Ten Immutable Laws Of Security

del.icio.us Tags: technology,computers,laptops,mobile,security

The 10 Immutable Laws

Law #1: If a bad guy can persuade you to run his program on your computer, it's not solely your computer anymore.
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore.
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.
Law #4: If you allow a bad guy to run active content in your website, it's not your website any more.
Law #5: Weak passwords trump strong security.
Law #6: A computer is only as secure as the administrator is trustworthy.
Law #7: Encrypted data is only as secure as its decryption key.
Law #8: An out-of-date antimalware scanner is only marginally better than no scanner at all.
Law #9: Absolute anonymity isn't practically achievable, online or offline.
Law #10: Technology is not a panacea.

Law #1:If a bad guy can persuade you to run his program on your computer, it's not solely your computer anymore

It's an unfortunate fact of computer science: when a computer program runs, it will do what it's programmed to do, even if it's programmed to be harmful. When you choose to run a program, you are making a decision to turn over a certain level of control of your computer to it -- often  anything up to the limits of what you yourself can do on the computer (and sometimes beyond). It could monitor your keystrokes and send them to criminals eager for the information. It could open every document on the computer, and change the word "will" to "won't" in all of them. It could send rude emails to all your friends. It could install a virus. It could create a "back door" that lets someone remotely control your computer. It could relay a bad guy’s attack on someone else’s computers. Or it could just reformat your hard drive.

That's why it's important never to run a program from an untrusted source, and to limit the ability of others to make that decision for you on your computer. There's a nice analogy between running a program and eating a sandwich. If a stranger walked up to you and handed you a sandwich, would you eat it? Probably not. How about if your best friend gave you a sandwich? Maybe you would, maybe you wouldn't—it depends on whether she made it or found it lying in the street. Apply the same critical thought to a program that you would to a sandwich, and you'll usually be safe.

Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore

In the end, an operating system is just a series of ones and zeroes that, when interpreted by the processor, cause the computer to do certain things. Change the ones and zeroes, and it will do something different. Where are the ones and zeroes stored? On the computer, right along with everything else! They're just files, and if other people who use the computer are permitted to change those files, it's "game over.”

To understand why, consider that operating system files are among the most trusted ones on the computer, and they generally run with system-level privileges. That is, they can do absolutely anything. Among other things, they're trusted to manage user accounts, handle password changes, and enforce the rules governing who can do what on the computer. If a bad guy can change them, the now-untrustworthy files will do his bidding, and there's no limit to what he can do. He can steal passwords, make himself an administrator on the computer, or add entirely new functions to the operating system. To prevent this type of attack, make sure that the system files (and the registry, for that matter) are well protected. In modern operating systems, default settings largely prevent anyone but administrators from making such bedrock changes. Preventing rogue programs from gaining administrative-level access is the best way of protecting the operating system. That’s best accomplished by not operating your computer from an account with administrative privileges except when specific tasks make it absolutely necessary – and logging out of that high-privilege mode as quickly as possible once your task is complete.   Home users should consider creating an “everyday” account set to operate with standard-level user permissions. On those relatively rare occasions when you really do need to make big changes, you can log into the administrative account, do whatever needs to be done, and switch back to the safer account when you’re finished.

Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore

Oh, the things a bad guy can do if he can lay his hands on your computer! Here's a sampling, going from Stone Age to Space Age:

• He could mount the ultimate low-tech denial of service attack, and smash your computer with a sledgehammer.
• He could unplug the computer, haul it out of your building, and hold it for ransom.
• He could boot the computer from removable media, and reformat your hard drive. But wait, you say, I've configured the BIOS on my computer to prompt for a password when I turn the power on. No problem – if he can open the case and get his hands on the system hardware, he could just replace the BIOS chip. (Actually, there are even easier ways).
• He could remove the hard drive from your computer, install it into his computer, and read any unencrypted data.
• He could duplicate your hard drive and take it back to his lair. Once there, he'd have all the time in the world to conduct brute-force attacks, such as trying every possible logon or decryption password. Programs are available to automate this and, given enough time, it's almost certain that he would succeed. Once that happens, Laws #1 and #2 above apply.
• He could add a recording device or transmitter to your keyboard, then monitor everything you type including your passwords.

Always make sure that a computer is physically protected in a way that's consistent with its value—and remember that the value of a computer includes not just the value of the hardware itself, but the value of the data on it, and the value of the access to your network that a bad guy could gain. At a minimum, business-critical computers such as domain controllers, database servers, and print/file servers should always be in a locked room that only people charged with administration and maintenance can access. But you may want to consider protecting other computers as well, and potentially using additional measures to guard their physical integrity.

If you travel with a laptop or other portable computer, it's absolutely critical that you protect it. The same features that make them great to travel with – small size, light weight, and so forth – also make them easy to steal. There are a variety of locks and alarms available for laptops, some models let you remove the hard drive and carry it with you, and almost all can be used with extremely small, extremely portable storage – e.g. USB thumb drives – for storing your data while you travel. You also can use features such as drive encryption available in most modern operating systems to mitigate the damage if someone succeeded in stealing the computer, or to retain some confidence in its protection if it’s taken from you in an unexpected bag check or unfriendly border crossing. If the computer walks off or is lost, you’ll still need to address the loss of the hardware, but it’ll be harder for your data to be disclosed without your knowledge. But the only way you can know with 100% certainty that your data is safe and the hardware hasn't been tampered with, is to keep them on your person at all times while traveling.

Law #4: If you allow a bad guy to run active content on your website or online application, it's not your website any more

In Law #1, a bad guy tricks you into downloading a harmful program and running it, giving him control over your computer and its data – at least as much control as you had. But what about the reverse: if he can upload active content – programs, scripts, or even documents and pictures designed to crash peoples’ computers in specific ways – and have them served from your website or online application?  Your site becomes his platform for reaching out to capture data from site visitors or harm their computers, or reaching inward towards other systems that support your site. 

