Ask MetaFilter questions tagged with computer and security

Help me connect Mac-at-home to Windows-at-work?

OlivesAndTurkishCoffee — Fri, 09 Oct 2009 07:40:00 -0800

What could happen to my mac if I connect remotely to my windows computer at work. Is there a viciously secure way of doing this? I need to connect my home mac to my office's windows computer remotely. So far, this has stumped the tech guy so I've been using a small windows netbook and connecting via vpn. But opening files on the company network takes forever and we need a better solution.

He is currently working on a solution that allows me to connect to the small business server using my mac via the windows Remote Desktop Connection Client 1.0.3 for Mac.

This worries me because I don't want windows stuff touching my mac! But my worry is based on mere suspicious distrust of windows rather than any actual knowledge of how these things work.

Those of you who do know about these things: Will using this client application make my mac vulnerable to windows risks; and, if so, is there a better more secure solution? (or a better solution with the netbook?)

I've been hacked.

atchafalaya — Thu, 10 Sep 2009 07:17:51 -0800

Someone hacked my laptop! What do they know now, how much can I find out, and how can I keep it from happening again? I woke up this morning and turned on my laptop (Toshiba, connected to wireless router to Cable internet) and discovered one of my (Unclassified) Army memos was now my desktop background.

I don't do anything special for security; just Panda Antivirus and Windows Defender.

I don't surf a lot of porn.

If they could change my background, could they log onto my Gmail account? I hate to admit it, but I use it as a password keeper. Oh my God, could they be reading this right now?

Last night, something popped up a window a couple of times, saying its scan was running slow because of my Internet connection. I assumed it was Panda. Panda was off this morning.

Is my hard drive opaque on a public network?

the sobsister — Sun, 19 Jul 2009 16:09:13 -0800

Wi-Fi security. How much of the contents of my a) iPhone or b) iBook can be "seen" if I'm on a public network? Particularly concerning the latter, I've never been clear whether, in logging on to network X--be it a free municipal net or my employer's "guest net"--I'm simply an inscrutable blip on a network or I'm making my hard drive an open book to anyone who cares to peek. Any insight would be appreciated.

How can I use a computer securely and privately

Not Supplied — Mon, 08 Jun 2009 03:33:37 -0800

How can a competent but not technical geek person browse internet as securely and privately as possible, keep files private on a pc etc? Linux distro? specifics - Hi. I'd like to be able to use my computer as securely and privately as possible and am prepared to do more than average to get there, but don't want to become highly skilled at security. Is it possible to develop a straightforward plan to follow? I'd like to keep things as clean and simple as possible, without exessive time spent troubleshooting/tweaking. That said, I am as good as the next person at using computers understanding concepts etc.

I hope you get a sense that I'm not immoral or illegal...however I do browse a wide range of things, and don't trust the gov etc not to put 1+1=3.

The issues I thought of were:
Browsing securely and privately - how can I set up a computer to do this? I'm prepared to put a linux partition on my (pc) laptop - I've used Ubuntu before..can this be set up well or maybe theres a distro specifically designed for this. It would be handy if it had all internet mod cons like audio, flash pdf etc. It would also be handy if say it could save files to a data drive shared with windows partition.

Can it be set up to leave no traces on the pc? Similarly, could I store files in a hidden encrypted format?

Can I make my computer as secure as possible against being cracked over the net or by someone present? Yeh, I do think it's possible someone could try!

ISP - I can't hide from my ISP presumably...are there ones that specialise in privacy, that won't share your information at the drop of a hat? In the UK?

My practises - how can I make them tight, so there are no obvious holes in security from how I'm using the machine.

Using public wifi - is this a good alternative if you don't want an ISP storing your history? How to use it to best advantage.

And also anything I haven't thought of.

Cheers!

Let's not give all my data to oppressive governments, okay?

Nothing — Tue, 02 Jun 2009 10:51:10 -0800

How to I compute safely in dangerous places? Looking for advice on hiding data, protecting accounts, and securing connections. (Before I get started, the laptop is a macbook running OS 10.4. I work in development, am doing nothing illegal, just being cautious.)

I will be traveling for work to some places where the government has a reputation for doing some bad things, from monitoring internet usage to confiscating equipment and holding people until they provide passwords. I would like to secure my laptop as much as possible, keeping in mind that encryption is no good when they beat you until you tell them the password.

I have an encrypted VPN to use for network access, and I use gmail for email (not stored on the laptop itself), so between those two things, I expect my email to be pretty safe.

I use skype and google talk for chat, the former with local logging disabled and the latter through the web browser only, so I think that's pretty good.

