By Howard Fosdick

Fosdick Consulting Inc.

2008 July 26
Version 2.1
Distribution: ou !ay "reely re#roduce and distri$ute t%is guide %owe&er you like ' $ut you !ay not c%ange its contents in any way.
(%is #roduct is distri$uted at no cost under t%e ter!s o" t%e )#en *u$lication +icense wit% +icense )#tion , --
Distribution of modified versions of this document is prohibited without the explicit permission of the copyright holder.
Feedback: *lease send reco!!endations "or i!#ro&ing t%is guide to t%e aut%or at e!ail address .ContactFCI/ at t%e do!ain na!e
.s$cglo$al.net/. Disclaimer: (%is #a#er is #ro&ided wit%out warranty. Fosdick Consulting Inc. and t%e aut%or acce#t no res#onsi$ility "or
any use o" t%e data contained %erein. Trademarks: ,ll trade!arks included in t%is docu!ent are t%e #ro#erty o" t%eir res#ecti&e owners.
About the Author: Howard Fosdick is an inde#endent consultant w%o works %ands-on wit% data$ases and o#erating syste!s. He0s written
!any articles1 #resented at con"erences1 "ounded so"tware users grou#s1 and in&ented conce#ts like hype curves and open consulting.
Acknowledgments: (%ank you to t%e re&iewers wit%out w%ose e2#ert "eed$ack t%is guide could not %a&e $een de&elo#ed3 Bill Backs1
Huw Colling$ourne1 4ic% 5urt61 *riscilla *olk1 Janet 4i6ner1 and ot%ers w%o #re"er anony!ity. (%ank you also to t%e ,ssociation o" *C
7sers 8,*C791 Better :o"tware ,ssociation1 Bit;ise <aga6ine1 IB< =ata$ase <aga6ine1 ): >ews1 *ri&acy 4ig%ts Clearing%ouse1
(ec%4e#u$lic1 7niForu!1 and ?=>et. Finally1 t%ank you to t%e %undreds o" readers w%o #ro&ided "eed$ack.
-1-
How to Secure Windows and Your Privacy
with Free So!tware
,n @asy Auide "or t%e ;indows 7ser
Do you know that --
;indows secretly records all t%e we$ sites youB&e e&er &isitedC
,"ter you delete your )utlook e!ails and e!#ty t%e ;aste Basket1 so!eone could still read your e!ailC
,"ter you delete a "ile and e!#ty t%e 4ecycle Bin1 t%e "ile still e2istsC
our Internet :er&ice *ro&ider !ay co!#ile a co!#lete dossier on your we$ sur"ingC
our co!#uter !ig%t $e a bot1 a sla&e co!#uter waiting to #er"or! tasks assigned $y a re!ote !asterC
<icroso"t ;ord and @2cel docu!ents contain secret keys t%at uniDuely identi"y youC
)""ice also collects statistics anyone can read on %ow long you s#ent working on docu!ents and w%enC
(%is guide e2#lains t%ese ' and !any ot%er -- t%reats to your security and #ri&acy w%en you use ;indows
co!#uters. It descri$es t%ese concerns in si!#le1 non-tec%nical ter!s. (%e goal is to #ro&ide in"or!ation
anyone can understand.
(%is guide also o""ers solutions3 sa"e #ractices you can "ollow1 and "ree #rogra!s you can install. =ownload
links a##ear "or t%e "ree #rogra!s as t%ey are cited.
No one can guarantee the security and privacy of your Windows computer. ,c%ie&ing "ool#roo" security
and #ri&acy wit% ;indows is di""icult. @&en !ost co!#uter #ro"essionals don0t %a&e t%is e2#ertise.
Instead1 t%is guide addresses t%e security and #ri&acy needs o" !ost ;indows users1 !ost o" t%e ti!e. Follow
its recommendations and your chances of a security or privacy problem will be minimal.
:ince t%is guide lea&es out tec%nical details and o$scure t%reats1 it includes a detailed ,##endi2. Loo
there first for deeper explanations and lins to more information.
Why Security and Privacy "atter
;%y s%ould you care a$out !aking ;indows secure and #ri&ateC )nce young .%ackers/ tried to $reac%
;indows security "or t%rills. But today #enetrating ;indows co!#uters yields $ig !oney. :o #ro"essional
cri!inals %a&e !o&ed in1 including o&erseas gangs and organi6ed cri!e.
,ll intend to !ake !oney o"" you ' or anyone else w%o does not know %ow to secure ;indows. :ecurity
t%reats are increasing e2#onentially.
(%is guide tells you %ow to de"end yoursel" against t%ose trying to steal your #asswords1 #ersonal data1 and
"inancial in"or!ation. It %el#s you secure your ;indows syste! "ro! outside !ani#ulation or e&en destruction.
It also %el#s you deal wit% cor#orations and go&ern!ents t%at $reac% ;indows security and your #ri&acy "or
t%eir own ends. ou %a&e privacy i" only you deter!ine w%en1 %ow1 and to w%o! your #ersonal in"or!ation is
co!!unicated. )rgani6ations try to gain ad&antage $y eli!inating your #ri&acy. (%is guide %el#s you de"end it.
The Threats
;indows security and #ri&acy concerns "all into t%ree categories --
1. How to de"end your co!#uter against outside #enetration atte!#ts
2. How ;indows tracks your $e%a&ior ' and %ow to sto# it
E. How to #rotect your #ri&acy w%en using t%e Internet
(%e "irst two t%reats are s#eci"ic to ;indows co!#uters. (%e last one a##lies to t%e use o" any kind o"
co!#uter. (%ese t%ree #oints co!#rise t%e outline to t%is guide.
-2-
#utline
$% How to De!end Against Penetration Attem&ts % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % '
$%$ Act Sa!ely #nline % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % '
$%( )nstall Sel!De!ense So!tware % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % '
Firewall
Anti*irus
Anti"alware
Anti+ootkit
)ntrusion Prevention
$%, -ee& Your Programs .&toDate/ % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % 0
$%' Test Your 1om&uter2s De!enses % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % 3
$%4 PeertoPeer Programs 1an 5e +isky% % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % 6
$%7 Don2t 8et Another .ser 1om&romise Your 1om&uter % % % % % % % % % % % % % % % % % % % % % % % % % % % $9
$%0 .se Administrator +ights S&aringly % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % $9
$%3 .se Strong Passwords % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % $$
$%6 Always 5ack .& Your Data % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % $$
$%$9 :ncry&t Your Data % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % $(
$%$$ +educe 5rowser *ulnerabilities % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % $(
Will Your 5rowser +un Anybodys Program;
)nternet :<&lorer *ulnerabilities
$%$( Wireless +isks % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % $,
$%$, +e&lace "icroso!t Products;% % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % $'
(% How Windows Tracks Your 5ehavior = and How to Sto& )t % % % % % % % % % % % % % % % % % % $4
(%$ How to Securely Delete Data % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % $4
How to Securely Delete Files
How to Securely Delete :mail and Address 5ooks
How to Securely Delete All Personal Data on Your 1om&uter
(%( The +egistry 1ontains Personal Data % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % $0
(%, Windows Tracks All the Web Sites You2ve :ver *isited % % % % % % % % % % % % % % % % % % % % % % % % % $3
(%' Windows 8eaves Your Personal )n!ormation in its Tem&orary Files % % % % % % % % % % % % % % % $6
(%4 Your >"ost+ecently .sed? 8ists Show What You2re Working #n % % % % % % % % % % % % % % % % (9
(%7 Product +egistration )n!ormation "ay be Hard to 1hange % % % % % % % % % % % % % % % % % % % % % % % (9
(%0 File >Pro&erties? :<&ose Personal Data % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % (9
(%3 "icroso!t :mbeds Secret )denti!iers in Your Documents % % % % % % % % % % % % % % % % % % % % % % % % ((
(%6 Windows Secretly 1ontacts "icroso!t % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % (,
(%$9 1hart o! "icroso!t@s Tracking Technologies % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % (,
(%$$ Does Your Printer S&y on You; % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % ('
,% How to Protect Your Privacy When .sing the )nternet % % % % % % % % % % % % % % % % % % % % % % (4
,%$ 8imit the Personal )n!ormation You Aive #ut % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % (4
,%( Don2t 8et Web Sites Track You % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % (7
,%, )s Your :mail Private; % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % (0
,%' )s Your Web Sur!ing Private; %% % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % (6
,%4 Are Your Web Searches Private;% % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % ,9
'% Wisdom % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % ,(
4% A&&endi< = Further )n!ormation and 8inks % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % ,,
-3-
$% How to De!end Against Penetration Attem&ts
(%ere are !any reasons so!eone or so!e organi6ation out in t%e Internet !ig%t want to #enetrate your
;indows co!#uter. Here are a "ew e2a!#les '
(o secretly install so"tware t%at steals your #asswords or "inancial in"or!ation
(o enroll your co!#uter as a bot t%at secretly sends out Funk e!ail or spam
(o i!#lant so"tware t%at tracks your #ersonal we$ sur"ing %a$its
(o destroy #rogra!s or data on your *C
our goals are toG
*re&ent installation o" !alicious so"tware or malware
Identi"y and eli!inate any !alware t%at does get installed
*re&ent !alware "ro! sending in"or!ation "ro! your co!#uter out into t%e we$
*re&ent any ot%er secret #enetration o" your co!#uter
$%$ Act Sa!ely #nline
+etBs start wit% t%e $asics. !our use of your computer "" your online behavior # significantly affects how easy it
is to penetrate your $%.
*ractice sa"e we$ sur"ing. Handle your e!ail sa"ely. Follow t%ese ti#s to reduce t%e c%ances t%at outsiders
can #enetrate your co!#uter3
=on0t download "ree screensa&ers1 wall#a#er1 ga!es1 or tool$ars unless you know t%eyBre sa"e.
(%ese o"ten co!e wit% e!$edded !alware. I" you Fust can0t #ass u# "ree$ies1 download t%e! to a
directory w%ere you scan t%e! wit% your anti-&irus and anti-!alware #rogra!s $e"ore using t%e!.
=on0t &isit Duestiona$le we$ sites. Hacker sites1 se2ually e2#licit sites1 and sites t%at engage in
illegal acti&ity like #iracy o" !usic1 &ideos1 or so"tware are well known "or !alware. ou could get %it
$y a drive"by -- a !alicious #rogra! t%at runs Fust $y &irtue o" your &iewing a we$ #age.
=on0t o#en e!ail or e!ail attac%!ents "ro! Duestiona$le sources. (%ese !ig%t install !alware on
your syste!. =angerous e!ail attac%!ents o"ten #resent t%e!sel&es as ga!es1 interesting
#ictures1 electronic greeting cards1 or in&oices so t%at you will o#en t%e!. 8I" you get too !uc% Funk
e!ail1 reduce it wit% t%ese "ree #rogra!s.9
=on0t click on links #ro&ided in e!ails. (%ese could direct you to a legiti!ate-looking $ut $ogus we$
site designed to steal your #ersonal in"or!ation. %ompanies that protect their customers don&t
conduct business through embedded lins in emails'
Be"ore you enter your online account na!e and #assword into any we$ site1 $e sure t%e we$ #age
is secure. (%e we$ #age0s address s%ould start wit% t%e letters htt&s 8rat%er t%an htt&9. <ost
$rowsers dis#lay a closed lock icon at t%e $otto! o" t%e $rowser #anel to indicate a secure we$ site
"or!.
=on0t gi&e out your "ull na!e1 address1 #%one nu!$er1 or ot%er #ersonal in"or!ation in c%at roo!s1
"oru!s1 on we$ "or!s1 or in social networks. 8:ection E on .How to *rotect our *ri&acy ;%en
7sing t%e Internet/ %as !ore on t%is to#ic.9
(%e ,##endi2 links to articles wit% !ore sa"ety ti#s.
$%( )nstall Sel!De!ense So!tware
(o de"end ;indows1 you need to install so"tware t%at #rotects against se&eral kinds o" t%reats. (%is section
descri$es t%e t%reats and t%e so"tware t%at de"ends against eac%.
-4-
:o!e #rogra!s #ro&ide #rotection against !ulti#le t%reats. (ut no single program protects you from all threats'
Co!#are any #rotecti&e so"tware you already %a&e installed to w%at I descri$e $elow. (o co&er any ga#s1 I
reco!!end "ree so"tware you can download and install. (%e discussion includes download links "or t%e "ree
#rogra!s.
Figure 1 Download any of the free programs in this guide from TheFreeCountry.org Download.!om or
"a#or $eeks. %ere is the main panel for free se!urity programs at TheFreeCountry.org ...
Firewall ' Firewalls are #rogra!s t%at #re&ent data "ro! co!ing into or lea&ing "ro! your co!#uter
wit%out your #er!ission. 7nsolicited data co!ing into your co!#uter could $e an atte!#t to
co!#ro!ise itH unaut%ori6ed data lea&ing your co!#uter !ay $e an atte!#t to secretly steal your data
or s#y on your acti&ities.
)very Windows computer should run a firewall at all times when it is connected to the *nternet.
;indows <@1 I81 and IJ did not co!e wit% a "irewall. K* and Vista do. Howe&er1 t%e K* and Vista
"irewalls %a&e s%ortco!ings.
(%e K* "irewalls 8t%ere are actually two &ersions9 do not sto# unaut%ori6ed outgoing data. (%is is
unacce#ta$le $ecause i" !alware so!e%ow got installed on your co!#uter1 it could send data out
-5-
wit%out you reali6ing it.
Vista0s $uilt-in "irewall can sto# unaut%ori6ed out$ound data $ut it does not do so $y de"ault. (%is %ow-to
article s%ows t%at ena$ling t%is critical "eature is not easy.
I" you run K* or older ;indows &ersions1 install a "ree "irewall and use it instead o" <icroso"tBs. I" you
run Vista1 eit%er download a "ree "irewall or take t%e ti!e to #ro#erly con"igure VistaBs.
Aood "ree "irewalls include ?one,lar!1 Co!odo Firewall1 :ygate *ersonal Firewall1 or Jetico *ersonal
Firewall. ?one,lar! is es#ecially easy to set u#1 since it is sel"-con"iguring. Find ot%er "ree "irewalls
along wit% a Duick co!#arati&e re&iew %ere. :ee t%e ,##endi2 "or !ore details a$out "irewalls.
Anti*irus ' +iruses are #rogra!s t%at are installed on your co!#uter wit%out your knowledge or
#er!ission. (%e da!age t%ey do ranges "ro! acting as a nuisance and wasting your co!#uter0s
resources1 all t%e way u# to destroying your data or ;indows itsel".
,nti"virus programs %el# identi"y and eli!inate &iruses t%at get into your co!#uter. Free anti-&irus
#rogra!s include ,VA ,nti-VirusB a&astL ,nti-Virus Ho!e @dition1 and *C (ools ,nti-Virus Free @dition.
I" you donBt already %a&e an anti-&irus scanner1 download and install one o" t%ese1 t%en run it regularly to
scan your disk "or any &iruses. ou can sc%edule t%e #rogra! to run auto!atically eit%er t%roug% its
own $uilt-in sc%eduling "acility or t%roug% t%e ;indows :c%eduler.
