Table Of ContentA Step-by-Step Guide to
Computer Security
For Non-Techies
Second Edition
Carey Parker
Copyright © 2016 Carey Parker
All rights reserved.
ISBN: 0-9974536-0-5
ISBN-13: 978-0-9974536-0-7
DEDICATION
To my mom, my dad, my wife, and my two daughters.
Thanks for all the love and support!
CONTENTS
Preface
A Note to My Fellow Geeks
1. Before We Begin
How worried should I be?
How To Use This Book
Not So Fast
2. Cybersecurity 101
Here Be Dragons
Computer Lingo
Know Your Enemy
How The Internet Works
Tools of the Trade
Privacy and Tracking
Who Can You Trust?
Know Thyself
3. First Things First
Backup
Spring Cleaning
Update Everything
Summary
Checklist
4. Passwords
How Did We Get Here?
Understanding Password Strength
How To Manage Your Passwords
Choosing A Master Password
Doing The Two-Step
Periodically Changing Passwords
Summary
Checklist
5. Computer Security
Macs Are Safer Than PC’s
Non-Admin Accounts
iCloud and Microsoft Accounts
Free Security Tools
Summary
Checklist
6. LAN Sweet LAN
Modem
Wi-Fi Router
Virtual Private Network
Summary
Checklist
7. Practice Safe Surfing
Tracking Tech
On the Ethics of Ad-Blocking
Choose Your Weapon
Summary
Checklist
8. Secure Communication
Email Essentials
Instant and TeXt Messaging
Communication Security
Summary
Checklist
9. Online Accounts
Banking and Shopping Online
Cloud Storage Services
Social Media
Summary
Checklist
10. Parental Guidance Suggested
The Grandmother Rule
Cyberbullying
Don’t Panic
Summary
Checklist
11. Don’t Be a Smart Phone Dummy
iOS Is Safer Than Android
Wireless Madness
To Hack or Not to Hack
Privacy Matters
Summary
Checklist
12. Odds and Ends
When Bad Things Happen
And When I Die
Gold Stars and Tinfoil Hats
Parting Thoughts
The Case for Optimism
Don’t Take This Lying Down
Going Further
Glossary
About The Author
PREFACE
Let’s take a little quiz. If I asked you right now to rate your personal computer security on a scale
from one to ten - with ten being Fort Knox and one being a wet paper bag - what rating would you give
yourself? Seriously, give that some thought right now.
Unless you’re a techie person, I’m going to guess that you don’t really know how to come up with
that number... and that almost surely means that your ranking is closer to the wet paper bag end of the
scale. Do you really need to be as secure as Fort Knox? No, of course, not, and that’s not what this book
isabout.However,therearemanythingsyoucando(oravoiddoing)thatwillsignificantlyincreaseyour
security and privacy, and this book is chock full of them. You don’t have to do them all - even I don’t
do them all - but I firmly believe that everyone should at least consider the specific tips and techniques
described in this book.
I’mguessingthatafewquestionsarepoppingintoyourmindrightnow.DoIreallyneedthisbook?
Do I need to be a “computer person” to understand it? How much effort is this going to take? All good
questions! Let’s answer them right up front.
The answer to the first question is easy: yes! Okay, why do you need this book? Because so many
important parts of our lives are moving to the Internet now - banking, shopping, paying bills, socializing,
gaming, you name it. And it’s not just our desktop computers that are connecting to the Internet, it’s our
laptops, smart phones, tablets, and even our appliances. Unlike the days of dial-up modems, our devices
are now connected almost 100% of the time. These facts have not gone unnoticed by the bad guys. As
1
the famous saying goes: why do criminals rob banks? Because that’s where the money is ! You need this
book because it will make you safer - significantly safer, if you follow most of the advice. In fact, it will
not only make you safer, it will make those around you safer, even if they don’t do any of the things I
recommend in this book. (I’ll explain that bit of magic later in the book.)
This book is for my mother, my friends, my neighbors, and all the other totally normal, everyday
people like them: people who use computers and mobile devices, but don’t really know (or frankly care)
howtheywork.Thisbookisforpeoplewhojustwanttoknowwhattheyneedtodotoprotectthemselves
- step by step, without judgment, and with as little jargon as possible. I’ve structured this book to give
you the maximum benefit with the least amount of effort (and cost). The purpose of this book is to cut to
the chase and clearly explain the things you need to do to protect yourself in this increasingly connected
world of ours. Along the way, if you want to learn a little of the ‘why’ and ‘how’, in language you can
understand,I’veincludedagoodbitofthat,too.InthisbookIusealotofanalogiestohelpexplainthese
technical topics in ways that everyone can understand, and I also include some fascinating stories that
help to drive the points home. I’ve made this book not only easy to read, but hopefully even fun to read!
But can’t I find all of this information on the web, you ask? Sure you can! The problem is not lack
of information - the problem is that there is too much. How do you find what you need and weed out
the stuff you don’t? Most people wouldn’t even know what to search for. Even if you knew some of the
technical terms, you’d still have to collect all the info and figure out what parts are relevant to you. To
make matters worse, the common news sources that most people turn to have done a horrible job cover-
ing these topics (when they cover them at all). They tend to focus on the wrong things, crank the hype
to ridiculous levels, and generally give poor advice. There are lots of good web sites that get it right, but
you’ve probably never heard of them and they tend to be very technical. If only someone could find all
the most important stuff, break it down into manageable pieces, and explain it so anyone can get it...
