That train of thought needs to be stopped in its tracks. I have been doing this whole security thing for a long time now. I know what people say – “Microsoft sucks when it comes to security”. I won’t even bother to discuss the fact that it’s not truly entirely Microsoft’s fault. They cannot help that they are so widely used that people want to exploit what they’ve done. I challenge any one of you to create an operating system that is 100% secure. I would stake my reputation on the fact that it is not possible to do.

No, Microsoft isn’t perfect. No, Windows 7 isn’t 100% secure. However, out of the box (without additional protection software installed) it is by far more secure than any previous release that we have seen come out of Redmond. I’ve read on several different sites that the guess is around 90% of previous security holes have been addressed, and are no longer an issue. While it’s not a perfect number, it is darn good.

So what about Windows 7 is more secure? Windows 7 makes remote connectivity to corporate networks seamless, protects data on thumb drives, and offers fewer user account control prompts to bug users compared to Vista. The UAC now allows you to control how many prompts you see, by using a slider bar to make your changes. DirectAccess offers remote workers the same level of seamless and secure connectivity as they have in the office.

BitLocker extends the data encryption features that we first encountered in Vista. It now works with removable storage devices, such as flash drives. A password or smart card that has a digital certificate stored on it can be used to unlock the data. These devices can be used and modified on any other Windows 7 machines, as long as you know the correct password.

Windows 7 also has AppLocker as a feature. This allows computer administrators to control the software that runs on a corporate network. This ensures that only authorized scripts, installers and dynamic load libraries can be accessed by the users. It can also be used to keep software off of the machine that is undesirable.

Lastly, but not least, Windows 7 comes with IE 8, which has many security enhancements:

• SmartScreen Filter – This replaces and expands upon the Phishing Filter found in IE 7.
• XSS Filter – This protects against cross-scripting attacks.
• Domain Highlighting – This puts emphasis on the relevant part of the URL so that you can easily determine the true location of the site you are visiting.
• ActiveX Security – Security for ActiveX is substantially better, and allows for controls to be installed on a per-site basis.
• Data Execution Prevention – DEP is enabled by default in IE 8.

All in all, I have to say that I am thus far very happy with how Windows 7 runs, as well as how secure it is. As I’ve already stated, no operating system is going to be 100% safe and secure… not even OS X or Linux. The only way you’ll get that 100% guarantee is to completely disconnect from the Internet, and never use it again.

What are your thoughts so far on Windows 7 in general, and the security improvements that the folks at Microsoft have come up with?

One of our experts has authored a post, Preventing Malware and Safe Computing. It’s a wealth of knowledge, and people are often referred to it.

Today, I came across Diane Wilson’s comment at Ed Bott’s blog. I like it. Concise, no-nonsense advice. I  agree with most everything. It mostly mirrors my philosophy, and current configuration:

1. Stay behind a router. NAS is a great filter for many attacks.
2. Use a firewall. Windows firewall works well enough.
3. Keep your OS up to date, not just in updates, but in versions. I’m already running Win 7 RC as my primary system at home, and I’ll be on Win 7 for good as soon as it goes RTM. Remember (or learn) that security must be pro-active, and that Vista and Win7 took huge steps in this direction. Address space randomization. Array and string range-checking to limit buffer overruns. And more.
4. UAC. Live with it. It’s your friend.
5. 64-bit. Required driver signing is your friend.
6. IE protected mode.
7. Data Execution Protection, turned on for everything. No exceptions.
8. Windows Defender.
9. Oh, one more thing. Anti-virus software.

I think the first suggestion contains a typo. It refers to a NAS, or Network Attached Storage. While they have become inexpensive, and easy to configure. They offer limited security protection. However, they can help protect your data. Most likely she meant NAT, or Network Address Translation. NAT hides your system’s IP address behind another IP (the router’s). Another advantage to a wireless router is that almost all of them now contain a hardware firewall.

Next is the firewall. While the default Windows firewall only offers inbound, and not outbound protection, it’s silent. It won’t confuse users with options, and popups the way other firewalls can. Simple and effective.

