Can you recondition an old computer?

There are many ways to deal with old computers. One popular way is to get rid of it. This is because old computers have no value, are slow and take lots of physical space.

The other way to deal with them is to sell them for a super low price so that you can buy a new one without paying too much. However, second hand electronic stuff does not really have any value. For instance, you probably ended up selling a graphic card for $50 that you bought for $200-$300 originally.

So why not keep your old computer and make good use of it.

How to rebuild an old PC

1. Format your hard disk to ensure you have completely remove all the data in it – remember that even formatting your disk might not remove all your data.

2. Install an new Operating System. If you are looking at Windows, XP might be a good choice for an old PC, however 7 also handles low spec hardware pretty well, so is also worth considering. There are several reasons why I think Windows XP is no longer the best choice:

  • License rarity – Windows XP is 3 versions behind the current Windows operating system, meaning few firms still stock XP licenses
  • Support has ended – Microsoft have officially announced the termination of the support for Windows XP in 2014
  • Malware issues – Windows XP is prone to more security risks than more current operating systems, simply because it has been around longer; this means you are likely to need a better antivirus software to keep the PC safe

If you don’t want to go down the Windows route, I highly recommend is the Ubuntu, which is a free Linux OS. There are several free Linux operating systems out there but so far, I think Ubuntu is one of the popular Linux distribution and probably easiest to use.

What is the requirement to run Ubuntu? According to the official site, these are the requirements.

  • 700 MHz processor
  • 512MB of RAM
  • 5GB of hard disc space
  • VGA capable of 1024×768 screen resolution
  • Either a CD/DVD drive or a USB port – or both

I bet you have a better PC than Ubuntu requires ;-) Ubuntu

Uses for an old computer running Ubuntu

No matter how old the computer, it always has uses. Here are some of my suggestions:

  1. Use it for regular web browsing. With a lightweight operating system (which won’t suck up your RAM and CPU usage) your old computer can still perform pretty well for simple web browsing
  2. Use it for data backup. You can always transfer all your important stuff into an old computer, and use it as a backup machine, so you can keep your files safe and access them easily
  3. Home surveillance system. If you buy a webcam or two and install them into your house you could use your old computer to run your own home surveillance system!

So now, if you have an old computer lying around or burred in your storeroom why not dig it out and start making good use of it?

If you have any good idea on how to re-use your old computer, why not share with us below?

What are the risks of getting infected by malicious software?

Have you ever thought of what is going to happen when you are infected by a computer malware? About a decade ago, computer virus aims were to replicate themselves and destroying key operating system functions. If you got a computer malware infection at that time, most probably your operating system will be corrupted by the malware and you will need to format your hard disk to solve your problem.

Today, malicious software behaves a little different. We have more than 10 types of computer security threats such as virus, trojan, worms, spyware and many more. Each type of malware has their own speciality and here are top 3 risks of getting infected by a computer malware.

1. Having your login credentials stolen

It is very popular today that a keylogger/keystroke logging is used to log a victim’s login credentials. Once the keylogger has a set of your username and password, they can login into the account and do almost everything unless your account is protected by a two factor authentication.

2. Losing hard disk space

Hard disk space today can be very cheap but we should not waste it on storing malicious software. Malware such as worms will replicate in your operating system and take up your hard disk space. You will not feel the burden at the beginning but as the process gets longer, you will start to feel the pain of having insufficient disk space.

3. Spending money on unnecessary stuff

There is also a type of malware where they scare you off by telling you that your computer has hundreds of infections which you actually don’t have. Upon scaring you, they urge you to purchase a bogus antivirus which claims that can clean all the mentioned infections. All in all, you end up actually paying for nothing.

4. Being part of a minion for DDoS attack

Have you ever thought of how DDoS can bring thousands to millions of traffic to a server? It is actually all the computers which are infected with some sort of trojan that explains how the attacker can have such massive amount of traffic. By getting a malware infection, you are at risk of becoming part of this big project which you do not want to be.

5. Losing your privacy

Another form of malware which is known as spyware is built to spy your daily activities. By knowing your daily activities, the attacker will be able to understand you better before attacking you. For instance, if you regularly surf to adult sites, the attacker will probably start off with some fake adult material to lure you into their trap.