If you run a website or hosted applications, you need to limit what visitors can do. Some sites provide an open forum for people to upload and distribute software, code or configurations – and that’s fine as long as visitors understand Law #1 and the risks that come along with their downloads. But if the bad guy’s uploaded programs actually run on your server or in the browser of visitors, he effectively own your site and can impersonate you.  Worse, the bad guy could gain your rights to the underlying systems, and might find a way to extend his control to the servers, data storage or network itself.  If your site is on shared infrastructure or a cloud-based service, this can put other sites and data at risk, and potentially create interesting liabilities for yourself and other people.

A properly administered site host or cloud service will have taken many of these risks into account and will disallow scripts or programs uploaded to the service from affecting other accounts that happen to share the same resources. Just the same, you should only allow a program to run on your site or as part of your application if you wrote it yourself or if you trust the developer who wrote it, and make sure your operations and maintenance processes don’t run afoul of the host administrator’s security policies.

Law #5: Weak passwords trump strong security

The purpose of having a logon process is to establish who you are. Once the operating system knows who you are, it can grant or deny requests for system resources appropriately. If a bad guy learns your password, he can log on as you. In fact, as far as the operating system is concerned, he is you. Whatever you can do on the system, he can do as well, because he is you. Maybe he wants to read sensitive information you've stored on your computer, like your e-mail. Maybe you have more privileges on the network than he does, and being you will let him do things he normally couldn't. Or maybe he just wants to do something malicious and blame it on you. In any case, it's worth protecting your credentials.

Always use a password on your computer—it's amazing how many accounts have blank passwords. And develop a complex one. Don't use your dog's name, your anniversary date, the name of the local football team, or QWERTY / 12345 / other basic keyboard patterns – and avoid using single “dictionary words” (that is, words that can be looked up in the dictionary). And don't use the word "password!" Build a password that has a mix of upper- and lower-case letters, numbers, punctuation marks, and so forth. Make it as long as possible; consider using two words in combination. (If you speak multiple languages, you might choose to mix tongues in your password for extra complexity.) And change it often.

Once you've picked a strong password, handle it appropriately. Don't write it down. If you absolutely must write it down, at the very least keep it in a safe, a locked drawer, or perhaps deep in your wallet—the first thing a bad guy who's hunting for passwords will do is check for a yellow sticky note on the side of your screen, or in the top desk drawer. Don't tell anyone what your password is, and don’t ask for theirs. Managers, kids, and even IT helpdesk staff should rarely if ever ask for your password. Modern operating systems and programs allow you to give other people permission to see and use your files, without giving out your password so they can impersonate you.  Remember what Ben Franklin said: two people can keep a secret, but only if one of them is dead.

If you have accounts for multiple computers and online services, you’ll need to balance requirements for unique and strong passwords, yet limit how many passwords you have to remember. For accounts that give access to your most critical information – financial accounts, regulated personal data, sensitive work access, and primary email accounts to name a few – use a unique password for each one, and follow their access management policies.  If you’re awash in multiple accounts that gather little personal information and have low value if lost, such as news sites that require free registration, consider developing one reasonably strong password and reusing it for most or all of them.

Finally, consider using something stronger than – and in addition to – passwords to identify yourself to the system. Windows, for instance, supports the use of smart cards, which significantly strengthens the account checking the system can perform. You may also want to consider biometric products such as fingerprint and retina scanners. “Two-factor authentication” of this sort incorporates not only something you know (your password) but something you own (a card) or even something you are (a person with your unique fingerprint or retina) – dramatically increasing authentication strength.

Law #6: A computer is only as secure as the administrator is trustworthy

Every computer must have an administrator: someone who can install software, configure the operating system, add and manage user accounts, establish security policies, and handle all the other management tasks associated with keeping a computer up and running. By definition, these tasks require that the individual have control over the computer. This puts the administrator in a position of unequalled power. An untrustworthy administrator can negate every other security measure you've taken. He can change the permissions on the computer, modify the system security policies, install malicious software, add bogus users, or do any of a million other things. He can subvert virtually any protective measure in the operating system, because he controls it. Worst of all, he can cover his tracks. If you have an untrustworthy administrator, you have absolutely no security.

When hiring a system administrator, recognize the position of trust that administrators occupy, and only hire people who warrant that trust. Call his references, and ask them about his previous work record, especially with regard to any security incidents at previous employers. If appropriate for your organization, you may also consider taking a step that banks and other security-conscious companies do, and require that your administrators pass a complete background check at hiring time, and at periodic intervals afterward. Whatever criteria you select, apply them across the board. Don't give anyone administrative privileges on your network unless they've been vetted – and this includes temporary employees and contractors.

Next, take steps to help keep honest people honest. Use sign-in/sign-out sheets or log access badge swipes to track who's been in the server room. (You do have a server room with a locked door, right? If not, re-read Law #3). Implement a "two person" rule when installing or upgrading software. Diversify management tasks as much as possible, as a way of minimizing how much power any one administrator has. Also, don't use the Administrator account—instead, give each administrator a separate account with administrative privileges, so you can tell who's doing what. Many industries require audit logs documenting all activities on covered business systems; audit trails can’t stop rogue admins from running amok, but they can record who did what if a problem is discovered later, and enforce a sense of individual accountability.  Finally, consider taking steps to make it more difficult for a rogue administrator to cover his tracks. For instance, store audit data on write-only media, or house System A's audit data on System B, and make sure that the two systems have different administrators. The more accountable your administrators are, the less likely you are to have problems.

Law #7: Encrypted data is only as secure as its decryption key

Suppose you installed the biggest, strongest, most secure lock in the world on your front door, but you put the key under the front door mat. It wouldn't really matter how strong the lock is, would it? The critical factor would be the weak way the key was protected, because if a burglar could find it, he'd have everything he needed to open the lock. Encrypted data works the same way—no matter how strong the crypto algorithm is, the data is only as safe as the key that can decrypt it.

Many operating systems and cryptographic software products give you an option to store cryptographic keys on the computer. The advantage is convenience – you don't have to handle the key – but it comes at the cost of security.  Simply put, no matter how well the keys are hidden on the system, the software has to be able to find them – and if it can, so can a sufficiently motivated bad guy.