Suggestions 3 through 7 involve the operating system, and settings. What’s the most secure Windows operating system? Currently, it’s 64-bit Vista, with all updates, user account control (UAC) enabled, with Internet Explorer 8 running in Protected Mode (Vista’s default settings). Data Execution Protection is a feature of the CPU, that is enabled by the 64-bit OS.

What would I change? Windows Defender is included with Vista, and doesn’t do any harm. However, it’s also not particularly effective. It is a good idea to run an application that catches what your anti-virus might miss. My recommendation is MalwareBytes AntiMalware.

The comment quoted was in response to an article on Microsoft’s new free anti-virus product, Microsoft Security Essentials. It shows great promise, but is currently in beta, and they aren’t accepting additional participants at this time. My current recommendation for free antivirus is Avira AntiVir. If you can live with the popup windows everyday as it updates, it offers a great definition database, clean interface, and is light on system resources. Avast and AVG also offer quality, free antivirus options.

What would I add? Secunia offers a free, one-stop update service for security patches. As Windows has become more secure, other applications are targeted. Recent examples include Adobe Acrobat, Java, and Flash. OpenDNS offers free protections against known phishing, and malware sites. As well as offering web filtering options that can block content where much malware originates.

Finally, a security article wouldn’t be complete without a mention of backup. There are some nasty infections out there today. We’re seeing far too much Virut and Sality, and they’re pretty much impossible to remove. Be prepared for the worse. We previously wrote a five-part series on backup options for the home user.

1. DNSQueries.com – A good looking, well performing site with unobtrusive advertising, and a wealth of IP, DNS, and domain tools. Multi-lingual, and a support forum is available. Here you’ll find the most often used tools.
2. iptools.com – Another very comprehensive site offering free IP and domain lookup tools, only lacking a DNS report. Ad sponsored.
3.  intoDNS.com – If you’re just looking for something similar to DNSreport this site offers it free, and ad free. The format should be familiar.
4. DNSsy.com – Another report very similar in form and function to DNSreport. The site also includes a couple other basic lookup tools. Not only free, but ad free.
5. FixYourIP.com is another site that offers a nice collection of lookup tools. Ad supported. 

…5 more sites that deserve a mention:

1. dnscolos.com – Another free and effective DNS report site. Advertising free.
2. checkdns.net – The final DNS report site. Some may prefer the more detailed output.
3. freednsinfo.com – Another multi-lingual domain, IP, and network tool site.
4. dnstools.iball.id.au – Not the easiest domain to remember, but a clean and simple tool site.
5. mydnstools.info – Last but certainly not least. Free DNS, networking, IP and domain tools.

One more bonus site. While some of the charts it creates and tools are cool, it can be slow. It also seems parts of it may not be working. Geeky enough that it had to be included: serversniff.net

The bottom line is that you may be able to find all the tools you need using free alternatives to DNSstuff. However, they won’t all be conveniently located at one site, and won’t all offer the speed and performance of dnsstuff.com. If you host a lot of sites, own a webhosting company, or are a frequent user of the tools dnsstuff offers, than $79/year may be a reasonable investment. If you’re like most of the rest of us, and  only need to access the tools occasionally, it’s nice to know there are free alternatives available.

Why the alarm and concern? There are widespread reports of malware infections (Conficker.B or Downadup) that exploit a recently discovered vulnerability in the Windows Server service (SVCHOST.EXE). You can become infected by simply the act of being connected to a network, the internet, or sharing a removable drive. No action required. Scary stuff.

What if you’re already infected? Microsoft has updated their free malicious software removal tool. From a non-infected computer, simply download it and then run on the infected system. As always, you can also find free malware removal help in our forums.

Is your copy of Windows fully updated? If you’re reading this, chances are it probably is. Great, you’re protected! Now do someone else a favor. Talk about it tomorrow at the water cooler. Check your parents systems, talk to your friends and neighbors. This has the potential to be a very widespread, and serious infection outbreak. It can be avoided by simply running Windows Update.

Symantec’s history over the last few years seems to match the second definition. The huge security company, which just a few years ago has been the biggest and doubtless the most influencing security software developer around, witnessed a steep downfall in sales. The security giant, whose products were once installed in almost every new computer, was taunted by the Revolution of the Internet. Faster download speeds made it easier to find alternatives – some of which were free; so did online reviews and comparisons, which were available to everyone: not only in geeky computer magazines.

