’t.[/quote]

Open Source means also that anybody can watch the source of the product. The entire world is reviewer of the code. It ensures there are as less bugs as possible and no hidden exploits.

But suit yourself. You’re complete free to choose.