I’m over at my neighbor’s house and he says, “Hey, you work with computers, so can you take a look at mine?”
There goes the afternoon.
To make a long story much shorter, here’s what I found:
- A computer with way too many viruses. Full of those useless applications that people love to download, and hackers love for people to download.
- All computer accounts, which are of course, administrator accounts, have no password. The default administrator account has no password.
- Windows Update had not run in 6 months.
- Windows Defender could not run due to an error.
- Expired antivirus (Norton, of course,–I hate that stuff).
- A wireless router with a default admin password and no encryption.
- The SSID, which is broadcasting, is their cat’s name. Strangely enough, my neighbor’s iPad had a password, which was also the cat’s name (4 characters).
So I went home and retrieved my “rescue USB” with all my updated software tools on it. I love this USB because it has a hardware read-only switch, which prevent my USB (and me) from getting infected.
While I worked, we had the usual discussions about why basic security is important, and why hackers value home computers, even if the owner is a nobody and has nothing to steal or hide*.
* Some still don’t understand that the computers of uninteresting, boring, people are used by hackers to hack computers of interesting people, create botnets, send spam, store child pornography, and more.
But this time was different. My neighbor actually had a reason as to why he didn’t care much about security: the chemical company, at which he works, has basically no security either. Except that they are required to use only 3-character passwords, and the only time it’s changed is when you leave the company. No kidding.
While I can’t change his company, I can practice the 3rd greatest commandment:
Secure your neighbor as yourself.
Read other Security Scout posts.