A better solution is to store them in a protected repository.  For instance, the Trusted Platform Module (TPM) chip that’s present on most computers is designed to strongly protect cryptographic keys, and release them only when a PIN is entered.  Smart cards provide similar protection, and their portability means that you can also physically separate them from the computer.  But the best “protected repository” is your brain – if the key is a word or phrase, memorize it.   

Law #8: An out-of-date malware scanner is only marginally better than no malware scanner at all

Antimalware scanners work by comparing the data on your computer against a collection of malware "signatures." Each signature is characteristic of a particular malware family, and when the scanner finds data in a file, email or elsewhere that matches the signature, it concludes that it's found trouble. It's vital that you keep your malware scanner's signature file up-to-date, as new malware is created every day.

The problem actually goes a bit deeper than this, though. Typically, malware will do the greatest amount of damage during the early stages of its life, precisely because antimalware programs will not be able to detect it, let alone remove it. Once word gets around that new malware is on the loose and people update their signatures, the propagation of the problem falls off as protections spread through the ecosystem. The key is to get ahead of the curve, and have updated signature files on your computer before the malware reaches your machine.

Virtually every maker of antimalware software provides a way to get free updated signature files from their website or from a dedicated update service. In fact, many have "push" services, in which they'll send notification every time a new signature file is released – several times a day, if necessary. Use these services. Also, keep the malware scanner itself—that is, the scanning software that uses the signature files—updated as well. Malware writers regularly develop new techniques and variations that require that scanners change how they do their work.

Law #9: Absolute anonymity isn't practically achievable, online or offline

All human interaction involves exchanging data of some kind. If someone weaves enough of that data together, they can identify you. Think about all the information that a person can glean in just a short conversation with you: In one glance, they can gauge your height, weight, and approximate age. Your accent will probably tell them what country you're from, and may even tell them what region of the country. If you talk about anything other than the weather, you'll probably tell them something about your family, your interests, where you live, and what you do for a living. It doesn't take long for someone to collect enough information to figure out who you are. If you use any payment system other than cash or any transportation other than your own two feet, you leave a trail of data breadcrumbs that can be used to reconstruct a personally identifiable “portrait” of you with remarkable accuracy. If you crave absolute anonymity, your best bet is to live in a cave and shun all human contact.

The same thing is true of the Internet. If you visit a website, the owner can, if he's sufficiently motivated, find out who you are. After all, the ones and zeroes that make up the Web session have to be able to find their way to the right place, and that place is your computer. There are a lot of measures you can take to disguise the bits, and the more of them you use, the more thoroughly the bits will be disguised. For instance, you could use network address translation to mask your actual IP address, subscribe to an anonymizing service that launders bits by relaying them from one end of the ether to the other, use a different ISP account for different purposes, surf certain sites only from public kiosks, and so on. All of these make it more difficult to determine who you are, but none of them make it impossible. Do you know for certain who operates the anonymizing service? Maybe it's the same person who owns the website you just visited! Or what about that innocuous website you visited yesterday, that offered to mail you a free $10 off coupon? Maybe the owner is willing to share information with other website owners. If so, the second website owner may be able to correlate the information from the two sites and determine who you are. And anonymity is even less achievable when you factor in location data, which is gathered perpetually by mobile phones and often enough by Web sites, mapping your machine’s IP address to a real-world location with pretty decent accuracy.

Does this mean that privacy is a lost cause? Not at all. Governments along with public and private entities continue to wrestle with how best to balance the need for personal data privacy with other concerns. What it means is that the best way for you to protect your privacy on the Internet is the same as the way you protect your privacy in normal life—through your behavior. Read the privacy statements on the websites you visit, and only do business with those whose data-sharing practices you understand and agree with. If sites you visit allow you to determine how and with whom information about you will be shared, learn how to adjust those settings and check yours regularly. If you're worried about cookies, disable them. Most importantly, remember that information shared by or about you online is only as safe as the least protective, least enforced privacy policies and settings with which it comes into contact. But if it's complete and total anonymity you want, better start looking for that cave.

Law #10: Technology is not a panacea

Technology can do some amazing things. Recent years have seen the development of ever-cheaper and more powerful hardware, software that harnesses that hardware to open new vistas for computer users, and services that change our expectations for both, as well as advancements in cryptography and other sciences. It's tempting to believe that technology can deliver a risk-free world if we just work hard enough. However, this is simply not realistic.

Perfect security requires a level of perfection that simply doesn't exist, and in fact isn't likely to ever exist. This is true for software as well as virtually all fields of human interest. Software development is an imperfect science, and all software has bugs. Some of them can be exploited to cause security breaches. That's just a fact of life. But even if software could be made perfect, it wouldn't solve the problem entirely. Most attacks involve, to one degree or another, some manipulation of human nature, a process usually referred to as social engineering. Raise the cost and difficulty of attacking security technology, and bad guys respond by shifting their focus away from the technology and toward the human being at the console. It's vital that you understand your role in maintaining solid security, or you could become the chink in your own systems' armor.

The solution is to recognize two essential points. First, security consists of both technology and policy—that is, it's the combination of the technology and how it's used that ultimately determines how secure your systems are. Second, security is a journey, not a destination—it isn't a problem that can be "solved" once and for all, but a constant series of moves and countermoves between the good guys and the bad guys. The key is to ensure that you have good security awareness and exercise sound judgment. There are resources available to help you do this. The Technet website, for instance, has hundreds of white papers, best practices guides, checklists and tools, and we're developing more all the time. Combine great technology with sound judgment, and you'll have more effective security.

