I would recommend that you buy and install real-time security software, to protect continuously from viruses, malware, spyware and other online threats, etc. I would recommend Norton Security, as it utilizes one of the largest global civilian intelligence networks to spot threats faster and it is the number 1 ranked consumer security software for overall protection and performance. You can purchase protection for up to 10 devices, it has anti-virus, anti-malware and anti-spyware, multiple layers of protection, an intelligent smart firewall, auto protect and intrusion prevention. Also, it has SONAR protection which protects you against malicious code, even before virus definitions are available through LiveUpdate, so that means it proactively detects unknown security risks on your computer. Additionally, it has SafeWeb which shields you from bad websites which includes malware, phishing & scam websites, etc. Finally, it has Safe Surfing, Norton Tamper Protection, browser protection, download intelligence and it blocks ransomware, etc.

It is also available on mobile devices which can be used with your Norton Security product license key. The app is called Norton Security and Antivirus and it is the most advanced mobile security for Android in the world. It has anti-virus, anti-malware, which now includes protection against trojans and ransomware, anti-theft and Norton Safe Search. Also, it has App Advisor powered by Norton Mobile Insight, which automatically checks apps on the Google Play Store before you download them for potential privacy risks, unusual/intrusive behaviour, high battery and data usage, etc. Finally, it has Norton SafeWeb filtering protection to shield you from fraudulent websites that are designed to steal your personal information and money, the ability to block unwanted calls and text messages, contacts backup, privacy report and Link Guard, etc. Link Guard scans any link you go on via emails and text messages to make sure it is safe, if it is not safe then it will be automatically blocked. Surveilance app protection has been added to the anti-malware feature to help protect your pricacy and security by letting you know if an app is sharing your device's location, contacts, photos or messages without your authorisation.

I would recommend that you install free, non real-time security software, to perform extra scans, to block bad websites and even more with things like immunisation, prevention and protection, which can protect your computers and browser programs against things like spyware, malware, adware, browser hijackers and dialers, etc. You can't have two real-time security programs running at the same time as they will interfere with each other. So I would recommend Malwarebytes free it does come with a free pro trial included, but don't say yes to that because if you do it will become a real-time security program. I would also recommend Spybot - Search & Destroy and SpywareBlaster. This means you can install all these non real-time security programs for free and they will not interfere with each other, as you will only have one real-time security program running.

I would also recommend that you install Norton Halt exploit defender app on Android for free, as it is a first responder app designed to warn you about and scan for the latest security vulnerabilities and exploits that threaten your device and personal information. This includes the Krack, Bluebourne, Spectre and Magellan security vulnerabilities, etc. As these security vulnerabilities and exploits allow attackers to bypass system permissions, inject malicious code and install unauthorized apps, etc.

I would recommend that you set your DNS to CleanBrowsing DNS for free, as it will protect your computers and devices from bad websites, including malware, phishing & scam websites, etc. As it checks every website before you go on it to make sure it is safe and if it is not safe then it will be automatically blocked. They do not log any of your data, they are fast and they score very high on tests. Also, they can block adult sites, explicit, other unsafe content and mixed adult content, etc. Additionally, they can enforce Safe Mode on Google, Bing and YouTube and they can block proxy and VPN domains that are used to bypass the filters, etc. Finally, all these additional filter options you can choose whether to use them or not, but all the filter options include protection for malware, phishing and scam websites, etc. This it to keep you safe with this first layer of protection for your network.

