A Defensive Computing Checklist    by Michael Horowitz
NOTE: I gave a presentation on Defensive Computing at the HOPE conference in July 2022
HOME | Full Site Index | Domain Names | VPNs | iOS | Android | About | Rules of the Road | DC Presentation |

WINDOWS

Don't use Windows. For Defensive Computing, it is the worst choice.

Going further, I suggest avoiding all software from Microsoft such as their web browser (Edge), their email clients (Outlook in particular) , their Office suite (try Libre Office instead) and their email server (Exchange).

Given that this is my mindset, this topic is fairly small.

If you are buying a new computer, and intend to use Windows, then I suggest Windows 10 rather than Windows 11. The main reason I say this is that Windows 10 is more mature. It is also likely to be more compatible with software and hardware. And, any new features in Windows 11 are likely to be problematic, judging by history. This is true as of October 2022, in 2 or 3 or 4 years, things may change.

CONFIGURING WINDOWS

A Windows system with a single userid is mis-configured. Every copy of Windows should have at least one restricted user and one administrator class user. The restricted user should be used 99.9% of the time. The two passwords can be very similar.

Use a local account rather than a Microsoft account. Microsoft is always making this harder. For years, doing the initial configuration while not connected to the Internet was enough to avoid the requirement for a Microsoft account. With Windows 11, other tricks are needed.

By default, File Explorer hides the file type. This is bad and Microsoft has kept this miserable default for decades. Change it. See Windows File Explorer Settings: the Setting You Should Change Right Now by Leo A. Notenboom. For Windows 8, 10 and 11.

Go to Settings -> Privacy. Turn off everything that is on. Microsoft code words: "improve" means spying on you. "track" means spying on you. "relevant content" means spying on you. "suggested content" are ads. "personalization" means spying on you. "tailored experiences" means spying on you. "activity history" means spying on you.

Double click on My Computer/This PC and get the properties of the C disk. Turn off the option to "Allow files on this drive to have contents indexed in addition to file properties" Doing this, saves writing to the SSD that is the C disk. This may have been useful back when PCs had mechanical hard drives.

Why and how to login to Windows with a Local Account rather than a Microsoft Account: Why Microsoft Account is a Raw Deal and How to Absolutely Avoid It on a Windows Computer by Dong Ngo. For Windows 10 and 11. August 2022.

Some of us old time Windows users like the Show Desktop icon in the bottom left corner of the taskbar. It was there in Windows XP and somewhere along the line was removed. This hack can restore it. This has to be done for each Windows userid. It works on Windows 8 and 10, I have not tested Windows 11.

  1. Go to the ProgramData folder in the root of the C disk
  2. Create a subfolder called "ShowDesktopFaking" (arbitrary name)
  3. Put two very small text files in this subfolder. Any text files.
  4. Edit the first text file so that it contains this:
    [Shell]
    Command=2
    IconFile=explorer.exe,3
    [Taskbar]
    Command=ToggleDesktop
  5. Rename this file to "Show Desktop.scf" (the space matters)
  6. Rename the second text file (the contents do not matter) to ShowDesktopFakerooo.exe (again, an arbitrary name)
  7. Right click on ShowDesktopFakerooo.exe and pin it to the taskbar
  8. Right click on the just-created taskbar icon, then right click on "ShowDesktopFakerooo" and get the properties.
  9. Change the Target to be the full path to the "Show Desktop.scf" file. Specifically to:
    C:\ProgramData\ShowDesktopFaking\Show Desktop.scf
  10. Test that the icon actually works. It should.
  11. Right click again on the new taskbar icon, right click again on "ShowDesktopFakerooo" and get the properties.
  12. Click on the "Change icon..." button and navigate to explorer.exe in the C:\Windows folder. Ye Olde icon will be there.
  13. All done.
  14. If desired, drag the icon all the way to the left. Visually, you will not see the new icon until the current Windows user logs off and back on. Or, Windows re-boots.

WINDOWS SOFTWARE

Portable apps are safer than normally installed apps because they are harder for malware to find. Also, they are easy to backup, just copy a folder. And, they let you have two different versions of an app available at the same time. An excellent source of portable Windows software is at portableapps.com.

Do not use Bit Locker, instead use VeraCrypt

For checking on the health of an SSD, I suggest the free Clear Disk Info program.

Nir Sofer has a huge collection of excellent, free portable software at nirsoft.net. Perhaps my favorite is WifiInfoView. I also like TaskSchedulerView.

The free Process Explorer program from Microsoft is invaluable, I install it on every Windows computer that I configure. Likewise, the free Autoruns program from Microsoft is great at giving you control over the programs that run when the system starts up.

Steve Gibson offers a free, portable program called InControl that makes it very easy to stay on your desired Windows Service Pack. It takes advantage of a relatively new feature in Windows Update and the program simply updates the Registry to set a number of new configuration options. Thus you an stay on your current service pack until you think the next one is ready for prime time. You are in control.

USING WINDOWS

Before running any downloaded executable file, check it at VirusTotal.com.

My Print Queue is Stuck. How Do I Print Anything? by Leo A. Notenboom (last updated Aug. 1, 2022). To clear the print queue: turn off the printer, stop the Print Spooler service, delete all the files in c:\Windows\System32\ spool\PRINTERS, start the Print Spooler service, turn on the printer.

The First Things to Do with a New Windows Computer by Leo A. Notenboom (October 2022). Backup, backup and backup some more.

November 2022: A Windows 10 laptop computer that I use every day had not installed bug fixes in a very long time. I do that on purpose, so that I can trust the computer will work the same today as it did yesterday. Still, at some point it needs software updates. So, I rebooted the computer and let it install a ton of fixes both to Windows 10 and assorted drivers. Reboot and more fixes. Reboot and more fixes. All seemed well and at the end of my working day, I closed the lid to put the computer to sleep. I had done the same thing well over 100 days in a row. Could have been 200 days in a row. Yes, it had not rebooted in months and months prior to the bug fixes. The next morning, the laptop would not wake up from sleeping when the lid was opened. F**k Microsoft and their Operating System.

A STORY

Once upon a time, OK, it was November 16, 2022, I was setting up a new Lenovo T14 Thinkpad that was running Windows 10. The next day, I happened upon the folder
C:\Program Data\Microsoft\Windows\WER\ReportArchive

This seems to be where Windows stashes dumps, records of programs that have crashed/failed. At some point these are probably sent to Microsoft. To me, it seems like quite a lot of program crashes for the first day of using the new computer. Maybe I'm being overly critical? I think not.

Consider the dump files shown in the screen shot below. An Administrator is not allow to see the files at all. And, even if you hack around this security restriction, Windows does not include a utility to format these files into a human readable format. These failures are none of our business.

- - - - - - - - - - - - -
See also, the topics on Microsoft and Microsoft Office.

 This page: 7 views per day (over 66 days)   Total views: 435   Created: October 4, 2022
This Page
Last Updated

November 21, 2022
Total Site
Page Views

 481,032
Site Page
Views Today

  413
Previous
Website View

1.3 minutes ago
Website by
Michael Horowitz
@defensivecomput
top
Copyright 2019 - 2022