That’s the main reason I’m writing this book. I firmly believe that in this day and age everyone
needs a fundamental understanding of computer safety - not only for each individual’s sake, but also for
everyone’s sake because we’re all connected now. It’s not just about protecting ourselves from criminals
thatwantourmoney,butalsofromcorporationsandgovernmentsthatwanttotrackwhatwedo,whatwe
say, who we associate with, what we buy, what we read... well, basically everything. It’s important that
weunderstand all ofthese threats. Mygoalistonotonlygiveyouthetoolsyouneedtoprotect yourdata
and your privacy, but to arm you with the knowledge you need to be an informed citizen when it comes
time to vote, either at the ballot box or at the cash register.
So... let’s get to it!
1
This line is often falsely attributed to bank robber Willie Sutton.http://www.snopes.com/quotes/sutton.asp
A NOTE TO MY FELLOW GEEKS
Ifyou’reatechieperson,thenyou’reprobablythego-to“ITguy”(orgal)inthefamily.Yourfriends
constantly ask you for advice when buying a computer. Your relatives email you whenever their Mac is
“acting funny”. And your college-aged niece who downloads tons of “free” music and movies can’t un-
derstand why her PC is riddled with viruses. If you’re a real softie, you probably forward them emails
about scams to watch out for, web sites to avoid, and suggestions on how to protect their privacy. Most
ofthetime,youradviceisneverfollowed,unlessyougivethemdetailed,step-by-stepinstructionsorjust
doitforthem.Remotedesktopsharinghassavedyoumuchtimeandeffort,butit’sstillfrustratingtrying
to keep your friends and loved ones safe and up to date.
This book isn’t for you - it’s for them. You already know most of this stuff, or at least know where
to find it. But your loved ones are still struggling, despite your best efforts. This book is going to be the
stockingstufferyougivetoeveryoneinyourfamily.It’sthebookyouissuetoeachfriendwhobuysanew
computer. It’s the book that’s going to save you countless hours explaining to Aunt May why she needs
tohavemorethanonepassword,oransweringyourneighbor’sconstantquestionsaboutwhichanti-virus
software he should be using, or helping your mom remove ten different Internet Explorer toolbars so that
she can actually see more web page than buttons.
The purpose of this book is to walk the average, non-techie person through the basic things that
everyone should do to protect their computers and their data. It also takes the time to explain why these
thingsareimportantandhowtheywork,atahighlevel.Thisisthestuffyouwishyouhadtimetoexplain
to all your friends and family.
Note that I’m going to have to simplify a lot of things in this book, including making some key de-
cisions on which tools to use. This just can’t be helped. Entire books could be written on any chapter of
this book. My goal here is to give everyone a valid path to computer safety, not every possible path. That
said, I’m always open to suggestions for future revisions of the book. Please feel free to reach out to me
if you would like to provide feedback. (See the Feedback section in the next chapter.)
1. BEFORE WE BEGIN
HOW WORRIED SHOULD I BE?
I’d say people fall into three camps when it comes to computer security. There’s a large camp of
people who are blissfully ignorant. They like their computers and gadgets, but don’t really worry about
security. Let’s call this Camp Pollyanna. Why would anyone target me? Surely the computer and gadget
companieshavebuiltinlotsofsafeguards,right?Thepeopleinthiscamphaveprobablynothadanything
bad happen to them and they feel safe enough. (They’re almost surely not.)
There’s another camp of people who are scared to death of computers and online life in general.
They refuse to shop or bank online, but maybe they send some emails, surf the web to look something
2
up, and dabble in Facebook. This would be more like Camp Luddite . In my experience, the folks in this
camptendtobeolder-theydidn’tgrowupwithcomputersandcanlivejustfinewithoutthem,thankyou
very much. (You can live without “horseless carriages”, too – but why would you?)
And there’s a small camp of folks that understand the likely risks, take proper precautions, and pro-
ceed confidently with a wary respect for the dangers. That’s my camp. Sorta like Camp Goldilocks - not
too scared, not too indifferent - just cautiously confident. (I considered going with “Camp Super Amaz-
ing Awesome Cool”, but figured that probably sounded a little biased.) The goal of this book is to bring
everyone into my camp!
Computers and the Internet have already changed the world, and there’s no looking back. Like any
powerfultool,itcanbeusedforgoodandforill.Weshouldn’tshunthetoolbecausewedon’tunderstand
it,butwealsoneedtolearntouseitproperlysothatwedon’tendangerothersorourselves.Automobiles
can be lethally dangerous, but the benefits of mobility are undeniably worth the risks. However, unlike
with cars, where we are carefully trained before being allowed onto the highway with others, there is no
“Internet surfing license”. Also, the dangers of piloting a 3500-pound metal box at 70 miles per hour are
readilyapparenttothedriver:ifIcrash,I’mgoingtoseriouslyinjuremyselfandprobablyothers,aswell.
Butthedangersofsurfingthenetarenotintuitivelyobviousandpeoplejustdon’thaveaninstinctualfeel
forthedangers.BeforecomputerswereconnectedtotheInternet,thislackofunderstandingdidn’tmatter
much. If you had computer problems, they were probably caused by you and only affected you. Today,
with everything connected 24/7, our computers are much more vulnerable - and a security lapse by one
person can have serious effects on many others.
Sowhatarethedangers,really?Andjusthowbadisitoutthere?Thenextchapterwillanswerthese
questions in more detail, but let’s break it down at a high level. Security experts call this process threat
analysis.
Threat Analysis
Attheendoftheday,youhavetwothingsyoureally needtoprotect: yourmoneyandyourprivacy.
While it’s obvious why you would want to protect your money, for some reason people seem to be ex-
tremelycavalierthesedaysabouttheirprivacy.However,privateinformationcanalsobeusedtogetyour
hard-earned cash(moreonthat inaminute). Mostbadguysaremotivated bygoodold-fashioned money.
While it’s certainly possible that someone might want to personally do you harm, unless you’re a politi-
cian or a celebrity, it’s not the most common threat. There are lots of ways to get money from people,
