Welcome to the Sublime Light Landscape Photography Blog!

Our musings about landscape photography, outdoor travel, hiking, gear, technology, politics, and other topics we find interesting

What's Is "In" a Spectacular Landscape Photo?

February 14, 2018  •  Leave a Comment

 

I enjoy seeing and being in beautiful places.  I use photos to remind me of the majesty and grandeur of the places I've been.  I strive to make those photos spectacular.  It is worth asking, then, "What is "in" a spectacular landscape photo"?

 

The photo below is from the first day on my 4-day Routeburn Great Walk in New Zealand in 2011.  It's a nice photo.  Pretty mountains.  Interesting lines.  Not "spectacular", however, at my first glance.  

 

 

Glances can be deceiving.  If you look closely, in the edited photo below, you can see the Routeburn Trail, and 3 separate hiking parties, each outlined in red ovals.

 

 

A close up of the lower-left hiker reveals a lot of detail.  This was shot with on a 40 megapixel Pentax 645D with a 45-85mm zoon lens at 85mm.   That camera system could produce wickedly sharp photos.

 

 

Blue backpack, tan trousers, purple socks.  Purple socks??  Yikes.

 

The people, who are just small specks upon the landscape, help to make some photos spectacular, because they serve to demonstrate just how immense and majestic the landscape is.  Have you seen the hikers in any of my other photos?  

 

Jeff

  


Photo "Paintings" from Topaz Simplify: How does simplification scale?

February 08, 2018  •  Leave a Comment

 

As I was creating paintings from photos using Topaz Simplify, I noticed that some photos appeared to be simplified "more" for the same settings...specifically, the larger the panorama, the larger the simplification effect for the same settings.  It seemed that the simplification was scaling as some function of the number of pixels.  Being curious, I set out to answer the question "How does Topaz Simplify simplification scale?"

 

To do that, I took a panorama, and then cropped it to two sizes: 24x16 inches (the baseline DSLR photo size), and 48x16 inches (twice as long).  I then processed the 24x16 crop using a Simplify "Size" of 0.25.  I processed the 48x16 crop using a Simplify Size of 0.25, and various other sizes, starting with 0.125. 

 

First, a crop from the panorama before Simplify:

 

Kolor stitching | 9 pictures | Size: 30716 x 7696 | Lens: Standard | RMS: 2.33 | FOV: 167.56 x 39.72 ~ 6.45 | Projection: Cylindrical | Color: LDR |

 

Next, the 24x16 crop processed with a Simplify size of 0.25:

 

 

Next, the 48x16 crop processed with a Simplify size of 0.25.  Notice that more detail is lost at the same setting as for the 24x16 crop.

 

 

Finally, the 48x16 crop processed with a Simplify size of 0.125.  It looks, to my eye, about the exact same as the 24x16 crop processed with a Simplify size of 0.25.  

 

 

Simplify "Size" appears to scale linearly with the number of pixels in the photo.  So, for future processing, to get the same level of simplification no matter what the photo size (the size of the panorama), I should scale the "Size" setting linearly with the number of pixels in the photo.

 

Question answered.

 

Jeff

  

 


Killarney Provincial Park: Aerials

January 30, 2018  •  Leave a Comment

 

As mentioned in a previous post, I toured Killarney Provincial Park in Ontario last October (2017) for 3 very quick days to score some fall color photos.  Killarney is located on the northeast side of Lake Huron, and is about an 8-hour drive from Detroit, MI.  It was, simply, outstanding.  Killarney has a very unique, small, quartzite mountain range.

 

I did some hiking and I was able to take an aerial photography flight with a friend out of the Gore Bay-Manitoulin Airport on Manitoulin Island. It was a quick 30 minute flight to get over Killarney.  Once we did, the colors were just beautiful...just about peak color.   

 

 

Robby Colwell and the good folks at Gore Bay-Manitoulin Airport were very helpful and provided the very finest in Canadian hospitality.  Great day.  