Symantec’s products were simply too bloated and buggy, and even as alternatives began to gain popularity, Symantec didn’t make a proper change. Ironically, it was Norton 360, an all-in-one suite targeted at home users, that made a 180 degree change with low performance requirements, a redesigned and intuitive interface and a huge leap forward in general. Now, the latest generation of Symantec’s 2009 security suites is held to a higher standard, as the company makes yet bolder promises. So we’ve tried out Norton Internet Security 2009, and here’s what we have to say.

Installing

Norton Internet Security 2009 (or NIS2009) was off to a rough start. First was the psychological factor: I didn’t want to like it. I had bad experience with previous Norton products and security suites. Second, the installation file is a whooping 58.6 megabyte in size; that’s almost double the size of Kaspersky’s Internet Security suite, NIS’s main competitor, and for years, the better choice of the two.

Once the download was completed, however, I was impressed by the speed of the installation, which only took about 2 minutes in total, not even requiring a restart in the end. No complex settings or daunting wizards to go through, either: NIS2009 launched itself flawlessly and was ready for action in just a couple of seconds.

Features & Interface

So what will you get for your money? Besides the traditional components, such as an anti-virus with active protection and an anti-spyware along with a firewall, NIS2009 offers an anti-phishing component (which blocks access to suspicious or dangerous websites), identity & log-in cards (allowing you to preset identities and sensitive information to enter in websites), parental control (which you need to install separately) and home network monitoring (allowing you to see the status of other computers in the network, as well as their security status – if they’re using NIS2009 too, and also determining if your wireless connection is secure and encrypted).

Opening the main window of NIS2009 reveals 3 different parts controlling different areas of protection: Computer (anti-virus and anti-spyware protection), Internet (firewall, intrusion prevention, e-mail scanning and network security) and Identity (identity cards, anti-phishing). Each of these areas takes a different part of the screen, allowing the user to disable or enable their main features with a single click, as well as access a more complex array of settings, shown in a separate screen. There are also two performance bars total system CPU usage vs. Norton’s CPU usage, and a button to launch LiveUpdate. You’ll also find quick help texts near every control on the main screen. All in all a simple and clean layout to which I got accustomed quickly.

If you’re a more advanced user or a control freak, NIS2009 will satisfy your needs. You can control  virtually every feature; the complex settings are organized in categories, and you can access yet more complex settings through the submenus. A bit confusing, but users that choose to dig into these settings will probably know their way around, though I found that basic information like a filepath of an infection, require way too much digging around sub-sub menus. Same for firewall – which is set on ’silent’ by default (meaning you won’t get notifications prompting you to block or allow programs to connect to the internet). And while NIS2009 does a good job in filtering these, I would like to see the firewall settings laid out in a more basic way and with less digging around menus.

Touching on control freaks, they will definitely like the performance meter familiar from previous versions of Norton Internet Security. This performance meter shows total CPU consumption vs. percent consumed by NIS2009. We’ll touch on the subject of performance later on, but you can also get very comprehensive graphs and reports on background jobs done by NIS2009 when the PC is idle.

One of the most important innovations in NIS2009 is Norton Insight, a technology allowing you to cut scanning times by mapping known “good” files, either from an online database or from a user input. It works by clicking the Norton Insight button in the main window, and allowing Norton Insight to scan known directories for ‘good’ files. You can also specify specific files that you want to check against the online database. As you can see from the screenshot, on my PC Norton Insight found only 19% ‘trusted files’, but that means many files and a significant reduction in scanning time. The great thing about this feature is that it’s community based. NIS2009 collects data from users (with permission) and tests to see if the same files appear in many different computers. If so, the file is assumed safe by Norton Insight, thus reducing scan times. So, with time this feature can only improve.

NIS2009 also includes the LiveUpdate feature built-in the product, unlike previous versions which had a clumsy and separate application performing updates. LiveUpdate here works flawlessly, and downloads definitions every several minutes. Thankfully, NIS2009 doesn’t disturb you to inform you of this, but more about this later on.