Micron 960 GB 2.5" Internal Solid State Drive

del.icio.us Tags: SSD Drives,technology,computers,laptops

$555.99 - $987.95 (4 stores)

Specifications

• General Information
• Technical Information
• Drive Performance

• Interfaces/Ports
• Physical Characteristics
• Warranty

Transform your system's performance. New interfaces and multitasking demands require more from your system than perhaps ever before. From connecting instantly with friends and accessing apps, websites, and playlists online, to simultaneously streaming videos and downloading files, your computer is faced with an entirely new set of performance expectations that a hard drive struggles to meet. That's where the Crucial M500 SSD comes in. With data transfer speeds that are radically faster than a hard drive, the Crucial M500 SSD isn't just a storage upgrade - it's a complete system transformation. From its nearly instantaneous boot times, powerful data transfer speeds, increased multitasking capability, and rock solid reliability, the Crucial M500 delivers dramatic performance gains - all at an affordable price.

Turn your flash drive into a portable PC survival kit

del.icio.us Tags: usb,flash drives

If you're using your flash drive as a vehicle for simple file transfers, you’re missing out on one of the single-best roles one of these wee data buckets can fulfill. Indeed, hardcore enthusiasts know that simple flash drives are perfect portable repositories for all the software that can breathe life into an otherwise ailing PC.

All the web apps in the world won’t help you when your PC breaks down or falls prey to a particularly nasty piece of malware and refuses connect to the Internet. A properly loaded USB drive, on the other hand, can be a machine saver. And when your grandma calls with a dire PC emergency, you'll be glad to have an always-ready "ninja drive" to slip into your pocket as you run out the door.

In this article we’ll show you how to load out a USB drive with everything you need in case of a PC emergency. So next time your computer breaks down, don’t panic. Instead, take a deep breath, plug in your ninja drive, and start making things right.

PortableApps

The Portable apps UI.

The first thing you’ll want to install on your drive is PortableApps—a free, open source platform for installing desktop applications on removable media, like a USB drive. PortableApps manages the installation of new portable software on your USB drive, and also acts as a frontend when you’re actually using the USB drive, letting you easily browse and launch applications.

PortableApps maintains a list of hundreds “portable” versions of popular free programs, designed to work without installation. You can find the full list here.

Each of the following apps with the word “Portable” in their title is available for the PortableApps platform. You can download them at the links provided, or just start PortableApps and click on Apps > Get More Apps. You’ll see a large list of applications appear. Just check the ones you want and click Next to download and install them all automatically.

Chrome Portable

Even though it’s not a maintenance application, strictly speaking, a mobile browser is a great inclusion on your emergency thumb drive. Why? A lot of malware targets your web browser, so it’s one of the most likely components of your system to be out of commission, or otherwise compromised. Chrome's sandboxing security feature and Safe Browsing functionality—which guards against malicious websites and downloads—make it one of the better options for mucking around on a potentially infected system.

Spybot Search and Destroy Portable

Spybot ain't fancy, but it works well.

If your computer is running slow because of malware, Spybot S&D should be the first (and often last) weapon in your arsenal. It’s one of the oldest and best spyware removal suites around, and should be able to weed out most malware on even the slowest of machines.

ClamWin Portable

ClamWin is a Windows graphical interface for the Clam open source antivirus engine. It doesn’t provide real-time scanning like you’d get in an installed antivirus application, but the portable versions provides powerful on-demand virus scanning for any suspicious files.

Malwarebytes

Many unofficial tech support geeks consider Malwarebytes to be a go-to malware scanning solution, but it doesn't offer a portable version. You can, however, save the Malwarebytes installation file to your emergency drive and unpack the app directly onto the maligned PC after you've taken a first pass at badware using ClamWin and Spybot portable. A second opinion never hurts when you're dealing with viruses.

Kaspersky TDSSKiller

When you need to root out stubborn malware, a rootkit detector does the trick.

If you’ve tried running malware removal programs like Spybot Search and Destroy but your computer is still exhibiting malware symptoms like bogus error messages and browser hijacking, you might be dealing with a rootkit. Rootkits are designed to conceal malware running on your system, and can be very hard to detect themselves. If you suspect your computer might be infected with one, try running TDSSKiller, a rootkit scanner from Kaspersky. Just leave the .exe file on your thumb drive, and run it on the infected computer—it will find and remove most rootkit malware.

FileAssassin

Even if you’re not trying to uninstall whole programs, deleting files can prove to be a challenge—especially when you're dealing with an infected system. Windows might tell you that access is denied to a file, or that another program or user is currently using it, or otherwise tell you that the file you want gone isn’t going anywhere at all.

FileAssassin lets you get around those roadblocks, and delete any file you want. Make sure you really want it gone, though, because it’s going to be.

When you snag the program, make sure to grab the portable version, at the bottom of the download list.

Eraser Portable

Sometimes the problem isn’t that you can’t delete a file, it’s that you want to make sure that it’s really, really gone. If you need to securely delete sensitive documents or files, use Eraser—an application for securely erasing and overwriting files and directories stored on standard mechanical hard drives. You can also user Eraser to overwrite all the empty space on a disk, making sure anything you’ve deleted in the past is truly gone.

Revo Uninstaller Portable

Revo Uninstaller makes uninstalling lots of programs a breeze.

One of the simplest ways to get a gridlocked computer running faster is to remove programs that you don’t need. This has two benefits: you clear up hard disk space, which can speed up your computer, and you reduce the number of apps running at startup, which can make your boot time shorter. You can uninstall programs by hand, but that’s slow going and the programs aren’t always completely removed. Instead, keep a portable copy of Revo Uninstaller handy to quickly and completely uninstall as many programs as you want.

Autoruns Portable

One of the main reasons that older systems gradually slow down is the accumulation of programs and services set to automatically run at startup. Autoruns is a powerful app from Sysinternals that shows you every single process that will start with your computer, along with other common sources of trouble, including browser toolbars and shell extensions. Telling a process to not run at startup is as simple as unchecking a box.

KeePass Portable

If you use KeePass to store your passwords (and if you don’t, you should think about it), it’s not a bad idea to keep your KeePass install and password database on a thumb drive. That way, you’ll always be able to access your online accounts, no matter what computer you’re on. Even better, you don’t have to worry about identity theft if you lose the USB drive, because the Keepass database is encrypted and requires a master password. Be careful about logging in to potentially infected computers with KeePass, though.