 

 

I processed 6 out of about 700 photos taken from the flight which are now in the Killarney Provincial Park Gallery.  I also did several hikes, shooting about 300 more frames.  I'll process more of the Killarney photos later this year.....I'm way behind on processing, still working on my 2016 trips to Utah, Denali NP, and Ontario.  

 

 

I also was very fortunate to see the northern lights for the first time while camping at Killarney.  Gorgeous park and very productive for just 3 days.  I'll have to go back.  

 

Jeff

 

 


Kananaskis Country Photos Finished and Posted

January 23, 2018  •  Leave a Comment

 

I finished processing the photos from my 3 days in Kananaskis Country (Alberta) in the summer of 2017.  You can find the Kananaskis photos here and the paintings here.  Beautiful, beautiful area.    Here are some of my favorites:

 

Kolor stitching | 8 pictures | Size: 28965 x 8177 | Lens: Standard | RMS: 2.12 | FOV: 221.75 x 54.77 ~ 11.66 | Projection: Cylindrical | Color: LDR |

 

 

 

Jeff 

  


How to Batch Rename Large Numbers of Files Using Powershell

January 20, 2018  •  Leave a Comment

 

Zenfolio, my website hosting company, does not have the capability to randomly sort images within a gallery.  I felt that randomly sorting images would create a much better presentation.  I did not want to install new software on my workstation, so I searched the web for native functionality within Microsoft Windows 10 to batch-rename files, specifically, to prepend random numbers to the existing file names.  I did not find the exact method I wanted, but I was able to infer a method.


It's pretty simple. 

 

1. On your desktop (or other location of your choosing), create a folder to house the photo files that will be renamed.  Example: C:\Users\Jeff\Desktop\Test

2. Copy your photo files to the "Test" folder.  I suggest using copies of the images rather than moving the files, so that you can create a different random order in the future

3. Open Powershell

4. Change the Powershell directory to the "Test" folder.  This is VERY important.  Otherwise you will likely rename every file that resides under your user name.  Example: Type "cd c:\Users\Jeff\Desktop\Test", then press Enter

5. Type "Get-ChildItem | rename-item -NewName { ((get-random  -minimum 1000 –maximum 9997 ).tostring()) + ”__” + $_.Name }", then press Enter.  This will rename every file within the Test folder.  It prepends a random number between 1000 and 9997, followed by "__".  Example: 4562__Photo Name

6. After uploading the renamed photos to a Zenfolio gallery, sort by File Name

 

That's it.

 

Jeff

 


Sublimelightlp.com: Major Changes Now Completed

January 12, 2018  •  Leave a Comment

 

I used the beginning of 2018 to finish the overhaul of the Sublime Light Landscape Photography website.  In December, I made major changes focused on landscape "paintings".  The 2018 changes reorganized "photos".  The changes:

 

  1. Structure: There are now four high level galleries.  The Favorite Photos gallery also serves as the home page.
  2. I organized the Photo Galleries to be by Country - State/Province - Park, where applicable.  I think that this will be a more intuitive way to find locations of interest
  3. I "randomized" the order of presentation of the photos in all galleries.  I did this to make the presentation (hopefully) more interesting
  4. I consolidated my previous two favorite photo galleries down to one Favorite Photos gallery with my favorite ~15% of photos

 

SONY DSC

 

I like the result.  Hope you do as well.  

 

Jeff

 

 

 


Major Changes to Sublime Light Landscape Photography: Paintings Galleries

December 18, 2017  •  Leave a Comment

 

I recently made four major changes to the Sublime Light Landscape Photography website:

 

  1. I created a comprehensive Paintings Galleries with "paintings" created by Topaz Simplify for all of my photos, which total about 6,000.  I have found that I like the paintings just as much as the photos, and in some cases, more
  2. I organized the Paintings Galleries to be by Country - State/Province - Park, where applicable.  I think that this will be a more intuitive way to find locations of interest.  I've only photographed 4 countries: the USA, Canada, New Zealand, and the Bahamas, but  I have photographed them extensively
  3. I "randomized" the order of presentation of the photos in all of the Paintings galleries.  I did this to make the presentation (hopefully) more interesting.  Zenfolio, my photo hosting vendor, does not provide the capability to randomize photo order, so I developed a method for randomizing photos using a Windows Powershell command
  4. I created a Favorite Paintings Gallery with my favorite ~10% of paintings

 

 

In the next few months, I plan to reorganize the Photo Galleries to use 'Country - State/Province - Park' as well, and I will also implement photo randomization in those galleries.  That will break the links in my blog, so I will have to make the changes slowly and to rebuild the blog as I go.  