Looking at someones internet usageBack to you now, are you able to take all the risks mentioned? If you are not, be sure you have a good habit when it comes to internet and computer security and always remember that having an antivirus and firewall is not sufficient for a good security.

The top 5 mistakes I have made in blogging

About a year ago, I started blogging on a niche topic, hoping to earn some income from it just like many other bloggers out there today. However, nothing comes easy and I have been through a lot in that one year period. In this entry, I would like to share the pain when I started out, by telling you the five biggest mistakes I made.

1. Meaningless domain name

I started out by naming my blog and want to find a domain name as close as possible to the name of my blog. On top of that, I have the fear as well to have a long domain name because it is difficult to remember. As a result, I ended up creating a totally meaningless domain name which I still have the regret today. People find it hard to determine the niche of my site just by reading the domain name. The lesson learned here is to have a domain name which can represent your niche as close as possible.

2. No keyword research

Wrong!After I had gained some experience in blogging and internet marketing, I begin to realize the importance of keyword research. It does not only help you to define the objective of your blog, but also identify your competitors. Keyword research can be pretty boring and that is why I made a mistake to skip it first, research later. The lesson which I learned here is to research first, write later.

3. A niche topic without focus

My niche is IT security and I know that I am going to write about security. Why is that not good enough? Because it is too general. During my first month, I had been writing everything about IT security such as news, tips and tricks, reviews, network security, computer security, internet security and many more. Readers that come to my blog can’t see the purpose of the existence of my blog and I think I failed terribly there. The lesson which I learned here is to start a topic in a very focused way, even if the target audience size is small and grow slowly from there.

4. Spamming dofollow backlinks

Everyone here knows the importance of “dofollow” links. In order for anyone of us to rank well in Google and other search engines, you have to build a lot of “dofollow” links. I build plenty of them from “dofollow” forums and none of them give me any boost in SEO. The lesson I learnt here is to spend more time writing quality content, which other bloggers will want to link to.

5. Started out with Blogspot

Have any of you tried migrating your blog from Blogspot to self-hosted WordPress? It is not really difficult but can take a lot of time to amend your previous posts to fit into your WordPress theme properly. If you really want to blog seriously, invest into web hosting and a domain name because they are not really that expensive.

What about your blogging mistakes? Have you done anything which you still regret today?

Does Security Have to be Technical?

I had been a software engineer for at least 3 years specializing in digital security. A month ago, I attended a small workshop which talked about IT Security for corporate and the speaker said this somewhere in the middle of the workshop:

“Security is a process. It does not have to be really technical and the most important part is the process.”

I stunned for a while and suddenly my mind wondered away from the workshop deeply thinking, what is the speaker trying to deliver? I started this serious thinking simply because it is not said by some non-technical or sales person. Instead, the person speaking in front of me is a Certified Ethical Hacker.

A padlock key on a keyboardAt the end of the workshop, I begin to understand what he is trying to deliver. After 3 years of writing programs for the benefit of security, I turned out saying that security is a process. Why would I say that? Look around us. All the tech that you need to protect yourself from cyber crime is there. Anti-virus, firewall, anti keylogger, parental control, password manager and many more are all available in the software market. There is no reason for us to say in terms of technology, we are not good enough in security.

What makes so many of us a victim of computer or internet threat is the lack of proper process in computer and internet security. Security is not a short process where you only apply if you need it. For instance, you don’t only apply security when you had just downloaded a file from an unknown site which required a security scan.

Security is an end to end process. This means that the moment your computer boots up, security should be applied until the time your computer shuts down. People usually failed to stay secure simply because they don’t apply security from the very start. Agree?

So what’s your view? Do you still think that security has to be something technical?

Are Antivirus and Firewall Sufficient for Good Security?

Whenever people talk about computer and internet security, they talk about malware which consists of virus, trojan, worms, spyware and many more. When they come to talk about the solution for those threats, the solution is to get an antivirus and firewall to do the work.

The question now is, are they sufficient for a good computer and internet security? I would say ‘No’. It is very irresponsible to put the blame into that awesome software when you become a victim of malware infection. I believe that software like antivirus and firewall are there to help you in achieving good security, but not creating some sort of plasma shield to you.

