Chuck CD's / DVD's with Private Info Safely

I've been looking for a way to dispose of my old CD's and DVD's. Over the years the discs have accumulated. I have data back-ups and Linux installers mostly. I no longer need most of these discs. I've updated my data back-ups with the latest versions of files or discarded some which I no longer needed. The linux CD's and DVD's are also outdated. Linux development moves fast and these installers have already been superseded many times over since they were burned. I even have Warty Warthog  and Mandrakelinux 10.1 in one of those CD wallets somewhere.

Anyway, one of my first ideas was to look for some recycling center that could take my optical media. I was even willing to pay for shipping. It's been three years since I started asking around and I still haven't found one. If you know of one located in the Philippines, please leave a comment. One thing you need to worry about though if your sending your discs to the recycling bin is privacy. If you have any sort of private information in your data back-ups, you should render the discs unreadable before chucking them to the recycle bin. You can do that by scratching the discs enough that the reflective coating on the read side can't be read by any drives. But remember to keep away from any filings, because the materials used in coating CD's and DVD's can be hazardous. There are tools like the DVD/CD Destroyer that scratch the disc just deep enough to damage the outer film protecting the chemical coating (which has the data after you 'burn' a disc).

You can also go break, hammer or cut the discs to make it physically impossible to read the discs. That tends to be messy and you might injure yourself doing it. You might as well just shred the discs with one of those multi-purpose shredders that can take paper, credit cards or discs. Both Shredder Shark and Fellowes' Powershred line have one of those small personal crosscutting shredders that can shred your discs and documents to confetti-like sizes. There are dedicated DVD/CD shredders too, though you'll get the most use from a multi-purpose shredder.

These are just a couple of ideas on how to ensure your personal information remains safe as you dispose of your media. There are many other ways to go about this. If you have your own media disposal ideas, post comments so we can discuss them.

Geek Becomes Wife's Hero

Rarely do we find geeks being hailed as heroes. Here's one good example of a wife changing her mind after her dear geek hubbie finds her stolen laptop: Missing laptop found in ET hunt

Protect Your Wireless Network

I recently saw several news articles online about drive-by pharming. Researchers posted a proof of concept online and the attack is made possible by the fact that so many people use their routers with the default passwords on. Because of the nature of my work, friends often ask me how they could secure their home networks or how they could set-up wireless at home. To them I offer the following advice (just sharing here) :

1. Change the router's default username and password - this should be the first thing anyone should do. As indicated in the news article I linked to above, you'd be securing yourself from a lot of exploits just by changing your password. Router defaults are well-documented in user manuals and help forums online. Anything from default passwords to factory settings can be found online. Even lesser known models will have some obscure user documenting his use of it somewhere in the vast Internet. So change the default password 'admin' on that WRT54G, right now.
2. Change the router's SSID - a brand name is a start. These default SSID names are well-documented online. Once snoops know what router your using, they could choose the best attack to speed up breaking into your network.
3. Disable SSID broadcasts - don't advertise your network to the neighbors. Routers with SSID broadcast turned on inform every computer or wireless device nearby that your router is there. Piggybacking on your connection is just one concern. What if they're bright enough to break into your network and snoop on your computer? If its there, with big signs and bright lights, its bound to catch some bad guy's attention.
   
4. Turn on the firewall - when you set your router up, it will in most cases ask that you set rules for your firewall. Routers are great firewalls because they're "dumb". They don't reply to strangers knocking on the door. If some other computer on the Net wanted to connect to yours, the router simply ignores the request if it were unexpected and doesn't reply back. The effect is the other computer will think nothing is there.
   
5. Use WPA-PSK, not WEP - WPA-PSK is quite a common feature now in wireless routers. WEP is older and easier to hack into. WPA2 only comes in the newer (and more expensive) routers. So right now WPA-PSK is the best choice. How to use it? Go to this Windows guide, a bit old but the basics are still the same. For Ubuntu, the Ubuntu Guide provides a kernel of wisdom in that direction. One additional piece of advice I can give is to use a Pre-Shared Key by generating a random one from https://www.grc.com/passwords.htm. This page generates very strong random passwords that you can use on your router. I use the 63-character printable ASCII set because that's what most routers (I've tinkered with) accept. Note:the more random it is, the harder it is to crack it.