Aood anti-&irus #rogra!s like t%ese auto!atically scan data as it downloads into your co!#uter. (%is
includes e!ails you recei&e and any "iles you download.
Anti"alware -- In addition to &iruses1 t%ere are !any ot%er kinds o" #rogra!s t%at try to secretly install
t%e!sel&es on your co!#uter. Aenerically1 t%eyBre called malware. (%ey include3
-pyware It s#ies on your $e%a&ior and sends t%is data to a re!ote co!#uter
,dware It targets you "or ad&ertise!ents
.ro/ans (%ese sca! t%eir way into your co!#uter
0ootits (%ese take o&er administrator rights and can do anyt%ing to your *C
Dialers (%ese secretly use your co!!unication "acilities
1eyloggers (%ese record your keystrokes 8including #asswords9 and send t%is
data to a re!ote co!#uter
(otware !our co!#uter $eco!es a bot or 2ombie1 ready to carry out secret orders
:ince no one #rogra! identi"ies and re!o&es all kinds o" !alware1 you need a cou#le in addition to your
anti-&irus scanner. Free #rogra!s "or t%is #ur#ose include ,d-,ware Free1 :#y$ot :earc% and =estroy1
and a-:Duared Free ,nti-<alware. I reco!!end running two anti-!alware #rogra!s on a regularly-
sc%eduled $asis.
Anti+ootkit 0ootits are a #articularly &icious "or! o" !alware. (%ey take o&er t%e !aster or
,dministrator user rig%ts on your *C and t%ere"ore are &ery e""ecti&e at %iding t%e!sel&es.
<any o" t%e anti-!alware #rogra!s a$o&e #ro&ide so!e #rotection against rootkits. But so!eti!es a
s#eciali6ed detection #rogra! is use"ul. 4ootkit detectors o"ten reDuire tec%nical e2#ertise $ut I can
reco!!end :o#%os ,nti-4ootkit as easy-to-use. It reDuires ;indows K* or 2000 or newer.
-6-
)ntrusion Prevention ' *ntrusion detection programs alert you i" so!e outside #rogra! tries to secretly
enter ;indows $y re#lacing a #rogra! on your co!#uter. For e2a!#le1 an outside #rogra! !ig%t try to
re#lace #art o" ;indows or alter a #rogra! suc% as Internet @2#lorer.
Free intrusion detection #rogra!s include ;in*atrol1 :#ywareAuard1 (%reatFire Free @dition1 and
*rocessAuard Free. Install one o" t%e! and it will run constantly in t%e $ackground on your co!#uter1
detecting and #re&enting intrusions.
$%, -ee& Your Programs .&toDate/
,ll anti-!alware #rogra!s reDuire "reDuent u#dating. (%is ena$les t%e! to recogni6e new kinds o" !alware as
t%ey are de&elo#ed. (%e #rogra!s listed a$o&e auto!atically c%eck "or u#dates and download and install t%e!
as needed. 8@ac% %as a #anel w%ere you can &eri"y t%is "eature.9
ou !ust also kee# ;indows u#-to-date. In Vista1 t%e auto!atic "eature "or t%is #ur#ose is called ;indows
7#date. It is on $y de"ault. ou can !anage it t%roug% t%e %ontrol $anel 3 -ecurity 3 Windows 4pdate o#tion.
,s <icroso"t e2#lains1 t%ey %a&e $roadened Windows 4pdate into a "acility t%ey call 5icrosoft 4pdate. (%e
latter auto-u#dates a $roader range o" <icroso"t #roducts t%an does ;indows 7#date. For e2a!#le1 it u#dates
<icroso"t )""ice. ou can sign u# "or <icroso"t 7#date at t%e <icroso"t 7#date we$ site.
In K* and ;indows 20001 t%e auto-u#date "eature was usually re"erred to as ,uto!atic 7#dates. <anage it
t%roug% %ontrol $anel 3 ,utomatic 4pdates.
Figure & 'nsuring Automati! (pdates are enabled in )indows *+ ...
-7-
Beyond ;indows1 you !ust also kee# t%e !aFor a##lications on your co!#uter u#-to-date. @2a!#les are
,do$e0s Flas% *layer1 Fire"o21 and 4eal*layer. <ost de"ault to auto!atic u#dating. *t6s a good practice to
verify the auto"update setting right after you install any new program. (%en you ne&er need c%eck it again.
I" you don0t know w%et%er your syste! %as all t%e reDuired u#dates "or your #rogra!s1 run t%e "ree :ecunia
:o"tware Ins#ector. It detects and re#orts on out-o"-date #rogra!s and ensures all .$ug "i2es/ are a##lied.
I" you need to download so"tware u#dates "or !any #rogra!s1 (%e :o"tware *atc% allows you to download t%e!
all t%roug% one we$ site.
Figure , -!an for all programs re.uiring update at -e!unia.!om ...
$%' Test Your 1om&uter2s De!enses
ou can test %ow well your co!#uter resists #enetration atte!#ts $y running t%e "ree :%ields7#L #rogra!.
:%ields7#L tells you a$out any security "laws it "inds. It also dis#lays t%e syste! in"or!ation your co!#uter
gi&es out to e&ery we$ site you &isit. :ection E on .How to *rotect our *ri&acy ;%en 7sing t%e Internet/
addresses t%is #ri&acy concern.
(est w%et%er your co!#uter0s "irewall sto#s unaut%ori6ed outgoing data $y running t%e "ree #rogra! +eak(est.
-8-
Figure / Test your !omputer0s defenses with -hields(p1 ...
$%4 PeertoPeer Programs 1an 5e +isky
$eer"to"peer programs s%are !usic1 &ideos and so"tware. *o#ular e2a!#les include Bit(orrent1 <or#%eus1
5a6aa1 >a#ster1 and Anutella. *eer-to-#eer 8or $7$9 networking !akes it #ossi$le "or you to easily download
"iles "ro! any o" t%e t%ousands o" ot%er #ersonal co!#uters in t%e network.
(%e #ro$le! is t%at $y using #eer-to-#eer #rogra!s1 you agree to allow ot%ers to read "iles "ro! your co!#uter.
(e sure that only a single Folder on your computer is shared to the *nternet8 not your entire dis' (%en1 $e &ery
care"ul a$out w%at you #lace into t%at s%ared Folder.
:o!e #eer-to-#eer #rogra!s use t%e lure o" t%e "ree to i!#lant adware or s#yware on your co!#uter. )t%er
*2* syste!s engage in t%e"t $ecause t%ey .s%are/ "iles illegally.
(%e #o#ular *C *itsto# we$ site tested !aFor *2* #rogra!s "or $undled !alware in July 200J and %ere0s w%at
t%ey "ound '
P(P Program: Adware or S&yware )nstalled:
5a6aa Brilliant =igital1 Aator1 Joltid1 (o#:earc%
,res >a&@2cel (ool$ar
Bears%are ;%en7 :a&e>ow1 ;%en7 ;eat%er
<or#%eus *IB (ool$ar1 Hunt$ar (ool$ar1 >@) (ool$ar
I!es% @6ula1 Aator
:%area6a1 ;in<K1 @!ule1
+i!e;ire1 Bit(orrent1 Bit(ornade
>one
-9-
(%e *C (ools :o"tware we$ site tracks *2* in"ections %ere.
*f you decide to install any peer"to"peer program8 determine if the $7$ program comes with malware before you
install it.
ou greatly increase your #ersonal security $y not getting in&ol&ed in t%e illegal s%aring o" !usic1 &ideos1 and
so"tware. File sharing in violation of copyright is theft. (%e 4ecording Industry ,ssociation o" ,!erica %as
sued o&er 201000 #eo#le "or it as o" !id-2006.
$%7 Don2t 8et Another .ser 1om&romise Your 1om&uter
Aot kids in t%e %ouseC , teen or younger c%ild !ig%t &iolate t%e .sa"e sur"ing/ rules a$o&e and you wouldn0t
know itM. until you get $lindsided $y !alware t%e ne2t ti!e you use your co!#uter.
(%is article tells a$out a cou#le w%ose ta2 returns and $anking data ended u# on t%e we$ a"ter t%eir kids used
*2* networking so"tware t%e #arents didn0t e&en know was installed. , s#ouse or "riend could cause you t%e
sa!e grie".
I" you are not t%e sole user o" your co!#uter -- or i" you do not "eel co!#letely con"ident t%at your co!#uter is
secure -- consider w%at #ersonal in"or!ation you store. =o you really want to !anage your credit cards1 $ank
accounts or !utual "unds "ro! your *CC 9nly if you now it6s secure' 84ead t%e agree!ents "or online
"inancial ser&ices and you0ll see t%at you are res#onsi$le "or security $reac%es t%at co!#ro!ise your accounts.9
:o!e "a!ilies use two co!#uters3 one "or t%e kids and a secure one "or t%e adults. (%ey use t%e less secure
co!#uter "or ga!es and we$ sur"ing1 and care"ully restrict t%e use o" t%e !ore secure !ac%ine. (%is two-
co!#uter strategy is a##ealing $ecause today you can $uy a used co!#uter "or only a %undred dollars.
,n alternati&e is to s%are one co!#uter a!ong e&eryone $ut set u# se#arate user ids wit% di""erent access
rights 8e2#lained $elow9. @nsure t%at only a single user id %as t%e aut%ority to !ake c%anges to ;indows and
restrict its use.
Never use a public computer at a computer cafe or the library for online finances or other activities you must
eep secure.
$%0 .se Administrator +ights S&aringly
(o install #rogra!s or #er"or! security-sensiti&e acti&ities on a ;indows co!#uter reDuires administrator rights.
;%en you use ad!inistrator rig%ts1 any !alware #rogra! you accidentally or unknowingly run %as t%ese rig%ts --
and can do anyt%ing on your syste!.
In syste!s like ;indows K* and ;indows 20001 t%e $uilt-in ,dministrator user id in%erently %as ad!inistrator
rig%ts. ou can also create ot%er user ids to w%ic% you assign ad!inistrator rig%ts.
Woring full"time with a user id that has administrator rights maes you vulnerable' In contrast1 using an
account t%at does not %a&e ad!inistrator rig%ts gi&es you a great deal o" #rotection. :o create a new user id
wit%out ad!inistrator rig%ts and use it. (%en use t%e ,dministrator id only w%en necessary.
;indows Vista introduces a new "eature called user account control t%at %el#s you a&oid using ad!inistrator
rig%ts e2ce#t w%en reDuired. (%is "eature #ro!#ts you to enter a #assword w%en you want to #er"or! any
action t%at reDuires ad!inistrator rig%ts. ;%ile entering #asswords !ay see! like a %assle1 7,C is a $ig ste#
towards a !ore secure ;indows. Here is <icroso"t0s introductory guide on t%is "eature.
-10-
@arly ;indows &ersions ' <@1 I81 and IJ ' don0t %a&e a syste! o" access rig%ts. ;%ate&er user id you use %as
t%e ad!inistrator #owers. (o kee# t%ese syste!s secure1 all you can do is "ollow t%e ot%er reco!!endations in
t%is guide &ery care"ully.
$%3 .se Strong Passwords
*asswords are t%e "ront door into your co!#uter ' and any online accounts you %a&e on t%e we$. ou need to3
Create strong #asswords
C%ange t%e! regularly
7se di""erent #asswords "or di""erent accounts
:trong #asswords are rando! !i2es o" letters1 nu!$ers1 and #unctuation 8i" allowed9 t%at contain eig%t or !ore
c%aracters3
,l$D*N1OIE1 ##E0-<owI1 **wIaE!c8P
;eak #asswords are co!#osed o" #ersonal na!es or words you can "ind in t%e dictionary3
*olly281 Bigdog1 al#%a%ouse1 wisewo!an21 *%oe$eJane
I" kee#ing track o" di""erent #asswords "or !any di""erent accounts strikes you as i!#ractical 8or dri&es you nutsL9
you !ig%t try a .#assword !anage!ent/ tool "ro! any o" t%e do6en "ree #roducts listed %ere.
*f you set up a home wireless networ8 be sure to assign the router a password'
$%6 Always 5ack .& Your Data
)ne day you turn on your co!#uter and it won0t start. ikesL ;%at nowC
I" you $acked u# your data1 you won0t lose it no !atter w%at t%e #ro$le! is. (acing up data is simple. For
e2a!#le1 kee# all your ;ord docu!ents in a single Folder1 t%en write t%at Folder to a #lug-in 7:B !e!ory stick
a"ter you u#date t%e docu!ents. )r1 write out all your data Folders once a week to a writea$le C=.
For t%e "ew !inutes it takes to !ake a $acku#1 you0ll insure your data against a syste! !eltdown. (%is also
#rotects you i" !alware corru#ts or destroys w%at0s on your disk dri&e.
I" you didn0t $ack u# your data and you %a&e a syste! #ro$le!1 you can still reco&er your data as long as t%e
disk dri&e still works and t%e data "iles are not corru#ted. ou could1 "or e2a!#le1 take t%e disk dri&e out o" t%e
co!#uter and #lace it into anot%er ;indows !ac%ine as its second dri&e. (%en read your data -- and bac it up'
I" t%e #ro$le! is t%at ;indows won0t start u#1 t%e we$ o""ers tons o" ad&ice on %ow to "i2 and start ;indows 8see
t%e ,##endi29. ,not%er o#tion is to start t%e !ac%ine using a +inu2 o#erating syste! C= and use +inu2 to read
and sa&e data "ro! your ;indows disk.
I" t%e #ro$le! is t%at t%e disk dri&e itsel" "ails1 youBll need your data $acku#. I" you didnBt !ake one1 your only
o#tion is to re!o&e t%e dri&e and send it to a ser&ice t%at uses "orensics to reco&er data. (%is is e2#ensi&e and
!ay or !ay not $e a$le to restore your data. Learn the lesson from this guide rather than from experience #
bac up your data'
-11-
$%$9 :ncry&t Your Data
)ven if you have loced your Windows system with a good password8 anyone with physical access to your
computer can still read the data'
)ne easy way to do t%is is si!#ly to $oot u# t%e +inu2 o#erating syste! using a C=1 t%en read t%e ;indows "iles
wit% +inu2. (%is circu!&ents t%e ;indows #assword t%at ot%erwise #rotects t%e "iles.
<odern &ersions o" ;indows like Vista and K* include built"in encryption. 4ig%t-click on eit%er a Folder or File
to see its $roperties% (%e *ro#erties0 ,dvanced $utton allows you to s#eci"y t%at all t%e "iles in t%e Folder or t%e
single File will $e auto!atically encry#ted and decry#ted "or you. (%is #rotects t%at data "ro! $eing read e&en i"
so!eone circu!&ents your ;indows #assword. It is su""icient #rotection "or !ost situations.
,lternati&ely1 you !ig%t install "ree encry#tion so"tware like (rueCry#t1 BestCry#t or !any ot%ers.
*f you encrypt your data8 be sure you will always be able to decrypt it' I" t%e encry#tion is $ased on a key you
enter1 you !ust re!e!$er t%e key. I" t%e encry#tion is $ased on an encryption certificate1 $e sure to $ack u# or
.e2#ort/ t%e certi"icates1 as descri$ed %ere. ou !ig%t wis% to kee# unencry#ted $acku#s o" your data on C= or
7:B !e!ory stick.
