Information Technology

 On modern systems with solid-state drives, you can often find a management utility that includes a Secure Erase command.
Getty Images
Welcome to this week’s installment of Ask ZDNet, where we answer the questions that make Dear Abby’s eyes glaze over. In the mailbag this week: What’s the best way to securely erase your PC before selling it or giving it away? How can you fix your weak passwords easily? And why is it so hard to find a laptop with a large display and a touchscreen? If you’ve got a question about any of the topics ZDNet covers, one of our team of editors and contributors probably has an answer. We’ll find an outside expert who can steer you in the right direction if they don’t. Questions can cover just about any remotely related topic to work and technology, including PCs and Macs, mobile devices, security and privacy, social media, home office gear, consumer electronics, business etiquette, financial advice… well, you get the idea. Send your questions to ask@zdnet.com. Due to the volume of submissions, we can’t guarantee a personal reply, but we do promise to read every letter and respond right here to the ones that we think our readers will care about. Ask away. 

What’s the best way to permanently delete all the personal files from my laptop before I give it away?

I am giving away my old Windows laptop to a friend. Before I do that, I want to make sure my personal files are securely erased and completely unrecoverable. Do I need special software for that?

When you’re getting a PC ready for reuse, the best way to begin is to boot from Windows installation media, remove all existing disk partitions, and then perform a clean install. That option removes any existing personal files, but it doesn’t wipe the disk clean. As a result, it’s possible that someone with advanced technical skills could use forensic tools or data recovery software to access some of the deleted information.

On modern systems with solid-state drives, you can often find a management utility that includes a Secure Erase command. For Samsung SSDs, use the Samsung Magician program. For Intel SSDs, download and install the Intel Memory and Storage Tool. SSDs from Crucial use the Crucial Storage Executive utility. Microsoft Surface devices support a custom tool called the Microsoft Surface Data Eraser.You can also use Windows’ built-in encryption tools to ensure that the entire system drive, including unused disk space, is encrypted before performing a clean install. That extra step requires some additional time, but it ensures that any data recovered from anywhere on the drive will be unreadable. And you don’t need third-party software to get the job done.Your system drive is fully encrypted by default if you’ve signed in to Windows with a Microsoft account on a modern device that supports BitLocker Device Encryption (BDE). (To confirm that your device supports BDE, run the System Information utility (Msinfo32.exe) as an administrator and check the Device Encryption Support entry at the bottom of the System Summary page.On a system running Windows 10 Pro or Windows 11 Pro, you can use the Manage BitLocker utility (type BitLocker in the search box to find it) to encrypt the system drive and any data drives. Be sure to choose the option to encrypt the entire drive and not just the space that currently contains data.If Device Encryption isn’t available, open a command prompt using the Run As Administrator option and enter this command:Cipher /W:C:That command “zeroes out” unused disk space, overwriting it so that it can’t be recovered. This process can take a long time, so consider letting it run overnight while you concentrate on more important tasks.Also: The best encryption software: Protect your data

My password manager says some of my passwords are weak. Should I be worried?

I recently started using a password manager, and when I sign in to some sites the program tells me my password is weak. What do I need to do to replace those weak passwords with strong ones?

If you’ve recently started using a password manager, congratulations! That’s a major step on the road to being more secure. You’re undoubtedly dealing with a collection of credentials you created yourself over the years during this transition. And because human beings are notoriously bad at creating truly random strings of text, those passwords are probably weak, which means they can be easily guessed or are vulnerable to a brute-force attack.

A weak password is typically too short, is made up of words that can be found in a dictionary, and/or contains all or part of the account name. Even if you did manage to create a truly random, hard-to-guess password, your password manager will flag it if it determines you’ve used it at multiple sites.The good news is that your password manager undoubtedly contains a password generator, which you can use to replace those old, weak, insecure passwords. Unfortunately, the process of changing your old passwords is labor-intensive. For each service, you’ll need to find the page where you change your password; use the password generator to create a new, random, unique password and then update the saved entry.As a best practice, you should do this as soon as possible for high-value sites like banks, credit card portals, and email and social media accounts. After completing each password change, I recommend that you immediately sign out of the service and sign in again, using your freshly saved password, to confirm that the new password was properly stored.