However, I am also worried about documents on the computer itself. Is it possible to have a hidden encrypted drive? I've seen software that creates a virtual drive by creating a large encrypted file, but this seems like a pretty obvious thing to look for.

Or perhaps there is a way to load a different user account based on the password alone, so that I can load a "clean" desktop when / if asked to turn on the computer for officials? (Without obviously selecting a different account or something.)

I have been reading, mostly centered around this collection of links and comments, but was curious is anyone here on mefi had advice as well.

I need resources / links information to convince a friend that his small computer network might be of interest to hackers?

jacobean — Sun, 11 Jan 2009 09:41:43 -0800

I need resources / links information to convince a friend that his small computer network might be of interest to hackers? How do I convince friend of mine, that his small office network of 5 computers needs protection from hackers, phishers, etc. He says "no hacker would be interested in my data". He runs a small logistics business? Is his assertion right or am I just being over cautious? Are hackers really interested in the "average" small business, or are they just after the "big boy corporates"?

( in his office he has a wireless network with WPA encryption and yes he does have basic AVG anti-virus software on his systems)

My computer might have a Trojan, now what?

matkline — Sun, 05 Oct 2008 13:30:14 -0800

It's become apparent that my computer may have a Trojan. I just received a Returned Mail notice for mail I never sent, which instead of displaying my name it displayed "jasen kimberly," and was sent to a strange russian email address: munsov@pobox.spbu.ru. I'm concerned that this may be the result of a trojan "phoning home," or using my computer to send spam.

Recommend easy-to-use software for elderly people

biwa-shu — Wed, 02 Jul 2008 05:13:04 -0800

Help me with some free, easy to use software for elderly people to use on a computer. Specifically: hands-off, self-maintaining security, and a good replacement for Windows Explorer. I have to set up a computer for my wife's mother to use to Skype us while we're abroad for a year. I imagine that we will also send her pictures or video via Skype chat that she will want to save and view later. My first challenge is choosing free security software that maintains itself and doesn't have too many dialog boxes popping up; then, if possible, I want to find an alternative to Windows Explorer that makes it easier to save and find files.

Problems with antivirus software. How do I check there aren't any viruses?

Jack Alucard — Tue, 10 Jun 2008 15:30:27 -0800

I think my computer might have a virus. Are there any trustworthy security testing services that I can use to conclusively prove whether or not this is the case? I've owned my current laptop for less than a year, and as far as I can remember, I activated my copy of Norton Anti-virus when I first got the laptop. Unfortunately NAV decided to switch itself off last week and then it demanded that I entered the activatation code for the software; I couldn't complete the activation process because the anti-virus software wouldn't detect my internet connection.

The weird thing is the anti-virus software has started working again and Liveupdate claims that it was run yesterday, but it still displays a message saying that I'll need to activate the software within a certain number of days (before it just switched off and said that I needed to activate the software immediately).

I'm worried that this weirdness from the anti-virus is an indicator that some malware has got onto my computer.

Are there any reputable security testing companies that I can use to garauntee with 100% certainty that there's no malware on my computer? Also, how do I get someone else to scan the computer without allowing them the opportunity to copy my personal data?

Buggy USB Drive?

Kronos_to_Earth — Thu, 01 May 2008 23:26:09 -0800

Can simply connecting an infected jump drive release bugs onto a computer? I had to connect a thumb drive (I needed to use a password manager on it: PC-Mac Password Vault2go. It runs completely off the jump drive; it doesn't need the Windows registry.) to a computer (Windows) not my own. From a security standpoint, I now have to assume the drive is unsafe. Is it OK to connect it to my own computer to scan it? I don't think it's likely I'd have to bring it to a shop or something, but I've had to re-install Windows before, and it's not fun. (P.S. This was at work, not some keylogger-infested cafe.)

Virus protection stats?

flibbertigibbet — Tue, 25 Mar 2008 09:23:58 -0800

I need your help to settle a debate. Could you suggest the safest antivirus setup, within the confines of Windows XP and a wireless internet connection, with the least bloat, and provide the statistics to prove it? I need more than simple AV comparatives. I need stats on the virtues of Firefox versus IE, on using two function-differentiated user accounts (admin versus everyday, with the 'everyday' account having no admin privileges), etc. Can you help? In essence, my father trusts a bloatware "known vector" that is eating up my laptop's resources (Norton2008) to alternative setups that he claims would "let the vampires [viruses] into the house."