Laptop and noteboo computers are most at ris to physical access by an outsider because they are most
fre:uently lost or stolen "" eep all data files your portable computer encrypted.
$%$$ +educe 5rowser *ulnerabilities
,s t%e #rogra! you run to access t%e Internet1 your web browser is eit%er your "irst line o" de"ense or a key
&ulnera$ility in #rotecting your co!#uter "ro! Internet !alware.
Will Your 5rowser +un Anybodys Program; - Fro! a security stand#oint1 t%e worldwide we$ %as a
$asic design "law ' many web sites expect to be able to run any program they want on your personal
computer. You are e2#ected to acce#t t%e risk o" running t%eir codeL (%e risk ste!s "ro! $ot%
accidental #rogra! de"ects and #ur#ose"ully !alicious code.
:o!e we$ sites reDuire t%at you allow t%eir #rogra!s to run t%eir code to get "ull &alue "ro! t%e we$ site.
)t%ers do not. ou can "ind w%et%er t%e we$ sites you &isit reDuire #rogra!!a$ility si!#ly $y turning it
o"" and &isiting t%e site to see i" it still works #ro#erly.
Here are t%e keywords to look "or in we$ $rowsers to turn o"" t%eir #rogra!!a$ility --
,ctive;
,ctive -cripting 8or -cripting9
.N). components 8or .N). Framewor components9
<ava 8or <ava +59
<ava-cript
(urn o"" t%e #rogra!!a$ility o" your $rowser $y un-c%ecking t%ose keywords at t%ese !enu o#tions --
5rowser: How to Set Programmability:
Internet @2#lorer (ools Q Internet )#tions Q :ecurity Q Internet Custo! +e&el
Fire"o2 8&ersion 2R9 (ools Q )#tions Q Content
)#era (ools Q *re"erences Q ,d&anced Q Content
5-<eleon @dit Q ,d&anced *re"erences Q Ja&a:cri#t
:ea<onkey @dit Q *re"erences Q ,d&anced 8Ja&a9 Q :cri#ts and *lugins 8Ja&a:cri#t9
-12-

)nternet :<&lorer *ulnerabilities -- (%e Internet @2#lorer $rowser %as %istorically $een &ulnera$le to
!alware. Free #rogra!s like :#ywareBlaster1 :#ywareAuard1 HiFack(%is1 BH)=e!on1 and ot%ers %el#
#re&ent and "i2 t%ese #ro$le!s.
(racking Internet @2#lorer0s &ulnera$ilities is ti!e-consu!ing $ecause cri!inals continually de&ise new
.I@ attacks./ *f you use *nternet )xplorer8 be sure you6re using the latest version and that Windows6
automatic update feature is enabled so that downloads will :uicly fix any newly"discovered bug.
Internet @2#lorer %as traditionally $een insecure !easured against co!#eting $rowsers. :o!e "eel t%at
I@ &ersions O and 8 correct t%ese #ro$le!s1 or t%at VistaBs new way o" inter"acing wit% I@ resol&es t%e!.
)t%ers disagree. I" you wis% to use so!e ot%er $rowser t%e a$o&e c%art lists "ree alternati&es..
$%$( Wireless +isks
Wireless communication allows you to use t%e Internet "ro! your co!#uter wit%out connecting it to a !ode! $y
a wire or ca$le. :o!eti!es called Wi"Fi1 wireless tec%nology is &ery con&enient $ecause you can use your
la#to# "ro! anyw%ere t%ere is a in&isi$le Internet connection or hotspot. For e2a!#le1 you could use your
la#to# and t%e Internet "ro! a ca"e1 %otel1 restaurant1 or li$rary %ots#ot.
But wireless #resents security concerns. 5ost public hotspots are un"secured. ,ll your wireless trans!issions
at t%e %ots#ot are sent in unencry#ted Sclear te2tS 8e2ce#t "or in"or!ation on we$ #ages w%ose addresses $egin
wit% htt&s9. :o!eone wit% a co!#uter and t%e rig%t so"tware could scan and read w%at #asses $etween your
co!#uter and t%e Internet.
Don&t use public hotspots for *nternet communications you need to eep secure =lie your online baning>.
<any #eo#le set u# a wireless %o!e network. ou create your own local %ots#ot so t%at you can use your
la#to# anyw%ere in t%e %ouse wit%out a #%ysical connection.
Ho!e routers are insecure $y de"ault. !ou must apply security to them. )t%erwise you !ig%t inad&ertently
create a #u$lic %ots#otL Freeloaders on your %o!e network could reduce t%e Internet #er"or!ance youBre
#aying "or. ,cti&ities like illegal song downloads would likely $e traced to you1 not to t%e guilty #arty youB&e
unknowingly allowed to use your network.
First1 $e sure t%e wireless eDui#!ent you use su##orts eit%er t%e 802.11 A or 802.11 > standards. (%ese
secure wireless trans!issions t%roug% W$, =Wi"Fi $rotected ,ccess> or W$,7 encry#tion.
Do not base a wireless home networ on e:uipment that only supports the older ?@7.AA , or ?@7.AA (
standards. (%ese use an encry#tion tec%nology1 called W)$ =Wired ):uivalent $rivacy>8 t%at is not secure.
;%en you set u# your wireless %o!e network --
,ssign your syste! a uniDue na!e 8donBt use t%e de"ault na!e9
(ell t%e router not to $roadcast t%at na!e
,ssign a toug% new #assword to t%e router 8donBt use t%e de"ault #asswordL9
(urn on t%e strongest encry#tion t%e router su##orts
4estrict access to co!#uters you s#eci"y t%roug% t%e "eature called 5,% address filtering
(urn o"" t%e router and !ode! w%en youBre not using t%e!
@2#ert ad&ice &aries on %ow to $est secure wireless networks1 so see t%e ,##endi2 "or !ore detail.
-13-
Figure 2 A!!ess your router by typing its address into your browser. 3%ere 4 entered http56617&.189.1.1:.
"ost routers ha;e tabbed panels that allow you to update key se!urity parameters. %ere 40;e restri!ted
a!!ess to the modem to !omputers 4 spe!ify by turning on the <)ireless "AC Filter= ...
$%$, +e&lace "icroso!t Products;
(alk to t%ose w%o su##ort co!#uters "or a li&ing and youBll "ind t%at !any consider two <icroso"t #roducts --
Internet @2#lorer and )utlook ' !alware !agnets. )ne solution is to use "ree alternati&es3
Product: Alternatives: See !or 1om&arisons: :<&lanation:
Internet @2#lorer Fire"o21 )#era1
ot%ers
:ection 1.111 %ere and %ere I@Bs #oor security re#utation is one reason
1JT o" ;indows users now use Fire"o2
)utlook1 )utlook
@2#ress
(%under$ird1
A!ail1 a%oo !ail
Here1 %ere1 %ere1 and %ere ,&oid #ossi$le )utlook security issues $y
using ot%er e!ail clients or we$ !ail
)""ice )#en)""ice :ection 2.O1 2.81 %ere1
%ere1 %ere and %ere
:ecurity is "ine wit% )""ice $ut #ri&acy is
lacking
;indows +inu2 Here1 %ere1 and %ere )#inions di""er greatly on %ow easy it is to
switc% syste!s and w%ic% is $etter
(%is guide "ocuses on ;indows and <icroso"t #roducts so we donBt !uc% discuss alternati&es. (%e to#ic "alls
outside t%e sco#e o" t%is #a#er. Follow t%e links a$o&e i" you want co!#arati&e #roduct re&iews.
-14-
Figure 8 >ou !an download free alternati;es to "i!rosoft produ!ts at "o?illa.org ...
(% How Windows Tracks Your 5ehavior = and How to Sto& )t
,re you aware t%at ;indows tracks your $e%a&iorC It records all t%e we$ sites you e&er &isit1 kee#s track o" all
t%e docu!ents you0&e worked on recently1 e!$eds #ersonal in"or!ation into e&ery docu!ent you create1 and
kee#s )utlook e!ail e&en i" you tell )utlook to delete it. .hese are /ust a few examples of many.
(%is section "irst tells %ow to securely delete your "iles1 "olders1 and e!ail so t%at no one can e&er retrie&e t%e!.
(%en it descri$es t%e !any ways in w%ic% ;indows tracks your $e%a&ior. In so!e cases you can turn o"" t%is
tracking. In !ost1 your only o#tion is to eli!inate t%e tracking in"or!ation a"ter it %as $een collected.
(%$ How to Securely Delete Data
+et0s start wit% %ow to #er!anently delete data "ro! your co!#uter.
How to Securely Delete Files ;%en you delete a "ile in ;indows1 ;indows only re!o&es t%e
re"erence it uses to locate t%at "ile on disk. )ven after you empty the 0ecycle (in8 the file still resides
on the dis. It re!ains on t%e disk until so!e rando! ti!e in t%e "uture w%en ;indows re-uses t%is
.unused/ disk s#ace.
(%is !eans t%at so!eone !ig%t $e a$le to read so!e o" your .deleted/ "iles. 8ou can use "ree
#rogra!s like 7ndeleteR and Free 7ndelete to reco&er deleted "iles t%at are still on your disk.9
-15-
(o securely delete "iles1 you need to o&er-write t%e! wit% 6eroes or rando! data. Free #rogra!s t%at do
t%is include @raser1 BC;i#e1 and !any ot%ers. ,"ter installing @raser or BC;i#e1 you %ig%lig%t a File or
Folder1 rig%t-click t%e !ouse1 t%en select Delete with Wiping or )rase "ro! t%e dro#-down !enu. (%is
o&er-writes or securely deletes t%e data and so t%at it can ne&er $e read again.
*rogra!s like @raser and BC;i#e also o""er an o#tion to o&er-write .all unused s#ace/ on a disk. (%is
securely deletes any "iles you #re&iously deleted using ;indows =elete.
Figure @ -e!ure file deletion programs allow you to obliterate a file by right-!li!king on the file name
then sele!ting the se!ure-deletion program from the resulting pop-up menu ..%
How to Securely Delete :mail and Address 5ooks = )ven after you delete your 9utloo or 9utloo
)xpress emails and empty the email Waste (aset8 files containing your emails remain to be read by
someone later. ;%at i" you want to #er!anently delete all your e!ails so no one could e&er read t%e!C
;%et%er t%is is #ossi$le de#ends on w%et%er your co!#uter is stand-alone or #art o" an organi6ational
network.
In an organi6ational setting1 e!ails !ay $e stored on central ser&ers in addition to -- or instead o" -- your
#ersonal co!#uter. 5any organi2ations store all the emails you ever send or receive on their servers
so that you can never delete them. Here is a good discussion a$out w%et%er you can really delete old
e!ails in organi6ational settings.
I" you %a&e a stand-alone *C1 e!ails are stored on your co!#uter0s %ard disk. (o securely erase e!ails
residing on your co!#uter1 locate t%e )utlook or )utlook @2#ress "iles t%at contain your e!ails. (%en
use a secure-erase tool like @raser or BC;i#e to #er!anently destroy t%e!. ou can do t%e sa!e wit%
your ;indows address $ook.
(%e "iles you need to securely erase !ay $e !arked as hidden files wit%in ;indows. (o work wit%
-16-
%idden "iles1 you "irst need to !ake t%e! &isi$le. C%eck!ark -how Bidden Files and Folders under
-tart 3 -ettings 3 %ontrol $anel 3 Folder 9ptions 3 +iew.
>ow1 searc% "or "ile na!es %a&ing t%ese extensions 8ending c%aracters9 $y using ;indows0 -earch or
Find "acility --
.#st )utlook e!ails1 contacts1 a##oint!ents1 tasks1 notes1 and Fournal entries
.d$2 or .!$2 )utlook @2#ress e!ails
.wa$ ;indows address $ook "ile
Note that 9utloo stores much other information in the same file along with your obsolete emails. ou
can eit%er erase all t%at data along wit% your e!ails $y securely deleting t%e "ile1 or1 "ollow t%is #rocedure
to securely delete t%e e!ail w%ile retaining t%e ot%er in"or!ation.
For )utlook @2#ress e!ails and ;indows address $ooks1 Fust securely delete t%e "iles wit% t%e gi&en
e2tensions and you0re done.
How to Securely Delete All Personal Data on Your 1om&uter ' How can you securely delete all your
#ersonal in"or!ation on an old co!#uter $e"ore gi&ing it away or dis#osing o" itC .his is difficult to
achieve if you wish to preserve Windows and its installed programs. It takes a lot o" ti!e and t%ere is
no single tool t%at #er"or!s t%is "unction.
(%e easiest solution is to o&erwrite t%e entire %ard disk. (%is destroys all your #ersonal in"or!ation1
w%ere&er ;indows %ides it. 7n"ortunately it also destroys ;indows itsel" and all its installed #rogra!s.
(e sure to copy whatever data you want to eep to another computer or storage medium first'
:e&eral "ree #rogra!s securely o&erwrite your entire disk1 suc% as =arik0s Boot and >uke. (%e only
#ossi$le way to reco&er data a"ter running suc% #rogra!s is e2#ensi&e #%ysical analysis o" t%e disk
!edia1 w%ic% !ay not $e success"ul. )&er-writing a disk is secure deletion "or nor!al co!#uter use.
(%( The +egistry 1ontains Personal Data
;indows kee#s a central data$ase o" in"or!ation crucial to its o#erations called t%e 0egistry. )ur interest in
t%e 4egistry is t%at it stores your #ersonal in"or!ation. @2a!#les include t%e in"or!ation you enter w%en you
register ;indows and )""ice #roducts like ;ord and @2cel1 lists o" we$ sites you %a&e &isited1 login #ro"iles
reDuired "or using &arious a##lications1 and !uc% !ore.
7#co!ing sections discuss your #ersonal in"or!ation in t%e 4egistry %ow you can re!o&e it. For now1 let0s Fust
introduce a "ew use"ul 4egistry "acts --
(%e 4egistry is a large1 co!#licated data$ase 8a$out w%ic% you can "ind tons o" !aterial on t%e
we$9.
(%e 4egistry consists o" t%ousands o" indi&idual entries. @ac% entry consists o" two #arts1 a ey
and a value. @ac% &alue is t%e setting "or its associated key.
(%e 4egistry organi6es t%e entries into %ierarc%ies.
(%is guide tells %ow to c%ange or re!o&e your #ersonal in"or!ation in t%e 4egistry $y running "ree
#rogra!s1 $ut it doesn0t co&er %ow to edit t%e 4egistry yoursel" ' a tec%nical to#ic $eyond t%e sco#e
o" t%is #a#er.
5aing a mistae while editing the 0egistry could damage Windows8 so you should only edit it if you
feel well :ualified to do so. ,lways mae a bacup before editing the 0egistry.
-17-
(%, Windows Tracks All the Web Sites You2ve :ver *isited
;indows kee#s a list o" all t%e we$ sites you0&e e&er &isited. ou can tell Internet @2#lorer to eli!inate t%is list
t%roug% t%e I@ selection .ools 3 *nternet 9ptions 3 %lear Bistory. (ut Windows still retains it'
(o &iew t%e we$ site %istory ;indows retains1 download and run a "ree #rogra! like Inde2 =at :#y.