 

For the creation of paintings from Topaz Simplify, I ran batch actions (programs) in Photoshop.  So, other than starting the batches, I really did not work that hard to create the paintings.  It took about 10 days, round-the-clock, for the batch programs to run, at about 40% CPU usage on my Puget Genesis I Workstation (highly recommended) for most of that time.  I'm not looking forward to my next electric bill.

 

 

I will write a future post about what I learned about how Topaz Simplify works, and about my Powershell randomization command.

 

Please give the Favorite Paintings Gallery and the Paintings Galleries a look.  

 

Jeff

 

 

 

 


Arctic National Wildlife Refuge: Please sign the Petition to Oppose Oil Drilling

December 10, 2017  •  Leave a Comment

 

The recent Senate Tax bill has a provision in it to allow drilling in the Arctic National Wildlife Refuge (ANWR).  Please join me in signing the petition to Congress that opposes drilling in ANWR.   You can find the online petition here:  No Drilling in the Arctic National Wildlife Refuge!.  Signing it takes about 15 seconds.

 

I'm a life-long Republican.  I agree with most of the Republican agenda.  But I don't agree with this.  There are very few wild and pristine places left.  We need to leave those places alone if we are to survive as a species.  It IS in our best interests, but a lot of people don't understand that yet.

 

Thank you

 

Jeff

 

 


Home Network Protection: Sophos XG

December 08, 2017  •  Leave a Comment

 

Up until 2015, I used a consumer router as my home gateway (device that connects computers and devices to the internet).  Then I started investigating what would be good network security for the home network.  I didn’t like what I found.

 

The dirty little secret is that consumer routers used as gateways are laughably easy to hack, even when configured properly.    See links 1, 2, 3, 4, 5, and 6, as examples, or search “router easily hacked” or “router insecurity” online.  It’s not just one brand…. it’s all of them.  Enterprise-grade routers are not much better.  See links 7 and 8 as examples.  With routers, it’s not enough to configure them securely and to patch them regularly, which almost nobody does.  Router firmware, by its nature, is riddled with exploitable bugs.  If your router is infected, your devices (PCs, tablets,…) might become infected, and your bank account and other critical information can be stolen.

 

For personal reasons, I needed something better.  Way better.  I also wanted something that could protect every device in the home.  That meant a firewall of some type after the cable modem.

 

Sophos XG running in a Polywell custom-built computer. Front view

Sophos XG running in a Polywell custom-built computer. Rear view

 

After much searching, I decided to try an enterprise-grade UTM (Unified Threat Management, or, a "firewall") software, Sophos UTM, which has since been replaced by Sophos XG, which is what I currently run.  Sophos has kindly made this Sophos XG software FREE for home users.  Wow!

 

Sophos XG has achieved test results that are among the best enterprise UTMs/firewalls.  In a recent NSS Labs test, it blocked 95% of attacks, and placed 3rd in security effectiveness, behind ForcePoint and Cisco.  However, neither ForcePoint nor Cisco offer free firewall software to home users.

