DEEP-ISH THOUGHTS RANTS and MUSINGS
A Letter on Taking Security Measures on your Personal Computer
So, I had some fun times today.
I was almost finished creating some good content for my blog and just as I was about finished adobe reader opened up out of nowhere and I lost everything I had written and I was like "FUCK!!!!" I thought that was bad until my browser shut down and zippity zap zoop! my computer freaks out and some program called AV something rather told me my computer was infected and it was scanning and finding all sorts of viruses. So I tried going to McAfee to tell me what was going on and every time I tried to open a new program it would tell me it was infected. I finally said fuck it and opened up McAfee and did a full scan. It didn't find anything. The other program had disappeared mysteriously.
I'm going to go over it with my wife later. But it brings me to ask the question, what can I do to best protect not only my computer but my website from malware, spyware and viruses, especially now that I am a bigger target then I used to be? I want the best protection I can get. I know dailypaul has been hit a few times which sucked. And I suspect I'll be targeted, but the lesser I get hit the better. Anyways. I figure you've probably got a ton of information and steps for me to follow. Right now, I'm not doing anything to protect myself. I've got McAfee and passwords which I am sure any goomba can figure out, especially if they have a key logger, which the AV program says I got slapped on my computer today. Anyways, any help would be much appreciated.
Also, now that I've pretty much got my site wrapped up, I'm ready to start getting into the SEO more intensely. I'm not prepared to change the structure of the site to have a static front page, but if there are other behind the scenes things I can do I am down. What can a beginner do?
Whoa, that sucks, it sounds like you got a fake virus. These types of “virus” are actually made by a purported antivirus software company, with the aim of scaring people into buying their software to get rid of all the supposed viruses. I always wonder how these fuckers get in. Really the only way is if you had downloaded something recently, and it was attached to it.
I actually don’t run antivirus for this reason. Companies that makes money from the existence of viruses can only sustain their software’s usefulness by getting their users to believe that they are actually being protected from viruses. The more viruses they detect, the more fear they arouse, the more they are presumably worth. For these reasons, I’ve gleaned that the best protection comes from becoming... one with your machine. Haha! But seriously. I’m so familiar with the performance of my machines, that at this point that I know when my computers are sick just like I know when I’m sick. It’s not as hard as you might think. Here's some tips:
- First thing you can do is get a system performance program. This will let you know your current temperatures, CPU voltage, current RAM usage, HDD usage, and a few other things. Why would this be helpful? Well, for instance right now, I’m just writing an email, something that is not at all CPU intensive; if my core temps are going up and my CPU is getting a workout, there better be a damn good reason for it. Meaning that, whatever program just started running in the background better not be something I didn’t authorize. (get iStat Pro for Mac and CPUz for Windows).
- Second, you might look into getting some network monitoring software (Little Snitch for Mac and ZoneAlarm for PC). But not for incoming connections, for outgoing connections. Most people don’t realize that with minimal security precautions, they are usually extremely protected from outside threats. By and large, malware has made it’s way onto a personal computer because someone downloaded something dodgy; but still, you had to exclusively invite this thing in. However, once on your computer, it can connect to the internet as much as it wants, and send a virtually unlimited amount of outgoing traffic without even prompting the user! This is because even legit software is allowed to “phone’s home”, and it does it ALL THE TIME. You might not know it, but every program on your computer probably checks in with home-base at minimum a few times a week. This is usually for update purposes or to make sure you’re not running a hacked version of the software, but people who write viruses and trojans typically don’t prescribe to those rigid rules, and the last thing you want is a virus that sends personal information to home base once a week. With Little Snitch or ZoneAlarm, the virus might make it onto your computer, but nothing, absolutely nothing, will make it out of your network connection unless you allow it.
- Third, the robust-ness of your operating system will prevent a lot more hacks than any antivirus software. There is a conference every year in Vegas where all the worlds “Leet” “ethical hackers” congregate and divulge to each other recent exploits and OS vulnerabilities. Many of them are IT-pros or programmers themselves, and attest that their conference helps Apple and Microsoft become aware of these bugs so they can patch them. But on the same token, it makes the rest of the hacking public aware of these vulnerabilities, so when Microsoft releases a service pack or a patch, install that bitch asap. Those who don’t keep up to date with the latest sp versions and updates for their OS are at serious risk. There is probably nothing more vunerable than using an early version of Windows XP, so if you are running that, do yourself a favor, make the leap.
- Fourth, don’t keep information on your computer that could jeopardize you vitality or your finances. After all, your shit could just get stolen, and unfortunately there is no good software for preventing a stolen laptop from getting into Tijuana. I personally could hack into any password protected computer in less than 15 minutes if I were directly at the console. If your computer gets wrecked, that’s one thing, but if your savings gets drained or some shitty people figure out where your family lives, that’s a whole different level of screwed.
- As for the security of your website; that’s mostly in the hands of your hosting provider. Unless someone got their hands on your FTP password, you’re not really gunna prevent someone “that good” at fucking up your website. It really should not be able to happen though. Besides, dDOS attacks are relatively short lived, and if your shit gets deleted from your server, you should always maintain a copy of everything on your local machine.
A Letter on SEO Search Engine Optimization
Here's a letter I wrote to a friend about his new website. I thought I'd share in case anyone is interested in my take on building a google friendly website.
I don’t have anything bad to say about wordpress; it’s probably the best blog software out there, and it can definitely work as a homepage. However, I just think that optimizing it for search engines would be quite difficult. Let me explain. Google has automated software (referred to as web crawlers, spiders, bots) that crawl from page to page on the internet and takes a copy of all the text on each page it visits (if you want to know how your website looks to a search engine spider, go to your homepage using firefox and press Ctrl+U [or Apple+U on a mac]). These spiders get around the internet by following every link on every new page they find. This is why some webmasters have a link to a sitemap somewhere on their homepage. This ensures that the google spider will index every page of their website. If there are sub pages on your website that someone cannot eventually get to simply by clicking their way there, then the spider will not find them. For example, if the google spider follows a link from someone elses webpage to your Simple Machines Forum, the spider will not be making a stop at your homepage or other blog articles, because as of right now, there are no links from your forum, to your homepage (at least that I can find). But anyway, the spider then sends this cached text version of your website to google for search engine ranking analysis. The text on your homepage (and any other pages that were cached) at the time it was crawled, dictate what google is going to use to rank your pages for various search strings entered by people using google. Thus, someone trying to get high search rankings for a particular set of keywords will have a much easier time if nearly all the textual content on their homepage isn’t constantly changing. Furthermore, if you eventually get into the top ten for a good search string, you don’t want to lose that good ranking. For instance, someone might google [anarchist news and discussions] and your website makes it into the top 10; well next week the google spider comes along and indexes the new content on your homepage, and you fall out of the rankings again. Just something to think about.
Getting people to visit, revisit, and participate, should be the primary concern of every webmaster. Getting high search engine rankings for relevant key words is the MOST important thing to get new visitors. Having interesting and provocative content is the key to getting return visitors. I can help you with search engine optimization; getting repeat visitors are totally on you ;-)
Let me know if you have anymore questions.
Looking at Labs
My First Computer
Well, not exactly, but it's the first computer I built myself.