Figure 9 -- 4ndeA Dat -py lists all the web sites you0;e e;er ;isited...
;indows records your we$ sur"ing %istory in a "ile na!ed inde<%dat% 8(%ere are actually se&eral inde<%dat "iles
on your co!#uter M I0ll descri$e w%at t%e ot%ers track later.9
(%e inde<%dat "iles are s#ecial ' you can not delete t%e! or ;indows will not start. :ince ;indows #re&ents
you "ro! c%anging or deleting t%ese "iles1 you need to run a "ree #rogra! to erase your we$ site %istory.
I" you use Internet @2#lorer and %a&e t%e de"ault ,uto"%omplete "eature turned on1 your we$ sur"ing %istory is
also ke#t in a second location -- in t%e ;indows 4egistry. 8ou0ll see we$ sites you0&e &isited listed under t%e
4egistry key .yped40Ls.9
I" you turn o"" ,uto-Co!#lete1 Internet @2#lorer no longer sa&es your we$ %istory in t%e 4egistry. (o turn o""
,uto-co!#lete1 go into Internet @2#lorer1 t%en select .ools 3 *nternet 9ptions 3 %ontent 3 ,uto%omplete and
un-c%eck t%e $o2 "or auto-co!#lete o" Web addresses.
(urning o"" ,uto-Co!#lete does not sto# ;indows "ro! tracking your we$ site %istory in its inde<%dat "iles.
-18-
:e&eral "ree #rogra!s securely erase your we$ site %istory "ro! $ot% t%e 4egistry and t%e inde<%dat "iles.
,!ong t%e! are CCleaner1 Free Internet ;indows ;as%er1 Clean7#L1 and :cru$K*1 (%e s%areware #rogra!s
*urgeI@ and *urgeFo2 are also #o#ular. I0&e "ound CCleaner to $e $ot% t%oroug% and easy-to-use.
Figure 7 CCleaner prote!ts your pri;a!y by erasing web history logs !ookies temporary files et!...
(%' Windows 8eaves Your Personal )n!ormation in its Tem&orary Files
;indows1 we$ $rowsers1 and ot%er #rogra!s lea&e a ton o" temporary files on your co!#uter. :o!e %old we$
#ages you0&e recently &iewed1 so t%at i" you go $ack to t%at we$ #age1 you0ll $e a$le to &iew it Duickly "ro! disk
instead o" downloading it again "ro! t%e we$. )t%er "iles are used $y ;indows and its a##lications as
te!#orary work areas. :till ot%ers are used to log #rogra! actions or store de$ugging in"or!ation.
(%ese te!#orary "iles so!eti!es contain #ersonal in"or!ation. For e2a!#le1 web page caches contain co#ies
o" we$ "or!s into w%ic% you0&e entered #asswords or your credit card nu!$er. ou !ay not wis% to disclose
t%e we$ #ages1 &ideos1 i!ages1 audio "iles1 and downloaded #rogra!s you0&e &iewed lately.
(%e trou$le is t%at t%ese te!#orary "iles are not erased a"ter use. :o!e re!ain until t%e syste! needs t%at
disk s#ace "or anot%er #ur#ose. )t%ers %ang around "ore&er1 unless you know to clean t%e!.
-19-
(%e "ree #rogra!s a$o&e t%at erase your we$ %istory also erase t%ese te!#orary "iles and cac%e areas.
CCleaner does a good Fo$. Find !ore "ree #rogra!s %ere and a re&iew o" t%e $est co!!ercial #rogra!s %ere.
(%4 Your >"ost +ecently .sed? 8ists Show What You2re Working #n
;indows tracks t%e docu!ents youB&e recently worked wit% t%roug% its 5ost 0ecently 4sed or 504 lists.
<47 lists are ke#t $y <icroso"t )""ice #roducts like ;ord and @2cel1 as well as a##lications "ro! ot%er &endors.
;indow0s -tart 3 Documents list also s%ows docu!ents you %a&e recently worked wit%.
*roducts kee# <47 lists "or your con&enience. (%ey %el# you recall and Duickly o#en docu!ents you0re
currently working on.
(%ese lists also o""er t%e #er"ect tracking tool "or anyone w%o wants to "ind out w%at you0&e $een doing on your
co!#uter. (%ey #ro&ide a ready-!ade $e%a&ioral #ro"ile. ;indows and its a##lications kee# !any !ore <47
ite!s t%an you !ig%t e2#ect ' t%ousands o" t%e!1 i" you %a&e ne&er cleared t%e lists.
Free #rogra! <47 Blaster cleans out t%ese lists. )t%er "ree #rogra!s like ,d-,ware Free1 CCleaner1 and
Free Internet ;indows ;as%er erase !any o" t%e lists.
4un an <47 cleaner w%ene&er you like. 4e!e!$er t%at a"ter you clean t%e lists1 t%e .Duick #icks/ o" your
recent docu!ents will not a##ear in ;ord1 @2cel1 or ot%er #roducts.
(%7 Product +egistration )n!ormation "ay 5e Hard to 1hange
;%en you register ;indows1 <icroso"t )""ice1 or ot%er #roducts1 t%at in"or!ation is stored in t%e ;indows
4egistry. It can $e read "ro! t%ere $y any #rogra! or #erson w%o reads t%e 4egistry.
4egistering a so"tware #roduct s%ows your legal owners%i# o" t%e #roduct and !ay $e reDuired to recei&e
#roduct su##ort and u#dates. Howe&er1 c%anging or eli!inating t%e #ersonal registration in"or!ation later !ig%t
$e di""icult. :o!e #roducts %a&e an 9ptions or 4ser *nformation #anel in t%e #rogra! w%ere you can easily
c%ange t%e #roduct registration. But !ost reDuire you to eit%er directly edit t%e ;indows 4egistry or e&en de-
install t%e #roduct to c%ange or re!o&e t%e #ersonal registration data.
Consider care"ully w%at you enter into any #roduct0s registration #anel w%en installing it. ou !ay not $e a$le to
c%ange it later. I" you know you won0t need &endor su##ort or u#dates and t%e #roduct license #er!its it1 you
could enter $lank registration in"or!ation.
(%0 File >Pro&erties? :<&ose Personal Data
4ig%t-click on any <icroso"t ;ord1 @2cel1 or *ower#oint "ile1 and select $roperties "ro! t%e #o#-u# !enu. ou0ll
see a ta$$ed set o" #anels t%at kee# in"or!ation a$out t%e "ile. 8For so!e &ersions o" <icroso"t )""ice1 you need
to click t%e ,dvanced $utton to e2#ose all t%e in"or!ation.9 ou0ll see t%at <icroso"t )""ice sa&es in"or!ation
a$out t%e "ile suc% as:
;%o created it
(%e co!#any at w%ic% it was created
(%e na!e o" t%e co!#uter on w%ic% it was created
, list o" all w%o %a&e edited it
;%en it was created and w%en it was last sa&ed
(%e nu!$er o" ti!es it %as $een edited
-20-
(otal editing ti!e
Co!!ents
, %idden re&ision log
4ecent links used in t%e "ile
Various statistics a$out t%e si6e o" t%e "ile1 t%e word count1 etc
(%e in"or!ation &aries according to t%e ty#e o" "ile you &iew 8;ord1 @2cel1 or *ower#oint9 and t%e &ersion o"
<icroso"t )""ice t%at was used to create and edit t%e "ile. !ou can6t see everything 9ffice saves in the
$roperties panel # some of it remains hidden from your view.
Figure 1B %ere is some of the information eAposed by )ord0s <File +roperties= ...
ou can c%ange so!e o" t%e $roperties in"or!ation $y rig%t-clicking on t%e "ile na!e1 t%en editing it. )r alter it
w%ile editing t%e docu!ent $y selecting )dit 3 $roperties.
)t%er data is collected "or you w%et%er you want it or not1 and you can not c%ange it.
:%ould you careC It de#ends on w%et%er it !atters i" anyone sees t%is in"or!ation. In !ost cases it doesn0t.
But so!eti!es t%is data is #ri&ate and its e2#osure !atters.
Just ask "or!er 7.5. *ri!e <inister (ony Blair. He took Britain to war against IraD in 200E $ased on t%e
contents o" w%at %e #resented as %is go&ern!ent0s aut%oritati&e *ra: Dossier. But t%is ;ord "ile0s #ro#erties
e2#osed t%e %ig%-#owered dossier as t%e work o" an ,!erican graduate student1 not a tea! o" Britis%
-21-
go&ern!ent e2#erts. , #olitical "irestor! ensued.
<icroso"t o""ers !anual #rocedures %ere and %ere t%at !ini!i6e )""ice "iles0 %idden in"or!ation. But t%ese are
too cu!$erso!e to $e use"ul. <icroso"t e&entually de&elo#ed a "ree tool to cleanse )""ice docu!ents created
wit% )""ice 2002 :*2 or later. But restrictions li!it its &alue.
(%e "ree tool =oc :cru$$er is an alternati&e "or cleansing t%e $roperties metadata "ro! ;ord "iles.
;%ic%e&er tool you use1 you !ust run it as your last action $e"ore you distri$ute your "inis%ed )""ice docu!ent.
%leansing 5icrosoft 9ffice files is inconvenient and it6s difficult to remember to do it. .hose who re:uire clean
office documents are advised to use the free office suite that competes with 9ffice8 called 9pen9ffice.org.
(%e )#en)""ice suite does not reDuire #ersonally-identi"ying 4egistration in"or!ation and it gi&es you control
o&er t%e $roperties in"or!ation. It reads and writes <icroso"t )""ice "ile "or!ats. 8I edited t%is docu!ent
interc%angea$ly wit% )#en)""ice and se&eral di""erent &ersions o" <icroso"t ;ord1 t%en created t%e "inal *=F "ile
using )#en)""ice.9 4ead re&iews o" )#en)""ice %ere1 %ere1 %ere and %ere.
(%3 "icroso!t :mbeds Secret )denti!iers in Your Documents
;indows1 ;indows <edia *layer1 Internet @2#lorer1 and ot%er <icroso"t a##lications contain a nu!$er t%at
identi"ies t%e so"tware called t%e Clobally 4ni:ue *dentifier or C4*D.
5icrosoft 9ffice embeds the C4*D in every document you create.
(%e A7I= could $e used to trace t%e docu!ents you create $ack to your co!#uter and co#y o" <icroso"t )""ice.
It could e&en t%eoretically $e used to identi"y you w%en you sur" t%e we$.
(%e "ree #rogra! I=-Blaster *lus can rando!i6e 8c%ange9 t%e A7I=s e!$edded in ;indows1 Internet @2#lorer1
and ;indows <edia #layer. (%e "ree #rogra! =oc :cru$$er erases A7I=s contained in a single ;ord
docu!ent or all t%e ;ord docu!ents in a Folder.
Figure 11 Do! -!rubber erases both personal <File +roperties= data and $(4Ds from )ord files --
-22-
I" you0re concerned a$out secret identi"iers e!$edded in your )""ice docu!ents1 use t%e )#en)""ice suite
instead. (%is co!#ati$le alternati&e to <icroso"t )""ice doesn0t e!$ed A7I=s in your docu!ents nor does it
reDuire #ersonal registration and $roperties in"or!ation.
(%6 Windows Secretly 1ontacts "icroso!t
;indows &ersions "ro! K* on run <icroso"t so"tware co!#onents called ;indows *roduct ,cti&ation1 ;indows
Aenuine ,d&antage1 and )""ice Aenuine ,d&antage. (%e details o" %ow t%ese #rogra!s o#erate %a&e c%anged
o&er ti!e1 $ut t%eir co!!on ele!ent is t%at all S#%one %o!eS -- t%ey silently contact re!ote <icroso"t ser&ers '
to #eriodically c%eck t%at your co#y o" <icroso"t so"tware is licensed. I" t%e so"tware "ails t%e c%eck1 #enalties
"ollow. (%ese range "ro! annoying !essages1 to reduced "unctionality1 or e&en t%e ina$ility to start ;indows on
your co!#uter.
Concerns a$out t%is include3
False #ositi&es so!eti!es occur or <icroso"tBs ser&ers are down and canBt #er"or! t%e c%eck
8legal so"tware is inaccurately "lagged as illegal and you #ay t%e #rice 9
*ri&acy &iolation $y t%e in"or!ation sent to <icroso"t
8w%ic% uniDuely identi"ies your co!#uter and w%en you are using it9
S*%oning %o!eS raises security concerns
;%y does t%e so"tware #eriodically send in"or!ation a$out you to <icroso"t w%en only one license
c%eck would su""iceC :o!e consider t%is so"tware s#yware. 8Vista includes se&eral ot%er new
co!#onents t%at gat%er data or send it to <icroso"t.9
I" Aenuine ,d&antage concerns you1 t%e article links in t%is section tell you e&eryt%ing you need to know.
Aoogle .disa$le ;A,/ and youBll "ind !any !ore %ow-toBs on t%is to#ic. ou can install "ree tools like
4e!o&e;A, or 2#y to disa$le ;indowsB S#%one %o!eS "unction.
.he article 7@D Windows +ista Features and -ervices Barvest 4ser Data for 5icrosoft argues that 5icrosoft is
evolving Windows into a collection vehicle for data on your use of your system.
(%$9 1hart o! "icroso!t@s Tracking Technologies
I0&e discussed t%e !aFor areas in w%ic% ;indows and ot%er <icroso"t #roducts track your co!#uter use. In
!ost cases you can not turn o"" t%is tracking. But t%e "ree #rogra!s I0&e descri$ed will delete t%e tracking
in"or!ation.
(%e c%art $elow su!!ari6es w%ere and %ow ;indows and ot%er <icroso"t #roducts track your $e%a&ior. :o!e
ite!s a##ly only to s#eci"ic so"tware &ersions.
, few functions report your behavior bac to 5icrosoft. @2a!#les include w%en ;indows <edia *layer sent
your #ersonal audio and &ideo #lay lists to <icroso"t and t%e co!#anyBs atte!#ts to use t%e Internet to re!otely
cri##le ;indows installs it considers illegal.