 

Sophos XG Security Effectiveness vs. the Competition. From NSS Labs, 2017

 

I did this work primarily because I figured that an enterprise-grade UTM, highly maintained, would be much more difficult to hack than a consumer-grade router.  But doing this work is not for the uncommitted:

 

  • First, you need a low-power computer with at least 2 ethernet connections (aka, NICs) from acceptable manufacturers (Intel, NOT Realtek).   I currently use a custom-specified $1300 fanless Polywell mini-ITX computer with 6 ethernet connections, so it effectively does double duty as a 2nd (non-wireless) router.   I over-specified the Polywell computer in case I want to use it in the future as a desktop computer.  You can do just fine with ~ $800 (dual Intel NIC card instead of quad, lower processor, 8GB RAM) configuration.  Some people have builds costing as little as $300.  I chose Polywell because they offered the most configuration options.  However, Polywell's customer support is, well, not very good.  They appear to be a commodity builder.  Another option I might suggest is AVADirect, which may offer more hand-holding.  A  couple of tips:
    • Get a fanless build.  No noise.  Mini-ITX systems often have noisy fans.  I love the silence
    • Not all NICs will work.  My build has one I219V NIC that Sophos XG does not recognize; I knew this before I ordered.  Check Sophos’ compatible hardware list before specifying and buying your computer.  For the H270N motherboard in my build, you will have to add at least one Intel NIC card due to the I219V compatibility
  • Second, you have to download the Sophos XG software, write it to an ISO image, and then load it onto your Firewall PC.  That will require a monitor, keyboard, and external CD drive for the installation, and VGA, DVI, or HDMI cables.
  • Third, you have to learn how to configure Sophos XG.  To quantify the complexity of an enterprise firewall configuration, I have over 200 screenshots of my Sophos XG configuration as a reference that I can go back to and look at for troubleshooting and for history
  • Finally, if Sophos XG stops offering its software free to home users, my investment in the Polywell computer may no longer be useful.  There is a small risk here, but still a risk

 

Polywell Configuration for Sophos XG. Fanless Build

 

I did all of this work without a background in networking nor in network security, so it took 2-3 days just to get most of my devices connected to the internet, because I had to learn as I went along.  Also, enterprise-grade firewalls are not as friendly as routers to internet-of-things devices like Rokus, Apple TVs, Amazon Echos, Sonos speakers, security cameras, SmartThings smart home controller, and so on.  That means figuring out workable firewall rules not just for PCs, but for all the devices in the home.

 

Sophos XG Home Screen

 

I’ve been running Sophos XG for almost two years now.  It has blocked numerous exploits and malware.  It has also shown all sorts of (blocked) attempts to hack into the devices in my home (China is easily the worst offender).  I’m glad I use Sophos XG, and after I conquered the learning curve, it does not take much time to maintain.  I’ve also developed an understanding on why it is so valuable, and what to look for in a good home gateway (firewall, UTM, router) device.

 

Sophos XG Example Report Page

 

Below is my required feature list.  Sophos XG offers everything on my list

 

Malware Defense

  1. Ability to scan encrypted (e.g. HTTPS) browser connections for malware.  That means installing a Sophos XG HTTPS certificate into your computers, tablets, and similar devices to scan encrypted links for malware
  2. Email protection, including the ability to scan email and block specific file type attachments in email
  3. Intrusion protection (system), or IPS
  4. Ability to prevent malware propagation on the network through firewall rules and detection
  5. Ability to isolate devices from the internet while allowing communications on the home network
  6. Ability to isolate devices on the home network from each other, so that if one device is infected, it cannot infect other devices
  7. Ability to force-drop outbound connections to specified adversarial countries and hacker havens like China, Brazil, Ukraine, and Russia
  8. Blocking of known malware-serving URLs

 

Configuration / Administration

  1. Customizable firewall rules by device and by device class
  2. The ability to force and maintain (DHCP) device IP addresses so I can run reports and see if any devices are potentially hacked or compromised
  3. Notifications of specific events such as internet down and malware blocked
  4. Automated updates and security patches
  5. Decent reporting

 

Network Access

  1. VPN-in capability to remotely access home network devices while traveling

 

In a future post, I’ll outline some consumer alternatives to Sophos XG and how many of my required feature list they fill (hint: not that many).

 

I’d like to thanks Sophos for making such a powerful tool available for free to home users willing to put in the time to learn network security.