Like most security suites today, NIS2009 includes predefined log-in cards which you can configure and define as you like. You can password protect them or not, and you can set a master password required each time you want to use a certain log-in. All around a basic and easy to use feature, that also uses a toolbar (thankfully supporting both Explorer and Firefox, unlike previous versions) to fill in details. This toolbar also gives you information about site safety (phishing).

Performance & Detection

Performance was one of the biggest issues of previous NIS versions, and this version is lighter than ever. In normal computer usage – background operation with no scans running – Norton consumed between 10 to 20mb of memory; very impressive, and actually better than some standalone products. While scanning, NIS2009 took between 60 and 70mb of memory in a given moment, which on a fairly modern machine should not slow things much.

Like most modern anti-virus solutions, NIS2009 offers a ‘Quick Scan’ feature (scanning high-risk areas), which is quick indeed – on my machine this scan took just under 40 seconds – while scanning just below 4,000 files. A full scan, however, will take several hours – depending on the size of your hardrive, computer speed and amount of files.

Evidently, a great deal of effort has been put to make NIS2009 as silent as possible, hence the  inclusion of Silent Mode (also present in previous versions of NIS and other Symantec products). Like the name says, Silent Mode makes sure NIS2009 won’t disturb you during games or movies. You can set it to detect full screen automatically and turn Silent Mode automatically, or set it for a specific period of time. Once the time is over or full screen is ended, Norton will notify you if there were security incidents during the period. However, to my surprise I found that using Silent Mode isn’t necessary; NIS2009 was very quiet and didn’t alert me unless a shield has been disabled or it found a suspicious activity, even without Silent Mode.

However, not everything was perfect with NIS2009. While security suites traditionally have high detection rates, many have a lot of false positives, and this was the case here. On my clean machine, NIS2009 found several false positives and marked them as ‘highly dangerous’. Also, I encountered occasional problems with file downloads freezing, unless I turned NIS2009’s Active Protection off. Same with bigger file transfers through MSN Messenger. I also didn’t like the short freezing between clicks in the main program window.

Overall I would rate NIS a huge improvement over its predecessors, and a huge success. If you were to list the most common complaints about Norton Antivirus, and Norton Internet Security this release answers them all:

1. Bloated
2. Difficult to remove
3. Large memory footprint
4. Resource hog
5. Live Update

Norton has always enjoyed good detection rates, now it has a quality application and interface to go with them. It should be on your short list of antivirus applications. NOD32 was my former antivirus of choice (a geek favorite). I now run Norton Antivirus, and I can say it proudly. Well done Norton!

Rating: 4.5 out of 5 stars

Looking for spywareinfo.com and getting a GoDaddy parking page? Or, looking for the forums at forums.spywareinfo.com and getting a 404 error? You’re not alone. Try the new domain name, and you’ll find the old forum we’ve come to respect and admire. Why the change? Mike Healan the founder of the site has not been heard from in many months, and the spywareinfo.com name appears to have expired. However, the good people running the spyware removal forums didn’t want to let such a valuable resource die, so they planned ahead and registered a new name, spywareinfoforum.com. The change was actually made a couple of months ago, so most search engine results should point to the new domain. However, there are thousands of links from other sites to spywareinfo.com, and who knows how many bookmarks.

There is a slight danger that the domain name could eventually fall into the hands of bad guys. They might find a certain irony in using it to spread spyware, instead of remove it. Be sure to update your bookmarks to http://www.spywareinfoforum.com, and help spread the word.

Enter Systemlookup.com, a new home for these community contributed databases, hosted by Javacool. Javacool is the author of SpywareBlaster and other helpful tools. Systemlookup.com has an attractive, clean design, is very fast, and advertising free. While it’s still a work in progress, and new features are planned, it’s very useful.

Whether you assist people remove malware, are curious about entries in your HijackThis log, want to learn more about what’s running on your system, or even want to contribute a new item, be sure to bookmark Systemlookup.com!

SystemLookup hosts a collection of lists that provide information on the components of legitimate and potentially unwanted programs.
They are maintained by superb members of the Internet community, for the benefit of the community at large.