The reasons why you have a poor security

As I said, you can’t blame the software for being too poor as the reason that you to get infected. Part of the reason why you are infected can be several below.

You are too careless when handling incoming links from email

Incoming links from emails especially from an unknown sender are usually malicious. They don’t lead to valuable site but either phishing site or malicious site. If you happen to land on a malicious site, your computer will most probably infected with virus, trojan, or worm the next minute.

If you don’t update and patch your operating system, the wounded area is the target for hackers

Sad to say, there is no such thing such as perfect software. Software is always 95% complete where 5% is the section for bugs and vulnerabilities to exist. It is the matter of time whether those vulnerabilities are found.

If the creator happened to find those vulnerabilities before the bad guys, they will still able to patch the wounded area. So if you don’t update and apply the patch, you will the one targeted by hackers to exploit your vulnerabilities.

You are the owner of your computer, not the administrator

Many of us think that being the owner of the computer means being the administrator as well. But do you know that Microsoft did not design it this way for us? There is an option to create a Standard User and there is User Account Control (UAC) so that we will use our computer in the way that we don’t have full privileges to do everything, same goes to the hacker.

A set of keysBy having a strict UAC, you will realize that every single time you run an application that might affect your System files, you will be asked for permission. The benefit here is, if a hacker tries to run an application to harm your system files, I bet you will know it as well when your UAC pops up.

My verdict to poor security

Having a bad security does not mean your antivirus is not efficient enough or your firewall is not solid enough. At times, it is the user who lacks of experience in handling computer threats. As a result, it is important to always stay alert whenever you are browsing the internet.

If you want to learn more about security, you can grab my copy of eBook for free on how to Build Your Own Security.

5 Most Popular Two-Factor Authentication Security Devices

As we had discussed before, one-factor authentication is not sufficient in order to have good security. Especially when we talk about sensitive transaction such as banking transactions, it is not secure anymore today if it were done only using username and static password.

Two-factor has to come into the IT security field to ensure that the correct person is authenticated. The items below are the five most popular methods used for any two-factor authentication.

1. Mobile OTP

Mobile One-Time Password

Mobile One-Time Password (OTP)

A very popular and cost saving method is to use a SMS gateway and send OTP (one-time password) to a mobile phone user. This method is used widely simply because everyone has a mobile phone today which means everyone can use two-factor authentication as long as the host of the application willing to invest and provide this service.

2. OTP Token

One-Time Password Token

One-Time Password (OTP) Token

OTP token works more or less the same as the Mobile OTP. The difference is that this is a separate device and the OTP can be generated immediately instead of waiting for the SMS gateway to send. As a result, it is more reliable than the Mobile OTP but additional cost needed to have this device.

3. PKI USB Token

Public Key Infrastructure Token

Public Key Infrastructure (PKI) Token

PKI USB Token offers the second best security in the market by beating off man in the middle attack such as phishing attack. However, PKI implementation needs an infrastructure where it is going to be costly. Due to the cost matter, PKI is not well known in certain countries as people will go for OTP to have the balance of security and investment cost.

4. EMV Cap OTP with Signature

Europay, MasterCard and VISA Cap One-Time Password with Signature

Europay, MasterCard and VISA (EMV) Cap One-Time Password (OTP) with Signature

EMV Cap OTP offers the best security around as it not only beats off the man in the middle attack, but also the man in the browser attack. This is simply because the user needs to sign the transaction using the EMV card reader instead of the web browser. As a result, the Trojan of the man in the browser will no longer work. The drawback is that, signing with transaction device can be a tedious thing to do. The user needs to enter correctly the recipient’s account number and the amount in order to perform the transaction successfully.

5. Out of Band Transaction Detail Verification

Out of Band

Out of Band

This method provides the best security similar to the above and solves as well the weakness of the EMV Cap OTP. What this method does is to send the user the details of the transaction such as the recipient’s account number, amount and the OTP code via non-internet channel such as voice call or SMS. The user will verify those details given and confirm the transaction by submitting the OTP code into the web browser. This gives great security but not anything more after that. Unlike PKI, that piece of digital certificate can do not only authentication signing, but also document signing, PDF signing or even data encryption.

Nothing is perfect in this world where everything has its good and bad. You have to clearly define what you want and I’m sure you can find the device that is suitable to you.