This is the same man who blamed the beginnings of a hard drive failure (which was at that point mainly limited to weird behaviour) on my installing Firefox and WinAmp "because [I] like to use 'weird' software just to be 'cool,'" which, you guessed it, "let the vampires into the house." He later recanted that position, given that virus scans were clean, and that the hard drive actually failed catastrophically due to a manufacturing defect.

Basically, I put in the anecdote above to prove that he prefers the things he knows, no matter their faults, to new, potentially better, solutions. This is why I need cold hard stats, lest I go crazy because of the slowness Norton's bloat brought to an otherwise pretty decent computer.

The fact is, Norton is still more efficient than some of the AVs I'm considering (AVG-free, avast!, and maybe shelling out a bit to get NOD32, etc.), but if my setup as a whole is safer that his setup, I may have a case.

Any help?

Securing and encrypting a network?

jjsonp — Mon, 10 Mar 2008 17:09:29 -0800

General network and computer security: keyservers, PGP/GPG, encryption, etc...book/instructional recommendations? I am trying to come up with some constructive suggestions regarding how to improve and automate security protocols at work. I have some basic ideas but know very little about it from an implementation standpoint. I use PGP, GPG, and Zip AES to encrypt and decrypt individual files but that's the limit of my experience.

I'm wondering what the 'industry standards' are for something like having a non-networked computer acting as a keyserver, into which say I'd plug a USB memory stick (or 'smart card') each day, receive a random password, which would then allow me to login to a networked computer, on which everything is encrypted with something like GPG. And how effective/efficient are biometric/fingerprint scanners?

This is in a Windows environment...I'm reading about Microsoft's Encrypting File System right now, which sounds like it would work for encrypting folders...that's the sort of recommendation I'm basically looking for (since I don't know exactly what I'm looking for;).

Can computers live forever?

doppleradar — Wed, 27 Feb 2008 16:47:35 -0800

Computer maintenance 101: Just bought a Thinkpad T61. How do i make it go forever? Just bought my first laptop and don't know anything about computers.

Protecting the software:
- Mozy + Ad-Aware + Anti-virus + external hard drive. What am i missing?

Protecting the hardware:
- sleeve enough or do i need a "laptop bag?"
- I travel with it multiple times a day to coffeshops and other liquid/dirt heavy places. Best way to clean spills/smudges on the screen, etc. in case the inevitable happens?

Hey, I'm not Trudy! Or Ben!

Happy Dave — Mon, 12 Nov 2007 11:53:28 -0800

Why does my Mac appear to have other people's computer names at the command line? What's up here? I've got a 10 month old Macbook, running Tiger.

I share a web connection with a bunch of people that live in my building. The system is administered by our resident geek, and we have wireless routers throughout, all hooked up to a big 12mb pipe. It's cheap and way fast, so, score. Also, I know most of the other people in the building, and they're cool, so I have no real worries about someone accessing my computer over the air.

However, a few times in the recent past, I've booted up the terminal and seen something weird. When I got this mac, I created a top level account that I called 'Administrator'. Some of the time, when I start Terminal, it says:

Administrators-computer:~ Dave$

'Dave' being the everyday account that I'm in most of the time. However, sometimes when I open terminal, the command prompt has changed to the name of one of my neighbour's computers (I know this because I can see their computer names in the Network folder in Finder).

For example, there is a computer on the network called 'benlaptop', and once or twice when I've logged in, my command prompt looked like:

benlaptop:~ Dave$

At the moment it looks like:

trudy2:~ Dave$

What in the heck is going on here? Is my computer somehow compromised? I've got Firewall turned on.

malicious security suites?

Kevin S — Sat, 27 Oct 2007 11:22:55 -0800

How do we know that highly regarded secuity suites are not surreptitiously malicious? I've grown tired of running/maintaining mutliple security products (free and paid) for anti-virus, anti-spyware, firewall, etc. So now I'm on a trial version of kaspersky internet security suite with intent to install on three computers.

Kaspersky, and similar products, come from the former SU or eastern block countries. My concern is that that part of the world is rampant with mob type crime, and the source of much computer crime (spam, botnets etc.).

What assurance is there that the security suites themselves are not criminally and cleverly corrupt?

Examples: (1) During security scan extract and phone home with identity and financial information; (2) plant botnet client for future use.

What was that password again?

al_fresco — Wed, 24 Oct 2007 17:02:03 -0800

In Windows XP, is there a way to see the password that is stored in the system to log into a wireless network? In OS X, this is easy – one just goes to Keychain Access, looks up the entry, and by entering an administrator password one can see the given password. Is there a way to do this in XP? I'm not a Windows person, so don't know where to look.