I have to start with a disclaimer. This unit has not been tested in an actual fire and this article will make no claims as to the amount of fire and heat this creation can stand. During the course of this article I am going to break the warranty on a few pieces of equipment. Follow these directions at your own risk. The author of this article and GeeksToGo.com assume no liability for those who choose to follow these directions.

What I needed:

1. NAS or other PHD (Portable Hard Drive)
2. Personal Fireproof Safe
3. Drill & Drill Bits
4. Category6 Network Cable
5. Fire Stop Caulk
6. Wire Cutters
7. Shrink Tubing
8. Soldering gun and solder
9. RJ45 Crimping Tool and ends
10. Hot Glue gun and sticks or Rubber Cement
11. Surge protector with RJ45 surge protection

For the purposes of this article, I chose the following equipment.

1. NewerTech miniStack NAS 750
2. SentrySafe H0100 Fire-Safe Waterproof Chest
3. 3M Fire Barrier Sealant (caulk)

I already had the NewerTech NAS from a previous review that I had written. The unit performed very well, and even though I really didn’t want to risk destroying such a useful device, I wanted to do this article more. Being Network Attached, the NAS gave me the flexibility to place The Tank anywhere in the house. This unit also runs very quiet and cool; both are necessary features when planning to run in a confined space.

I chose the SentrySafe (Model H0100) for many reasons. First, the unit costs about $25 and can be found at your local supermarket. I got mine at WalMart. It’s waterproof and UL Rated to withstand heat up to 1550 Degrees. It’s small in size to make it easier to place in an inconspicuous place. Even with its small size, it has more than enough room for my NAS, while still leaving a little space for breathing room.

The 3M caulk was the first thing I came across at Lowes. It’s easy to apply (comes in a caulk tube), waterproof, bonds to metal surfaces, won’t eat the plastic coating on wires, and dries quickly. 3M says the caulk restores fire rated construction to its original integrity, which is good since we will be drilling holes in our safe. When introduced to fire, the caulk expands to fill in the holes more thoroughly.

Now that we have the why, and what, let’s look at how…

Step 1 – Prepare the NAS I had to do a number of things to the NAS to make this work, most of which will void the warranty. Remember, continue at your own risk.

First I took apart the plastic case. It won’t be necessary with the NAS’s fancy new steel outer structure. The plastic will just take up room inside the safe. We need more room so that we have more airspace to help keep the drive cooler during normal usage.

I also removed the LED lights. Again, they aren’t necessary and only serve to generate heat. I considered re-wiring the LED activity lights and mounting them on the exterior of the safe, but that would require drilling another hole. I’m shooting for fewer holes for better protection. Function over aesthetics.

The NewerTech NAS comes with a small heat sink that can be found on the underside of the NAS unit to help disperse heat. For the time being, I am going to use the supplied heat sink to see if it will suffice in an enclosed environment. If not, I have an idea for a bigger heat sink to help keep things running efficiently.

In yet another attempt to void the warranty of this awesome piece of equipment, I cut the power cable. I cut the cable between the power block and the NAS, for two reasons. First, the power block expels heat, which we want to minimize inside the safe. Second, the end of the cable that plugs into the NAS is too big. To maximize fire protection, we want to keep the holes in the safe small.

I took an extra step by stripping off some of the factory shielding and replacing it with my own, much smaller shielding. That allowed the hole in the safe to be even smaller. I used the shrink tubing to protect the wires, and to assure that the bare wires didn’t short out on the safe walls.

Step 2 – Prepare the Network Cable Much like with the power cable for the NAS, I customized my network cable to minimize the size of the hole needed to go through the safe.

Remember when stripping or playing with network cabling, it’s important to keep the twists in the wire. These are important. I didn’t replace the outer shielding on the network cable. I ran the shielded part right up to the outside of the safe, but everything inside the case will be unshielded.

Step 3 – Prepare the safe Once I had the network and power cables customized, I tested to see how big of a drill bit I needed to make the holes in my safe. I recommend using a good quality drill bit as these safes are pretty well made.

To determine exactly how small of a hole I could get away with, I took my drill bits and made test holes in a piece of wood first. I decided on 2 different drill bits, one for the network cable, another for the power cord. Once I found the smallest holes possible, I was ready to drill. I’ve chosen not to include the bit size I used, because the bit size you need will vary depending on the cable used, and how much work you chose to do with the shielding.