Where are all the touchscreen PCs?

I’ve been shopping for a new laptop with a larger display, at least 16 inches. The extra clunkiness doesn’t bother me as my mobile needs are pretty limited and I’m not a big fan of having an external display. But I’ve been surprised by how many Windows laptops with larger displays don’t come with a touchscreen. It is 2022, right? Am I just looking in the wrong place?

These days, most mainstream laptops have screens that are 13 or 14 inches in size, measured diagonally. That form factor is the sweet spot for general business use, typically small enough and light enough to be truly portable. At that size, a touchscreen comes in handy occasionally, and it’s usually not an expensive upgrade.

As you’ve discovered, 16- and 17-inch laptops are not so portable and typically command a premium price. Dell’s new XPS 17 laptop, for example, weighs 4.87lbs with a non-touchscreen and bulks up to a hefty 5.34lbs (with a $300 surcharge) if you specify a touchscreen. And this model is considered remarkably light for the category. (Your shoulder may beg to differ.) These devices are generally designed for graphics professionals who use them as desktop replacements and occasionally need to do high-end graphics work on the road.Given their size and the fact that most graphics editing tasks require a mouse, a touchscreen on a laptop that large is pretty much a waste of battery power and money. For your use case, I suggest looking at a laptop with a 15-inch screen, like the Dell XPS 15. And if you’re going to use it as a desktop replacement, connected to a docking station with a keyboard and mouse most of the time, skip the touchscreen and spend the money; you’ll save on a discrete GPU.Also: The best 2-in-1 laptops: Top flexible, hybrid, and convertible notebooksSend your questions to ask@zdnet.com. Due to the volume of submissions, we can’t guarantee a personal reply, but we do promise to read every letter and respond right here to the ones that we think our readers will care about. Be sure to include a working email address in case we have follow-up questions. We promise not to use it for any other purpose.  

ZDNet Recommends

  More

 On modern systems with solid-state drives, you can often find a management utility that includes a Secure Erase command.
Getty Images
Welcome to this week’s installment of Ask ZDNet, where we answer the questions that make Dear Abby’s eyes glaze over. In the mailbag this week: What’s the best way to securely erase your PC before selling it or giving it away? How can you fix your weak passwords easily? And why is it so hard to find a laptop with a large display and a touchscreen? If you’ve got a question about any of the topics ZDNet covers, one of our team of editors and contributors probably has an answer. We’ll find an outside expert who can steer you in the right direction if they don’t. Questions can cover just about any remotely related topic to work and technology, including PCs and Macs, mobile devices, security and privacy, social media, home office gear, consumer electronics, business etiquette, financial advice… well, you get the idea. Send your questions to ask@zdnet.com. Due to the volume of submissions, we can’t guarantee a personal reply, but we do promise to read every letter and respond right here to the ones that we think our readers will care about. Ask away. 

What’s the best way to permanently delete all the personal files from my laptop before I give it away?

I am giving away my old Windows laptop to a friend. Before I do that, I want to make sure my personal files are securely erased and completely unrecoverable. Do I need special software for that?

When you’re getting a PC ready for reuse, the best way to begin is to boot from Windows installation media, remove all existing disk partitions, and then perform a clean install. That option removes any existing personal files, but it doesn’t wipe the disk clean. As a result, it’s possible that someone with advanced technical skills could use forensic tools or data recovery software to access some of the deleted information.

