Testing for vulnerable IoT devices

Testing for vulnerable IoT devices

Want to insure your IoT devices are not part of a botnet? Clicking a few links is all it takes to test for some common vulnerabilities.

Friday's internet DNS outage and me

Two computers in the same neighborhood, connected via the same ISP, have two very different outcomes, depending on their DNS servers.

Tweaking WSH helps defend Windows PCs from malicious email attachments

If you read email on a Windows computer, stop doing so. If that's too much, then there is yet another tweak needed to make Windows a bit more secure.

Taking a break from Windows Update

This is a great time for Windows 7/8.1 users to run Windows Update and insure they have all the available bug fixes. Then, take a break in October and let others deal with the potential disaster brought on by the new big fix updating...

Kim Komando offers flawed advice on router security

Despite her claim, updating the firmware is far from sufficient to keep out hackers

What the Ubiquiti AmpliFi mesh router is missing

The new Ubiquiti AmpliFi mesh router/system sounds promising. But without remote access, its a no-go for nerds.

The Social Security website is now secure

The Social Security website is now secure

The US Social Security Administration runs ssa.gov. The main site is secure, but the section where users enter their password was not. I blogged about this lapse in security recently. Now, the site is truly secure. Do senior citizens...

Dealing with VPNs on a Chromebook running Android apps

Dealing with VPNs on a Chromebook running Android apps

My first impression of Android on a Chromebook was positive. But, you do need to be aware of how VPNs are handled, since there are now two different operating systems running on a single computer.

A Defensive Computing term paper on privacy: VPNs, Tor and VPN routers

A Defensive Computing term paper on privacy: VPNs, Tor and VPN routers

If I was in high school, tasked with a writing a term paper about online privacy, I might hand in homework that compared and contrasted Tor, consumer VPNs and VPN routers. Something much like the following.

Apple websites can leak Apple ID passwords

Because of the way Apple has configured iCloud.com and various sections of apple.com, spy agencies can learn your Apple ID password.

Trusting the Social Security Administration?

The US Social Security Administration does a poor job of computer security. Surprised?

Windows Update update -- you're welcome

Ten days after my Bug Fix Bake-Off blog, which shamed Windows 7 and 8, Microsoft is changing the way each OS installs bug fixes. A coincidence?

A router security cheat sheet

A router security cheat sheet

There are many things that can be done to make a router more secure. Non techies need a shorter list than techies, but the Tech Guy recently offered a list that was way too short. And, many routers simply can not be made reasonably...

ISP outage: My personal disaster recovery

My ISP goes offline in the middle of the night, but there is work to do that can't wait...

A bug fix bake-off

A bug fix bake-off

Installing bug fixes is a big part of Defensive Computing. Recently I updated devices running five different OSs which let me compare and contrast how they install bug fixes. Not to spoil the story, but I judge Chrome OS as the best,...

Backing up to the cloud? Read the fine print

Backing up to the cloud? Read the fine print

One reason to backup files is because they may get deleted by accident. If you are counting on a cloud backup service for this type of protection, read the fine print. Files deleted on your computer may be removed from the cloud...

TP-LINK lost control of two domains used to configure routers and Wi-Fi extenders

TP-LINK is no longer in control of tplinklogin.net or tplinkextender.net. They do still control tplinklogin.net. What does this mean to owners of TP-LINK devices? Probably not much.

Blocking JavaScript can stop some Windows malware

Windows users need to defend against a relatively new attack, JavaScript files attached to email messages. One defense is to open JavaScript files with Notepad, but a more thorough defense is to disable Windows_Script_Host entirely.

Lessons and observations from the GoToMyPC incident

Citrix did not distinguish itself in the way it handled a recent security incident. Then too, neither did the press.

Windows 10 forced updates -- lots of blame to go around

Sure the way Microsoft dealt with Windows 10 upgrades was wrong. But, anyone who got burned by it needs to take a good look in the mirror. They were warned.

Load More