I would also recommend that you install AdGuard for free on Android, as it creates a local VPN (virtual private network) connection to itself and Adguard's servers can not see your data, AdGuard blocks ads, tracking, annoyances and spyware websites, etc. Also, it can connect you to your DNS encrypted via HTTPS and via DNSSEC which validates that the DNS server is who they say they are as well, if your DNS supports it, which prevents spoofing attacks (an attacker redirecting you to a different website without your knowledge, instead of sending you to the website that you requested, by pretending to be the DNS server(s) that you use), man in the middle attacks (an attacker pretending to be the website's server(s) for the website that you requested and pretending to be the DNS server(s) that you use) and encrypted DNS makes it harder for your ISP to know what websites you have been visiting. Additionally, when visiting HTTPS websites your ISP can only see what website you are on not what page you are on, but with an encrypted DNS your ISP can only see what IP address you have been sent to, and as multiple websites can be hosted by a single IP address that is why it makes it much harder for your ISP to know what websites you have been visiting. If you are not visiting HTTPS websites, then your ISP can see what page you are on as well as all the data being transmitted to and from the websites even with your DNS encrypted, and with SNI (Server Name Injection) your ISP can still tell what websites you have been visiting, but encryption for that is now possible due to TLS 1.3, so SNI will soon be encrypted as well. Sometimes blocking solutions can block legitamate useful things like for an example cookie banners, that inform you of what cookies are, that inform you of what cookies are used by a website, that let you choose what cookies are used and so things that use those cookies are allowed to run if you choose to allow those cookies. For Android, other operating systems and other computers and devices, there are other free blocking solutions for ads, tracking, annoyances and spyware websites, etc. Finally, for Android, other operating systems and other computers and devices, there are other free solutions for encrypted DNS and for encrypted VPN.

Once the security programs are installed and set-up remember to keep them up-to-date. Also, remember to keep your browsers and other programs up-to-date as well. Because doing all of this will mean your security in those programs is up-to-date.

If not done automatically I would recommend that you always check for and install important Windows updates. Also, it is a good idea if supported to check and choose which optional windows updates to install, this is so you can get the latest Windows security patches and updates. Like for an example the Windows security patch to block WannaCry ransomware and the Windows security patch to protect against the Meltdown CPU flaw. Additionally, to resolve general Windows issues and bugs, and to access new Windows and software features if supported.

Always remember before doing any update to check the reviews and / or comments for the update in question.

I would also recommend that you upgrade to the latest version of Windows 10, as Windows 7 SP1 in 2020 will soon be unsupported. As mainstream support has already ended and only extended support is now active until 2020. That means it will only receive Windows security patches & security updates until 2020. So there will be no new features added to Windows 7 SP1. Also, because Windows 10 is faster, as it has a faster boot time, faster USB 3.0 speeds, it is more stable, it is more secure, it has new features with more new features to come and Windows 10 will be supported for more years, etc. You can fully stop Microsoft and other companies from collecting your data by disabling telemetry and data collection, so just search Google for Windows 10 disable telemetry and data collection or search Google for (the company in qurstion) disable telemetry and data collection. Additionally, you can make Windows Update become manual again by turning on the setting in Windows 10 called metered connection for WiFi or Ethernet connections. You can prevent specific windows updates from being installed using the Microsoft Show or hide updates troubleshooter package, which can be downloaded direct from Microsoft. All of this can be done even in Windows 10 Home Edition and you can perminently disable the Windows update service in services.msc to disable all Windows updates, if disabled I would recommend that you enable the Windows update service again when the bad Windows updates have been corrected by new Windows updates. Finally, you can now defer major feature Windows updates for up to 365 days and you can now defer quality Windows updates for up to 30 days.

Always remember to scan archive files before you open and / or extract them, e.g. RAR and ZIP files, etc. This is because they could contain viruses, malware or spyware, etc. Also, only download from websites that you trust, especially when you are directly downloading EXE (executable files), as they could contain viruses, malware or spyware, etc. Finally, if you are downloading and installing apps remember to scan them, to check what permissions they require, to check if they are sharing your personal data anywhere and to check for any unusual/intrusive behaviour, etc. You can do all of these things even before you download an app with the App Advisor for Google Play Store feature in Norton Security and Antivirus, or if you are downloading apps (APK) files directly you can view the apps permissions before you install, you can scan the apps before you install and if you are using Norton Security and Antivirus it can scan the apps after you install them as well.