On modern systems with solid-state drives, you can often find a management utility that includes a Secure Erase command. For Samsung SSDs, use the Samsung Magician program. For Intel SSDs, download and install the Intel Memory and Storage Tool. SSDs from Crucial use the Crucial Storage Executive utility. Microsoft Surface devices support a custom tool called the Microsoft Surface Data Eraser.You can also use Windows’ built-in encryption tools to ensure that the entire system drive, including unused disk space, is encrypted before performing a clean install. That extra step requires some additional time, but it ensures that any data recovered from anywhere on the drive will be unreadable. And you don’t need third-party software to get the job done.Your system drive is fully encrypted by default if you’ve signed in to Windows with a Microsoft account on a modern device that supports BitLocker Device Encryption (BDE). To confirm that your device supports BDE, run the System Information utility (Msinfo32.exe) as an administrator and check the Device Encryption Support entry at the bottom of the System Summary page.On a system running Windows 10 Pro or Windows 11 Pro, you can use the Manage BitLocker utility (type BitLocker in the search box to find it) to encrypt the system drive and any data drives. Be sure to choose the option to encrypt the entire drive and not just the space that currently contains data.If Device Encryption isn’t available, open a command prompt using the Run As Administrator option and enter this command:Cipher /W:C:That command “zeroes out” unused disk space, overwriting it so that it can’t be recovered. This process can take a long time, so consider letting it run overnight while you concentrate on more important tasks.Also: The best encryption software: Protect your data

My password manager says some of my passwords are weak. Should I be worried?

I recently started using a password manager, and when I sign in to some sites the program tells me my password is weak. What do I need to do to replace those weak passwords with strong ones?

If you’ve recently started using a password manager, congratulations! That’s a major step on the road to being more secure. You’re undoubtedly dealing with a collection of credentials you created yourself over the years during this transition. And because human beings are notoriously bad at creating truly random strings of text, those passwords are probably weak, which means they can be easily guessed or are vulnerable to a brute-force attack.

A weak password is typically too short, is made up of words that can be found in a dictionary, and/or contains all or part of the account name. Even if you did manage to create a truly random, hard-to-guess password, your password manager will flag it if it determines you’ve used it at multiple sites.The good news is that your password manager undoubtedly contains a password generator, which you can use to replace those old, weak, insecure passwords. Unfortunately, the process of changing your old passwords is labor-intensive. For each service, you’ll need to find the page where you change your password; use the password generator to create a new, random, unique password and then update the saved entry.As a best practice, you should do this as soon as possible for high-value sites like banks, credit card portals, and email and social media accounts. After completing each password change, I recommend that you immediately sign out of the service and sign in again, using your freshly saved password, to confirm that the new password was properly stored.

Where are all the touchscreen PCs?

I’ve been shopping for a new laptop with a larger display, at least 16 inches. The extra clunkiness doesn’t bother me as my mobile needs are pretty limited and I’m not a big fan of having an external display. But I’ve been surprised by how many Windows laptops with larger displays don’t come with a touchscreen. It is 2022, right? Am I just looking in the wrong place?

These days, most mainstream laptops have screens that are 13 or 14 inches in size, measured diagonally. That form factor is the sweet spot for general business use, typically small enough and light enough to be truly portable. At that size, a touchscreen comes in handy occasionally, and it’s usually not an expensive upgrade.

As you’ve discovered, 16- and 17-inch laptops are not so portable and typically command a premium price. Dell’s new XPS 17 laptop, for example, weighs 4.87 pounds with a non-touchscreen and bulks up to a hefty 5.34 pounds (with a $300 surcharge) if you specify a touchscreen. And this model is considered remarkably light for the category. (Your shoulder may beg to differ.) These devices are generally designed for graphics professionals who use them as desktop replacements and occasionally need to do high-end graphics work on the road.Given their size and the fact that most graphics editing tasks require a mouse, a touchscreen on a laptop that large is pretty much a waste of battery power and money. For your use case, I suggest looking at a laptop with a 15-inch screen, like the Dell XPS 15. And if you’re going to use it as a desktop replacement, connected to a docking station with a keyboard and mouse most of the time, skip the touchscreen; choose a less expensive non-touch-enabled display and invest the savings in a discrete GPU.Also: The best 2-in-1 laptops: Top flexible, hybrid, and convertible notebooksSend your questions to ask@zdnet.com. Due to the volume of submissions, we can’t guarantee a personal reply, but we do promise to read every letter and respond right here to the ones that we think our readers will care about. Be sure to include a working email address in case we have follow-up questions. We promise not to use it for any other purpose.  

