Computer trivia

In all version of Windows, the start menu will contain a list of recently opened files under the recently opened files section. This can be a great convenience if you repeatedly open the same files and saves time from traversing to the actual file locations. However, on a public computer this can make you feel uncomfortable as others will be able to see the list of all files and applications opened by the previous user. Fortunately, there is a simple way in which Windows can be instructed, not to save the list of recently opened files.

- On the Taskbar, right click and select properties

-  In the ‘Taskbar and Startmenu properties’ window, click on Startmenu tab

-  You will find a small block named ‘Privacy’ which has two check boxes. Clear both the check boxes and click OK.

Windows will no more store the files and applications opened by users and thus you have enhanced privacy on public machines.

For any file that is created in windows or modified in windows, a lot of personal information is attached to the file. This information includes ‘Computer Name’, ‘Your Name’, ‘Your Company’, ‘Date of creation’, Data of Modification’ etc. All of this information can be used to identify the person.

 There is a way to instruct Windows not to attach any personal information with the files. The steps are listed here.

- Right click the corresponding file and select properties

- Select the ‘Details’ Tab

- Select the ”Remove Properties and Personal Information’ button

- Select the properties that you wish to remove from the file. You can select all properties to remove any kind of personal information.

- Click OK

Now the file will not carry any critical personal data.

Many a times you find the necessity to destroy certain data on your harddisk, usually when the computer is being sold or discarded. This is especially important as the harddisk might contain a lot of personal information including credit card numbers, adult content etc.

Most people believe that deleting the files and then cleaning up the recycle bin will completely remove the data which is not true. When certain data is completely deleted by us, Windows just marks the space occupied this data for re-writing and this data is actually lost only when the space is re-written. In other words, even if you cleaned up the recycle bin, the data is still recoverable.

Formatting the disk is not a solution either. Even in this case the data is not erased but is just marked for reuse and thus can be recovered. Amazingly, destroying the disk physically is also no good. There were cases where data was recovered from disks which were intentionally destroyed (or thought to be destroyed).

So, if you are really concerned about completely wiping the data on the harddisk, you must get it Degaussed which removes all the magnetism from the disk. However, this is a costly solution. There are certain software solutions which will write ‘0′ on the entire harddisk and thus make the data almost unrecoverable. Try one of these solutions.

Have you ever noticed that Vista asks user permission whenever any executable is opened. This was introduced to make Vista more secure by not giving super user permissions to any program in Vista. Any program will only have a privilege level that it requires, even if it is the windows command prompt.

Though this is something very useful and highly recommended, sometimes you may find it frustrating to click on ‘continue’ each time you open an executable. There is a way to disable User Account Control in Vista. Here are the steps.

- Open Control Panel in Vista

- In the search box at the top right corner, search for ‘disable UAC’

- In the search results, click on ‘Turn on User Account Control (UAC) to make your computer more secure’

- Now uncheck the box against ‘Use  User Account Control (UAC) to help protect your computer’

- Click OK

Thus you have disabled UAC. Though it is possible to disable UAC, I would strongly recommend not to disable this unless you are very much frustrated by the repeated alerts.

Many people have the habit of making the file extensions invisible. Unfortunately, Windows by default, does not display the extensions of files. This was done to prevent users from accidentally changing the file extensions which might make the file unusable.

However, not being able to see the file extensions is a major security threat. See what could happen.

A virus with the name “virus.hqx” can be renamed as “virus.txt.hqx” by the attacker.

So on your computer you can only see “virus.txt” as the last three letters will not be shown when displaying extensions is disabled.

So, an unsuspecting user, who sees the .txt extension might believe this to be a legitimate file and open it.

A good practice is to have the file extensions displayed always. To do this you can go to Tools->Folder Options->View->Show File extensions for known file types.

Bluetooth is a technology that enables devices to communicate wireless, over small distances. Most of the modern devices are bluetooth enabled. With the increasing popularity of bluetooth devices, attacks based on bluetooth technology also increased. However, bluetooth can be very secure if certain precautions are followed.