Now comes the part where I drill holes in a perfectly good safe. Those with weak stomachs might want to stop here. Again, keep in mind that we’re breaking warranties here. As a note, some home safes are filled with sand, or at least a loose substance, inside the walls of the safe. This acts as insulation for the fireproofing. It’s important to keep this in mind when picking a spot to drill the hole. I picked a spot on the lower half of the safe in the back… near the hinges. I thought this would be the best place with the flattest surface for drilling. I first tested by opening the lid to be sure I wouldn’t pinch the wires when I opened the safe for any reason.

Now with my holes drilled, I quickly inserted the wires and caulked the holes both inside and out. I used my fingers to make sure I had a tight fit around the wires.  This again assures minimal loss of  insulation that was housed inside the cavities of the safe. Although the caulk says that it sets up in under 10 minutes, I left my creation overnight. I didn’t break anything loose as I was pulling and moving the wires while putting it together.

Step 4 – Put the wires back together Now that the wires are through the safe wall, and the caulk holding them in place is dry, it’s time to put everything back together. I started out by sliding the old shielding on the network cable to make the job look nice.  To place a new RJ45 end on the Cat6 cable so that the unit is ready for communication, I used my handy-dandy crimping tool. Ensure the Cat6 cable twists are still in place.

I used a soldering gun and more shrink tubing to repair the cut I made in the electrical cord. I also used a larger piece of shrink tubing around both the wires to keep them together, and to try to make it as safe as possible. A fireproof safe isn’t much good if the fire starts inside the safe!

Step 5 – Install what’s left of the NAS At this point the NAS is little more than a hard drive with an attached heat sink and a circuit board. To ensure that the circuit board doesn’t short out on the steel structure it will be housed in, it’s important to use either rubber cement or a hot glue gun. Either of those substances will insulate the electrical components from the steel.  I placed the top of the NAS under the drive to provide some extra insulation.

Don’t use too much glue because we want to leave as much airspace as possible inside the safe, but use enough glue to give a little airspace under the unit. You’ll have to judge for yourself the proper amount. Be sure you check clearance of the lid of the safe when it’s closed.

Step 6 – Setup outside protection for the NAS In the list of items used above, I noted a surge protector with RJ45 (Network) protection. If your data is protected from fire, it might as well be protected from electrical surges as well. Ensure that your drive and network connections are connected to the surge protector. Not only does this give us some more protection for our secure data, but it allows us easy access to be able to power the NAS on and off when necessary.

Construction done, now what?

Now that we’re done putting it together, it’s time to do some testing. I started with a simple test, with the safe open, to ensure that my customizations didn’t break anything. I turn on the NAS and tried to connect to it with my computer. Fortunately, everything worked just as it had when it was running in its own case.

Next, it’s time to do some long-term testing to see how the drive fares in the confines of the safe. For the purposes of this test I have a wired thermometer. I’ll close it inside the safe so that I can monitor temperatures.

My house is air conditioned and I keep it at a comfortable 72 degrees Fahrenheit. Most hard drive manufacturers recommend that a drive operate in temperatures between 32 and 140 degrees F. With a maximum temperature around 140 degrees F and a room temperature of 72 degrees F, I expect to have enough headroom to make this experiment work. Note – 140 degrees Fahrenheit is maximum temperature and is certainly not our target. Drives generally operate best at less than 100 degrees F.

Under normal operation, with no one writing to the drive, the temperatures inside the safe ranged between 75 and 80 degrees. We’re off to a good start. Considering the maximum temperatures provided earlier, I’m pretty happy with the current results.

After allowing the drive to idle for a few hours so I could record the temperature results, I thought it was time to move on to a little more strenuous test to see how the temperature would change when the drive was put to work. To make the drive work, I tried performing a full system backup from my laptop. That’s about 85GB of data and should take some time to complete. About midway through the backup, the temperature reached its peak at 97 degrees Fahrenheit. While this is certainly not an optimal temperature, it’s well below the maximum temperature and even below our target temperature of 100 degrees F.