This is for a client for whom I set up a wireless network over a year ago. She created the password and it's stored in her system, as she connects fine to the network. She now wants to get another computer onto the network. I guess I need to start saving clients' passwords.

Keeping the Geek Squad Outta my Biznass

TheGoldenOne — Sat, 01 Sep 2007 08:05:55 -0800

How to keep prying eyes from the files on my laptop... My laptop is starting to give out. I have a 3-year service plan, so I'm going to send it in soon. However, I have a lot of ones and zeros on there I don't want some service plan geek checking out while my laptop is away. What do I do with XP if I don't want anyone to have any access to my personal files while they repair my computer?

Have I been hacked?

Crotalus — Sat, 04 Aug 2007 18:31:43 -0800

Have I been hacked? Today I turned off my main computer and was told by Windows that "other users are logged in, are you sure you want to shut down?" Trouble is, I know none of the other accounts was logged in. The real kicker, however, is that this happened last night on another machine on my network. I have to use WEP to secure my wireless because my print server is old and doesn't use WPA, but it is hard to imagine that someone would be parked within range of my wireless with intent to hack me, especially when my next door neighbor's wireless connection is wide open and unsecured. Is there a benign reason why Windows XP SP2 might think someone else was logged on?

P.S. My virus software is up to date, and my internet habits are not particularly risky (outside of the occaisional BitTorrent download).

How to secure my computer for guests?

JFitzpatrick — Sat, 30 Jun 2007 20:52:51 -0800

Is there a method/program for limiting a guest's access to my computer to -only- a web browser (no start menu, programs, file directories, etc.)? I don't like giving people unfettered access to my personal computer. I have way too many client and personal files on it to give access to someone who through error might damage anything. Is there an effective way when a house guest simply wants to check their email or read the news to make it so that they can only use the web browser? I'm envisioning something like the full screen function on FireFox but with no way to turn it off or acess any other functionality on the computer.

This isn't necessarily to hide anything... I realize a determined user could use the web browser as a file broweser... this is more to keep stupid people from breaking anything.

Surveillance System Help

Raichle — Thu, 19 Apr 2007 14:34:30 -0800

I am looking for either high-resolution wireless IP cameras or Video Capture card recommendations and I have a few additional questions. Currently I have a 1 Ghz AMD Athlon comp with 512 MB of RAM running XP pro. This computer currently has a video capture card with 4 BNC cameras attached to it. I am looking to add 4 more cameras and not sure which way to go so I would like some recommendations for either way or products.

Question 1: Can I have 2 video capture cards in one computer without killing it.

Question 2: Can anyone recommend high res wireless cameras?

Question 3: Can anyone recommend an affordable capture card and some high res analog cameras?

Thanks!

How can I do cool non-cleared computer security work?

Anonymous — Tue, 27 Mar 2007 10:44:48 -0800

Help me figure out how I can do really cool computer security stuff for a living. The catch: it can't be work for the NSA or Justice Department or anything that requires a security clearance. A little background on me: I'm 24, I have a BS in computer science from one of the NSA centers of excellence and was involved in the "Cybercorps" Scholarship for Service program, and I live and work in DC. A part of this scholarship is federal service doing information assurance (IA) work for two years after graduation. That's fine: I've been working with the DOD for the past 18 months or so, and have 6 months left to fulfill my obligation to the government.

There are two problems with my situation. The first is that I hate my current job. It has nothing to do with IA and there's absolutely no chance that it will. The only reason I'm here is to fulfill the remainder of my service obligation. The second is that I'm having real problems getting a security clearance. I haven't been flat-out denied (yet), but they denied my interim secret clearance and I've been stuck in adjudication for the past 3 months. In addition, I'm pretty sure that I've had TS/SCI clearances denied from the NSA in the past, although I haven't FOIA'd the information to find out exactly why I was considered ineligible for the conditional job offers. I assume that this all stems from a period from around from 18-20 where I smoked pot frequently, plus extensive foreign travel and having lived abroad during my teenage years. If my secret clearance is denied, I'll be fired from my current job, which, to be honest, I would not mind too much.

So while I'm qualified professionally to work for the feds doing security work, they don't trust me. I'm cool with that, but I'm still interested in doing security stuff for a living. So my questions to the hive mind are:

1. Where and in what industries can I find cutting-edge computer security work? (People have suggested financial in NYC to me. I am not yet sure I want to leave DC, but I'm open to moving.)
2. How can I land an entry-level computer security job in one of these industries when I've spent the last 2 years putzing around doing stuff not related to the field I'm interested in?
3. What further work experience would be useful to prepare for this sort of a career? (I have experience with Linux and other free OSs but I haven't used this professionally in the past few years. It's a little under 11 years of hobbyist experience, but I have been paid to be a sysadmin before, and I wouldn't mind doing it again. Bonus: what sort of a career track can a sysadmin expect?)