ZDNet Recommends

  More

Boardrooms have a reputation for not paying much attention to cybersecurity, but it could be that executives are finally keen to take more interest in securing the systems and networks their businesses rely on. Senior figures from American, British and Australian cybersecurity agencies have said that business execs are now more aware of cyber threats and are actively engaging with their chief information security officer (CISO) and information security teams. 

Abigail Bradshaw, head of the Australian Cyber Security Centre (ACSC), said that, in a “massive leap in trust,” many organisations are actively seeking out advice to help inform boardrooms about cybersecurity issues.SEE: A winning strategy for cybersecurity (ZDNet special report) “Today boards say, ‘Can you come and brief our board, and can you stay while the CISO’s briefing the board? And can you please give us a view about the quality of our controls and our estimation of risk?’, which is hugely transparent,” she said, speaking at the UK National Cyber Security Centre’s (NCSC) Cyber UK conference in Newport, Wales  “I see that as well, it feels as if it’s really maturing,” said Lindy Cameron, CEO of the NCSC. “We’ve been trying really hard over the last few months to get organisations to step up but not panic, do the things we’ve asked them to for a long time and take it more seriously”. The NCSC regularly issues advice to organisations on how to improve and manage cybersecurity issues, ranging from ransomware threats to potential nation state-backed cyberattacks – and Cameron said she’s seen a more hands-on approach to cybersecurity from business leaders in recent months.”I’ve seen chief execs really asking their CISOs the right questions, rather than leaving them to it because they don’t have to understand complex technology. It does feel like a much more engaging strategic conversation,” she said. But there can still be a disconnect between knowing what needs to happen, then actually budgeting for and implementing a cybersecurity strategy. “I think everybody in this room knows what we need to do to do the basics of cybersecurity. And often the challenge is the culture and the resources; the will to say, ‘This is the thing that we have to do and we’re going to endure the pain to get there’,” said Rob Joyce, director of cybersecurity at the National Security Agency (NSA). He pointed to multi-factor authentication (MFA), something which is generally regarded as a key step that businesses can take to boost cybersecurity, providing an extra barrier to hackers trying to use phished, leaked or stolen usernames and passwords. However, rolling MFA out to all users of a network can be a challenge.  “We have a long journey ahead on multi-factor authentication, there’s nobody who thinks that’s a bad idea – but it’s a real investment, a real pain to implement it,” said Joyce. Nonetheless, the NSA director believes progress is being made, especially after the White House signed an executive order around cybersecurity for critical infrastructure and has committed to a zero-trust security model for federal agencies.SEE: Cloud computing security: New guidance aims to keep your data safe from cyberattacks and breachesWhile these proposals only relate directly to critical infrastructure and government respectively, following the cybersecurity strategies could be useful to many organisations in other sectors outside of government and industry.”The narrative has shifted at a political level, at the board level, at the industry level, who are now getting together and saying, ‘We know where we must go, let’s resource everyone to get there’,” said Joyce. And while most businesses will be expected to take control of implementing and updating a cybersecurity strategy themselves, governments and cybersecurity agencies are there to provide advice and guidance – and that’s something that the ACSC’s Bradshaw hopes that companies continue to take advantage of during their cybersecurity journeys. “What they’re looking for is evidence of an ongoing relationship and collaboration between my agency and their CISO and senior execs. That is something I’m extremely grateful for and I think bodes well for the evolution that’s necessary over the next decade,” she said. MORE ON CYBERSECURITY More

Security by design needs to be ingrained in software development and innovative thinking is required to help secure society against cyberattacks as technology become a bigger part of our everyday lives, the chief of the US Cybersecurity & Infrastructure Security Agency (CISA) has warned.CISA director Jen Easterly said that, while it’s important to focus on the cybersecurity issues of today, it’s also important to think about the challenges of tomorrow. 