 

Jeff


Purcell Mountain Aerials: Panoramas

December 07, 2017  •  Leave a Comment

 

As I've indicated in the past, making panoramas from aerial photos is very difficult.  Even if a long straight or a slow turn is planned and well-executed in the airplane, I often see severe alignment problems in post-processing, or, the creation of unreal landscape landmarks as the software tries to stitch photos taken from different locations.  Sometimes I can manually fix them, sometimes I cannot.  My success rate is about 40-50%.

 

I was able to create just a few panoramas from my Purcell Mountains flight.  Below are the ones that I like the best.  The panoramas are mixed in with all the photos in the BC-Purcell Mountains gallery.  

 

Kolor stitching | 3 pictures | Size: 13382 x 6037 | Lens: Standard | RMS: 3.53 | FOV: 165.74 x 65.02 ~ 7.38 | Projection: Cylindrical | Color: LDR |

Kolor stitching | 3 pictures | Size: 13256 x 6394 | Lens: Standard | RMS: 2.97 | FOV: 90.91 x 36.49 ~ -20.69 | Projection: Cylindrical | Color: LDR |

Kolor stitching | 7 pictures | Size: 24749 x 5730 | Lens: Standard | RMS: 7.26 | FOV: 230.02 x 49.03 ~ -7.15 | Projection: Cylindrical | Color: LDR |

Kolor stitching | 5 pictures | Size: 12609 x 5384 | Lens: Standard | RMS: 3.56 | FOV: 72.23 x 29.23 ~ -9.81 | Projection: Cylindrical | Color: LDR |

 

Kolor stitching | 3 pictures | Size: 12737 x 5641 | Lens: Standard | RMS: 3.20 | FOV: 0.53 x 0.24 ~ 3.35 | Projection: Cylindrical | Color: LDR |

Kolor stitching | 4 pictures | Size: 11107 x 5330 | Lens: Standard | RMS: 3.71 | FOV: 61.73 x 27.56 ~ -12.74 | Projection: Cylindrical | Color: LDR |

I hope that you like them.

 

Jeff

 

 


Purcell Mountains Aerial Paintings: Processing Finished and Posted

December 02, 2017  •  Leave a Comment

 

I also finished processing paintings of my aerial photos of the Purcell Mountains taken this past summer.  I've posted some of my favorites here.  You can find the rest in the BC-Purcell Mountains paintings gallery.

 

 

I used Topaz Simplify.  The only slider used was "Simplify Size", which was set to 0.25.  

 

Jeff

 


Purcell Mountains Aerials: Processing Finished and Posted

November 13, 2017  •  Leave a Comment

 

I finally finished processing my aerial photos of the Purcell Mountains taken this past summer.  I've posted some of my favorites here.  You can find the rest in the BC-Purcell Mountains gallery.

 

 

These aerials were challenging to process.  Many (not all) had an unattractive purplish color cast, probably as a result of two things:

  1. The circular polarizer not always being correctly rotated (hard to do on a bucking airplane with constantly changing direction, holding the camera steady with a 100 mph wind)
  2. Underexposure.  I've read that underexposure on some Nikon cameras can result in a purple color cast.  It reminded me of the occasional nasty purple cast of Velvia film, for those of you who saw that with Velvia 

 

 

So, I did some learning.


First, I trialed Capture One Pro as a raw converter and photo processing program.  I'll have to say I'm impressed.  I consider myself very knowledgeable in Lightroom, but I could not replicate in Lightroom the very high quality of Capture One Pro's color, the noise reduction, and the sharpening....and I tried and tried.  The noise reduction was even better than DxO Optics Pro, which was my standard up to this point.  My conclusion was, for the Nikon D800E, that Capture One Pro is a much better raw converter, hands-down...maybe even the best.   Kudos to Phase One.  It was a tough call on whether to purchase Capture One Pro.  A 1-year subscription to Capture One Pro is $180, paid in advance, while a 1-year subscription to Lightroom and Photoshop combined is $120.  I was not able to find a discount for the Capture One Pro subscription.  If you find one, tell me about it.  Capture One Pro is very good, but it is not a good value.  In the end, I felt the price was worth it, for now.   Barely.

