As a traveler, my computer is my home. It’s one of the few things that stay consistent in my life. It’s where I connect with friends and family, where I do my banking and finances, where I work, write and store my travel photos. Which is why when my computer was recently compromised with a particularly nasty malware program it felt as if I had come home to a house with the front door busted open with no way of knowing if the robber was still hiding inside.
Worse yet, I was in the Thar Desert, a particularly remote area on the western edge of India near Pakistan.
I’ve been a faithful MacBook convert since 2011. One of the things I love about MacBooks is they rarely ever have problems. Admittedly, this has made me a bit careless about computer security over the years. It wasn’t until my computer was recently compromised that I realized just how much I rely on my computer as a travel companion. The malware attack stopped me dead in my tracks —literally. I was paranoid (was it going to get worse? Could I safely log into any of my accounts?) and frustrated as days were sucked up in trying to fix the problem on my own. I began tiptoeing around my computer, constantly trying to cover my tracks. I’d delete my history, change passwords and then subsequently forget them. Slow internet access made recovering any password a twenty minute ordeal. As the problem lingered, troubleshooting the problem replaced everything else I had been doing: namely traveling, reading and writing.
As a long term traveler there was no dealing with this later. I was stuck with the problem until I found a way to fix it. Worst of all, I commonly rely on my computer to handle sensitive information. If that info was stolen it could leave me in a really bad situation in a foreign country. After a week of worrying, researching and troubleshooting with no success I changed my travel plans and hopped on an 18 hour train to Delhi to fix the problem.
The crisis had it’s upside though. It sent me deep into research mode for a week as I tried to understand what had gone wrong and how to not only fix it but prevent it from happening again. I probably went a bit overboard…
I’ve boiled down everything I’ve learned about keeping my laptop secure into an easy to follow checklist of things you can do (mostly for free) to secure your computer regardless of whether you are traveling or not. When life gives you lemons…right?
I’m a laymen so after every suggestion I share, in laymen’s terms, why I think it’s worth doing. This list is geared towards MacBook users but it’s general stuff so it shouldn’t be hard with a little digging to find the PC equivalent for each suggestion. I’m not a computer expert though so consider this an easy place to start but do your own research.
These are preventative measures. Having a first world problem like a computer virus in a third world country is no fun. It can be hard to solve it there (as I found out). It can also be a shock and really disruptive to your travel plans. Better to spend an hour or two ahead of time to prevent it from happening in the first place. Be smart and reap the benefits of my pain!
If you are thinking “I’ll get around to that eventually” it might be worth drumming up a little fear, pain and motivation. Let’s do that now. Imagine…
- Not being able to use the internet because your browser is constantly hijacked and sending you to malicious sites (porn sites, ad sites, phishing sites).
- Not being able to make any financial transactions online (transfer money, pay credit cards, etc.) for fear of having your information stolen.
- Having sensitive data stolen (credit card fraud, bank accounts, identity). What would it be like if you couldn’t get cash or make purchases in a foreign country? What if someone else that wasn’t you could?
- Losing all your important work, files and travel photos (when traveling it can be hard to keep these things regularly backed up).
- Spending all your time in coffee shops on shitty wifi combing through computer forums trying to solve your obscure and confusing computer problem instead of traveling.
- Having to reroute your travel plans to deal with a serious security issue or live with the anxiety that you might be at risk. (I ended up choosing to take an 18 hour train to Delhi to deal with the problem).
- Having to…gulp…reinstall your operating system while traveling (me!).
- Being the reason 1-7 happens to one of your friends or family (often it’s easy to infect others once you are infected).
Any of these situations would be bad enough to deal with at home but when your computer is your home it can quickly become a nightmare.
COMPUTER SECURITY CHECKLIST (BEFORE YOU TRAVEL!)
1. Purchase a VPN. This is probably the most important thing I did. It protects you while using public networks where your data can be intercepted and captured. While traveling I’m almost always using a public wifi network. Using a VPN on any public network —home or abroad— is a good idea whether using a laptop or mobile device. It’s also allowed me to get around blocks from services I use that wouldn’t let me login from foreign countries that they considered security risks. Another benefit is that it can let you access services and parts of the internet that may otherwise be blocked by the country you are in (ie Netflix, Youtube, etc.).