“The stakes in the decade ahead could not be any higher, particularly for those of us in technology and cybersecurity,” she said, warning that it’s “critical” to focus on the overriding values that must underpin cyber defense over the next decade.SEE: A winning strategy for cybersecurity (ZDNet special report)Alongside the current challenges facing cybersecurity – such as ransomware and supply chain attacks – emerging technologies could bring new threats. For example, the rise of Internet of Things (IoT)-connected smart cities could provide cyber criminals and other hostile attackers with a direct means to disrupt and tamper with services people use every day – unless these cities are designed properly from day one. But cybersecurity wasn’t the only challenge Easterly pointed to, noting the need to make sure that democratic states beat authoritarian regimes to the foundational technologies of tomorrow, the challenges of facial recognition and the race for cryptographically relevant quantum computers, and the growth of artificial intelligence and the fracturing of the internet.”The emerging technology of today will define the shape of the world tomorrow and it’s not an exaggeration in my view to assert the next 10 years could truly determine whether the liberal world order of the post-World War II period will survive or more optimistically whether we as like-minded democratic nations will continue to thrive,” she said.”Will we lead on the development of smart tech and the growth of smart cities in a way that is not just secure by design but engineered for privacy by design?” asked Easterly, speaking via video at the National Cyber Security Centre’s (NCSC) Cyber UK conference in Newport, Wales.The same can be asked of software and supply chains. Many major cybersecurity incidents begin with newly discovered zero-day cybersecurity vulnerabilities – and while once these are disclosed, patches are made available, organisations can be slow to roll them out, making them vulnerable to attackers. By implementing secure by design – a process where applications and software are built with cybersecurity in mind first – technology can be safer and more secure against cyberattacks.  “Will we work together finally to lead the effort to shape the tech ecosystem to ensure that our software and our systems and our networks – and yes, the supply chains that underpin it all – are secure and resilient by design that a decade from now a major intrusion or a new severe zero-day vulnerability is the exception not the norm?” said Easterly – who emphasised that this reality is possible, but only with a coordinated effort. “The answer to all of these questions can be, indeed, they must be yes, but only if we invest aggressively in our alliances, in our people, in global standards that reflect core values that we hold dear across our nations and that bind us together,” she added. MORE ON CYBERSECURITY More

Written by

Chris Duckett, APAC Editor

Chris Duckett
APAC Editor

Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer. After a Canadian sojourn, he returned in 2011 as the Editor of TechRepublic Australia, and is now the Australian Editor of ZDNet.

Full Bio

The agencies responsible for cybersecurity from the United States, United Kingdom, Australia, and Canada have issued a second alert this week, stating that attacks on managed service providers (MSP) are expected to increase. The advisory states that if an attacker is able to compromise a service provider, then ransomware or espionage activity could be conducted throughout a provider’s infrastructure, and attack its customers. “Whether the customer’s network environment is on premises or externally hosted, threat actors can use a vulnerable MSP as an initial access vector to multiple victim networks, with globally cascading effects,” the nations advised. “NCSC-UK, ACSC, CCCS, CISA, NSA, and FBI expect malicious cyber actors — including state-sponsored advanced persistent threat groups — to step up their targeting of MSPs in their efforts to exploit provider-customer network trust relationships.” For the purposes of this advice, the MSP definition covers IaaS, PaaS, SaaS, process and support services, as well as cybersecurity services. In pretty obvious advice, the initial recommendation is to not get compromised in the first place. Beyond that, users are advised to adopt familiar set of advice such as: Improve monitoring and logging, update software, have backups, use multi-factor authentication, segregate internal networks, use a least privilege approach, and remove old user accounts. It is advised that users check contracts contain clauses to ensure MSPs have sufficient security controls in place. “Customers should ensure that they have a thorough understanding of the security services their MSP is providing via the contractual arrangement and address any security requirements that fall outside the scope of the contract. Note: contracts should detail how and when MSPs notify the customer of an incident affecting the customer’s environment,” the advisory states. “MSPs, when negotiating the terms of a contract with their customer, should provide clear explanations of the services the customer is purchasing, services the customer is not purchasing, and all contingencies for incident response and recovery.” Related Coverage More