Where Windows Tracks Your 5ehavior
,##lication +ogs 4ecords on %ow o"ten you run &arious #rogra!s
Cli#$oard =ata =ata you0&e co#iedU#asted is in t%is !e!ory area
Co!!on =ialog History +ists ;indows .dialogs/ wit% w%ic% you0&e interacted
@!#ty =irectory @ntries File #ointers unused $y ;indows $ut still usa$le $y t%ose wit% s#ecial so"tware
@rror 4e#orting :er&ices 4e#orts ;indows or <icroso"t )""ice errors $ack to <icroso"t
File :lack :#ace .7nused/ #arts o" "ile clusters on disk t%at !ay contain old data
File *ro#erties )""ice docu!ent $roperties contain your #ersonal editing in"or!ation and !ore
-23-
FindU:earc% History +ists all your Find or :earc% Dueries 8used $y ;indows auto-co!#lete9
A7I=s @!$edded secret codes t%at link )""ice docu!ents $ack to your co!#uter
Hot"i2 7nistallers (e!#orary "iles le"t "or un-doing ;indows u#dates
II: +og "iles +ogged actions "or <icroso"t0s II: we$ ser&er
Inde2.dat Files :ecret "iles t%at list all we$ sites you &isit and ot%er data
In"ection re#orting <icroso"tBs <alicious :o"tware 4e!o&al (ool re#orts in"ections to <icroso"t
+ast user login (racks t%e last user login to ;indows
<icroso"t )""ice History <47 lists "or )""ice #roducts like ;ord1 @2cel1 *ower#oint1 ,ccess1 and *%oto @ditor
)""ice Aenuine ,d&antage )""ice #%ones %o!e to <icroso"t ser&ers "or license c%ecks
)#enU:a&e History +ist o" docu!ents or "iles "or t%ese actions
4ecently )#ened =oc. +ist <47 list accessi$le o"" -tart 3 Documents
4ecycle Bin =eleted "iles re!ain accessi$le %ere
4egistration o" <: )""ice 4egistration in"or!ation is ke#t in t%e #roduct )#tions1 :#las% #anels1 and 4egistry
4egistration "or ;indows 4egistration in"or!ation is ke#t in t%e 4egistry
4egistry Backu#s 4egistry $acku#s !ay contain #ersonal data you !ay %a&e edited out o" t%e 4egistry
4egistry Frag!ent Files =eleted or o$solete data in t%e 4egistry t%at re!ains t%ere
4egistry :trea!s History o" @2#lorer settings
4e!ote Hel# ,llows re!ote access to your co!#uter "or Hel#
4un History +ists all #rogra!s you %a&e run t%roug% ;indows 4un $o2
:can =isk Files Files out#ut "ro! :C,>=I:5 8!ay contain &alid data in V.c%k "iles9
:tart-<enu Click History =ates and (i!es o" all !ouse clicks you !ake "or t%e -tart 5enu
:tart-<enu )rder History 4ecords %istorical ordering o" -tart 5enu ite!s
:wa# File *arts o" !e!ory written to disk
(e!#orary Files (e!#orary "iles used during #rogra! installation or e2ecution
(i!e sync%roni6ation ser&ice :ync%roni6es your co!#uter clock $y re!ote Internet &eri"ication
7ser ,ssist History <ost used #rogra!s on t%e -tart <enu
;indows ,ut%entication ;indows #%ones %o!e to <icroso"t ser&ers "or license c%ecks
;indows log "iles (race results o" ;indows actions and installs
;indows <edia *layer content ,uto!atically downloads content-licenses t%roug% t%e Internet
;indows <edia *layer History +ists t%e 5ost 0ecently 4sed 8<479 "iles "or ;indows <edia *layer
;indows <edia *layer !etadata ,uto!atically retrie&es !etadata "or audio C=s t%roug% t%e Internet
;indows <edia *layer *laylist our ;indows <edia *layer #lay lists
;indows <edia *layer statistics :ends your ;indows <edia *layer usage statistics to <icroso"t
Where )nternet :<&lorer Tracks Your 5ehavior
,uto-co!#lete "or! %istory @&eryt%ing you ty#e into we$ site "or!s 8inc. #asswords W #ersonal in"or!ation9
,uto-co!#lete "or #asswords Con&enient $ut less secure
Cookies =ata we$ sites store on your co!#uter 8so!eti!es used to track your sur"ing %a$its9
=ownloaded "iles Files you download w%ile using t%e Internet
Fa&orites ;e$ sites you list as ."a&orites/ in your $rowser
*lug-ins In"or!ation sa&ed or cac%ed $y t%ird-#arty so"tware t%at .#lugs into/ Internet @2#lorer
:earc%es :earc%es are retained $y $ot% I@ and searc% engines
(e!#orary "iles 8cache9 ;e$ #ages t%e $rowser stores on disk
;e$ site error logs @rrors encountered during we$ site retrie&al
;e$ sites &isited ,ll t%e we$ sites you %a&e e&er &isited are stored in t%e 4egistry and inde<%dat "iles
(%is co!#arati&e re&iew rates ten co!!ercial #roducts &ersus !any o" t%e a$o&e "unctions.
(%$$ Does Your Printer S&y on You;
=id you know t%at docu!ents #rinted on your co!#uterBs #rinter could $e traced $ack to youC (%is is t%e case i"
you use any o" t%e color laser #rinters on t%is list. (%e #rinters write a uniDue #attern on e&ery #age t%at can $e
traced $ack to your %ardware. ou can see t%ese tiny dots wit% a !agni"ying glass.
(%e 7nited :tates go&ern!ent ad!itted to #re&ailing u#on #rinter !anu"acturers to include t%is ca#a$ility and
kee# it secret "ro! t%e #u$lic. I" t%is concerns you1 t%e $est solution is to $uy a #rinter t%at does not write its
."inger#rint./
$rinter fingerprints are not a Windows issue. (%ey a##ly to any #rinter on t%e list1 regardless o" w%et%er t%e
connected co!#uter runs ;indows1 ,##leBs <ac ):1 +inu21 or so!e ot%er o#erating syste!.
-24-
,% How to Protect Your Privacy When .sing the )nternet
$rivacy is t%e a$ility to control w%en1 %ow1 and to w%o! your #ersonal in"or!ation is gi&en. *ri&acy is #ower.
+osing your #ri&acy !eans losing #ersonal #ower.
(%is section o""ers ti#s and tec%nical ad&ice to %el# you #rotect your #ri&acy w%en using t%e Internet. It a##lies
w%et%er you use ;indows or so!e ot%er o#erating syste!1 like +inu2 or ,##le0s <ac ):.
;e$ #ri&acy is a "ast-!o&ing area in w%ic% tec%nologies and laws are in "lu2. (%is guide can no !ore guarantee
you a$solute #ri&acy t%an it can guarantee you a co!#letely secure ;indows. (ut if you follow our tips you6ll
minimi2e your privacy exposure.
,%$ 8imit the Personal )n!ormation You Aive #ut
Be"ore entering #ersonal in"or!ation into a we$ site "or!1 a social network1 or a "oru!1 read t%e site0s $rivacy
$olicy and .erms of 4se. I" t%ey0re legalistic and %ard-to-read1 c%ances are t%ey %a&e !ore to do wit%
%ar&esting your #ersonal data t%an #rotecting it.
5any agreements are written so that they can be changed at any time. (%is renders assurance o" #rotection "or
your #ersonal data wort%less $ecause t%e we$ site could si!#ly c%ange t%e agree!ent a"ter you0&e #ro&ided t%e
in"or!ation. , "ew agree!ents e&en include "ine #rint $y w%ic% you agree to t%e installation o" !alware on your
co!#uterL
Few #ri&acy #olicies guarantee t%at in"or!ation will $e destroyed as it ages. 9nce given out8 information tends
to live forever. Few #ri&acy #olicies gi&e you any legal rig%ts i" your in"or!ation is lost or stolen. In 200O alone1
over AE7 million #ersonal records were re#orted lost or stolen in t%e 7nited :tates. 8et it re!ains #er"ectly
legal "or co!#anies to $uy and sell your social security nu!$er and #ersonal data.9
9nce you post personal information on the web8 you lose control over how that information is used. C%anges to
t%e .conte2t/ in w%ic% t%at data is used can %ar! you.
, classic e2a!#le is t%e in"or!ation students enter into social we$ sites like <y:#ace or Face$ook "or t%eir
"riends0 a!use!ent1 only to "ind it resur"acing later to %ar! t%eir e!#loy!ent o##ortunities or t%eir careers.
Bot% sites o""er #ri&acy controls t%at easily allow indi&iduals to a&oid suc% conseDuences -- but most users don6t
apply them. *eo#le unknowingly assu!e risk t%ey can not !easure at t%e ti!e t%ey assu!e it.
(%e selling o" #ersonal data is a largely-unregulated $usiness in t%e 7nited :tates. ItBs a !ulti$illion dollar
industry called information broering. *eo#le w%o gi&e out t%eir #ersonal data e2#ose t%e!sel&es to
!ani#ulation or %ar!.
@&en t%e 7.:. go&ern!ent is researc%ing t%e %ar&esting o" #ersonal data "ro! social networking sites "or #u$lic
sur&eillance. ,nd w%y notC *eo#le &oluntarily #ost t%e in"or!ation.
Fans o" social networking will consider t%ese cautions anac%ronistic. *lease read %ow #eo#le e2#ose
t%e!sel&es to !ani#ulation or %ar! $y #osting #ersonal data1 "ound in aut%oritati&e $ooks suc% as .he Digital
$erson 8 .he -oft %age8 or .he Future of 0eputationF Cossip8 0umor and $rivacy on the *nternet.
;e need legislation to assure !ini!al #ri&acy rig%ts "or social network users1 !uc% t%e way we a##ly consu!er-
#rotection legislation to t%e credit card oligo#oly. <eanw%ile1 #rotect yoursel" $y educating yoursel".
.iny bits of information can be collected and compiled by web computers into comprehensive profiles. I" a
cor#oration or go&ern!ent can collect enoug% s!all $its o" in"or!ation ' "or e2a!#le1 Fust t%e na!es o" all t%e
we$ sites you &isit -- it can e&entually de&elo# a co!#lete #icture o" w%o you are1 w%at you do1 %ow you li&e1 and
w%at you $elie&e.
-25-
$rivacy is power. !ou give away your personal power when you give out personal information.
Figure 1& Think this dis!ussion eAaggeratesC +ri;a!y 4nternational0s rigorous in-depth study ranks
the (nited -tates as an <endemi! sur;eillan!e so!iety= ... right up there with China and Dussia1 ...
,%( Don2t 8et Web Sites Track You
%ooies are s!all "iles t%at we$ sites store on your co!#uter0s disk. (%ey allow we$ sites to store in"or!ation
a$out your interaction wit% t%e!. For e2a!#le1 t%ey !ig%t store t%e data reDuired "or you to #urc%ase ite!s
across t%e se&eral we$ #ages t%is in&ol&es.
Howe&er1 cookies ' originally called tracing cooies ' can also $e used to track your !o&e!ent across t%e
we$. =e#ending on t%e so"tware using t%e!1 t%is data could $e used to create a detailed record o" your
$e%a&ior as you sur". (%e resulting #ro"ile !ig%t $e used "or innocuous #ur#oses1 suc% as targeted !arketing1
or "or !alicious reasons1 like s#ying.
<ost $rowsers acce#t cookies $y de"ault. (o retain your #ri&acy1 set t%e $rowser not to acce#t any cookies
ot%er t%an e2ce#tions you s#eci"y. (%en only we$ sites you a##ro&e can set cookies on your co!#uter. , "ew
we$ sites won0t let you interact wit% t%e! unless you acce#t t%eir cookies -- $ut !ost will.
ou can also set !ost $rowsers to auto!atically delete all cookies w%en you e2it. (%is allows we$ sites to set
t%e cookies reDuired "or transactions like #urc%asing t%roug% t%e we$ $ut #re&ents tracking you across sessions.
(o !anage cookie settings in your $rowser1 access t%ese #anels --
-26-
(o turn cookies on or o"" '
Internet @2#lorer (ools Q Internet )#tions Q *ri&acy Q ,d&anced
Fire"o2 8&ersion 2 on9 (ools Q )#tions Q *ri&acy Q Cookies
)#era (ools Q Xuick *re"erences Q @na$le Cookies
5-<eleon (ools Q *ri&acy Q Block Cookies
:ea<onkey @dit Q *re"erences Q *ri&acy W :ecurity Q Cookies
(o allow s#eci"ic we$ sites to set cookies '
Internet @2#lorer (ools Q Internet )#tions Q *ri&acy Q @dit
Fire"o2 (ools Q )#tions Q *ri&acy Q Cookies Q @2ce#tions
)#era (ools Q *re"erences Q ,d&anced Q Cookies Q <anage cookies
5-<eleon @dit Q *re"erences Q *ri&acy
:ea<onkey (ools Q Cookie <anager
(o .clear/ 8erase9 all cookies currently on your co!#uter "or t%e s#eci"ied $rowser '
Internet @2#lorer (ools Q Internet )#tions Q Aeneral Q =elete Cookies
Fire"o2 (ools Q Clear *ri&ate =ata
)#era (ools Q *re"erences Q ,d&anced Q Cookies
5-<eleon (ools Q *ri&acy Q Clear Cookies
:ea<onkey (ools Q Cookie <anager Q <anage :tored Cookies Q 4e!o&e ,ll Cookies
(o auto!atically clear all cookies w%ene&er you e2it t%e $rowser '
Internet @2#lorer >ot a&aila$le
Fire"o2 (ools Q )#tions Q *ri&acy Q Cookies Q :ettingsM
)#era (ools Q *re"erences Q ,d&anced Q Cookies
5-<eleon (ools Q *ri&acy Q :ettingsM
:ea<onkey >ot a&aila$le
CookieCentral %as !ore in"or!ation a$out cookies and %ow to !anage t%e!. )t%er si!ilar tracking
!ec%anis!s include we$ $ugs1 Flas% cookies1 t%ird-#arty local s%ared o$Fects. (%ese are less co!!on t%an
cookies and rat%er tec%nical so "ollow t%e links and see t%e ,##endi2 i" t%ey concern you.
,%, )s Your :mail Private;
:ending an e!ail o&er t%e Internet is like sending a #ostcard t%roug% t%e !ail. ,nyone wit% t%e a$ility to
interce#t it can read it. .here is evidence that the 4nited -tates government either scans or compiles data
about every email sent in the country.
ou can kee# t%e contents o" your #ersonal co!!unications #ri&ate $y encry#ting your e!ail. (%is we$ #age
#ro&ides in"or!ation and "ree downloads. It also lists #rogra!s t%at will encry#t your online interacti&e C%at.
(%is article illustrates %ow to set u# secure e!ail ste# $y ste#. (%is article tells %ow to encry#t e!ail in <icroso"t
)""ice 200O.
-27-
Figure 1, Download free email and !hat en!ryption programs from TheFreeCountry.org --
(%e trou$le wit% encry#ted e!ail is t%at $ot% t%e sender and t%e reci#ient !ust #artici#ate. It0s i!#ractical to
send encry#ted e!ail to #eo#le you don0t know. )r to anyone using a di""erent encry#tion syste!.
.he ma/or email programs could easily support standardi2ed8 universally"compatible encryption in their clients ""
but don6t.
4e!e!$er t%at e!ails are o"ten t%e $asis "or phishing scams ' atte!#ts to get you to re&eal your #ersonal
in"or!ation "or ne"arious #ur#oses. =on0t res#ond to e!ail t%at !ay not $e "ro! a legiti!ate source. Don6t
even open it. @2a!#les include clai!s you0&e won t%e lottery1 #leas "or %el# in %andling large su!s o" !oney1
sales #itc%es "or outrageous deals1 and t%e like.
@!ail !ay also $e spoofed ' !asDuerading as "ro! a legiti!ate source w%en it is not. @2a!#les are e!ails
t%at ask you to click on a link to u#date your credit card account or t%ose t%at ask "or account in"or!ation or
#asswords.