 

 

Second, I dived deeper into Photoshop.  The basic approach was to:

  1. Use Select Color Range to select localized areas of purple (e.g. purple on near slopes, then a 2nd later selection for distant mountains,...)
  2. Manually add purple areas to or remove non-purple areas from the Selected Color Range
  3. Create a "New Layer via Copy" with the Selected Color Range
  4. Apply one or more of the following adjustments: Selective Color, Layers, or Hue/Saturation.  In Selective Color, I would choose Blues and Aquas and decrease the level of Magenta.  In Layers, I would increase the minimum levels for the Red and the Blue channels.  In Hue/Saturation, I would decrease the saturation of Blues and Cyans.  

Some photos had as many as 5 or 6 Photoshop layers, but 2 or 3 was more common.  The flattened Photoshop file was then finalized in Lightroom.  If I felt there was still too much purple, I would either move the purple hue slider toward blue, and/or decrease the purple saturation to the color matched, to the best of my somewhat fuzzy recollection, the actual colors that I saw that day.

 

 

In the end, I liked the final result.  I processed about 200 of the 800 photos taken on that flight.  I did not process the other 600 because many were of the same scene (there is a lot of overlap in what I did process), and the whole procedure took too much time.  

 

 

Again, you can find more in the BC-Purcell Mountains gallery.

 

Jeff

 

 


Killarney Provincial Park: Ontario's Gem

November 01, 2017  •  Leave a Comment

 

After a long hiatus, and a couple of trips, I've finally gotten around to writing a blog post.

 

Kathy and I traveled to Michigan in late September to early October to visit family.  I "leveraged" (management consulting-speak) that trip to get over to Killarney Provincial Park for a 3-day whirlwind hiking and photography trip.  Killarney is located on the northeast side of Lake Huron, and is about an 8-hour drive from Detroit.  It was, simply, outstanding.  Killarney contains some of the oldest mountains on the continent, the La Cloche mountains, which are a striking white quartzite, and which rise to about 1000' above the surrounding landscape.  

 

I was able to take a flight and do some open-window aerial  photography, and walked several trails.  More about that later.   I processed one photo today, and I also abstracted it using Topaz Simplify.

 

 

Jeff


How to Secure a Home PC Against Malware: Updated

September 12, 2017  •  Leave a Comment

This is an update to my previous post, based upon changes in the market and the products.    I removed Malwarebytes v2 and CryptoPrevent v8. I added Microsoft Bitlocker drive encryption and OpenDNS Umbrella Prosumer.  I also added some additional Microsoft Windows 10 hardening actions.

 

There are now 8 Actions to secure a Windows 10 PC from malware, up from 6.  These 8 Actions will make a Windows 10 PC almost unhackable.

 


 

1. Browser (Isolation) Sandbox.  A browser sandbox, properly configured, prevents malware from downloading from your browser to your PC.  The best option for home users, by far, is paid Sandboxie.   Sandboxie needs to patch about one vulnerability per year, compared to hundreds of vulnerabilities per year for Firefox, Chrome, IE11, and Microsoft Edge browsers.   Configure Sandboxie to force Chrome and IE11 to run inside of Sandboxie.  $75 for 5 lifetime Sandboxie licenses

 

2. Antivirus (AV).  I recommend Webroot SecureAnywhere Antivirus.  It tests comparably to the best AVs tested by AV-Test, AV-Comparatives, MRG Effitas, PC Magazine, and NSS Labs.  However, it easily has the lowest (best) attack surface of any consumer AV, thus making it my AV of choice over other good performers.  Webroot is free if you have an Ally Bank savings account

  • Good Alternatives: Norton Security Deluxe (price varies, ~$40/year/5 PCs), Trend Micro Maximium Security (price varies, ~$40/year/5 PCs)

  • Avoid: Most of the rest.  Especially avoid any Chinese, Russian, or Eastern European AV, which may include hostile government backdoor trojans