The other USB drive: SystemRescueCD

SystemRescueCD: Perfect for that oh-so-bonked PC.

If you want to be really, truly prepared for a PC disaster, you can go one step further than just creating an emergency app thumb drive. By loading up a second drive with a Live install of the SystemRescueCD operating system, you’ll be prepared even if your computer’s OS is so FUBARed that you can’t even log in.

SystemRescueCD is a free live operating system, meaning you don’t have to install it on a hard drive. Just insert the SystemRescueCD USB drive into the computer, restart, and boot from the thumb drive. The Linux-based operating comes equipped with software that you can use to access the data on your hard drives and back it up across the network, along with various other handy-dandy utilities—basically, everything you need to fix (or at least recover) as much of your broken OS as possible. The makers of the distribution were even kind enough to provide step-by-step instructions on how to get a SystemRescueCD live drive up and running.

How to activate Windows Defender in Windows 8

 

del.icio.us Tags: Windows 8,Windows Defender

Brad Chacos@BradChacos

Like every new Windows release, Windows 8 is more secure than the operating systems that came before it. That's due in large part to three major enhancements: An increased emphasis on UEFI Secure Boot optimizations, the extension of the SmartScreen Filter across the operating system, and the default inclusion of a more robust version of Windows Defender, which now protects against all kinds of malware—not just spyware.

Windows Defender's increased scope doesn't sit well with computer manufacturers, however. OEMs make beaucoup bucks by installing those trial versions of McAfee, Norton and other security suites you'll find bundled on boxed PCs. Windows Defender's default installation threatens that gravy train.

Microsoft tossed its partners a bone by allowing OEMs to deactivate Windows Defender in order to ship boxed PCs with alternative security solutions installed. That's all well and good from a "variety is the spice of life" perspective, but one side-effect that isn't so hot is what happens when you fail to register that third-party security software: Windows 8 doesn't automatically reactivate Windows Defender by default. In other words, your pretty new prepackaged PC is wide open and vulnerable to all the nasties of the 'Net.

Fortunately, activating Windows Defender is a snap. Here's how to do it.

Activate Windows Defender in Windows 8

Windows Defender isn't subtle about being deactivated.

First, head to the modern-style Start screen and type "Windows Defender" to have Windows search for the program, then click on the Windows Defender icon when it appears in the results. A Windows Defender window will appear on the classic desktop. If Microsoft's security software is disabled, you'll seen a lot of scary red tones alongside an "At risk" warning and an image of a computer screen with a big X on it. Subtle, eh?

Next, click on the Settings tab at the top of the window. Make sure "Real-time protection" is selected in the left pane, then check the box next to "Turn on real-time protection (recommended)." Finally, click Save Changes at the bottom of the Window.

How you want your Settings tab to look!

You'll know it worked when the terrifying red "At risk" bar at the top of the Windows turns a much more soothing shade of green and switches to "PC Status: Protected."

Check for leaks

You're not quite done yet. Now it's time to make sure your PC is actually malware-free! Click the Update tab, then click on the big Update button in the middle of the Window to download the latest malware definitions Microsoft has on file.

Next, open the Home tab and select the "Full" radio button in the Scan Options list. All you have to do now is click Scan Now, then sit back and wait while Windows Defender checks the nooks and crannies of your PC for any hidden baddies. Grab a cup of coffee; it may take some time. While you're waiting, we recommend checking out your Windows 8 antivirus options.

NVIDIA CEO Jen-Hsun Huang announces cloud-based, virtualized Kepler GPU technology

 

del.icio.us Tags: Kepler,NVidia,desktops,laptops

By Michael Gorman posted May 15th 2012 2:31PM

Breaking News

We're here at NVIDIA's GPU technology conference here in San Jose, California and CEO Jen-Hsun Huang just let loose that his company plans to put Kepler in the cloud. To make it happen, the company has created a virtualized Kepler GPU, meaning no physical connections are needed to render and stream graphics to remote locations. So, as Citrix brought CPU virtualization to the device of your choosing, NVIDIA has brought the power of Kepler to everything from iPads to Windows PCs.

Digital Storm locks and loads Ivy Bridge into its new recruits

Technorati Tags: Ivy Bridge,Intel,Digital Storm,CPU,computers,laptops,gaming,technology

By James Trew posted Apr 29th 2012 9:00AM

Digital Storm has announced that its premium-priced (and not so premium-priced) gaming PCs will soon be touting Ivy Bridge processors. This means, going forward, all machines will come with the Intel's third generation Core architecture, with the PC maker already claiming it's managed overclocks at 4.8GHz. Like its machines, Digital Storm is keeping cool on when the systems will find their way from workshop to LAN, or what effect (if any) there'll be on pricing. Keep the cross hairs focused on the source link for more info.

April 29, 2012

Digital Storm Integrates Intel's New 3rd Generation Core Processors into its Award-winning Line of Gaming PCs & Laptops

Fremont, Calif. - (April 29, 2012) – Digital Storm, the predominant name in computer system integration and engineering, is proud to announce integration of Intel's new 3rd generation Core processors into its entire line of gaming PCs and laptops. Now Digital Storm customers can harness the power of the world's most advanced processor in their dream machine.

Digital Storm systems featuring Intel's new 3rd generation Core processors offer gamers and enthusiasts a distinct advantage thanks to the CPUs unique architecture. With the addition of 3D Tri-Gate transistors and a 22nm process, Digital Storm systems will generate less heat and deliver higher performance compared to Sandy Bridge CPUs.

"We've tested Ivy Bridge in every one of our systems and we've measured extraordinary overclocks at 4.8GHz at unbelievably low temperatures across the board," remarked Rajeev
Kuruppu, Digital Storm's Director of Product Development. "With the addition of Intel's latest chipset, our entire line of gaming PCs and laptops offer customers the utmost in computing power."