Legitimate businesses are well aware of criminal misuse of email and don&t conduct serious business
transactions through mass emailings'
<any #eo#le use two e!ail addresses to a&oid s#a! and retain t%eir #ri&acy. (%ey use one account as a .Funk/
e!ail address "or "illing out we$ site "or!s1 Foining "oru!s1 and t%e like. (%is e!ail address doesn0t disclose t%e
-28-
#erson0s identity and it collects t%e s#a!. (%ey reser&e a second e!ail account "or #ersonal co!!unications.
(%ey ne&er gi&e t%is one out e2ce#t to #ersonal "riends1 so it re!ains s#a!-"ree.
,%' )s Your Web Sur!ing Private;
I" you tested your co!#uter as suggested earlier using :%ields7#L1 you saw t%at it gi&es out in"or!ation to e&ery
we$ site you &isit. (%is data includes your Internet #rotocol address1 o#erating syste!1 $rowser &ersion1 and
!ore.
our *nternet protocol address or *$ address is a uniDue identi"ier assigned to your co!#uter w%en you access
t%e Internet. ;e$ sites can use it to track you. our *nternet -ervice $rovider or *-$ assigns your co!#uter its
I* address using one o" se&eral di""erent tec%niDues. How tracea$le you are on t%e we$ &aries according to t%e
tec%niDue your I:* e!#loys along wit% se&eral ot%er "actors1 suc% as w%et%er you allow we$ sites to set cookies
and w%et%er your co!#uter is co!#ro!ised $y !alware.
)ne way to !ask w%o you are w%en we$ sur"ing is to c%ange your I* address. ,nonymi2ing services %ide your
I* address and location "ro! t%e we$ sites you &isit $y stri##ing it out as your data #asses t%roug% t%e! on t%e
way to your destination we$ site. ,nony!i6ers %el# %ide your identity and #re&ent we$ sites "ro! tracking you
$ut t%ey are not a #er"ect #ri&acy solution 8$ecause t%e anony!i6er itsel" could $e co!#ro!ised9.
,nony!ouse is a &ery #o#ular "ree anony!i6ing ser&ice. Find ot%er "ree ser&ices %ere and %ere.
, !ore ro$ust a##roac% to anony!ity is o""ered $y "ree so"tware "ro! J,* and ()4% Bot% route your data
t%roug% inter!ediary ser&ers called proxies so t%at t%e destination we$ site can0t identi"y you. our data is
encry#ted in transit1 so it can not $e interce#ted or read $y anyone w%o scans #assing data.
:er&ices like J,* and ()4 #resent two downsides. First1 your data is sent t%roug% inter!ediary co!#uters on
t%e way to its destination1 so res#onse ti!e slows. ;%et%er you still "ind it acce#ta$le de#ends on !any
"actorsH t%e $est way to "ind out is si!#ly to try t%e so"tware "or yoursel".
.hese systems still leave you exposed to privacy violations by your *nternet -ervice $rovider. our I:* is t%e
your co!#uterBs entry sole #oint into t%e Internet1 so your I:* can track all your online actions.
For t%is reason1 w%en t%e Bus% ad!inistration decided to !onitor ,!erican citi6ens t%roug% t%e Internet1 t%ey
#ro#osed legislation t%at would "orce all I:*s to kee# two years o" data a$out all t%eir custo!ersB acti&ities.
(%e go&ern!ent0s current we$ sur&eillance #rogra! !ade it necessary "or !aFor I:*s like ,(W(Ua%oo to
c%ange its #ri&acy #olicy in June 2006 to say t%at ,(W( ' not its custo!ers ' owns all the customers6 *nternet
records and can use them however it lies.
4e#eated congressional #ro#osals to i!!uni6e I:*s "ro! all legal c%allenges only !ake sense i" t%e I:*s
colluded wit% t%e go&ern!ent in illegally !onitoring Internet acti&ities. (%e .FI:,-II/ law t%at "inally #assed in
July 2008 #re&ents Fudicial in&estigation o" illegal I:* and go&ern!ent sur&eillance1 t%ere$y #er!itting any suc%
#rogra!s to continue wit%out c%allenge.
-29-
Figure 1/ )eb surf anonymously with Anonymouse.org or a similar ser;i!e --
,%4 Are Your Web Searches Private;
;e$ sites t%at %el# you searc% t%e we$ are called search engines. $opular search engines lie Coogle8
!ahoo'8 and 5-N -earch retain records of all your web searches. Indi&idually1 t%e keywords you ty#e into
searc% engines s%ow little. But aggregated1 t%ey !ay e2#ose your identity. .hey may also expose your
innermost thoughts # or be misinterpreted as doing so.
Here0s an e2a!#le. :ay t%e searc% engine ca#tures you entering t%is list o" searc%es '
kill wi"e
%ow to kill wi"e
killing wit% untracea$le su$stance
kill wit% unknown su$stance
:o!eone !ig%t inter#ret t%ese searc%es as indicating t%at you s%ould $e re#orted to t%e aut%orities $ecause
you0re #lanning a !urder. But w%at i" you were si!#ly doing researc% "or t%at !urder !ystery you always
wanted to writeC ou can see need "or searc% #ri&acy. =o you %a&e itC
(%e "ederal go&ern!ent %as de!anded searc% records "ro! !aFor searc% engines like Aoogle1 ,)+1 a%oo1
and <:>. ;%ile t%e go&ern!ent clai!s t%ese reDuests are to co!$at se2ual #redators1 !ost analysts $elie&e
t%ey are "or #u$lic sur&eillance and data mining.
-30-
,!erica )nline 8,)+9 accidentally #osted online 20 !illion #ersonal Dueries "ro! o&er 6J01000 users. (%e data
was i!!ediately go$$led u# and sa&ed in ot%er we$ ser&ers. ,lt%oug% ,)+ a#ologi6ed and Duickly took down
t%eir #osting1 t%is data will #ro$a$ly re!ain a&aila$le "ore&er so!ew%ere. :o!e #eo#le can $e identi"ied $y
t%eir .anony!ous/ searc%es and %a&e $een %ar!ed as a result o" t%is &iolation o" t%eir #ri&acy.
.he ,9L incident is a wae"up call to those who don6t understand how small pieces of information about people
can be collected by *nternet servers8 then compiled into revealing dossiers about our individual behaviors. (%is
#rinci#le doesn0t Fust a##ly to searc% engines. It e2tends to t%e we$ sites you &isit1 t%e $ooks and #roducts you
$uy online1 t%e co!!ents you enter into "oru!s1 t%e #olitical we$ sites you read1 and all your ot%er we$
acti&ities.
.he ,9L debacle demonstrates that web activities many assume to be anonymous can sometimes be traceable
to specific individuals.
(%e @lectronic Frontier Foundation0s e2cellent w%ite #a#er /:i2 (i#s to *rotect our :earc% *ri&acy/ o""ers t%ese
reco!!endations to ensure your searc% #ri&acy --

=on0t include words in your searc%es t%at identi"y you #ersonally 8suc% as your na!e or social security
nu!$er9
=on0t use your I:*0s searc% engine 8since t%ey know w%o you are9
=onBt .log in/ to searc% engine we$ sites
=on0t let t%e searc% engine set cookies
=on0t use t%e sa!e I* address all t%e ti!e
7se anony!i6ers like J,* or ()4 to t%wart tracea$ility
ou can also use "ree searc% ser&ices like :croogle t%at delete searc% %istories a"ter a cou#le days.
Figure 12 -ear!h the web without lea;ing a data trail through free ser;i!es like -!roogle.org --
-31-
'% Wisdom
our co!#uter is your window into t%e &ast1 wonder"ul world o" t%e Internet. 7n"ortunately it is also t%e window
t%roug% w%ic% so!e cor#orations and go&ern!ents !onitor and track your $e%a&ior1 and t%e #ortal t%roug%
w%ic% !alicious indi&iduals and cri!inal gangs target you.
I" you use ;indows1 <icroso"t )""ice1 and Internet @2#lorer1 you need to $e aware o" %ow t%ese #roducts could
co!#ro!ise your security and #ri&acy. Follow t%is guide0s reco!!endations and youBll !ini!i6e your
e2#osure.
!our privacy is not a design goal of Windows. *t is up to you to mae Windows secure and private.
-32-
A&&endi<: Further )n!ormation and 8inks
(%is a##endi2 #ro&ides "urt%er in"or!ation "or eac% section o" t%is guide. It includes links to ot%er sources including articles and we$ sites.
ou can download all t%e "ree so"tware !entioned in t%is guide "ro! t%ese we$ sites --
(%e Free Country 8start %ere9
<aFor Aeeks 8start %ere9
=ownload.co! 8start %ere9
(ec% :u##ort ,lert 8gi&es reco!!endations on t%e $est "ree so"tware "or e&ery #ur#ose9
)ntroduction
-ecurity is t%e a$ility to kee# your ;indows syste! "ree o" outside inter"erence1 w%ile privacy is your a$ility to deter!ine w%en1 %ow1 to w%o1
and to w%at e2tent in"or!ation a$out you is co!!unicated.
(%is article and t%is one docu!ent %ow #ro"essional cri!inals %a&e !o&ed into #enetrating ;indows syste!s and %ow #ro"ita$le t%is %as
$eco!e. (%is we$ site gi&es statistics on t%e e2#onential increase in !alware.
(%is >ew orker article o""ers statistics on t%e increase in s#a! and ot%er !alware. <icroso"t0s own statistics #ro"iling t%e kinds and
occurrences o" !alware t%reats are in su!!ari6ed in t%is ;as%ington *ost article and also %ere. (%is "oru! discussion links to se&eral
articles wit% statistics su!!ari6ing t%e costs and s#read o" co!#uter !alware. (%is article looks at t%e increasing t%reat "ro! t%e cor#orate
&iew#oint.
$% How to De!end Against Penetration Attem&ts
$%$ Act Sa!ely #nline
,!ong t%e !any good articles o""ering online sa"ety ti#s are t%is o&er&iew1 t%is introductory one "ro! BBC1 t%is one at *C*it:to#1 and t%is
one "or teens1 =a&id ,. ;%eelerBs we$site %as a nice co!#re%ensi&e security %ow-to "or %o!e and s!all $usinesses %ere.
$%( )nstall Sel!De!ense So!tware
#verviews -- Find good introductions to t%e kinds o" t%reats you "ace at t%e *C *itsto# we$ site1 t%e :#ywareIn"o we$ site1 and at 4oad
4unner :ecurity and ,$use Control.
For t%ose wanting tec%nical details1 ;indows:ecrets consistently unco&ers security and #ri&acy &ulnera$ilities in <icroso"t #roducts1 w%ile
;indowsI(*ro does a good Fo$ o" analy6ing "laws as t%ey are "ound. :ecurity Con&ergence Journal is use"ul "ro! an o#erating-syste!
neutral stand#oint.
Firewall ' (%e ;indows Vista1 ;indows K* :*21 and ;indows K* U K* :*1 "irewalls are all con"igured di""erently. (o "ind w%ic% &ersion
o" ;indows you are running1 rig%t-click on 5y %omputer and select $roperties.
(o con"igure t%e "irewall "or ;indows Vista1 see t%is <icroso"t article. (%e Vista "irewall is .ena$led/ 8turned on9 $y de"ault1 $ut its a$ility to
sto# rogue out$ound data is o"" $y de"ault. ou de"initely want to ena$le t%is. (%is article descri$es %ow.
(o con"igure t%e "irewall "or ;indows K* :*21 see t%is <icroso"t article. It also tells %ow t%e K* K:*2 "irewall di""ers "ro! t%e original K*
and K* :*1 "irewall1 and $rie"ly tells %ow to con"igure t%e original K* and K* :*1 "irewalls.
(o con"igure t%e "irewall "or ;indows K* and ;indows K* :*11 see t%is <icroso"t article. (%e "irewall is .disa$led/ 8turned o""9 $y de"ault.
(%is is t%e original ;indows "irewall1 w%ic% was called *nternet %onnection Firewall 8*%F9.

<';ery !omputer should run a firewall at all times when !onne!ted to the 4nternet= ' I %a&e #ersonally witnessed situations w%ere
cor#orate "irewalls did not #rotect *Cs1 so I $elie&e t%is state!ent a##lies e&en to co!#uters wit%in co!#any "irewalls and situations w%ere
you %a&e a %ardware "irewall.
In an early release o" t%is guide I !entioned t%at you can run two "irewalls toget%er wit%out any %ar!. 4eaders %a&e since written saying
t%ey %a&e e2#erienced situations w%ere two "irewalls con"licted so I dro##ed t%is state!ent.
ou can rely on a hardware firewall 8one t%at resides in your router9 as an alternati&e to installing a software firewall on your co!#uter. I"
you do1 $e sure to kee# t%e "irewall u#dated Fust t%e sa!e as it it were installed on your co!#uter.
Anti*irus -- 4ead ;iki#edia0s anti-&irus #age and (%eFreeCountry0s list and su!!ary o" "ree anti-&irus #rogra!s "or a good
understanding o" &iruses and %ow to #rotect against t%e!.
-33-
Anti"alware -- Here0s ;iki#edia0s o&er&iew article on !alware. 4ead (%eFreeCountry0s descri#tions o" "ree anti-!alware #roducts %ere
"or a good idea o" t%e t%reats out t%ere and %ow to #rotect against t%e!. Here0s a good list o" s%areware #rogra!s "or cleaning ;indows.
(%is article gi&es a good introduction to t%e growing t%reat #osed $y $otnets.
Anti+ootkit I de$ated w%et%er to include t%is as a se#arate section1 since t%e ot%er anti-!alware tools will #rotect !ost users
adeDuately. *lus !ost anti-rootkit tools are eit%er reDuire a good $it o" tec%nical e2#ertise to use or are still in $eta at t%e ti!e o" writing. But
ulti!ately t%is is an i!#ortant t%reat area t%at is #oised "or growt% so I decided a se#arate e2#lanation is necessary.
(%is In"or!ation;eek article re&iews and co!#ares si2 rootkit detectors1 including $ot% "ree and co!!ercial #roducts.
)ntrusion Prevention ' :ee ;iki#edia "or a good o&er&iew and (%eFreeCountry0s list and su!!aries o" "ree #rogra!s "or a good
understanding o" t%is area.
$%, -ee& Your Programs .&toDate/
Here are statistics on %ow ;indows users o"ten don0t #atc% i!#ortant a##lications and w%y t%is is a #ro$le!.
(%is ;iki#edia article gi&es good $ackground on t%e e&olution o" <icroso"t0s auto!atic u#date "acilities.
(%is <icroso"t article descri$es ;indows 7#date and <icroso"t 7#date and t%eir di""erences.
(%e original ;indows 7#date we$ site is %ere.
(%e <icroso"t 7#date Catalog %as a searc%a$le inter"ace and gi&es you !ore control o&er t%e u#date #rocess.
Here0s a list o" "ree alternati&es to <icroso"t0s ;indows 7#date.
$%' Test Your 1om&uter2s De!enses
(%is co!!ercial site and t%is ;iki#edia article o""er good $ackground on #enetration testing.
(%ere are se&eral e2cellent security-testing #rogra!s I e2clude %ere since t%ey reDuire e2#ertise to use and inter#ret results. ,!ong t%e!
are <icroso"t0s Baseline :ecurity ,naly6er 8also downloada$le "ro! inde#endent sites like File Hi##o %ere9 and t%e Belarc ,d&isor.