  • Interesting Options Not Yet Tried: Cylance Protect (managed, which means the provider configures it).  $60/year/PC

 

3. On-Demand Malware Detection.  I use Sophos HitmanPro (free).  I no longer use Malwarebytes as they have sunset v2, and v3 is not very good.  I also use Norton Power Eraser (also free)  

 

4. Software Restriction Policy / Anti-Executable.  Blue Ridge Networks AppGuard is easily the best option here.  There have not yet been confirmed bypasses of (infections due to) AppGuard.  $30/year/PC

 

5. Operating System Hardening (free).  Microsoft Windows has a lot of native programs, settings, and functions that the average home user does not use nor need, and that make Windows (more) insecure.  I turn most of these off or disable them.  Hardening is a key way to improve email security if you use Microsoft Outlook.  Key hardening items:

  • Accounts: Work from a Standard User account.  Use an Administrator account only for software installations and updates.  Set User Account Control to "Always Notify"

  • App Installation Setting: Only install apps from the Windows Store (after all program installation is finished)
  • Microsoft Office: ActiveX Settings: Disable all controls w/o notification.  Macros: Disable with notification.   Block RTF files

  • Group Policy Objects (GPO): Disable AutoPlay/AutoRun, Desktop Gadgets, 16-Bit Apps, Application Compatibility Engine, Remote Desktop Connections, LLMNR, Remote Shell Access.  Turn off Live Tiles.  Force GPO Refresh

    • GPO can be edited in Windows 10 Pro, but not in Windows 10 Home

  • Windows Registry: Disable Windows Script Host, WPad (partial), Elevation for Unsigned Executables.  Mitigate DLL Hijacking.  Block Untrusted Fonts.  Outlook: Block 600 file extensions, Force OST Path, Hide OLE Objects

  • Computer Properties: Enable DEP

  • Windows Features: Disable Powershell 2.0 and SMB v1

  • Windows Firewall: Block Regsvr32.dll outbound

  • Network Adapters: Disable all services except IPv4 

  • DNS Setting: Set to OpenDNS - 208.67.222.222, 208.67.220.220 for the PC's LAN and WLAN adapters 

  • Chronically Vulnerable Programs: Uninstall / never install Skype, Adobe Reader, Java, any Java-based programs, Microsoft Silverlight, and any Bittorrent clients.  If you don't really need it, don't install it

  • PDF Management: Force PDF files to open in Chrome, and force Chrome to run inside of Sandboxie

  • Other Hardening Steps: We have many additional hardening changes, but the ones outlined should be pretty good for most home users

 

6. Encryption.  Use Microsoft Bitlocker (free) to encrypt all data drives

 

7. DNS Security.  Use OpenDNS Umbrella Prosumer ($20 per year / 3 devices) to encrypt and enforce DNS.  This is primarily used for travel computers, to prevent Man-in-the-Middle attacks from compromised wi-fi hotspots

 

8. Patching.  Patch (update) all programs once per month

 


 

Each software program requires a good configuration.  Sandboxie and Blue Ridge Networks AppGuard, in particular, have complex configuration options. 

 

However, these eight actions, in combination, make it almost impossible for your PC to be hacked or to be infected.

 

I’ll cover home network (firewall and router) and Internet of Things (IOT) security in a future post.

 

Jeff

 

PS: Don't buy Lenovo or other Chinese company PCs.  Buy Dell (preferred) or HP,  for which the Chinese government is less likely to be able to install malware at the factory.  In case you've not figured this out, the Chinese are not our friends.  They are our enemies 

   


Purcell Mountain Aerials: Paintings from Photos

August 23, 2017  •  Leave a Comment

 

I used Topaz Simplify to create a few "paintings" from the Purcell Mountains aerial photos.  The only slider used was "Simplify Size", which was set to 0.25.  To see more paintings from the Purcell Mountains aerial photos, go to our BC-Purcell Mountains paintings gallery.

 

 

Jeff