Windows 7 Pro 64 bit–$139 @ Newegg

Technorati Tags: Windows 7,operating systems

*Use of this OEM System Builder Channel software is subject to the terms of the Microsoft OEM System Builder License. This software is intended for pre-installation on a new personal computer for resale. This OEM System Builder Channel software requires the assembler to provide end user support for the Windows software and cannot be transferred to another computer once it is installed. To acquire Windows software with support provided by Microsoft please see our full package "Retail" product offerings.

pureSilicon announces Kage K1 SATA and USB SSDs, up for pre-order now

By Amar Toor posted Jan 18th 2012 3:05AM

Technorati Tags: SSD,hard drives

It seems like only yesterday that pureSilicon released its new Nitro N2 and Renegade S4 SSDs. Today, the company followed up on that announcement with the Kage K1 USB SSD, and the Kage K1 SATA SSD. The former is a USB 3.0-based SSD drive that measures around 4.5mm in thickness and offers up to 240GB of MLC space. It's available for pre-order now, at a price of $230, with shipments expected to start up sometime during Q1 of this year. As for the Kage K1 SATA SSD, it's more in line with what you'll find with the aforementioned Nitro N2 and Renegade S4 varieties. Capable of delivering up to 6Gb/s, the eMLC NAND flash memory-based SATA SSD promises reading speeds of up to 540 MB / sec, writing speeds of 520 MB / sec, and boasts up to 400 GB of usable eMLC. That'll cost you a bit more, though, with a price tag of $975. It too, is available for pre-order now, with shipments slated for early this year.

Asus Eee Pad Transformer Prime TF201 Review: A Breakthrough Performer

---

Pros

• Classy, solid, and svelte design
• Tremendous gaming power from quad-core processor
• Includes useful software tweaks, microSD card slot

Cons

• Not a lot of software optimized for quad-core CPU

Images (click to enlarge)

 

The stylish Asus Eee Pad Transformer Prime TF201 delivers both high performance and high value, a rare combination in the world of Android tablets. It uses Nvidia's Tegra 3 processor, which powers the tablet to several performance firsts and delivered terrific image graphics rendering in games optimized for the new processor. Given its promised future upgrade to Android 4.0.1 Ice Cream Sandwich and its next-gen technology, not to mention its appealing price--$499 for the 32GB model and $599 for 64GB (prices as of 11/30/2011)--the Transformer Prime represents one of the best tablet values today.

 

Design

The first thing that will catch your eye about the Transformer Prime is its svelte design. It measures 10.35 by 7.12 by 0.33 inches, and weighs 1.29 pounds. That's a net reduction in size and weight from the original Eee Pad Transformer TF101, which measured 10.7 by 6.9 by 0.5 inches, and weighed 1.4 pounds. The TF201 also ranks as among the thinnest and lightest tablets on sale to date: Only Apple's iPad 2 (0.3 inches deep and 1.33 pounds) and Samsung's Galaxy Tab 10.1 (0.34 inches and 1.24 pounds) best it today.

Unlike its plastic-enclosed predecessor, the Transformer Prime has an aluminum backplane (in “Amethyst Gray” or “Champagne Gold”), with a matching plastic bezel bridging the edges between the back and surface. The overall look is elegant and the design solid, a combination that's far preferable to the comparatively klunky or plasticky designs we've seen from other Android tablets this year.

In spite of its shallow depth, Asus manages to fit in several ports, a feat that neither Apple nor Samsung accomplished in their aforementioned models. The docking port runs along the tablet's horizontal length, and along the left side are both a microHDMI port and a microSD card slot. At the top of the left side is the volume rocker; this is a smart, and uncommon, placement for volume controls, given the likelihood that you'll need to adjust volume while watching video and holding the tablet in landscape mode. The combination 3.5mm audio jack (for microphone input) and audio-out sits on the right edge of the tablet (or bottom, if held in portrait mode). The power button is at the top left edge in landscape mode, or along the top right edge in portrait mode, and it has a handy, tiny dot that glows red while the tablet is charging.

A final noteworthy point about the Transformer Prime's design is its ability to pair with the Transformer Prime Keyboard Dock. Like the original Transformer (which remains in Asus' lineup at a reduced price) the Transformer Prime pairs with a keyboard docking base that effectively turns the tablet into a compact, easy-to-tote package that adds just 0.41 inches in depth and 1.18 pounds to the tablet. The dock is also made of aluminum, and has a terrific build quality. Typing on it felt solid and natural; and the clickpad-style multitouch-gesture-capable touchpad makes a worthwhile alternative to using an external Bluetooth tablet keyboard (typically, such keyboards do not include a pointing device). Even better: This $149 option includes a USB 2.0 port, an SDHC card reader, and an additional battery for up to a claimed 18 hours of battery life.

Performance and Display

As the first tablet with Nvidia's 1.3-GHz quad-core Tegra 3 processor, the Transformer Prime was primed to make a performance splash. And it did, almost literally, in our objective and subjective tests. We needed to look no further than the Tegra 3-optimized game Riptide GP, which makes the splash of water droplets look realistic on the tablet's display, to know that we were looking at the next generation of Android tablets.

This is not to say that we saw dramatic improvements in every aspect of tablet handling. But the Transformer Prime reset the bar on many of the PCWorld Labs' tests.

At the heart of the Tegra 3 processor is Nvidia's Variable Symmetric Multiprocessing technology, which optimizes the platform's quad-core Cortex A9 CPU performance, switching the processing load to a lower-powered fifth Cortex A9 CPU core for less demanding tasks that don't require processing oomph. All that happens seamlessly in the background.

For those who want to be more proactive in managing the Transformer Prime's performance, Asus also provides three system performance modes, lifted from the company's laptop settings. This is the first tablet I've seen with such modes, and they do make a tangible difference in some aspects of performance. The normal mode optimizes for maximum processing performance; the balanced mode optimizes for a more middle-of-the-road experience capped at 1.2GHz performance; and the power savings mode uses up to 1GHz performance to optimize battery life. These adjustments resulted in very different usage experiences. Interestingly, the normal mode felt noticeably zippier, and the different levels did impact some of our performance results, but in less CPU-intensive examples, the differences were negligible.