$%4 PeertoPeer Programs 1an 5e +isky
For Duick o&er&iews o" *2* dangers1 read t%is article1 t%is one1 and t%is.
Here0s a good o&er&iew at t%e 0ed .ape %hronicles .
Here0s a good article on *2* "or #arents w%ose kids use t%e #rogra!s.
Here0s a Duick cor#orate guide on *2*.
<The D4AA has sued o;er &BBBB people for file sharing as of Euly &BB8= ' t%is "igure co!es "ro! an @lectronic Frontier Foundation0s
co!#re%ensi&e re#ort on t%e su$Fect.
$%7 Don2t 8et Another .ser 1om&romise Your 1om&uter
I0&e #ersonally seen cases o" s%ared ."a!ily co!#uters/ w%ere young #eo#le install ga!es1 *2* #rogra!s1 and ot%er .!alware catc%ers1/
w%ile t%e #arents use t%e sa!e co!#uter "or t%eir $anking and !utual "und accounts. I= t%e"t resulted. I" you cannot ensure t%at e&eryone
w%o uses t%e co!#uter con"or!s to t%e reco!!endations "or sa"e sur"ing1 don0t use t%at co!#uter "or i!#ortant #ersonal data. )ne
solution is to $uy two co!#uters. )ne will $e t%e kids0 ga!e co!#uter and t%e ot%er a #assword-#rotected1 data-encry#ted #arents0
co!#uter. I0&e e&en !et indi&iduals w%o %a&e two co!#uters1 one "or wild sur"ing1 t%e ot%er "or t%eir secure accounts 8$anking and online
"inance9. , used *entiu! III is #er"ectly adeDuate "or sur"ing and general #ur#ose so"tware. (%ey cost less t%an Y100.
$%0 .se Administrator +ights S&aringly
.his article estimates that G@H to ?@H of security threats can be thwarted by using accounts that do not have administrator rights. :o!e
organi6ations en%ance *C security $y .locking down/ user access and denying t%e! use o" ad!inistrator rig%ts. (%is is not always
welco!ed $y t%e users $ecause t%ey so!eti!es reDuire ad!inistrator rig%ts to do t%eir Fo$s. Vista0s 4ser ,ccount %ontrol "eature tries to
resol&e t%is contro&ersy and satis"y t%e legiti!ate needs o" $ot% #arties.
4ead <icroso"t0s 7ser ,ccount Control guides %ere and %ere. (%is article gi&es links to a core set o" 7,C articles "ro! <icroso"t and ot%er
sources. Vista0s $uilt-in ,d!inistrator user id does not %a&e ad!inistrator rig%ts until you enter your #assword1 as #ro!#ted $y 7,C.
;indows consu!er &ersions t%at #re-date ;indows K* -- <@1 I81 and IJ -- do not %a&e ad!inistrator rig%ts or t%e ,d!inistrator user id.
,ll user ids e""ecti&ely %a&e .ad!inistrator rig%ts/ on t%ese syste!s.
$%3 .se Strong Passwords
<ore ad&ice on %ow to create good #asswords can $e "ound %ere and %ere. Here0s w%at can %a##en i" you neglect to assign a #assword to
-34-
your router.
$%6 Always 5ack .& Your Data
<icroso"t %as se&eral use"ul we$ #ages on %ow to $acku# your data %ere. (%is site o""ers #lenty o" good $acku# ad&ice1 "ree so"tware1 a
discussion "oru!1 and !ore.
I" your co!#uter won0t start due to a so"tware #ro$le!1 t%ere are !any sources on t%e we$ to %el#. (%is <icroso"t article %el#s resol&e Vista
startu# #ro$le!s1 w%ile t%is one co&ers %ow to create startu# disks "or all earlier ;indows &ersions. I" you need a $oot disk "or any &ersion
o" ;indows1 t%is site #ro&ides t%e!. (%is article tells a$out %ow to start ;indows in -afe 5ode1 w%ic% o"ten works wit% co!#uters t%at won0t
start ot%erwise.
$%$9 :ncry&t Your Data
;e$ #ages on encry#tion tools at t%e Free Country and =ownload.co! tell a lot !ore a$out t%is to#ic and o""er !any !ore "ree #rogra!s.
=ata encry#tion tec%niDues are co!#licated1 as t%is article and t%is one in ;iki#edia attest. I elected to kee# t%is section si!#le and
#ractical $y a&oiding t%e tec%nical as#ects o" data encry#tion.
Here is an e2cellent series o" articles on $uilt-in encry#tion "or ;indows Vista and K*.

For &olu!e-le&el encry#tion1 t%e 7lti!ate and @nter#rise &ersions o" Vista #ro&ide a new "eature called (itLocer. (%is article tells you
e&eryt%ing you need to know a$out it. (%is article and t%is one e2#lore so!e o" t%e ad&antages and downsides o" Bit+ocker encry#tion.
Ai&en t%at it0s #resently restricted to t%e 7lti!ate and @nter#rise &ersions o" Vista1 Bit+ocker is o" little rele&ance to ;indows deskto# and
la#to# consu!ers.
$%$$ +educe 5rowser *ulnerabilities
Will Your 5rowser +un Anybodys Program; ' I0&e si!#li"ied in saying $rowsers will run .any #rogra!/ we$ sites #us% at t%e! $ut t%is is
a reasona$le assu!#tion "or non-tec%nical readers. I0&e also si!#li"ied $y e2cluding discussion o" t%e tec%nologies in&ol&ed and !erely list
t%e ter!s non-tec%nical readers need to know to disa$le t%eir $rowsers0 #rogra!!a$ility.
Here0s an ancient $ut easily understood e2#lanation o" ,cti&eK and Ja&a security issues t%at still %as &alue e&en today.
+earn !ore a$out t%e uses and #erils o" ,ctive -cripting %ere and %ere1 o" ,ctive; %ere8 %ere1 %ere1 and %ere1 and o" <ava-cript %ere and
%ere. Aoogling on t%ese ter!s turns u# !any !ore e2#lanations o" security &ulnera$ilities "ro! $ot% t%e user and de&elo#er #ers#ecti&es.
)nternet :<&lorer *ulnerabilities = It is not !y intent to dis#arage Internet @2#lorer -- t%is guide !erely re"lects consensus o#inion in
stating t%at t%e $rowser %as %istorically $een &ulnera$le to e2#loits. I" you disagree #lease #er"or! a we$ searc% on #%rases like .Internet
@2#lorer security de"ect/ or .Internet @2#lorer insecurity/ to read t%e e&idence. )r &isit t%e :ecunia we$ site1 w%ic% #u$lis%es #roduct
security alerts and $ug re#orts.
(%is article and t%is one descri$e t%e t%reat o" I@ $rowser %iFacking. )t%er e2#loits used against Internet @2#lorer include code e2ecution
%oles1 address $ar s#oo"ing1 !ulti!edia co!#onent $ugs1 cross-$rowser attacks1 encry#ted code $y#ass1 and ot%ers.
:ound co!#uter science #rinci#les can $e a##lied to address t%e security de"ects o" traditional $rowser design. @2a!#les include &irtual
!ac%ines1 t%e $rowser a##liance1 and sand-$o2ing. (%ese are clearly su#erior !et%ods to security t%an .$rowser-#atc%ing./ But e2#laining
t%e! would $e tec%nical and t%ey are not yet widely used on ;indows co!#uters1 so t%ey are out-o"-sco#e to t%is guide.
$%$( Wireless +isks
(%is we$ site lists !any articles on wireless security. (%is article at <icroso"t tells you %ow to !ake an e2isting 802.11 B %o!e network as
secure as #ossi$le. * strongly recommend upgrading any ?@7.AA ( home networ to ?@7.AA C. :ee t%is article1 t%is one1 and t%is one "or
ti#s on setting u# a secure %o!e wireless network. 7se 5,% address filtering i" your eDui#!ent su##orts it to li!it access to your wireless
network to s#eci"ic co!#uters. :o!e wireless routers ask you w%ic% encry#tion standard to use. Fro! !ost desira$le to least1 %ere are
t%e standards3 ,@:U;*,2 -Z ;*,2 -Z ;*, -Z 128-$it ;@* -Z 6P-$it ;@* -Z P0-$it ;@*. ,ny "or! o" ;@* security can easily $e
cracked $y so!eone wit% t%e #ro#er so"tware and knowledge1 so use ,@:1 ;*,1 or ;*,2 i" a&aila$le.
;iki#edia $luntly discloses t%e security risks o" #u$lic %ots#ots. *u$lic ;i-Fi is con&enient $ut I wouldnBt use it "or online "inances or ot%er
secure acti&ities.
$%$, +e&lace "icroso!t So!tware; 8all links are in t%e te2t9
(% How Windows Tracks Your 5ehavior = and How to Sto& )t
(%$ How to Securely Delete Data
-35-
How to Securely Delete Files (%ese #rogra!s will also securely delete file slacs or cluster tip areas1 s#ace near t%e end o" "iles t%at
!ig%t contain still-reada$le data1 and empty directory entries1 w%ic% !ig%t contain #ointers to non-securely deleted "iles. Aood secure-
deletion #rogra!s also %andle swap space cleanup and alternate data streams =,D->1 two !ore ways in w%ic% data can $e e2#osed. ,=:
only a##lies to co!#uters running t%e >(F: "ile syste! 8used since ;indows K* and ;indows 20009.
How to Securely Delete :mail and Address 5ooks = 4ead !ore a$out w%et%er you can delete all your o$solete e!ails in organi6ational
settings %ere. <any organi6ations now kee# all e!ail e&er sent due to t%e need to co!#ly wit% t%e :ar$anes-)2ley law.
How to Securely Delete All Personal Data on Your 1om&uter = @&en a"ter re"or!atting a disk or running a secure erasure tool like
=arik0s Boot and >uke it !ay $e #ossi$le to reco&er data t%roug% &ery e2#ensi&e ."orensic analysis./ *f you have very high"value data and
this is a concern for you8 your best option is to run the dis secure"erasure tool "" then physically destroy the dis.
(%( The +egistry 1ontains Personal Data
Aood non-tec%nical o&er&iews o" t%e 4egistry are at Co!#uterHo#e and $lee#ingco!#uter.co!. *C (ools %as a good article on %ow to
alter ;indows settings $y tweaing t%e 4egistry.
For tec%nical readers1 ;iki#edia %as a good o&er&iew o" t%e 4egistry1 as does <icroso"t.
*f you edit your 0egistry8 mae a bacup beforehand and be sure you now how to restore it. (o edit 4egistry entry keys and t%eir &alues1
you access -tart 3 0un and t%en enter t%e word regedit in t%e 4un Bo2.
(%, Windows Tracks All the Web Sites You2ve :ver *isited
I0&e si!#li"ied t%e details in t%is section to !ake t%e discussion accessi$le to non-tec%nical readers.
.here is third 0egistry location that may eep lists of web addresses. (%is is under t%e key %ierarc%y 4rl Bistory "I Jone5ap "I Domains.
.he web sites listed here are not ones you have visited' (%ey are ke#t in t%e 4egistry as #art o" Internet @2#lorer0s 2oned domain security.
8:ee I@0s 6ones $y entering I@1 t%en .ools 3 *nternet 9ptions 3 -ecurity. (%e "our icons re#resent "our Internet security 6ones.9
(%e o""ensi&e we$ sites are #laced t%ere $y anti-s#yware #roducts t%at restrict access to t%ose we$ sites according to I@0s security design.
Find !ore on 6oned security and %ow and w%y t%ese we$ sites are in your 4egistry %ere.
In addition to we$ sites &isited1 t%e inde<%dat "iles track recently-used "iles and docu!ents1 your searc% reDuests1 and cookies.

(%' Windows 8eaves Your Personal )n!ormation in its Tem&orary Files
(%e $est source o" "urt%er in"or!ation on t%ese te!#orary "iles and cac%e areas are in t%e descri#tions #ro&ided $y t%e #rogra!s t%at clear
t%e! out. (%is descri#tion o" t%e co!!ercial #roduct *ri&acy @raser *ro gi&es a &ery co!#lete idea o" t%e kinds o" in"or!ation ;indows
and Internet @2#lorer lea&e on your %ard dri&e.
(%4 Your >"ost +ecently .sed? 8ists Show What You2re Doing
Here is <icroso"t0s tec%nical article on <47 lists.
(%7 Product +egistration )n!ormation "ay 5e Hard to 1hange
ou can "ind w%et%er entering a null #roduct registration is #er!itted $y reading t%e #roduct license. <ost #roducts %a&e a license "ile
na!ed eit%er license%t<t or eula%t<t t%at descri$e t%e ter!s o" #roduct installation and su##ort.
Free and o#en source #roducts usually don0t reDuire registration "ro! eit%er a legal or "unctional stand#oint. (%ey o""er $ig ad&antages i"
you0re concerned a$out #rotecting your #ri&acy.
(%0 File >Pro&erties? :<&ose Personal Data
(%is discussion a&oids !inutiae a$out t%e $roperties and %idden in"or!ation <icroso"t )""ice retains on docu!ents as it all $eco!es &ery
detailed. (%is #a#er is written "or non-tec%nical readers1 and I $elie&e t%e $est ad&ice "or t%e! is -- i" t%is area concerns t%e! -- to a&oid
t%e issue entirely $y using )#en)""ice. )t%er "ree "ile-co!#ati$le )""ice re#lace!ents include ,$iword "or word #rocessing and Anu!eric
"or s#reads%eets.
(%e "ree 0emove Bidden Data .ool "ro! <icroso"t %as Duali"ications and li!itations t%at are o!itted in t%e interests o" reada$ility. 4ead
<icroso"t0s descri#tion "or !ore in"or!ation.
(i#s "ro! an inde#endent source on %ow to !anage )""ice !etadata are %ere.
(%is article #u$lis%ed $y <icroso"t gi&es t%eir &iew o" %idden in"or!ation and o""ers use"ul $ackground and ti#s.
(%3 "icroso!t :mbeds Secret )denti!iers in Your Documents
-36-
Aood introductions to A7I=s are at ;iki#edia and %ere. <icroso"t0s tec%nical guide to %ow t%eir so"tware generates A7I=s is %ere.
A7I=s were disco&ered in <icroso"t #roducts in 1III. (%e co!#any %adn0t told anyone a$out t%e! #re&iously. ou can trace t%e
contro&ersy w%en t%e A7I=s were "irst disco&ered t%roug% >ew ork (i!es articles suc% as t%is one1 t%is1 t%is1 t%is1 and t%is. *n spite of all
the controversy8 5icrosoft continues to embed C4*Ds in all documents customers create "" without the informed consent of those
customers.
(%6 Windows Secretly 1ontacts "icroso!t
;iki#edia entries tell t%e story3 ;indows *roduct ,cti&ation1 ;indows Aenuine ,d&antage1 and )""ice Aenuine ,d&antage. Vista-s#eci"ic
issues are discussed %ere.
(%$9 1hart o! "icroso!t@s Tracking Technologies
I de&elo#ed t%e c%art o" tracking tec%nologies "or ;indows and Internet @2#lorer "ro! in"or!ation on t%e we$ sites o" t%e &endors o"
cleansing tools 8$ot% "ree and co!!ercial9. (%e tools t%e!sel&es also do a good Fo$ o" listing w%at t%ey cleanse in t%eir #rogra! #anels.