Always remember when installing programs to select a custom install vs selecting an automated install, this is so you can de-select any optional extras that you don't want and / or need to be installed, as these could be Adware and / or just things that you don't want and / or need to be installed, etc.

There are CPU security flaws that have been identified on virtually everyone's CPU's that have been manufactured in the last 20 years, they are called Meltdown and Spectre which have many different variants. This is for Intel, AMD and ARM CPU's, etc. Spectre essentially gets programs and / or your systems to perform unnecessary operations - this leaks data that should stay confidential, where as Meltdown also grabs information - but essentially it simply snoops on memory used by programs and / or your systems in a way that would not normally be possible. But the good news is you can protect against the Meltdown and Spectre CPU security flaws, and you can do this by updating and keeping up-to-date your browsers, GPU drivers, system monitoring/management programs, Google programs and apps, etc. All to receive security update patches. But most importantly by updating your operating system and your BIOS / CPU microcode frmware, to receive security update patches as well.

Microsoft have already released a Meltdown security update patch for Windows operating systems, it protects Intel CPU's only, as AMD CPU's are immune to this CPU security flaw. The Microsoft security update patch will only install if your real-time security software is up-to-date, and if it has been patched to work with the Microsoft Meltdown security update patch. All the major Linux operating system distributions already have Meltdown security update patches, and they protect Intel and ARM CPU's. Nvidia have already released a Spectre security update patch for their GPU drivers. Google have already released a Meltdown/Spectre security update patch for Android and ChromeOS, it protects Intel and ARM CPU's. But for Android (which is mostly just affected by Spectre) it will be up to each manufacturer to distribute these security update patches. Apple have already released a Meltdown/Spectre security update patch for iOS, macOS, tvOS, macOS Sierra, OS X El Capitan and macOS High Sierra, it protects Intel and ARM CPU's of Apple's. Intel have released a Spectre security update patch for the different CPU microcode firmware versions, Microsoft have distributed it and it can be downloaded from Intel directly for Linux as well. Also each manufacturer should distribute these security update patches as well. AMD have released a Spectre security update patch for the different CPU microcode firmware versions, Microsoft have distributed it. Also each manufacturer should distribute these security update patches as well. Firefox have already released a Meltdown/Spectre security update patch for their browser. Microsoft have already released a Meltdown/Spectre security update patch for their Microsoft Edge and Internet Explorer browsers. Google have released a Meltdown/Spectre security update patch for their Chrome browser. Finally, Apple have also already released a Meltdown/Spectre security update patch for their Safari browser. And the list goes on.

Make sure your Security is up-to-date, don't click/tap on suspicious links, don't go on suspicious websites, don't download suspicious programs / apps, only download from credible sources and always scan files before extracting and / or installing them. As if you have a secure system then nothing can use the Spectre and Meltdown CPU security flaws before you have fully patched them, because they require malicious code to be running on your system for these CPU security flaws to be acted upon. Also, if your programs are up-to-date and if they have security update patches they will protect against these CPU security flaws even more, as there will be even less of a chance they can be acted upon by malicious code before you have fully patched them. But always remember to apply security update patches as soon as they are released.

Always check before entering personal information into a website that it is HTTPS secured, which means between you and the website's servers communication is encrypted and it is only readable by you and the website's servers. Also it means you are protected against man in the middle attacks (an attacker pretending to be the website's server(s) for the website that you requested), etc.

You can test your browsers to see if they checking for revoked HTTPS certificates on websites using GRC's HTTPS Certificate Revocation Awareness Test, if they are, that means if a website revokes it's HTTPS certificate you will not be able to access a website that uses that HTTPS certificate. This is so a website can not trick you into thinking that it's the website listed on the HTTPS certificate, but If your browsers don't check for revoked HTTPS certificates on websites, that means if a website revokes it's HTTPS certificate you will be able to access a website that uses that HTTPS certificate, so a website could trick you into thinking that it's the website listed on the HTTPS certificate when it's not. A website could have been made to look like the website listed on the HTTPS certificate. They would have had to have compromised the HTTPS certificate itself to gain access to it, that's why the website listed on the HTTPS certificate would have revoked it to prevent it from being used by anyone else.