- It is very important to disable bluetooth when not in use. Any vendor provides this option with in their products and this is the most effective way to keep intruders away from your devices. Disabling bluetooth saves battery also.

-  Operate your device in ‘hidden’ mode and not in the ‘discoverable’ mode. ‘Discoverable’ mode is needed only when you pair with a device for the first time. In all further communications the devices can recognize each other even in ‘hidden’ mode.

- Go through all the security options offered by your vendor and make sure that any unnecessary features are disabled. Do this even when this might cause some inconvenience when trying to pair with legitimate devices.

- Be aware of the environment in which the device is being operated. If you are in a public place, you got to be more careful than what you are, when you are at home.

IP source routing is an option in IPv4 that allows you to specify the route, packets sent by you must follow on their way to destination. Usually the routers decide a best path on the receipt of the packet, but when IP source routing is used, the routers follow the path given by the sender.

However, this feature has been hugely abused for IP spoofing, as a result of which almost all the routers and Operating Systems disable this feature by default. In fact, source routing is completely removed from IPv6.

There will be cases when one wants to source route like the default route being very poor in quality. Also for some academic purposes one might want to enable source routing. So if you are using Windows Vista, here is how IP source routing is enabled (or disabled). By default it is disabled.

Open Windows registry and traverse to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

Create a new DWORD (32-bit value) here and name it "DisbaleIPSourceRouting" and set its value as one of the following.

“0″ to forward all the packets.

“1″ to stop forwarding source routed packets (default behavior)

“2″ to drop all the source routed packets.

Windows for since its inception has been giving administrative privileges to all the programs. This was done mainly for the convenience of the users and in fact helped Windows getting more user friendly. However, this feature of Windows has been exploited by many malware writers whose programs also were given administrative privileges. To avoid this Microsoft has reduced the privileges given to programs in Vista i.e. a program is given only the privileges required for it to run. Even if you are running as an Administrator, the programs will not be given administrative privileges. You should have observed Vista asking your permission before any program starts execution, which is a result of this setup.

Okay. This security provision is pretty fine. However, this sometimes causes problems to the users, especially to people who only used Windows and thus used to see everything working at administrative privileges. For example, when you start Command prompt for RUN box and try to stop some running service or change network settings, Windows will not allow you saying you do not have enough privileges.

This is because even the Command Prompt is not given administrative privileges. However, there is a solution which is quite simple. Just go to cmd.exe, right click it and say “Open as Administrator”. This will open the prompt with administrative privileges and you will be able to do whatever you were doing previously on windows without any problems. 

There are hundreds of softwarez that can lock a folder in windows with a user defined password. However there is also a way to lock a folder without using any additional software. This can be done by changing certain attributes from the command prompt window. Here are the steps.

- Open the command prompt window

- Type “attrib +s +h  D:\naughtyAmerica”

This would hide the folder naughtyAmerica in the D drive and this cannot even be seen in search results in Windows.

To unhide the folder type  “attrib -s -h  D:\naughtyAmerica”

Replace the path given above with the path of the folder you want to lock form others.

There is a disadvantage with this method. If someone knows that such a  folder exists  and also its name, he can get to see the contents of the folder by typing in the entire path in the address bar of windows explorer. If in the above example, someone knows that such a folder exists, he will not be able to see the folder in the D drive but he can get to see the contents of the folder by typing “D:\naughtyAmerica” in the address bar.

When you use a public computer, one may not like other seeing all the applications and files opened by him. However Windows allows this as it records all the recently opened files and programs under ‘recent documents’. Fortunately there is a way to instruct windows not to record the recent programs and files.

Do the following (for Windows Vista)

- On the taskbar, right click and select ‘properties’

- Select the ’start menu’ tab

- Clear ‘Store and display a list of recently opened files’

- Clear ‘Store and display a list of recently opened programs’

- Click OK

Now windows will stop recording your activity and you can see whatever files you want to see

Windows XP also has this option, but may be at a different place. Go to the ’start menu’ tab and then look for the appropriate option under advanced settings.