The most significant result in our gaming performance tests: The Transformer Prime logged 53 frames per second, the highest frame rate we've seen on the GLBenchmark 2.0.3 Egypt test with no antialiasing. This result topped the Apple iPad 2's previous record of 46 fps, and it just crushed the Android masses we've tested, which averaged 18 fps and topped out at 34 fps (for the 7-inch Acer Iconia Tab A100). The results on the GLBenchmark Pro test were similarly decisive, at least in the Prime's victory over other Android tablets. Here, the Prime tied the iPad with 58 fps, ahead of the Iconia Tab A100 at 49 fps, and the trio of the Samsung Galaxy Tab 10.1, the Sony Tablet S, and theToshiba Thrive, which were all tied at 40 fps.

Graphics in some games appear awesome. Riptide GP has water that ripples with surprising realism, and the droplets that splash stun. According to Nvidia, the game's developer takes advantage of the Tegra 3's additional pixel- and texture-processing capabilities on the GPU for that water effect, using the quad-core CPU to do real-time physics calculations of how the waves interact with the Jet Skis.

The Glowball demo on our test tablet was equally impressive. The reflectivity and light refraction in the Sea Floor level drew gasps. And while Bladeslinger's title character occasionally moved stiffly, the level of detail and dimensionality to the images impressed. The most conclusive example of the Transformer Prime's gaming prowess came when I compared the preloaded ShadowGun tech demo on the Prime, optimized for Tegra 3, with the standard version of ShadowGun on an iPad 2. The difference in the gaming experience was visceral, and drew oohs and aahs from colleagues who gathered to see what the fuss was about. The water and smoke effects stunned, flags flapped more naturally, and the detail in the floor was obvious even to the casual observer.

And since Nvidia has added support for popular game controllers, including those from the Sony PlayStation 3, Microsoft Xbox, Nintendo Wii, and even USB gamepads, the Transformer Prime appears to be a leading contender for those chasing the ultimate Android gaming experience. The trick will be in getting the software to catch up to the hardware: Currently only three games—Riptide, Zen Pinball, and Sprinkle—are Tegra 3-optimized; a fourth, the shipping version of the Tegra 3-optimized ShadowGun, should be available shortly.

In our SunSpider 0.9.1 JavaScript benchmark, the Prime leapt to the head of the class, taking just 1.8 seconds to complete the test, 0.1 second ahead of the Acer Iconia Tab A500, and 0.2 seconds better than the iPad 2. We had some conflicting results in our page load tests, however, and are looking into what may have caused this, and will update later with the full results.

One performance metric where the Transformer Prime disappointed was in file transfer speeds. Compared with Android 3.x tablets and the iPad 2, the Prime was one of the slowest models we've tested at writing to the tablet, lagging all but the Sony Tablet S. Transferring data off the tablet, on the other had, was more competitive.

Another disappointment was audio. Through the awkwardly positioned monoaural speaker, music sounded muddied. My test tracks were missing the highs and lows, and at times sounded as if they were coming through in an echo chamber, even though the speaker itself was not blocked by my hand (which could happen easily, given the speaker's position at the rear edge).

Display and Image Capture

By contrast, the Transformer Prime exceeded expectations with its 1280-by-800-pixel display. The Prime is the first tablet in the PCWorld Labs with a SuperIPS+ display, which adds brightness to make the tablet more usable outdoors. When enabled, the SuperIPS+ mode increases brightness to 600 nits, up from the standard mode's maximum of 380 nits. Indoors, the effect is minimal. But outside, in bright sunlight, this makes a big difference. I still wouldn't recommend using the tablet for reading outside, but you at least now have a fighting chance at seeing the camera controls and what you're focusing on, or looking at the map you've called up to figure out to get somewhere. The wide viewing angle preserves colors, and makes the Prime perfect for sharing the screen with a small group, be it for business presentations or sharing a video.

Images looked good, too, with better colors and sharper images than on the original Transformer. That said, I observed that our test tablet appeared to have a warmer color temperature than its predecessor, which caused a yellowish cast that made some whites appear more off-white, and made skin tones appear jaundiced. Asus believes this may have been a flaw in our test unit; I'll update this text after observing the same content on a second unit.

Our test unit at times appeared to have difficulty automatically rendering high-resolution images. This resulted in images that appeared slightly fuzzy until I forced the image to render properly by tapping on it, or pinching and zooming. I've seen similar glitches on other tablets, and the Prime's offense was less obvious than those. Neither Asus nor Nvidia had an answer as to why I observed this, which leaves me to wonder whether it could be something in Android 3.2.1.

As much as I found to like in the display overall, there's still room for improvement in hardware and software. The air gap between the Gorilla Glass surface and the LCD beneath is still noticeable, though it's smaller and less glarey than on the original Transformer. The oleophobic coating on the screen didn't do much to mitigate fingerprints smudges. And text rendering in e-reader apps was still noticeably weak. Text rendering on Android tablets and the iPad as a whole remains an issue; perceived quality is very heavily dependent on the software, on which fonts you're using, and on how smoothly that font is rendered. Sadly, the display doesn't up the pixels per inch, unlike the display for the T-Mobile Springboard or the upcoming Toshiba Thrive 7-inch.

The rear-facing camera carries the best specs we've seen yet--8 megapixels--but a more pedestrian 1.2 megapixels for the front-facing camera. The rear camera has a flash and a wide-aperture f2.4 lens for shooting in low-light situations. But don't toss your dedicated point-and-shoot just yet; some casual test images looked good, far better than those on other tablets, but they were still were noisy, even in bright daylight, and lost detail and sharpness at full resolution.

Stay tuned for further testing results, including a full display and battery life report, and updated camera quality tests.

Asus' Software Touches

Beyond the obvious boost in CPU performance and gaming, the benefits of the quad-core Tegra 3 wasn't apparent in all activities. Touchscreen swiping was smoother, for example, but in general, navigation, multitasking, and in-app experiences didn't feel dramatically faster.