Written by

Jason Cipriani, Contributing Writer

Jason Cipriani
Contributing Writer

Jason Cipriani is based out of beautiful Colorado and has been covering technology news and reviewing the latest gadgets as a freelance journalist for the past 13 years. His work can be found all across the Internet and in print.

Full Bio

on May 11, 2022

| Topic: Google

Google
Google’s annual developer conference kicked off on Wednesday with several announcements. One includes a handful of new products and services — that Google is either rolling out or will be rolling out in the future — to help improve users’ security and to protect their privacy. The company recapped the announcements via a blog post by Jen Fitzpatrick. 

Google’s announcements tackle several different aspects of your privacy and security. For example, Google is working on a new virtual card tool that can be used across Android devices and in the Chrome browser on Mac or PC. It’s separate from Google Pay, and once a card is added to the service, a virtual card number will be given to the vendor whenever you purchase something online. Also: What are virtual credit card numbers and how do they work?In the event of a data breach, the virtual card number can be replaced, and you won’t have to deal with replacing your physical card. Apple has the same type of feature for the Apple Card. Google’s virtual cards are expected to launch this summer. 
Image: Google
Google also announced a new tool for users’ profiles that will alert you if there’s an action or step you need to take to better protect your information. The Account Safety Status will show up as a yellow circle around your profile’s avatar, letting you know there’s something that needs your attention. In addition to the Safety Status feature, Google Workspace users will soon see more proactive phishing alerts in Google Docs, Slides, and Sheets. 

To help users keep their personal contact information out of Google search results, a new tool will let you flag data, such as your phone number or address, that’s found in public searches. Once flagged, Google will evaluate it and remove any unwanted and potentially harmful information. Through a new Protected Computing initiative, Google will continue its efforts to remove any personally identifying information from your account data and continue investing in encryption. Google is also working on a new My Ad Center that will allow users to provide feedback about the ads they see while using various Google products. Users can remove ad types, or indicate that they want to see more ads about a specific topic. Personally, I’m looking forward to the virtual card numbers the most. I use that feature all the time with my Apple Card, and I wish more credit or debit cards had the same offering. Thanks to Google, at least, it sounds like they will very soon. More

