Keeping Your Operating System Safe and Secure
-
Your OS is the heart of your computer and your mobile device, and it needs to be kept up to date. Knowing how to keep it updated is vital.
-
Most modern OSs will notify you and prompt you to update your system when a new update is released. Best practice is to enable Auto-Update in your settings
-
Key Point: With many exploits, your cannot rely on your antivirus software to find and clean your OS. A corrupted system is not usually detectable by the average user.
Apple updates the OS separate from apps. Update Apps in the App Store
-
From the Apple Menu->About This Mac and click Software Update
-
In System Preferences, click on the Software Update icon
Widows has traditionally released updates on the second Tuesday of the month, aka "Patch Tuesday"
How to: Start > Settings > Update & Security > Widows Update > Check for Updates
It's a very good idea to enable Automatic Updates because Windows exploits are more common and serious
Chances are if you are running Linux, you already know how to update the distro and the kernel
Quick and easy Ubuntu CLI update
$ sudo apt-get update -y && sudo apt-get full-upgrade -y
Browsers, Extensions & Validating Software
Choose and use a secure browser
-
Using a privacy-focused secure browser will keep websites from tracking your browsing history and more importantly, help you avoid downloading malware from the web and warn you if you are navigating to a website that is insecure. I strongly recommend NOT using a Microsoft browser (Explorer or Edge).
Firefox Browser is secure and privacy focused
I recommend adding extensions which enhance it's strength behind the scenes
In the Settings and Preferences add the following extensions
-
UBlock Origin
-
Privacy Bradger
-
HTTPS Everywhere
-
Ghostery
Brave Browser has a number of pre-built privacy features and it's built on the popular Chrome browser
Tor Browser is the most secure and private browser. It is free and open source software and has a strong community of users
It may not be your everyday browser, but it's worth learing about
Use a privacy-respecting Search engine such as
-
Duck Duck Go
-
Startpage
Consider learning about validating your browser footprint
Down the Rabbit Hole
Validating and verifying downloads with SHA256 and GPG
When you download software from a website (as opposed to the App Store or the Google Play Store) how do you know you are not downloading a malicious version of the software placed there by a hacker? The answer is you can validate the authenticity of the program by verifying it's SHA256 signature. Taking it one step further, you can also verify that the program was authored by the developer by authenticating that the GPG signature of the program matches that of the developer. See Credits and Links for more info