You can obtain Perfect Passwords using GRC's Ultra High Security Password Generator, they are 63-64 characters long and each one is completely random with a GRC guarantee that no similar passwords will ever be produced again. Their page will only allow itself to be displayed over a snoop-proof and proxy-proof high-security SSL connection. Also, their page is custom generated each time just for you so it will not be cached by the GRC website servers or be visible to anyone else. So the password it generates is private. The passwords use a massive 512 bits of security, so they are perfect for a wireless security password, etc. Finally, if you don't like entering the long password into each device manually just use WPS Push Button connect or a WPS client randomly-generated security PIN to connect your devices to your router, as that saves time if your router supports it, or just copy and paste the long password into your device if your device supports it.

You can use GRC's Interactive Brute Force Password Calculator to check and see how long it would take to find your password if an attacker had to try every possible combination, as if you don't use passwords with dictionary words in them an attacker has to find your password using brute force by trying every possible combination. Also, the passwords you enter are only locally temporarily stored in your browser, they never leave your browser and that means the GRC website servers do not know the passwords you enter, so your passwords are still private. Additionally, choose strong passwords that are different for each online account, especially for your email accounts, as this will limit the impact if one password gets compromised. Use a combination of numbers, symbols, and upper and lower case letters, make sure your new passwords are a minimum of 10 characters, create different passwords for every login for better security and avoid storing passwords in your browser to help avoid password leaks. Finally, by creating different strong passwords for each online account, you will help to maintain your privacy and prevent attackers from hacking your online accounts.

Enable two-factor authentication in all your accounts that support it, this will add an extra layer of security to your accounts, so when you want to sign in it will ask you to enter your password and it will also send you a temporary code each time to either your email address or to your phone number via a call or a text, which it will ask you to enter in as well. Also, this will protect your accounts if your passwords get leaked in a data breach and this will give you time to change your passwords.

You can use GRC's DNS (Domain Name System) Spoofability Test to check the spoofability protection of the DNS server(s) you use. As when you visit a website the DNS provider you use has already worked to get you to that website. As they have located and identified that website by using that website's domain name to match it to its IP adress. Because it's a lot easier to remember a website's domain name instead of its IP address. Spoofability is where an attacker redirects you to a false website even when you have typed in the correct domain name of that website. So that is why spoofability protection is so important, as it prevents an attacker from being able to redirect you to a false website without your knowledge.

I would recommend that you disable your router's built-in static WPS PIN, as it is short and can easily be found by an attacker. You can do this in your router's advanced wireless settings, if your router supports it. Also, you will still be able to use WPS because your router still allows WPS Push Button Connect and it still allows the randomly-generated WPS PIN of your device to be entered into your router, if your router supports it.

I would recommend that you set your router's wireless security encryption to WPA2-PSK AES, as this provides the highest level of security encryption, if your router supports it.

I would also recommend that you disable your router's ability for its interface to be accessed from the Internet, if your router supports it. Also, I would recommend that you enable HTTPS encryption in your router and devices, if your router and devices support it. Finally, I would recommend that you check your router's firewall to make sure that it's set to its most secure setting, if your router supports it.

I could not list every security vulnerability there ever has been or every new security vulnerability and how to deal with each one, as there is just too many too list. So I have chosen to include a few major security vulnerabilities and how to protect yourself from them and how to protect yourself in general as well.

I could not list every update there ever has been or every new update and if each one is safe to install or not. So I have chosen to provide general advice on how to protect yourself from bad updates and how to block bad updates.

This knowledge was optained from many sources over a long period of time and parts of this knowledge was copied from many sources and pasted into this page, edited by me, all to help you secure your computers and devices.