Ein sicherer Windows PC in 14 schritten. (#bcbn15 Denglisch Präsentation.)

I was going to present this at BarCamp Bonn this weekend (auf Deutsch sogar!) but as I’m going to be flying to Mobile World Congress now I won’t be able to attend. I thought I’d publish it anyway, along with some BarCamp Bonn links to help the cause. This check-list applies to anyone using a Windows PC (but please don’t use Windows XP – it’s past its use-by date!) and some of the tips are relevant if you’re using other operating systems.  The list is focused on helping you improve security and privacy when connected to public WiFi (WLAN) hotspots where the dangers are generally the highest. Think about this list when you connect to the WLAN at #bcbn15.

I’ve also published a variation of this list on my main website, UMPCPortal.com where it has a slightly different audience. For you though, my Barcamp Bonn friends I have a few other thoughts as I know there will be people at that event that have few Windows administration skills and even less desire to be messing around with a PC. If you really don’t want to have to mess-around with Windows, think about a Chromebook.

Für die die kein bock auf Windows Administration haben werde ich einfach sagen, bitte ein Chromebook! Warum? Weil wenn man ein Chromebook nutzt reduziert sich diese liste von 14 punkte auf nur 5 punkte. Ein Chromebook, auf Chrome OS basiert, ist ein super, einfachen weg ein sicheres und privates Internet Erlebnis zu haben. Preiswert ist es auch!

I run a number of websites and one of them is Chromebookworld.com where there’s a list of Chromebooks. There’s also a Chromebook issues list that you should read because Chromebooks can’t do everything. Don’t be scared of Google, please. I know there’s a tendency for Germans to want to keep personal data inside the country but consider this – you are very bad at keeping data yourself and Google services can help keep data safe. Certainly the Chrome browser is my recommendation for the most secure web browser and a Chromebook adds a very tightly controlled operating system under that on a Chromebook. I encourage you to think about spending 220 Euro on an ASUS C200 which is portable and has a great 10-hour battery life.

If you really need to use Windows (and many of us do) you really need to find the time to check through this check-list which I’ve divided up into three sections. Maybe the organisers can project the first 6 points up before BarCamp Bonn starts!

Windows PC Privacy and Security Checklist.

All points apply to Windows PCs. Don’t use Windows XP. Chromebook-relevant points are highlighted.

Ein sicherer Windows PC in 6 schritten.

1. Installiere die neuesten Windows updates und schalte die Windows Update Benachrichtigungen an (automatische Updates wären unvorteilhaft wenn man einen Hotspot benutzt).
2. Stelle sicher dass die Windows Firewall eingeschaltet ist.
3. Aktualisiere deine Anti-Virus Software und führe einen vollständigen System Scan durch. Windows 8 hat einen eingebauten Virenschutz namens “Defender”, für den Fall dass du keinen anderen Virenscanner einsetzt.
4. Nutze den Chrome Browser.
5. Lasse deinen PC nicht unbeaufsichtigt. Es dauert nur 5 Minuten ein Windows passwort zu knacken.
6. Installiere die Chrome Erweiterungen “HTTPS Everywhere” und “Privacy Badger” in deinem Chrome Browser.

6 steps to a more secure Windows PC.

1. Install the latest Windows Updates and turn on Windows Update notifications. (You may not want automatic updates to download while on a hotspot.)
2. Check that Windows Firewall is on.
3. Update your anti-virus software and run a full scan. Windows has a built-in service called Defender if you don’t have a third-party anti-virus solution.
4. Use the Chrome browser.
5. Do not leave your PC unattended. It takes 5 minutes to crack a Windows password.
6. Install HTTPS Everywhere and Privacy Badger extensions on the Chrome browser. [Applies also to Chromebook users]

Try and do these things if you have the time and experience:

• Run CCleaner (also check and clean the Windows auto-start-up list using Ccleaner tools) and Spybot programs. There are free versions available from the developers.
• Create a non-admin Windows account. Log out and log back in to the non-administrator account for normal use.
• Use the Zenmate browser extension to tunnel and encrypt web traffic if you need to. It’s free. [Applies also to Chromebook users]
• Use Startpage.com as search engine if you don’t want Google to store a history of searches from your IP address or account. [Applies also to Chromebook users]
• Avoid using cellular data if you don’t want to be location tracked. (Turn off A-GPS / location services on phone too.) [Applies also to Chromebook users]

Advanced topics:

• If possible, use a PC with an encrypted disk. (Microsoft Bitlocker is available for free on some low-cost Windows devices and on all Windows ‘Pro’ installations. E.g. All Surface Pro devices.)
• Turn on SecureBoot in your BIOS if possible and (as a minimum) add a BIOS boot (or BIOS admin) password. Create a long 15+ character Windows password for all Windows accounts.
• Hardwire your DNS to your ISP. If you trust Google, they have a good DNS service at 8.8.8.8 and 8.8.4.4. (Don’t use the DNS given automatically by the hotspot.) [Applies also to Chromebook users]

Again, if you’re able to use a Chromebook you need to focus on just 5 of these points, most of which are medium-advanced topics.  More on Chromebook and Chrome OS ‘clean computing’ in this article.

I wish all the BarCamp Bonn attendees a fun, friendly, informative and safe day.