The security is an aspect to be taken care of on our personal computers. Fortunately, many of the measures to be taken are not difficult for most people to implement, especially since software has long been designed with the purpose of making it easy to use even for those with only basic knowledge.
Although Android has accumulated a very significant percentage of the new threats that have appeared in recent years, that has not meant that Windows has ceased to be a priority target, and is that the existence of hundreds or billions of users running an administrator-type account is still something very tempting for malicious actors. On the other hand, Linux users often overestimate the defensive capabilities of the operating system, and not only fail to use an antivirus, but also other components such as a firewall or a security module for the kernel.
In order to contribute to the improvement of personal computer security, I am going to expose a series of tips that can help to strengthen that front. Most of these measures are nothing extraordinary and can be implemented with relative ease by most users, so it doesn’t hurt to take a look at them. It is true that will not make anyone an expert against the most experienced attackers, as 100% security cannot be guaranteed.but at least they can be used to deal with most of the threats that we might consider more trivial.
Maintaining the security of the personal computer is very important unless it spends one hundred percent of the time disconnected from the Internet and from any local network where there is a computer with Internet access, even intermittently and through isolation mechanisms, and here it is very important to walk on eggshells if you want to get results. Without further ado, here are the tips.
Keep the operating system up to date
Despite being repeated ad nauseam to the contrary, there are still Windows users who think that updating the operating system is a bad thing. This habit, on the other hand, is hard to find among Linux users, where it is not uncommon to see people totally obsessed with having the latest of the latest (versionitis some call it).
Keeping the operating system up to date allows you to receive the latest security patches against threats that have been discovered up to thenwhich is very important to prevent misfortunes. Obviously, updates also fix software bugs, but this article is focused on security.
Performing an update in Windows is very easy. To do so, just open the well-known Start menu and enter “Windows update” as a search term. After that the user should see “Check for updates”, which leads to Windows Update, the tool that has been updating Microsoft’s system for decades.
In the case of AndroidSince smartphones that preinstall this system are often abandoned by their manufacturers after a short period of time, it is possible to contemplate the use of some alternative and reliable ROM that allows you to get the latest security updates.. Although this article is focused on desktops, the seriousness of this issue in the Android spectrum makes its mention in this section mandatory.
Acquire a Windows key
Having your Windows installation validated is very important to guarantee its correct maintenance. In recent years, the tendency to spend thousands of euros on PC components and then pirate the operating system has become popular, even though for years there have been many options for acquiring legal keys at ridiculous prices.
Do not gamble with methods of dubious legality and that also entail the risk of compromising the security offered by the operating system and the computer, acquire a legal Windows key.
Use an antivirus, keep it updated and use it regularly to detect threats.
The presence of an antimalware, antivirus to simplify the language, is very important to keep the security of the computer within correct parameters. Windows has been preinstalling Microsoft Defender for years.a security suite that, according to AV-TEST, has more than proved its worth, to the point of making the use of an additional solution dispensable if you are in a secure and controlled environment.
The “Virus and Threat Protection” section of Windows 10 is fairly straightforward and self-explanatory in order to make maintenance easy even for users with basic knowledge. Basic firewall settings can also be accessed from here. Of all that one can find in the section, one of the most interesting things is “Isolated Browsing”, which is within “Application and Browser Control” in Windows 10 and allows you to enable a sandbox for Microsoft Edge, which should help minimize threats that try to sneak through the web browser.
The actions of updating, which in Microsoft Defender rely at least in part on Windows Update, and performing regular scans are vitally important to detect malware that may be on the system.
At this point, it does not hurt to recommend the use of some quality antivirus to Linux users.especially if they are in environments where there are likely to be a lot of threats, such as a home network plagued by poorly maintained computers because the people they live with are not doing their part when it comes to keeping their computers safe.
Have the firewall up to date and enabled
To put it very simply, the firewall, or firewall is a mechanism in software and/or hardware format that is responsible for filtering both incoming and outgoing network traffic, thus blocking unauthorized communications and allowing to protect computer equipment from possible attacks or intrusions because, in principle, malicious actors should not have access to the network or the user’s computer.
Firewalls can filter traffic based on which ports are open or closed, but in the case of Windows the mechanism has been simplified to allow the user to authorize or not based on applications. This approach is much more user-friendly for those with no knowledge of networking, a field that can be far more complex than it appears.
