Tech Sense: More Windows Security Tour
In computer speak, a firewall is a barrier that controls the messages that are allowed to enter or exit your computer. It helps to understand a little about how the computer network operates to understand a firewall. Each computer has an address, the IP address that is used to uniquely identify that computer on the network. Each address has just over 65,000 ports numbered from 1 to 65,535. Ports are used to make incoming or outgoing connections between computers. If a computer is waiting for a message to come in on a port, it is said to be listening to that port. These ports typically correspond to specific message protocols: for example, if your computer is hosting a website (running web hosting software like Apache, for example), it will normally open port 80 for the HTTP protocol and port 443 for the secure HTTPS protocol.
A firewall can be thought of as sitting between the computer and a network. The firewall has rules that determine if a message sent to a port is allowed to pass through the firewall to the port on the computer. Firewalls can control both incoming messages and outgoing messages. Most small office and home routers have a firewall built into them that is configured by default with settings to allow all messages to go out and none to come in unless they are in response to an outgoing message.
Windows (and Linux) also provides a firewall as part of the operating system. Windows firewall typically knows about the software you have installed and will open holes in the firewall so the installed software works as expected and designed. Windows may also open holes in the firewall to allow computers on your local network to access files on your computer without allowing computers on the Internet to access these files. Windows provides two default configurations, public and private. When you connect to a network for the first time, Windows asks if this is a public network. If you answer that it is, Windows will block file and printer sharing. If you indicate that this is a private network, Windows will allow other machines on the network to access resources shared on your computer.
Windows remembers these settings, so if you are on your home network with a laptop, for example, Windows will allow resource sharing, but if you are on a public network at a library, hotel, or restaurant, it will block access to your computer from other computers on these untrusted networks.
The Windows Firewall is known as Windows Defender Firewall and can be managed if desired through the Windows Defender settings. Many antivirus programs also provide firewall services and may disable Windows Defender Firewall when they are active. The primary reason to access the firewall settings is to block access to certain sites on the Internet.
With the advent of Windows 10, Microsoft has started to collect a lot of information about those using Windows. Last month we talked about the Windows login process and logging in using a remote Microsoft account versus a local account. Logging in with a Microsoft account lets Microsoft associate any data it collects with the person using the computer. Microsoft does provide tools to provide some control over the data it collects. These tools can be accessed through Settings->Privacy. A menu of types of things you might want private like your location or access to the camera or microphone is listed on the left. When one of these categories is selected, a list of the elements you can control and a list of the apps that need permission are provided on the right. By default, Microsoft turns everything on giving the user the least amount of privacy. I typically visit each of these and turn everything off.
Be aware that each time you install an update Windows may change these settings back to on, so it is a best practice to check them after each update.
Backup and Recovery
In May 2017, the entire column was dedicated to backup and recovery software, so we won't go into too much detail here. Windows 10 provides a backup utility that can be found under Settings->Update & Security->Backup. Backup can be used to copy your files to a different drive, typically an external hard drive used for backup, which can be found in many stores for under $100. Once the drive has been backed up, the restore option can be used to restore the files back to the working hard drive. Having a good, recent backup is the best way to protect against ransomware, where malware encrypts your drive and asks for money to restore the data.
Microsoft has been touting the improved security of its new Edge browser over Internet Explorer (IE). It lists a number of internal improvements that the typical user will not notice. One important thing it has done is broken IE compatibility, so Edge targets actual compliance for the standards. This eliminates a number of IE-specific issues. It also gets rid of support for ActiveX controls and a number of Microsoft extensions that compromised browser security. The most visible change is that IE should now warn that you are being sent to a suspected "bad" page before the browser sends you to the page. This is similar to the same behavior that has existed in Firefox and Chrome for a long time. While Microsoft has improved its browser security, my experience is that it has a way to go before I leave Firefox or Chrome. That's it until we take on a new topic next month.