MaximumPC 2001 11

http://www.maximumpc.com|JAN 2011|MAMAMAXIMXIMXIMXIMUUUUMMPPPCC| 25

Obviously, all the same security risks and safety recommendations

that apply to your desktop computer also apply to your laptop. But

your laptop carries the added risk of being stolen. And let’s face it: If

you haven’t encrypted all your sensitive data or been diligent about

backups, the loss of your laptop could be mighty painful. One way to

prevent the potentially dire consequences is to use a laptop lock.

The vast majority of notebooks have a slot to accommodate a

physical locking mechanism—it’s usually designated by a padlock

icon. The lock itself is attached to a reinforced cable which cannot

be easily cut without the aid of a large and very noticeable set of

bolt cutters. The cable is either bolted to the fl oor—in your offi ce

at work, for instance—or looped around a substantial or immov-

able object. Kensington is one of the biggest names in cable-lock

makers, and offers both combination and key locks, priced at $

and $50, respectively.

PHYSICAL SECURITY

Put Your Laptop on Lockdown

To disable these plugins in Chrome, go to 1p-
tions, Under the Hood, Content 5ettings, Plugins,
and select pDisable individual plugins.q
Now, go into the Acrobat app, go to Edit,
Preferences, Trust Manager, and uncheck pAl-
low opening of non-PDF fi le attachments with
external applications.q While you’re in Prefer-
ences, click the Java5cript option and uncheck
pEnable Acrobat Java5cript.q Also click on
Internet and uncheck pDisplay PDF in browser.q
1r just dump the whole thing for Foxit Reader
http://www.foxitsoft ware.com.
For 3uickTime, start the player, dig into Edit,
Preferences, 3uickTime Preferences, Browser,
and uncheck pPlay movies automatically.q
To mitigate the damages from Adobe Flash,
consider running the FlashBlock extension in
Firefox and Chrome. This will prevent Flash from
being displayed on a page. In its place will be
a place holder that, when clicked, will play the
Flash content.
Disabling Java5cript unilaterally can
be problematic, as it breaks many sites.
5till, for the paranoid, there is a way. The
No5cript extension for Firefox is the leading
contender. Chrome has no such extension,
but you can go to Tools, then 1ptions, then
Content 5ettings, then Java5cript, and select
pDo not allow any site to run Java5cript.q
This will place a small icon in the address
bar that will let only your favorite sites run
Java5cript. Disabling Java5cript in Chrome
can be wonky, but it’s worth investigating if
you want to avoid one of the primary ways
crooks are targeting you.

Use a

Virtualized

Browser

5ince the vast majority of

attacks are coming from the

browser, one of the safest

ways to surf the web is from

a virtualized browser or a

virtual machine. Dell off ers

its free -ACE browser

http://www.kace.com, which

virtualizes Firefox 3.

along with Adobe Reader

and Flash. Malware that

exploits holes in Firefox,

Reader, or Flash would be contained within the

virtual machine. The bad news! If you do get an

infection and need to ȯ ush the virtual Firefox,

you lose all of your settings. That includes the

numerous updates to Firefox that come out

seemingly every month and any bookmarks

and plugins you installed. An alternative is to

build a virtual machine using either 8irtual PC

2007 http://www.microsoft .com or 8M Ware Player

http://www.vmware.com. Both are free, and both

Microsoft and 8M Ware off er free images that

include browsers. Microsoft off ers 8ista and XP

with IE8 installed and 8M Ware off ers Ubuntu

with Firefox installed. 1f the three options, 8M

Ware’s is the most solid but folks not used to

Linux might be thrown for a loop. Microsoft ’s

images time out aft er three months, so you’ll

have to download it again.

Get a Second Opinion

Do you really know if that fi le is truly

untainted! Many malware writers are

specifi cally craft ing wares to avoid detec-

tion by antivirus suites. If you have a fi le that

you need to run, we recommend that you

incubate it for a few days or a few weeks

if possible. This gives security soft ware a

chance to catch up to any new exploit. We

then recommend that you get a second

opinion from 8irustotal.com. This website

lets you upload a fi le to be scanned by two

dozen A8 engines. Just remember that

malware writers are also using tools such

as 8irustotal.com to see if their wares can

pass muster, so long incubations are key.

Kensington’s new ClickSafe key lock makes it an easy one-step process to

secure your laptop from snatch-and-grabs.

Disabling plugins for Acrobat, QuickTime, and other media players can

mitigate some of the damage from new zero-day exploits.