TechieTalk: Windows Security

By Roy Mathur, on 2012-03-05, for The Independent Daily, Mauritius (in which an edited version appeared)

Today we're looking at security on Windows because, let's face it, 99 % of the computers in Mauritius are running some form of the Windows operating system, though if you are using anything older than Windows XP, please upgrade now.

Also, before following any of my suggestions in this article, please take a few days to read through the manuals for the tools described below, thoroughly digest all the instructions first and then backup the data on your computer before reconfiguring any of your settings.


Make sure you have a have a good, long password for your system that includes letters, numbers and symbols. If that seems difficult to do, try using a pass-phrase instead. This could be something like a line from a nursery rhyme or a particularly memorable song.

Windows Updates

The first real step in securing your Windows PC is to install the latest updates. The method differs very slightly depending on which version of Windows you are using, but the main thing is to remember that you should, at the very least, choose to install the latest Service Pack and security updates.

Anti-Virus and Firewall: Microsoft Security Essentials (MSE)

If your computer is less than two years old and of a fairly high specification, this is the simplest solution for Windows XP, Vista and Windows 7. Download and install it from here.

If you have an older computer, make sure the Windows Firewall is active and install a third party anti-virus scanner. I use ClamWin and Clam Sentinel.

Windows Services Configuration: Black Viper

Now go to, read through the instructions carefully and decide which Windows services you can safely deactivate.

File Encryption: TrueCrypt and dsCrypt

File encryption programs will keep your files safe from prying eyes should you ever lose them or have your data stolen. Although there are built-in solutions with Windows, such as EFS or BitLocker and various other free software, I personally favour TrueCrypt, available from This software is very flexible and secure once you have invested some time reading the online manual. At the other end of the spectrum is the extremely simple to use and completely Open Source dsCrypt, downloadable from here.

One last warning. If you forget the password for an encrypted file using either TrueCrypt or dsCrypt, then the file will be totally unrecoverable, so be very careful.

File Deletion: Eraser

So you already know enough to do regular backups and encrypt your files too, but how about permanently deleting them? Well there are a number of solutions, but a really easy one is to use Eraser available from here: Eraser.

Anonymity: Safe Browsing, Safer Browsing and REALLY Safe browsing

Depending on your needs or level of paranoia there's something for everyone.

For all your day-to-day browsing, I recommend downloading and installing the latest version of Firefox from Then go to Tools\Options\Privacy\History and choose Use custom settings for history. In the drop-down box, check Always use private browsing mode. Now click OK.

For an even safer, though very much slower and more limited browsing experience you could try installing TOR from

Finally to leave even less of a trace, you could download the Tails Live CD from This is a privacy enhanced CD that you can use to boot your computer. Once you have finished working, you shut down and remove the CD leaving no data on the local machine.

Remember, all these suggestions can help keep you safe, but nothing can completely eliminate every single computer related security risk. Also, do not be your own worst enemy. For example, there is no sense in signing a blog post with your own name, while browsing anonymously. Apply some citizen tradecraft and think like James Bond (or at least Q; James Bond's tech support guy).

Let's be careful out there.