These are not professional grade tips but rather lessons I've learned while tinkering. I hope they prove as helpful to you as they have been to my friends. :-)

When the Innocent Are Not Spared

Case in fact, a substitute teacher is in trouble for being in the same room as computers that exposed kids to pornographic pop-ups. Sounds like Adware to me, which is something most Windows users don't really have control over. Adware is everywhere on the net and its hard enough to avoid getting them. Why put a subbie in jail for 40-something years for something the school's IT person was probably in more at fault with? I don't get it. Or was it just a technology-shunning judge or district attorney that made it possible? An erring defense attorney, maybe? This woman should not go to jail for this. It's just wrong.

Going to the Internet with Confidence

Thing I've learned living in this age of ours where connectivity has become the boon of both the good guys and the bad guys? You have only yourself to blame if you do not take enough precautions. So here are a few practices I've learned and applications I used over on the Windows side of things:

1. Use a Firewall - Window's built-in software firewall only blocks incoming connections. Spyware and viruses phone home to their creators so its equally important to guard the exits. I've had good results with ZoneAlarm and COMODO firewall. Give them a try. A router will also do quite nicely. On second thought, a router will do better than any software firewall. Any modern router is a hardware firewall, which is much more secure than a software firewall.


2. Use Anti-Virus Software - Something to remember when choosing one, "the less popular, the better." Trouble with going with Norton and McAfee is that they are the first targets of viruses. Viruses these days are programmed to turn the 2 off simply because they're the most common ones. Another good reason to avoid them is that they hog your computer's resources like mad. Go with less popular smaller programs that run faster. I use Avast. Other good free ones include AVG, BitDefender and Active Virus Shield. If you want to go the paid route, Nod32 is recommended by many IT luminaries. BitDefender's latest iteration is also paid, by the way.


3. Use Anti-Spyware Software - You don't need to do much to get bombarded with Ads. You just have to browse the internet. Same thing with spyware and adware. You don't need to do much to get your PC inundated with bothersome adware and treacherous spyware. A two-pronged defense would be prudent. To prevent them from getting there in the first place, I use Javacool's Spyware Blaster. To scan my PC for malicious add ons that managed to get through, I use both Ad-Aware and Spybot.


4. Use a Secure Browser - There are just too many security exploits being created for Microsoft's Internet Explorer everyday that its easier to just use something else. My favorites would be Firefox and Opera. These browsers aren't iron-clad secure, but they are the simplest ways to secure your internet browsing. Use them or tweak IE to secure every single bit that comes in and out of it.


5. Use SSL Whenever Possible - SSL secures the webpage your viewing, especially important when logging in to pages that manage financial services and personal information. You can see if a site is using SSL when you are logging in by looking for a padlock symbol in your browser. Most banks and online merchants use SSL nowadays to secure login information and transactions. For webmail, only Google Mail allows users to use SSL for the whole time your logged in. To do this you'll have to type https://mail.google.com and you're secured the whole time you're logged on viewing mail. Otherwise, only the process of logging in to Google Mail will be secured. Other webmail services only use SSL when your putting in your password. That's enough for most, but not me.


6. Use Foxit Reader - Two reasons why this is better than Adobe's PDF reader. Its less taxing on your computer's resources so its a helluva lot faster and there are now security holes in Adobe PDF that don't affect Foxit.


7. Update as Often as You Can - All the software in the world can't protect you unless it's updated. Set everything to download automatic updates when you're online. Be on the look out for software that has stopped updating itself even if you set it up to do so. It may be a sign that some malware turned them off to protect its malicious payload.


8. Listen to Security Now! - It's a podcast where complicated security issues are tackled in layman's terms. Download it here: http://www.grc.com/securitynow.htm. If you use software to automatically download podcasts for you, subscribe from the TWIT Network Security Now! webpage.


9. Read up on Cyber Security - found this article after I've written the above, darn. CNN's Layman's Guide to Cyber Security.