Any other advice would be appreciated.

You can contact me via iajobquestion@gmail.com. Thanks.

Can I allow people to visit one page in IE and nothing else on that computer?

einarorn — Mon, 26 Feb 2007 10:01:12 -0800

Can I allow users on a Windows computer to access only one website in one program (IE Explorer or Firefox) and nothing else on that computer? I have a computer set up at my restaurant, which the manager uses a couple of times a day. However, it's also used for employees to sign in on their shifts, which they do online (I can use either IE or Firefox).

Now, when the manager is away I don't want the computer to be used for anything but sign-in website. I would just like the sign-in program to fill the screen, and if people want to visit another site or use another program, they would have to type a password, which only the manager would know.

Is this possible?

How to create a self destructing folder for my mac?

superdeluxe — Mon, 05 Feb 2007 12:57:53 -0800

Is there an application for my mac (OS 10.4) that would enable me to have a folder that would "self destruct" if the contents in that folder are not accessed for a user set ammount of time? I live in a med/high crime area and to provide adequate security would cost a lot. I have come to accept that some of my stuff will get stolen eventually. I have backed up all important data and keep it in a seperate (off-site) location.

I do however have some large files that I access fairly regularly and are therfore stored on my harddrive. (to answer anyones questions, they are recordings of artists who I promised would not find the recordings put up on any file sharing networks).

Ideally I would like to keep these in a file that would last 3/5 days or so. If they weren't accessed they would automatically be deleted. No big deal for me because I have them backed up. The next person who fired up the system however (after the time limit had expired) would not see these files.

I don't need ultra super secure. I just want them to be visably gone so that the average scum of the earth criminal or pawn shop recipiant can't plug it in, search for available mp3's and then share them on limewire.

any help?

thanks

Help me find out if someone is spying on my computer

RustyBrooks — Thu, 04 Jan 2007 10:08:23 -0800

Can you help me diagnose if someone is spying on my computer? I think there is some kind of spyware installed on my computer, and I somewhat suspect that there is an actual person using it to spy on my (as opposed to generic spyware that is sort of a bot sending info about me somewhere).

(Note, my computer is a Win XP machine)

I first noticed that sometimes my cursor would jump around kind of suspiciously, jumping often to the start menu location or maybe one of the other corners of the screen. There are a few other symptoms but no point in going into it here. I started poking around, starting first with the normal standard tools. HijackThis, AdAware, Spybot Search and Destroy, etc. Not much is coming up.

I do an nmap from a trusted computer on the computer I think is being spied upon. I do a TCP and UDP scan and here are some select entries:

1664/udp open|filtered netview-aix-4
1666/tcp open netview-aix-6

A quick google search shows that this is usually some kind of network monitoring program. Note that this doesn't necessarily mean that's what is running on that port... I telnet to that port and I get:

TTxfiles5server3server220revver5nocasefunprotocol

No idea what this is supposed to be.

Of course, my network is fairly locked down so I don't think anyone can GET to this port from outside, but I think it might indicate that something nefarious is running, and that nefarious thing might connect from my network to some other computer somewhere.

There is also something running at port 8080. 8080 is usually a web proxy port but I don't think I have anything running which would qualify as a web proxy.

I have a lot of experience with computers and a decent amount of experience with computer security. I'm hoping someone can help me find out what might be running on my computer (if anything), how to get rid of it, and, to my mind, how to find out who or what it is.

As sort of a caveat/afterthought... I play poker to supplement my income (it amounts to about 1/4 to 1/3 of my total income) so if someone is watching me, this would be very, very bad, and honestly, I've had some reason to believe that someone might be watching me, in this regard.

I've started doing ethernet packet capturing both on the affected machine and on the network as a whole, and I hope to find something in that. There's an awful lot of data to go through, though.

Why can't my Keychain.app settings work for both Safari and Camino?

invisible ink — Tue, 19 Sep 2006 14:29:21 -0800

I typically use Safari, and have my preferences set to store all of my passwords and user names in my Keychain.app. However when it starts acting up and giving me the spinning beach ball, I use Camino (v. 1.0.3.) When I try to log in to a website, it asks me for my user name and password - do I really have to fill in ALL those passwords and user names all over again? In other words, is there any way I can get Camino to access the passwords I saved using Safari? Note: I have the "Allow saving in Keychain" and "Autofill passwords in web forms" boxes checked off in my Camino preferences.