At this point it goes without saying that it is important to keep the Windows firewall up to date so that it can provide maximum security, in addition to having it enabled for the domain, private, and public networks. In extreme cases the user should consider blocking all incoming connections on one or more of these fronts.
For their part, Linux users should seriously consider using a firewall if the system does not come with one preinstalled. GUFW, which is a graphical interface for Uncomplicated Firewall (UFW), is possibly the most user-friendly for a user with little knowledge, although in the RPM spectrum (Fedora and openSUSE mainly) it is normal to find firewalld, a rougher solution that has an official graphical interface,
firewall-configbut alternatively YaST can be used on openSUSE Leap and openSUSE Tumbleweed, or
plasma-firewall in KDE Plasma (this also supports UWF).
Employs a user with limited privileges
Windows has accustomed users to employing an administrator-type account by default. This means that at least a good percentage of software runs with elevated privileges, which increases the likelihood of system breakage or data compromise because malware and malicious actors have a much clearer field.
While it is true that User Account Control (UAC), introduced in Windows Vista, has served to put up additional barriers, it does not detract from the idea that the prudent thing to do is to use a common user account for better security, more seeing that it has been seen and proven that the use of an administrator account is a highway for malicious actors..
In Linux a user account with limited privileges is used by default, so that front end is correctly executed from the start. However, the use of an unprivileged account serves to protect the essential parts of the operating system, but not the files contained in the user’s own folder in both Windows and Linux unless additional measures are applied.
Use virtual machines
Employing isolation is a good measure to avoid harming the host operating system and to protect personal data, especially when performing experiments or doing things that involve risks. A simple way to have isolation (or sandbox) is to use virtual machines, and here is the well-known solution VirtualBox provides a simple and easy to use mechanism..
Obviously, there are other virtualization solutions on the market, such as VMware Workstation Player or the simple GNOME Boxes for Linux, but VirtualBox is possibly the best combination of simplicity of use and cross-platform support available on the market.
Moving away from virtual machines, for Windows there is a software called Sandboxie Plus, which allows you to create isolation environments to run applications and programs securely. However, its use is possibly somewhat difficult for less knowledgeable users, so for them VirtualBox aims to be a simpler solution.
Don’t visit or download content from foreign sites.
Visiting strange websites and even worse, downloading content from them, is a serious security risk. It is something that should never be done or at best in a properly isolated and well configured environment to prevent damage to the system or data in the event of a tragedy.
At this point it goes without saying that the Internet has become a dangerous place even for users who take the utmost precautions, so one can imagine the situation of those who enter it without taking the appropriate preventive and protective measures.
Employs a security module for the Linux kernel.
One of the main mistakes that many Linux users make is to delegate security to magic, and there are many who have spread an image of invincibility around this operating system that is far from reality.
Apart from using a firewall and even considering the use of an antivirus in certain circumstances, installing and running a security module such as AppArmor or SELinux is highly recommended.. Most distributions with pre-baked desktop pre-install one of these two solutions, but some such as Manjaro or Arch Linux do not have either installed by default.
An additional measure that can be taken within Linux is to resort to the Flatpak or Snap universal package formats, as these provide isolation compared to the default “traditional” package configuration.
And I end with a recommendation that sounds hackneyed, but that always comes in handy. Backing up is a rudimentary but effective way to avoid total data loss in the event of possible incidents, especially when it comes to ransomware or a broken storage unit.
Over the course of the past decade the focus of malware has diversified. If in the past damaging the operating system was practically the only priority, for some time now user data has gained a lot of prominence. The aforementioned ransomware is a clear example of this.Many examples of this type of malware are dedicated to encrypting user data while leaving the rest of the operating system apparently intact or at least functional.
Attacking user data makes a lot of sense considering that user data is almost always unique, so its loss would be irreparable damage, while the operating system is something that can always be recovered relatively easily by reinstallation or with some recovery mechanism.
The safety tips I have exposed here, at general levels, are not difficult to apply, but not only must they be applied, but they must be applied in a constant and forceful manner in order to avoid misfortunes as much as possible. There is no such thing as 100% safety, but on this front any improvement is positive and should be implemented.
Cover image: Pixabay