Granted, many everyday tasks may not require the extra power of four cores. But it's also likely that none of the software involved was optimized for the Tegra 3, unlike the games were that Nvidia preloaded onto Asus' demo tablets. I'll be interested to watch the Prime's performance evolve over time, and see what happens once the over-the-air update for Android 4.0.1 Ice Cream Sandwich comes along in early 2012, and once more apps get optimized for a multicore mobile universe.

Asus has made a handful of useful customizations to the stock Android Honeycomb interface. As on its predecessor, the Transformer Prime's trio of core navigation buttons—back, home, and recently accessed apps—get a facelift, with darker, clearer definition than on stock Android. Recently accessed apps gain an “x” alongside the app thumbnail, for easily shutting down an app. Best of all, Asus redesigned the pop-up settings menu to add controls for brightness and SuperIPS+, the rotation lock, Wi-Fi, Bluetooth, audio muting, sync (for use with the Asus PC sync app), and the built-in GPS.

New in this version of Android is a slick three-dimensional Google Videos app for easily shopping for, and viewing, video rentals from Google Market, and your personal videos, too. Asus also includes some useful apps, such as Netflix; Polaris Office, for editing and creating Word, Excel, and PowerPoint documents; several for accessing Asus' cloud services and DLNA streaming; and SuperNote, for taking notes with finger input.

E-reading fans will appreciate Asus' MyLibrary, which finds and indexes e-books on your tablet—including ones stored locally in closed formats, like those from Amazon's Kindle store. Asus sells books via its own service; for periodicals, you can shop at the preloaded Press Reader and Zinio.

Bottom Line

The Asus Transformer Prime makes a visual statement, in both its brilliant design and its inner power. The docking station option makes it a superb choice for power users who want a tablet that converts into a productivity workhorse. Our full rating is pending until our testing is complete, but this tablet is shaping up as one of the top contenders you can buy today. We'll update this review with full testing results when available. The Transformer Prime ships through online retailers December 12, and will be in stores December 19. No word yet as to the availability of an expected 3G version.

ASUS Eee Pad Transformer Prime: 10-inch Super IPS+ display, 12-hour battery and quad-core Tegra 3, ships in December for $499

By Dana Wollman posted Nov 9th 2011 12:49AM

Breaking News

For three weeks now, Android fans have been fidgeting impatiently. Specifically, ever since ASUS chairman Jonney Shih took the stage at last month's AsiaD conference and teased the next-gen Transformer tablet. Though he only gave us a quick glimpse, he recited a laundry list of specs: a 10.1-inch display, 8.3mm-thick body, mini-HDMI output, microSD slot and an update to Ice Cream Sandwich by the end of the year, if not sooner. Not to mention, it'll pack NVIDIA's hot-off-the-presses Tegra 3SoC, making it the first-ever quad-core tablet. We knew this: we'd learn more on November 9th.
Well, that day has come, and so have the juicy details. We just got word that the tablet will go on sale worldwide in December, starting at $499 with a beefy 32GB of storage, moving up to $599 for a 64GB model. (That signature keyboard dock you see up there will cost $149.) In addition to those basic specs Mr. Shih revealed last month, we now know this has a 1280 x 800, Super IPS+ Gorilla Glass display with a 178-degree viewing angle and a max brightness of 600 nits. It also packs 1GB of RAM, GPS, a gyroscope, SonicMaster audio and a 1.2 megapixel front-facing camera. Rounding out the list is an 8MP shooter with an auto-focusing f/2.4 lens and a back-illuminated CMOS sensor that captures 1080p video. Touch-to-focus is also an option here, and ASUS claims a 30 percent boost in color enhancement over competing tabs.
As for battery life, we initially heard reports of 14.5-hour runtime, but ASUS is now saying the tablet alone can squeeze out 12 hours thanks to a 22Wh battery, and that the dock will add an additional six hours of juice. In addition, the slimmed-down, 1.2-pound dock brings all the other benefits the last-gen model offered, including a touchpad, USB 2.0 port and full-sized SD slot. Software-wise, it'll ship with Android 3.2 and apps such as SuperNote and Polaris Office, and we're told we'll learn more about that ICS update in "early December."
In terms of design, you may have already noticed the Prime sports the same spun aluminum digs as the company's Zenbooks, though this is the first time we're seeing clear, close-up shots of it -- and in two colors, no less! At 8.3mm (0.33 inches) thick and 586 grams (1.29 pounds) without the dock, it's a smidge skinnier than the iPad 2 and Galaxy Tab 10.1, which means, unsurprisingly, that your old Transformer dock won't be compatible. Finally, ASUS coated both the display and metal cover with a hydro-oleophobic coating that makes it more fingerprint-resistant. For now, we've got photos below and if you can wait a few more weeks, we'll most definitely be putting this thing through its paces in a full review. And if you're looking for something a little less expensive, well, the original Transformer should be getting Ice Cream Sandwich soon, and we wouldn't be surprised if Santa brought a few holiday rebates.

Alienware M14x review roundup: a lovely blend of poise and power

By Darren Murph  posted Jul 16th 2011 9:02PM

Know what happens when you split the difference between an M18x and an M11x? The M14x, of course! We managed a bit of hands-on time with Alienware's middleman back in April, and now the web at large has had a chance to spit their opinions on it. By and large, critics were overwhelmingly pleased with performance, and hardly anyone could find too many griping points. Hot Hardware dished out an Editor's Choice badge, noting that the 14-incher exhibited a near-perfect blend of portability and power -- it's not often that a machine capable of running today's latest 3D titles can also get four hours of battery life. Having Optimus onboard is certainly a boon, but just about everyone also suggested springing for an SSD to really round things out. Folks also seemed to love the apparent lack of bloatware, and while the $2,000+ price tag was certainly steep, the top-tier numbers it delivered definitely helped soften the blow. The long and short of it? Folks looking for a nice balance of mobility and raw horsepower need look no further, but you can humor yourself anyway by digging into the links below.