Since short tests are not very conclusive, I decided to check the temperature as often as possible over the course of a week, so as to continue to monitor the temperatures inside the safe. During the course of my test week, with nightly backups and sporadic access to the drive for access to my storage data, I watched the temperature gauge as often as I could remember. The average temperature through the testing period was somewhere between 87 and 95 degrees Fahrenheit. The peak temperature I recorded during testing was 101 degrees F.

What can this creation handle?

The amount of fire your drive can withstand relies on the safe that you choose.  The better the safe, the better your drive will fare in the event of a fire.  For this test, I chose a cheap safe.  It’s effective, and will work, but isn’t the best option if you have very important data to protect.

Taking into account the specs of the safe, this creation should withstand 1500 degrees Fahrenheit for 15 minutes.  It’s also waterproof, so the efforts of the firefighting team shouldn’t damage the drive either.  I would say it was well worth the $40 I have invested in it (in addition to the NAS device).

Final thoughts.

Basically this is a risk-vs-reward project.  To complete this project, you risk breaking the warranty on some equipment. You will be putting your equipment investment at risk by putting it into a fairly inhospitable working environment. There is also no guarantee that in the event of a fire, your drive will be totally protected, such as in a 1500 degrees F fire lasting longer than 15 minutes .

The reward is a drive that is potentially fireproof and waterproof   a drive that can withstand almost anything you can throw at it. You’ll have a safe place to keep your important files that you should never have to touch, and one that is always connected.

The first thing that comes to mind upon hearing the word spam, for most people, is an email advertising certain enhancements to the male body, not the cheap pork brand – which is actually the source of the word. This is not surprising: in 2006, 40% of all e-mails sent – 12 billion per day – were classified as spam emails, and that figure continues to grow constantly as spam vendors evolve and develop their spamming practices.

Many people have had their personal email boxes completely flooded with spam emails – but just how massive is this phenomenon is in real life, for a real person? What websites send the most spam? How do your actions influence the amount of spam sent? Finding answers to these is just the purpose of the recent McAfee research, the results of which have been posted last June. McAfee took spam surveys on a whole new level. 50 volunteers from around the world have been given a computer and email accounts and participated in this research, creatively named Spammed Persistently All Month (SPAM). They have been asked to submit their email addresses to as many websites as possible, including ‘get rich quick’ plans, ‘work from home’ websites, ad clicking websites, and free giveaways: iPods, vacations, etc., and similar.

During the course of the experiment, the volunteers received hundreds of thousands of spam e-mails. Particularly, the research found that US citizens received the biggest amount of spam emails in course of one month: 22,233 per person (average). In contrast, volunteers from Germany and France got only 5000 emails, while the British took the middle spot with 10,000 emails. Besides the geographical aspect, men received more spam emails than women did. McAfee says this is because men traditionally have a larger income than women, and spammers are more interested in them, regardless of their sexuality.

The volunteers set themselves fake identities. Using them, they subscribed to various legitimate-looking work-from-home websites. Volunteers say these websites generated the largest percent of spam sent. Volunteers that gave away their real home address found out they were actually spammed in real-life: their mailbox was flooded with hundreds of printed spam. Then, they were asked to actually reply to these emails and click on various ‘Unsubscribe’, ‘Remove me from the mailing list’, etc. links usually found in spam emails. This led to a massive increase in spam emails, and the final figures were greatly influenced by this.

However, these emails weren’t only innocent looking spam. After confirming their email address by clicking on the various unsubscription links, volunteers received hundreds of 419 scams. Some redirected them to fake PayPal lookalikes. After providing their real PayPal details (of their fake identity, of course), volunteers found foreign IP addresses trying to access their PayPal accounts. Furthermore, most PCs were heavily infected with spyware by the end of the research, presumably by email attachments or scripts on certain websites – even though a McAfee Protection Suite has been installed on the computer.

While this research hasn’t turned out anything new or surprising, it’s a good reminder to what spam really is – a criminal offense, directly relating to scamming and spyware. The numbers collected by the research are staggering, and prove the huge share of spam in online crime activities, which just keeps growing and take a massive part of our lives.

With this in mind, there are methods to prevent spam coming in the first place. Using them will help you keep a cleaner email box and by that, you will join the fight against spam & malware – which are like yin and yang to each other.

