Tech Features

Everyday security

Jul 16, 2008, 13:18 GMT

Washington - When it comes to security and computers, most people think of the well-advertised threats of viruses, spyware, or adware.

But the fact is that most of us are more vulnerable to the prying eyes of our neighbours, bosses, friends, or the people in the coffee shop next to use who might be reading our e-mail than we are to malicious Trojan horses and worms.

Read on for some practical ways to beef up your everyday security.

Q: I heard that the e-mail messages I send wirelessly are fairly easy to intercept. How can I make them more secure?

A: You're right: anyone with the proper knowledge and desire can snoop on what you're doing or sending over an unsecured network, which is what you typically find in coffee shop cafes and other public venues where wireless Internet access is freely available.

To keep your e-mail secure in such environments, you'll need to encrypt your e-mail messages. Encryption used to be difficult enough to implement that it scared away most casual users of e-mail who thought about this topic from time to time.

But encryption tools have evolved - and integration with the most popular e-mail programs has improved to the point where anyone who wants or needs e-mail encryption can adopt it without too much hassle. Mozilla's free Thunderbird e-mail program, for instance, has encryption capabilities built in.

Before you venture down the path of using encryption to secure your e-mail, you'll have to get yourself a personal e-mail certificate, which is the cornerstone of any e-mail encryption scheme. A certificate is used by encryption systems to guarantee the authenticity of messages that you send. You can get a free e-mail certificate at Thawte.com (http://www.thawte.com/secure- email/personal-email-certificates/index. html).

After you sign up for a free certificate from Thawte, you'll receive a verification e-mail messages to which you must respond. In the process of verifying, you will choose the e-mail program with which you wish to use the certificate, and you'll be given some brief instructions on how to use the certificate with your e-mail program. The certificate is a file that you will download onto your PC and then import into your e-mail program. Your e-mail program itself should have further instructions for installing and using the certificate.

Bear in mind that both you and your recipient must have a certificate in order to exchange encrypted e-mail messages. Once the certificates and encryption are set up, however, it's a simple one- click affair to send off an encrypted e-mail message.

Q: How can I password-protect files on my PC?

A: Password-protection of files on a PC can sometimes be done at the application level. That means you would use the application that created the file to create the password protection.

In Microsoft Word, for example, you can require that a password be used to open a file. In the Tool menus, select Options, and then from the Security tab in the Options dialog box, you supply a password in the 'Password to open' box. Other mainstream applications allow such security, as well. Consult the Help file of the application to find out.

Of course, you might want to password-protect other kinds of files, too. One way is to use a file compression utility such as WinZip, and assign a password to the resulting zip file. Or you could enlist the help of a third-party utility that will encrypt files and folders for you. AxCrypt (http://www.axantum.com/AxCrypt) is free, available in 10 languages, and after installation allows you to right-click a file and encrypt it immediately.

Q: What are some easy ways to delete files on Windows so that they cannot be recovered?

A: The first thing you should do is avoid the recycle bin, since that's the first place that someone might look to find files that you've recently deleted. You can do so without deactivating the recycle bin holding down the Shift key whenever you delete a file from Windows Explorer, My Computer, or another folder or dialog box that displays files.

You can also deactivate the recycle bin altogether by right- clicking the recycle bin icon on your desktop, selecting Properties from the resulting pop-up menu, and selecting the check box labeled 'Do not move files to the Recycle Bin.'

Even if you bypass the recycle bin, though, your files are probably still recoverable by someone with the know-how and proper tools. So if you want to ensure that no one ever gets to a file you've deleted, turn to a file shredder such as 2BrightSparks' DeleteOnClick (http://www.2brightsparks.com/onclick/doc.html). DeleteOnClick is freeware that enables you, with one click, to delete a file irretrievably. The utility will also wipe free space on your hard drive so that no previously-deleted files can be recovered, even with sophisticated recovery tools.

---Have a computer question? Send it to the Computer Helper at jayd@csi.com.