IB&e o!itted "ro! t%is #a#er t%e tra# door <icroso"t e!$eds in ;indows "or t%e >ational :ecurity ,gency 8>:,9 o" t%e 7nited :tates. ItBs
considered #ro&en t%at suc% an entry #oint e2ists1 $ut its #ur#ose and w%et%er it %as e&er $een used re!ain unknown.
(%$$ Does Your Printer S&y on You;
(%e @lectronic Frontier Foundation $roke t%is storyH t%eir re"erences in t%e te2t are considered aut%oritati&e.
,% How to Protect Your Privacy When .sing the )nternet
,%$ 8imit the Personal )n!ormation You Aive #ut
<:>BC0s e2cellent we$ site .*ri&acy +ost/ o""ers %ig%ly reada$le articles on %ow #ri&acy is $eing destroyed and w%y t%is !atters.
I cite $ooks in t%e te2t rat%er t%an we$ sites "or t%ose w%o want to learn a$out %ow .#ri&acy is #ower/ $ecause t%e su$Fect reDuires $road
$ackground. )ne can0t understand t%e &ast data $rokering industry or t%e i!#lications o" go&ern!ent sur&eillance ot%erwise.
(%e *ri&acy 4ig%ts Clearing%ouse co!#iles co!#re%ensi&e statistics on data $reac%es in t%e 7nited :tates. 8(%e "igure o" 162 !illion
#ersonal records $eing lost or stolen during 200O is "ro! t%at organi6ation and is con"ir!ed in .ime !aga6ineBs =ece!$er E1
st
200O issue. 9
)&er 216 !illion #ersonal records %a&e $een co!#ro!ised o&er t%e #ast t%ree years in t%e 7.:.. ItBs incredi$le t%at it is still legal to $uy and
sell social security nu!$ers in t%e 7.:. and t%at t%is trade is unregulated.
(%is article alerts users to t%e dangers o" .#ri&acy/ agree!ents. (%is guide takes a negati&e &iew o" we$ and cor#orate *ri&acy *olicies due
to &eri"ia$le cor#orate $e%a&ior.
(%is article tells %ow students are ret%inking t%e costs o" #osting to <y:#ace and Face$ook as t%ey co!e to understand t%e #u$lic uses o"
.t%eir/ in"or!ation. <ore a$out t%e downside o" li&ing an Internet social li"e is in .Friends =on0t +et Friends *ost on <y:#ace3 *osting on
>etworking :ites is +ike a (attoo ' $ut ;orse./ 4ead a$out %ow #osting #ersonal in"or!ation can lead to Fo$ loss or career da!age %ere1
%ere and %ere. .:ay @&eryt%ing/ #ostulates a generation ga# $etween t%ose under 2J and w%o #ost t%e !ost inti!ate details o" t%eir li&es
online1 &ersus t%ose w%o are older and resist gi&ing out #ersonal in"or!ation.
(%is article illustrates %ow to 8try to9 #rotect your #ri&acy w%en using <y:#ace1 Face$ook1 and +inkedIn.
(%is article discusses %ow Face$ook le&erages your data t%roug% #ersonali6ed data aggregation.
Face$ook is ty#ical o" !any we$ sites in t%at its users gi&e u# rig%ts to t%eir data w%en #osting it online. 4ig%t at t%e to# o" t%eir *ri&acy
*olicy #age Face$ook says .You should have control over your &ersonal in!ormation%? [$old"ace in original\. et t%e "ine #rint o" t%eir
*ri&acy *olicy and (er!s o" 7se directly contradicts t%is.
Faceboo users grant Faceboo an irrevocable8 perpetual license to all of their content8 plus they grant Faceboo the rights to give that
data to third parties and combine it with other data ""-
Fro! Face$ook0s (er!s o" 7se 8Duoted "ro! t%eir we$ site in >o& 200O9 -- (y posting 4ser %ontent to any part of the -ite8 you
automatically grant8 and you represent and warrant that you have the right to grant8 to the %ompany an irrevocable8 perpetual8
non"exclusive8 transferable8 fully paid8 worldwide license =with the right to sublicense> to use8 copy8 publicly perform8 publicly
display8 reformat8 translate8 excerpt =in whole or in part> and distribute such 4ser %ontent for any purpose on or in connection with
the -ite or the promotion thereof8 to prepare derivative wors of8 or incorporate into other wors8 such 4ser %ontent8 and to grant
and authori2e sublicenses of the foregoing.
Fro! Face$ook0s *ri&acy *olicy 8Duoted "ro! t%eir we$ site in >o& 200O9 -- KFaceboo may also collect information about you
-37-
from other sources8 such as newspapers8 blogs8 instant messaging services8 and other users of the Faceboo service through the
operation of the service =eg. photo tags> in order to provide you with more useful information and a more personalised experience.
(y using Faceboo8 you are consenting to have your personal data transferred to and processed in the 4nited -tates.K
,nd o" course1 Face$ook adds "" LWe reserve the right to change our $rivacy $olicy and our .erms of 4se at any time.
:ocial networking sites are like t%e .$ig t%ree/ credit card co!#anies in t%at1 w%ile t%ey are "ree-!arket cor#orations1 t%ere are a s!all grou#
o" t%e! t%at #ro&ide a ser&ice "unda!ental to .nor!al li"e1/ as de"ined $y t%ose under in t%eir twenties and teens. (%ey s%ould t%ere"ore $e
su$Fect to "ederal #ri&acy regulation in t%e sa!e !anner as t%e credit co!#anies.
<';en the (.-. go;ernment is resear!hing the har;esting of personal data from so!ial networking sites for publi! sur;eillan!e. =
-- <ore on %ow t%e 7.:. go&ern!ent is working on incor#orating social network #ro"iles into t%eir sur&eillance acti&ities can $e "ound %ere1
%ere1 %ere1 and %ere.
,%( Don2t 8et Web Sites Track You
I0&e si!#li"ied t%is discussion $y lea&ing out cookie details like first"party &ersus third"party1 session &ersus cross"session1 w%et%er t%e
cookies include personally"identifiable information1 etc.
(%is ;iki#edia article de"ines cookies and descri$es ot%er tracking tec%nologies. CookieCentral gi&es $ackground on cookies and ad&ice on
%ow to $est !anage t%e!. Here0s an article on .How ;e$ :er&er Cookies (%reaten our *ri&acy./
Cookie-like tracking !ec%anis!s include we$ $ugs1 Flas% cookies1 t%ird-#arty local s%ared o$Fects1 and ot%er !ore esoteric tracking
&e%icles. I0&e le"t t%e! out as t%ey0re a $it tec%nical "or t%is guide and are not as widely used.
,%, )s Your :mail Private;
<There is e;iden!e that the (nited -tates go;ernment either s!ans or !ompiles data about e;ery email sent in the !ountry.=
Large"scale surveillance is possible because all traffic is digiti2ed and passes through a limited number of master trun switches8 where it
can be scanned. (%e "ederal #rogra!s &ariously re"erred to as Carni&ore or @c%elon and (otal In"or!ation ,wareness or (errorist
In"or!ation ,wareness kee# c%anging t%eir na!es $ut are a##ear to $e ali&e and o#erating. :ecurity e2#ert Bruce :c%neier o""ers good
articles on current go&ern!ent sur&eillance #rogra!s1 as do ;ired !aga6ineBs (%reat +e&el we$ site1 Alenn Areenwald at :alon1 and t%e
4aw :tory.
(%is article descri$es t%e Congressional testi!ony o" <ark 5lein1 a retired ,(W( tec%nician who says he helped connect a device in 7@@M
that diverted and copied onto a government supercomputer every call8 e"mail8 and *nternet site access on ,.N. lines. (%is article and t%is
one detail 5lein0s clai!s. For!er >ational :ecurity ,gency analyst 4ussell (iceBs state!ents &eri"y 5lein0s. (%is article descri$es t%e
,(W( docu!ents #ro&ided $y 5lein and concludes sur&eillance !ust $e $ot% do!estic and co!#re%ensi&e. (%is article asserts t%at t%e
>ational :ecurity ,gency asked teleco!!unications co!#anies "or digital sur&eillance data se&en !ont%s prior to t%e IU11 attack.
(%is article and t%is one descri$e t%e se&eral legislati&e atte!#ts to secure i!!unity "or teleco!!unications co!#anies t%at ga&e #ri&ate
digital co!!unications to t%e go&ern!ent illegally. $roposing telecomm immunity is itself the best proof of the illegality of the government&s
domestic surveillance program.
Ja!es 4isen0s !any >ew ork (i!es articles detail !assi&e1 illegal electronic do!estic s#ying $y t%e go&ern!ent. (%ey %a&e $een
collected into %is $ook -tate of War.
,long wit% <r. 4isen1 7:, (oday0s articles are generally credited wit% $lowing t%e co&ers o"" t%e do!estic sur&eillance story. *resident
Bus% called suc% disclosures .disgrace"ul/ and reco!!ends #rosecution o" w%istle$lowers t%roug% t%e @s#ionage ,ct o" 1I1O. He clai!s
#u$licly t%e rig%t to o#en anyone0s 7.:. !ail wit%out Fudicial o&ersig%t1 directly contra&ening .settled law/ on t%e Duestion dating all t%e way
$ack to t%e early 18000s. *er%a#s t%e !aFor e!ail clients don0t o""er $uilt-in uni&ersal1 standardi6ed encry#tion at go&ern!ent direction.
Here0s a c%ronology o" !aFor articles on t%e go&ern!ent0s digital sur&eillance.
Find out a$out *A* and :U<I<@ encry#tion o#tions "or )utlook e!ail %ere. Find out !ore a$out (%under$ird e!ail encry#tion %ere.
(%ose w%o reDuire t%e %ig%est le&el o" security in t%eir co!!unications !ig%t consider steganography1 %iding te2t wit%in i!ages. =ownload
t%e "ree steganogra#%y #rogra! I!ageHide.
(wo !ore ti#s "or ac%ie&ing t%e %ig%est le&el o" e!ail sa"ety ' 819 turn o"" )utlook0s e!ail .*re&iew/ "eature1 w%ic% auto!atically o#ens e&ery
e!ail "or you 829 turn o"" H(<+ rendering in e!ail1 w%ic% runs we$ #age code on your co!#uter.
,%' )s Your Web Sur!ing Private;
(%is c%ronology tracks t%e key e&ents o" t%e go&ern!ent0s we$ sur&eillance. (%is article tells %ow t%e Bus% ad!inistration seeks to "orestall
#u$lic o&ersig%t o" its we$ sur&eillance #rogra! t%roug% t%e state secrets doctrine. >ational Intelligence =irector <ike <cConnell ad!itted
to t%e e2istence o" t%e illegal I:*-$ased sur&eillance #rogra! in t%e sa!e #resentation to Congress in w%ic% %e clai!ed t%at ad!itting its
e2istence !eans t%at .so!e ,!ericans are going to die./
4ead a$out t%e Bus% ad!inistration0s #ro#osals to "orce I:*s to kee# two years o" records "or all t%eir custo!ers0 Internet acti&ities %ere and
-38-
%ere. (%e congressional skir!is% o&er t%ese re#eatedly-introduced #ro#osals %as $een going on "or se&eral years. In July 2008 t%e .FI:,-
II/ $ill #assed1 gi&ing telco!!s retroacti&e i!!unity. (%e real i!#ort o" t%is law is not t%at it s%ields teleco!!s "ro! #rosecution $ut rat%er
t%at it #re&ents disclosure o" illegalities and collusion $y t%e "ederal go&ern!ent and t%e teleco!!s.
,(W(Ua%oo c%anged its .#ri&acy/ #olicy in !id-2006 to say t%at it owns all custo!er we$ use records and can do wit% t%e! w%ate&er it
likes. Here0s a Duote "ro! t%e ,.N. $rivacy $olicy for ,.N. !ahoo' and +ideo -ervices dated June 2E1 2006 '
While your ,ccount *nformation may be personal to you8 these records constitute business records that are owned by ,.N.L
,.N. may disclose such records to protect its legitimate business interests8 safeguard others8 or respond to legal process.
<ore on %ow ,(W( asserts owners%i# o" custo!ers0 Internet data and w%at it !eans is %ere1 %ere1 %ere1 and %ere.
4ecogni6ing t%at a "ree society is inco!#ati$le wit% cor#orate tracking o" we$ acti&ities1 #ri&acy ad&ocates are reco!!ending a .=o >ot
(rack +ist1/ si!ilar to t%e national .=o >ot Call +ist/ now !aintained $y t%e go&ern!ent "or #%one calls.
,%4 Are Your Web Searches Private;
4ead %ere and %ere "or o&er&iews o" searc% engine #ri&acy issues. Find !ore ti#s on searc% engine #ri&acy %ere and %ere.
<The federal go;ernment has demanded sear!h re!ords from ma#or sear!h engines like $oogle AFG >ahoo and "-H.= -- (%ere
%a&e $een !any #ress articles on t%is to#ic and t%e twists and turns in e&ents. For starters1 see %ere1 %ere1 %ere1 %ere and %ere. (%e Bus%
ad!inistration states it needs t%e searc% records to deter!ine t%e a!ount o" c%ild #ornogra#%y on t%e Internet1 $ut as co!!entators #oint
out1 t%at a##ears to $e a red %erring -- t%ere are !any !ore e""ecti&e ways t%at could $e deter!ined. 5ost analysts conclude this activity
fits a pattern of citi2en surveillance and data mining conducted by the federal government.
<ore on t%e ,)+ de$acle %ere1 %ere1 %ere and %ere. (%e ,)+ scandal was a wake-u# call to t%ose w%o didn0t understand %ow co!#iling
!any s!all $its o" in"or!ation could ulti!ately identi"y and %ar! .anony!ous/ indi&iduals. .;%y ],nony!ous0 =ata :o!eti!es Isn0t/
e2#lores %ow little it takes to $reac% t%e su##osed anony!ity o" tracing data.
'% Windows Wisdom
(%e goal o" t%is #a#er is to %el# ;indows users ac%ie&e greater security and #ri&acy. It is intended to $e o$Fecti&e and neutral towards
&endors and #roducts. (%is guide %el#s users $etter control t%eir syste!s t%roug% increased understanding and downloading and installing
"ree so"tware tools.
*t accepts as a given that the reader uses Windows8 so it doesn6t discuss competing systems lie Linux or ,pple 9- ;. It tells users can
t%ey can re#lace #arts o" t%e <icroso"t stack $ut discusses t%ese decisions as tactical solutions1 rat%er t%an as an o&erall strategy. For
e2a!#le1 it !entions )#en)""ice as a #ossi$le re#lace!ent "or <icroso"t )""ice1 $ut strictly wit%in t%e conte2t o" addressing )""ice0s #ri&acy
issues.
(%is guide does not discuss why ;indows %as security and #ri&acy issues. (%ere are i!#ortant design and tec%nical reasons $ut t%ey "all
outside t%e sco#e o" t%is #a#er. =iscussing t%e! would only detract "ro! t%e goal o" %el#ing ;indows users ac%ie&e greater security and
#ri&acy.
-39-