• Don’t give away your personal email address in websites. Set up a separate email account for keeping emails from websites. For especially shady-looking websites, use a free disposable email address – here is a handy list of 20 such services. Never give away your email address on an open forum, discussion board or blog. Spam bots constantly search the net for such addresses. If you really need to include an email address on a webpage, regardless how popular it is, make sure you write it so it doesn’t look like an email address (no ‘@’ sign). For example: don’t *at* spamme *dot* net. Alternatively, you can make your email address a picture.

• Don’t choose a ’simple’ email address. While this may seem tempting, easy email addresses are easy to guess. Some spam bots work with dictionary words and combinations of letters, for example: table at gmail dot com, and send messages to these addresses. To fool them, use an address like 2table29k at gmail dot com.

• Don’t open unknown attachments. Most email providers and/or clients will scan attachments for you, but virus vendors know how to bypass this – simply don’t open attachments from unknown senders.

• Never reply to spam emails. As proven by McAfee’s experiment: replying to spam emails only makes it worse. Just delete these emails. Replying or clicking unsubscribe is going to make it even worse.

• Never click on banking or finance links from emails, or links to websites that have your personal details. Even if you get an email that appears to have been sent from your local bank, and the link looks like the website address – don’t click on it. Scammers use different techniques to fool you into entering the username and password in their website. To prevent this, always access baking websites by typing their full address in the browser window.

• Never provide personal information through emails. Whether it’s an email from your bank, PayPal or your aunt in Florida – never give away passwords by replying to emails. Baking facilities are not authorized to request your password and sensitive data through email as it’s not secure and is open for scamming.

• Stay away from get rich quick, free gifts and free cash schemes. Some might even earn you a few cents, but they are not worth the effort. Most of them will spam your email box and send scams, and payout is high so you’ll need to wait several years to get your $10. Remember: if it sounds too good to be true then it probably is.

• Use Gmail. Gmail is free and has nearly 7GB of storage, and has one of the best spam filters, even compared to paid solutions. You can also synchronize it with your Outlook, Thunderbird or any other major email client, using POP3 or IMAP.

• If all hell breaks loose… Start over. Fighting spam once it has taken over your inbox is impossible. The best way to fight spam is to prevent it from reaching your inbox in the first place – so just notify all your contacts and start over by opening a new mail address. Incorporate the tips in this article when opening it. Also, you might want to add an additional layer of security to your inbox by purchasing a paid solution such as Cloudmark. If you have a Security Suite, look for the spam filtering application. While some of these products don’t provide great protection, they do something.

Finally, remember that even if you follow all tips in this article to the letter – by no means this is a guarantee that you will not get spammed. Many malware infections harvest email addresses from infected PCs. So, just having your email address in the contact list, or email box of someone else’s infected computer – could get you spammed. However, following the tips in this article should prevent most spam. Good luck!

Since the first result on the search page is often for a topic in the malware removal forum of this site, some people even think we’re somehow responsible. While we’re not yet sure why these users are being redirected, we can tell you how to fix it.

• Download Trend Micro’s HijackThis
• Close your browser and Install HijackThis
• Open HijackThis, Select Do a system scan only button
• In the results, find this line:

O2 – BHO: Browser Address Error Redirector – {CA6319C0-31B7-401E-A518-A07C3DB8F777} – c:\windows\system32\BAE.dll

• Tick the checkbox next to that line, and select the Fix Checked button (DO NOT select any other lines without assistance).
• Restart your browser and navigate to Yahoomail. You should now be able to access it.

UPDATE: Thanks to Chris’ comment, it seems a number of people may be having this problem after Spybot Search & Destroy modifies their hosts file after using the “immunize” feature. Since editing your hosts file can be tricky for some, here’s an easy method to restore your hosts file:

Please download HostsXpert

1. Unzip HostsXpert.zip
2. Double click on HostsXpert.exe
3. Then click on “Restore Original Hosts” to restore your Hosts file to its default condition.
4. Click on Make Hosts Read Only to secure it against further changes.
5. Close program when complete.

If you have any questions, or need further assistance, please read our malware cleaning guide.