2. Make backups. There’s no excuse for not having a back up. Mac makes it very simple with Time Machine. I was using Apple’s iCloud service which was seamless and allowed me to set and forget but lousy internet connections while traveling meant that my data was often going a long time before being backed up. Now I am using an external hard drive instead. I use this one by Seagate which holds 1 terabyte while being small and lightweight. There’s risks with both strategies (a back up is no good if I lose the hard drive) but I find with an external hard drive I’m more likely to have a back up if I need it. It’s also useful if you find yourself needing to reinstall your operating system (which was the case for me).
3. Use password protection software. I switched out my password protected excel sheet of passwords for Last Pass which is a free. In both cases you have a situation where one password protects many, so it’s best to use a strong password and commit it to memory. The real benefit of Last Pass though is it will auto fill passwords for you —preventing you from having to type them in manually. This can protect you from keystroke spyware and phishing attempts if your computer is compromised. I realized how useful this feature would have been after my computer was compromised and I became worried that the passwords I was typing in might then be stolen.
4. Make all your passwords unique. An easy way to do this without tearing your hair out every time you can’t find a password (which shouldn’t be often if you follow #3) is to have a formula. Use a strong base password and then insert a combination of letters somewhere into it that are determined by the service you are logging into. For example if it were PayPal your base password could be IamGinger! and the letter combo could be the first two letters of the company (Pa). So your password would be IamGinger!Pa. You would then have a formula you could remember for all your sites that would be much harder to hack.
5. Turn FileVault full disk encryption on. This encrypts your MacBook’s data when it is shut off. In order for anyone to access it they must first log in to your computer, preventing your data from being accessed if your mac is stolen.
6. Disable automatic login on start up. This requires any new user booting up your computer to enter a password to login to the computer and access your files.
7. Set your desktop to lock up and require a password after being idle for X minutes and upon closing the screen. This helps prevent your MacBook from being accessed without a password.
8. Install antivirus software. I’m not 100% sold on the need of separate antivirus software for macs but I don’t think it’s a bad idea to have anyway. Avira Antivirus is free so unless you need the processing power it makes sense to install it as an extra precaution. There are also paid alternatives worth looking into if you don’t mind spending a little bit of cash. The key reason I installed Avira was for it’s Real-Time Protection feature. This means that new files and programs are automatically scanned in real time for security risks which can prevent potentially hostile programs from executing and adds an extra layer of security to your computer. You can also run virus scans with Avira on your hard drive.
9. Install Malwarebytes Anti-Malware. I use the free version along with Avira for periodical scans of my computer files. If you get the paid version you probably don’t need Avira as well as it comes with real time protection. The free version won’t prevent anything getting on to your computer but can help you detect anything that gets through your computer’s defences. It takes minutes to run a scan and then when you have more time you can do a virus scan (as apposed to just malware) with Avira. This combo will give you a good chance of catching anything that does get on your computer quickly. Malwarebytes discovered a malicious file on my computer when it was compromised.
10. Turn Mac Firewall is ON. Avira offers a firewall for Mac but I prefer using the one built into my MacBook. This comes turned off with every computer so unless you have turned it on it is not running. The firewall will regulate incoming connection requests to your computer based on the settings you choose. It’s also possible to buy a firewall that regulate outgoing connections which might be useful in identifying malicious programs that have made it on to your computer and preventing them from relaying information back to a 3rd party. From my research I’m not sure if using a firewall is necessary and it can also run the risk of network problems. However I think it makes more sense to default to having it on instead of off. If it causes any issues then it’s worth reconsidering if it’s necessary.
11. Uninstall Adobe Flash. You can do this by downloading the uninstaller from Adobe here. There are some security concerns about using Flash. Some claim it opens up vulnerabilities. Flash is often used for video on the web which I’m not doing a lot of. Like the firewall, my approach is to default to removing it and then adding it back later on if necessary.
12. Disable Mac’s Spotlight application from serving up suggestions from the internet. There are some privacy concerns about this which I think are probably minor. However I only use Spotlight to do internal searches. Therefore like #10 and #11 I’ve defaulted to turning it off rather than risk keeping it on. To do this go to System Preferences and choose Spotlight. Deselect Spotlight Suggestions and any options that you don’t need. Then go to Preferences in Safari, select Search and disable “Include Spotlight Suggestions”.
13. Update software whenever possible. Keeping your software up to date protects against discovered vulnerabilities and security threats.
14. Don’t use p2p sharing networks, run executable files (programs) from questionable sites (download from a recognized app store instead) or visit porn sites and other shady corners of the internet. Just in case you know a friend who is doing this 😉
Keep your travels happy!
*Featured photo is of a garden gateway in Prague, Czech Republic.