Mac Users: Please, please, please set up Time Machine!

I ran into the librarian at my son's school yesterday and saw that she had a new Mac. Her old one had died unceremoniously, but the administration had the budget to replace it quickly. One thing I noticed, though, is that she had not yet setup Time Machine on the new iMac.

Mac users, there is no reason NOT to set up Time Machine on your Macintosh. This feature, added with Mac OS 10.5 backs up your entire Mac -- data, applications, settings -- and then updates any changed files on an hourly basis. All it takes a an external hard drive (I usually recommend on about 250GB in size). Theses drives are on sale all the time for prices around $50. This is a great investment to give you substantial peace of mind about your Mac.

While Apple touts the ability to easily restore deleted or damaged files using Time Machine, my use of the software has almost always been to restore a Mac that has crashed or build a new Mac that looks exactly like and old Mac -- including email, settings, desktop pattern, printer, everything!

I had a client who happened to get a lemon iMac. The unit died after 2 weeks, but we had set up time Machine from the very beginning. It had taken several hours to move data from her Windows machine and set the Mac up the way she wanted it and all that would have been lost if we didn't have a Time Machine backup. Instead, we were able to plug her backup drive into the new Mac, select "Restore from Time Machine Backup" during the setup and about 15 minutes later she was working again -- with all her original settings.

I recently had to replace my Time Machine backup drive, as I was using an older, leftover drive I had lying around the office. I found this Seagate FreeAgent Go drive (250GB) on sale at a local retailer. I like it, as it is small, quiet and requires no external power cable. It is powered directly from USb port of the computer.

Mac Users -- if you haven't set up Time Machine on your mac -- DO IT TODAY! You have nothing to lose and everything to gain -- including peace of mind.

Real World Example: Windows Updates mean everything

In today's Real World Example, it seems that no matter what anti-virus and anti-spyware you have installed, if you forget to install all your Windows Updates, you can still get a pretty nasty infection.

Now, truth be told, I already knew this, and had told my client's such on many an occasion. Still, this was the first occasion where I think I can actually trace it as the cause for this particular problem. This machine was severely infected, and took a long time to clean out, even though everything looked up to date. Then I noticed that there were several, critical updates for Internet Explorer 7 that had not been installed. Once i got those installed, I was able to clean up the issues and get the machine working again.

I often describe this issue as having your door locked with 6 dead bolt locks, but leaving the window next to it wide open. Unpatched Windows flaws allow some exploits to "force feed" your computer spyware and viruses, even when you think you are protected.

So, let me climb up on the pulpit once more and deliver the 3 Commandments for Safe Computing in today's world...

1. Install all Windows Updates immediately
(or set your Windows Updates to Automatic)
2. Install and update your anti-virus program
(ClamWin (http://clamwin.org) is my current choice)
3. Install and update your anti-spyware program
(MS Defender (http://microsoft.com) is a good first line of defense)

Be well and keep your computer spyware free!

Read Previous Real World Examples

Tags: browser computer computers consult defender education exploit high-tech how-to howto learn microsoft problem protection realworldexample software techiq technlogy technology windows

Elsewhere Online: Default Router Passwords Could Compromise Home Networks

This Slashdot story points up a vulnerability that some people might have left exposed on their home routers from companies like Linksys, D-Link and NetGear.

Whenever I set up a router, I make sure to reset the default password for that router. This is the password that allows you to setup and change settings within the router, not the password you might use to connect to your wireless network. That said, some of you might still be using the default password.

An exploit has been discovered that allows a malicious web page to access your router setup information, if it still uses the default password, and change settings within the router. Not a good thing.

If you are wondering if your router still has its factory default password, drop me an email at techiq@welchwrite.com and I can give you some instructions that will allow you to test for it.

Drive-By Pharming Attack Could Hit Home Networks

Rob wrote in with a link to a CBR Online article discussing drive-by pharming, a new exploitation technique developed by Indiana University and Symantec Corporation. While it's not known if the technique is in use 'in the wild', the exploit could easily co-opt the web-browsing habits of a user that had not properly configured their router. "The attack works because most of the popular home routers ship with default passwords, default internal IP address ranges, and web-based configuration interfaces. The exploit is a single line of JavaScript loaded with a default router IP address, a default password, and an HTTP query designed to reconfigure the router to use the attacker's DNS servers." The article goes on to discuss several related and more advanced techniques related to this one, which security companies will have to keep in mind to guard against future attacks.

(Via Slashdot.)

Technorati Tags: technology, virus, exploit, software, computers, high-tech, protection, network, networking, router, password, passwords