Security refers to how well protected your computer is from things like viruses, malware, and hackers. Remember that security isn’t “on” or “off.” Tools such as network firewalls, antivirus, and spam protection help keep your computer safe.

Posts

A picture of AVG PC Tuneup in action.

PC TuneUp Software: Great in Theory, Awful in Practice

This is a story about automated PC TuneUp software and how it can go horribly wrong.

Background

A client brought me 4 new PC’s to setup at his business.  This involves completing the Windows setup wizard, installing his software, porting over his data, updating, and setting up security.  In this instance the client bought his own antivirus: AVG Zen Protection, which comes with AVG’s PC TuneUp.

AVG PC TuneUp and products like it function similarly: analyze your computer, find ways to free up resource and make it faster, and implement them more or less automatically.

That all sounds great. PC’s do need regular maintenance. The promise of software like PC Tune-Up is that it will act as a mechanic who shows up and changes your oil and checks your filters  without ever being asked.  That’s fantastic. Until it’s not.

The PC TuneUp Problem

After installing AVG with PC TuneUp, the software went to work trying to determine how badly this brand new computer needed optimized. It found things.  So many things. Out of sheer curiosity I actually allowed it to implement the solutions it recommended on one of the 4 PC’s.

It felt no faster.  But it did render the application the client depends on to do  business totally unusable.  PC TuneUp tries to be helpful by creating a restore point.  I rolled back to the restore point and the application still wouldn’t run.

The problem was caused by the fact that PC TuneUp had disabled one of it’s services. When I went to re-enable the service, I found that it wasn’t being disabled the standard way, so using the Windows Services console to start the service failed. In the end I ended up removing PC TuneUp completely.  If that’s how it’s going to behave, I certainly can’t send it into production.

The Bottom Line on PC TuneUp

I’m not writing to talk smack on the entire AVG product line. I still use AVG for antivirus. But PC maintenance is best left to folks that understand the implications of their actions.  PC TuneUp and products like it take a shotgun approach to optimization: they try to intelligently determine what programs and services can safely be disabled, but it’s safe to say PC TuneUp isn’t running Ex Machina level artificial intelligence because it seems to have no problem erring on the side of disabling things you need.

So if your computer is slow, don’t choose some automated optimization tool like PC TuneUp that errs on the side of speed, not safety. Call a professional.

On the Recent WordPress Security Updates

In the last two months we’ve seen a number of WordPress security updates.  April 21 brought us WordPress 4.1.2 which fixed 4 security issues. A wide-spread vulnerability in numerous WordPress plugins was simultaneously announced and was followed by a rash of plug-in updates by vendors including Yoast. A week later WordPress 4.2.1  was released with a patch to a cross-site scripting vulnerability found in the comments feature. Then just a few days ago WordPress 4.2.2 patched a vulnerability in the bundled Genericons font package.  The WordPress naysayers have been saying nay for weeks now. Is their negativity justified?
The WordProcalypse ended not with a bang, but with a “meh.” WordPress updates itself automatically now. And if you’re in the practice of only installing reputable plug-ins and themes, updating your plug-ins is pretty painless.
Consider this: all of the vulnerabilities fixed by these updates were detected either by the core WordPress team or community members who develop extensions.  None of them were the results of a zero-day exploit.
I think the recent rash of WordPress Core and plug-in security updates is a Good Thing.  It’s proof-in-the-pudding that the WordPress community has matured. It’s a sign that everyone involved in WordPress’s success from parent company Automaticc to lone plug-in authors are taking it seriously.

Offline Updates for Microsoft Security Essentials

When someone bring me a computer and asks me to remove viruses and malware, the last thing I want to do is connect that computer to my network. This is a bit of a catch 22, since you need to be connected to the Internet to download antivirus software and updates. Luckily Microsoft provides an offline update file for Security Essentials that you can download from one computer and install on another.

Microsoft Security Essentials Definition Updates (x86)
Microsoft Security Essentials Definition Updates (x64)

The Basics, Part 2: What are Software Updates

Computers are just like any other complicated mechanical or electronic device: they require periodic maintenance. A car, for example, should have its oil changed every three months or three thousand miles to keep the engine running smooth and healthy. But unlike a car which does one job and does it well, your computer can learn new tricks by running new software. Not only does your computer require physical maintenance, but every software package you install requires a little “virtual maintenance” of its own.

Most users will buy a computer, load it with their favorite software and forget about it. Things might be just fine for a while, but eventually your once speedy machine will start to drag, you’ll experience lag and crashes that prevent you from getting your work done, and viruses, spyware, and other digital nastiness might even creep into your system. You’ll eventually have to pay a technician to fix the problem, or will treat your computer as a disposable commodity and simply buy a new one. One of the critical tricks that computer technicians have up their sleeve are software updates, and when I tell you how easy they are, you’ll kick yourself for wasting your money. Read more