PC Tips and Tricks

How to make your computer devices a hacker’s paradise

Don’t bother to install software updates. Of course those with malicious intent will have numerous methodologies to penetrate your computer systems. But why make it any easier. Surprisingly many business do.

There is no silver bullet

Computers are inherently insecure. You may ask why. Essentially if one person designs something another can imitate or improve or in the case of computer find a gap to either comprise or take over your computer.

How do you protect yourself

Install software patches, service packs. Reputable software companies will continually monitor how their software performs in the market place. Such companies want to know how their customers use their software. More often than not users don’t quite use the software as intended.

How do software companies know?

Periodically you may choose to send software error reports, submit support requests, ask questions on forums etc. Inevitably hackers will find open doors and exploit these. Software developers will seek to close these vulnerabilities with patch updates. Over time developers apply what they have learnt about their users to develop a service pack.

What’s a service pack?

Service packs are an application rewrite. Service packs close identified security vulnerabilities and may add new functionality. With each service pack release your application becomes more complex. In turn this necessitates more computing power to process the additional code which is one reason why you might notice as time moves on your PC begins to slow.

If you choose to install updates your original software package will be a closer reflection of a new software product release than the product you originally purchased.

Why shouldn’t you install updates

What appears to be a silly question may have justification but I must emphasis in the real world very little. Essentially you should update your software. The reason you might choose not to install updates is you have chosen to customise an off the shelve software package or you are running bespoke software solution. In either case an update may disable your legacy software.

When customising or developing software you should be aware it is not a one off cost. Software must evolve even if your business workflows remain the same, someone with evil intent will find a way to comprise your software. That person may be an employee or someone external to the company. The question to ask yourself is, ‘if you were to lose access to your data what effects will this have upon your business.’ In most cases a very unpleasant outcome for you.

Concerned updates might lead to downtime

Backup your data prior to implementing updates. Updates can and do go wrong, registry changes, dynamic link library links may have become corrupt with evitable consequences. One possible reason you’ve implemented a virus fix. Doing so may have fixed the problem but changed registry entries etc. Thankfully it’s rare these days’ but updates can and do go wrong.

Your best defence

Update your software. You’ve paid for the support so use it.

How long does it take to update

Recently I visited a progressive company. Their business deployed cloud technologies. They realised they could be making more use of their software plus they wanted some additional built in functionality activated.

Talking to employees suggested a high level of IT literacy so unusually for me I didn’t think it was necessary to implement the first step.

Check for updates. I just assumed IT competence.

I researched solutions and provided installation instructions. Unfortunately my contact couldn’t implement my recommendations. I couldn’t understand why. So I built a virtual PC to replicate the same outcomes my client was experiencing. Doing so, I soon realised updates were missing.

Checking one PC I discovered 102 missing updates. Almost certainly there will be more. The reason when updates are installed they are implemented in a sequential order. In other words you can’t always install a later update version until the earlier update is installed alternatively an update cannot install until a linked dependent update itself is updated. I suspected the 102 updates would end up being closer to 150.

I then made another mistake. I instructed my contact to install updates and suggested in all probability the functionality they required would be enabled when the updates were installed. If not I provided a link for an update that would provide the functionality required. I specified not to use this link until the updates were in place. The reason was simple the software required operating system and MS.Net updates to enable the functionality.

I assumed he understood updates would take time and once initialised shouldn’t be terminated. I thought he would leave the updates to run at a time convenient to the team and himself. I was surprised he implemented updates immediately. I just assumed he understood he probably wouldn’t be able to use his PC for the rest of the day given the number of outstanding updates. In most cases a network manager would implement polices to ensure updates were applied. Sadly he became very frustrated after an hour. He terminated updates (not a good idea) and instructed me he wouldn’t need any further assistance from me.

What did I learn

Don’t make assumptions regarding end users IT literacy and I certainly won’t be repeating that mistake again. Provide sequential steps check each step has been implemented before providing the next step never ever the whole solution. Annoying for the client nevertheless ensures a positive customer experience.

References

Why Bother With Software Updates?

Updates why bother

Advertisements