Whether it’s because a move Twitter itself made that you’re not fond of, a decision to move to another platform instead, or you’ve just had enough of social media as a whole, there are plenty of reasons why you’d want to leave Twitter. Unlike most sites that we frequent on the web, leaving Twitter isn’t as simple as signing off for the final time and never going back. That’s because of the massive amounts of data sites like this collect about us while we’re using them. To ensure that Twitter won’t continue exploiting your data after you’ve gone, you need to take the proper steps to fully delete your account and all of the data tied to it on your way out. In this guide, we’ll explain how to do just that, as well as how to take all of your valuable data with you. Follow along with the steps here and you’ll be done with Twitter. Or, if you change your mind and decide you just can’t quit the microblogging service, we’ll tell you how to undo the process as well. Step 1: Deactivating third-party services
Michael Gariffo–Twitter
Unlike some other sites that let you immediately delete your information and close down your account, Twitter requires either a 30-day or 12-month deactivation timeframe when you decide to delete your account. If a third-party app that you’ve linked to your Twitter account signs into your Twitter account during that time, your account can be reactivated and will continue to remain active even after the 30 days or 12 months have passed. More: Twitter accepts Elon Musk’s $44 billion buyoutBecause of this, the first step you should take when deciding to delete your account is to unlink all third-party services tied to your account. The steps to doing that follow: Log into your Twitter account,If you’re on a desktop browser, click More on the left side, then Settings and privacy. If you’re on the Twitter mobile app, click on your profile pic on the top left, then Settings and privacy.Once inside, click or tap Security and account access, then Apps and sessions, and finally Connected apps.Twitter will provide a list of all of the third-party apps and services that are connected to your account. You’ll need to select each one, then click Revoke app permissions.Once you’ve done this, you’re ready to actually delete your account without any worry that some forgotten app you attached to your Twitter profile years ago will accidentally foil your attempt to leave. More: Twitter founder Jack Dorsey regrets playing a role in centralizing the internetStep 2: Archiving your data (optional)
Michael Gariffo–Twitter
When your deactivated Twitter account reaches the 30-day or 12-month mark (whichever you choose), all of your data will be deleted from the social network’s servers, permanently. However, if you’d like to retain your data, Twitter provides a way to download an archive of everything tied to your account that remains on its servers. It may not seem like your Twitter data will be too valuable in the long run. But, if you ever need to access a link that you shared (or was shared with you), you need proof of some previous exchange, or you just want a way to take a trip down memory lane, you might as well go through this easy step to ensure that your data is available to you in the future. More: How to delete your Facebook account for goodFor this bit, you’ll need to use the Twitter website. None of its mobile apps offer this option. The process is almost identical whether you access the website via desktop browser or mobile browser. The steps of the process follow:Open your desktop or mobile browser. Navigate to Twitter.com and click on More on the left side. Then click on Settings and privacy.Once inside, click on Your account, then click on Download an archive of your data.You may need to enter your password at this point, then you’ll be able to click Request archive.Once you’ve done this, you’ll receive a notification that the process can take up to 24 hours for processing. Once the archive is ready, you’ll receive a mobile push notification via your Twitter mobile app, and an email. Both notifications will provide a link that will automatically take you to your Settings page on the Twitter website. There you can download the prepared archive of your data. More: How to back up your Gmail: The ultimate guideWhat you’ll actually download is a Zip file that you can unzip/uncompress into a folder with two important items inside: an HTML file titled Your Archive and a Data folder that contains all of the media you posted to Twitter, such as uploaded videos, images, and animated .gifs. The HTML file will open in your browser, where you’ll be able to navigate through it much like you would the Twitter website. The Data folder can be navigated like any folder on your desktop or smartphone. Within it, you can play/view your media locally, assuming the media type is supported by your current device. Once this is done, you’ve got your data and you can proceed to the final step. If anything within that data is precious to you, we’d highly recommend that you back it up, either locally, or to a cloud storage service of your choice. Next, let’s finally get rid of that account. More: How to delete yourself from internet search results and hide your identity onlineStep 3: Deleting your account
Michael Gariffo–Twitter
Because this process differs somewhat between doing it on your PC or doing it on your phone, we’ll describe each scenario individually. Deleting your account on your PC:Sign into Twitter.com in your desktop browser. Click More on the left side. Click Settings and privacy and look for the Your account section. Within there, click Deactivate your account. At this point, you’ll be presented with two “reactivation” periods: 30 days or 12 months. It’s important you choose carefully because, once this period expires, your account and all of its data will be gone forever. If you think it’s possible you might change your mind down the road, choosing the 12-month option might be best for you. Or, if you’re certain you’d like to make your exit as soon as possible choose 30-days. Once you’ve chosen, click Deactivate.You’ll have to enter your password at this point, and confirm your decision one final time by clicking Deactivate account one last time. Deleting your account on mobile: Sign into your Twitter mobile app. Tap on your profile icon in the top left corner. Tap Settings and Privacy in the pop-out menu. Within there, tap Your account and then Deactivate your account.At this point, you’ll be presented with two “reactivation” periods: 30 days or 12 months. It’s important you choose carefully because, once this period expires, your account and all of its data will be gone forever. If you think it’s possible you might change your mind down the road, choosing the 12-month option might be best for you. Or, if you’re certain you’d like to make your exit as soon as possible choose 30-days. Once you’ve chosen, click Deactivate.You’ll have to enter your password at this point, and confirm your decision one final time by clicking Deactivate account one last time.Once you’ve run through this process on desktop or mobile, just wait out your chosen reactivation period. At the end of 30 days or 12 months, your account, and all of its accompanying data, will be deleted forever. However, if you change your mind within the aforementioned timeframes, read on to find out how to reactivate your Twitter account. More: Cybersecurity 101: Protect your privacy from hackers, spies, and the governmentReactivating your Twitter accountUnsurprisingly, Twitter makes the process of reactivating your Twitter account much easier than archiving it or deleting it. All you’ll need to do is log into your account within 30 days or 12 months (whichever you chose when deactivating it). Once you’re logged in, you’ll receive a notice asking if you want to reactivate your account. If you choose Yes, you’ll be immediately directed to your restored Home page. It might take some time for Twitter to fully restore all of your account’s contents, including followers, media, and past tweets and DMs, so don’t panic if something is missing when you land back on your homepage. Coming back to Twitter after deleting your accountOne final note. If you choose, somewhere down the road, to return to Twitter after your 30-day or 12-month period has expired, you’ll need to sign up for a completely new account. If you’d like to reuse the same handle you had previously, you’ll have to hope that no one chose it as their username in the meantime. Once an account is deleted, anyone signing up can claim that account’s username as their own. If someone selected your username while you were away, you’re out of luck and will need to choose something new. Please note, this doesn’t apply if you’re within your reactivation period. Twitter keeps your username reserved for you until that reactivation period expires. 

ZDNet Recommends More

Victims of ransomware attacks are being urged to come forward and report incidents in order to help prevent other companies being hit with what’s described as the biggest cybersecurity threat around.Ransomware attacks have long been a significant cybersecurity issue, causing disruption to critical infrastructure, healthcare, businesses and services around the world. And the potential for disruption is so great, a UK government minister has described it as a national security threat. “The greatest cyber threat to the UK – one now deemed severe enough to pose a national security threat – is from ransomware attacks,” Steve Barclay, Lead Minister for Cyber Security told the National Cyber Security Centre’s (NCSC) CyberUK conference in Newport, Wales  Barclay said the National Crime Agency (NCA) receives, on average, one report about a victim of a Russia-based group responsible for ransomware attacks every week. No details were given about which ransomware gangs attacks have been reported by, but many of the most notorious cyber criminal groups are suspected to operate out of Russia. Ransomware attacks remain a cybersecurity problem because they’re effective, because – despite warnings not to – a significant percentage of victims opting to pay a ransom in order to retrieve their encrypted files. SEE: A winning strategy for cybersecurity (ZDNet special report)It’s estimated that in 2020 alone, ransomware attacks cost the UK £615 million – and it’s warned that the cost of ransoms have risen significantly since then – Barclay quoted figures suggesting the average ransom demand is $2.2 million.  But even those eye-watering sums might only be scratching the surface of the true cost of ransomware attacks – because victims aren’t disclosing them, something he said needs to change. “The number of incidents – and indeed their economic cost to the UK – is likely to be much higher. Law enforcement teams believe that most attacks go unreported: perhaps through embarrassment or a reluctance to admit that money has indeed changed hands,” said Barclay. “So, I would encourage any organisation that suffers an attack to come forward,” he continued, adding “By doing so, you will help us to strengthen our individual and collective resilience as we learn from each other”. The idea is that by reporting incidents, cybersecurity agencies can learn more about them, then can use that information to help other organisations from falling victim to attacks, as well as advising businesses on best practices about what to do should they fall victim to an incident. Some of the advice from the NCSC on protecting against ransomware attacks and other malicious cyber incidents includes providing users with multi-factor authentication, applying security patches and regularly testing the cybersecurity of the network. Barclay said that the government follows this advice too. “The government is stress-testing its own defences, too. The more complete our security picture, the better we would handle any attack,” he said.  MORE ON CYBERSECURITY More