This is plain and simple mathematical fact. Anyone who attempts to generate random numbers by deterministic means is living in a state of sin, and anyone who imagines security can be enhanced by writing code is living in a sad state of stupidity.

There is no way around it, regardless what the marketing department tells you.

2.1. As long as you run a computer, the most important threat to your security is running bad code. The first, most important and most efficient way of limiting the ammount of bad code you run is by limiting the overall ammount of code you run.

Thus, do not install crap. Do not download "extensions", "expansions", "latest versions" etc etc. Do not pop in Carrie's CD to see how her favorite media player works. Only run programs that you actually want or need. Do not ever run any program that you don't clearly understand the use, purpose and utility of.

Even if you are new to computers, and live under the impression that they are something "hip" and your main job as the user is to "try things out", you might consider displaying the minimal sense of not "trying things out" on the same system that you depend on for your daily bread. After all, you don't "try out" gasoline on the stove at home, do you. Do you ?!

2.2 As long as you are part of a network, the second most important threat to your security is disclosure. The first, most important and most efficient way of limiting disclosure is LIMITING DISCLOSURE.

Do not use "remember passwords" features. Do not let the machine know your home adress, credit card numbers and cock size. It's none of it's business, regardless what the marketing department tells you.

Use encryption. It exists, it works, it's called PGP. Google it.

Verify the source of anything you are about to run, and if verification is impossible DO NOT RUN IT. You may miss out on some cool new feature nobody will use in a couple months, but you won't have to format your drives every couple weeks.

Do not allow the decision of what runs on your system to be made remotely. No ActiveX. NO ACTIVEX !!! No java unless you really actually need it, it's not as bad as CrapoSoft stuff but still.

Stop worrying about your IP. Unless you are doing something illegal, there is no harm that can come to you from people knowing your IP. They have to know it for the network to work, it's very easy to find, trying to improve security by fretting about the IP is like trying to speed up a sailboat by blowing in the sails.

2.3. As long as you are running a system that you didn't write yourself, the most important threat to your security is configuration.

Understand how your system is intended to work, and how it's intended to be configured for the various ways it could work in.

For instance, Windows comes pre-configured for the "I'm a cretin that can't power up a system" mode. Unles you are a cretin that can't power up a system, you might want to change that. Disable remote assistance. Disable live update. Disable remote registry. Disable help. Disable the installation modules and only re-enable them manually when you actually want something installed. You now have a Windows system configured for the "I'd actually have this run as safe as it can" mode.

No, seriously.

3.1 You do not need an anti-virus program.

I have been running Windows systems for years now that never had any anti-virus installed. The only thing an anti-virus program does is lull you into a false sense of security. They don't catch all viruses, and yet you behave as if they did. Moreover, nobody cares about the well studied and mostly academic-interest viruses they CAN catch. Sure, they used to be a threat. Last month. Then something new comes along and everything is brought to it's knees. The anti-virus makers will have a patch out tomorrow. Who needs it by then ? You're better off having sex protected by punctured condoms.

Instead, how about you stop downloading all those "Your_order.zip" unsolicited email attachments ? How about you don't go "Hey, I wonder what this .exe does ?"

3.2. You don't really need a firewall.

At least not one you have to pay for. A simple script can do the job, even in Windows. If you're not the scripting type, you may consider using someone else's, but bear in mind all you reall need is a program to look what ports are about to be opened, by what process, check it against a list and allow or kill the process. That is the complete job, anything else is fluff. Configure it so only things that need net access get it. For instance, your web browser should be allowed, but all the shitty proprietary code that wants to call home to "look for upgrades", "register", "you may have already won our sweepstakes" should not.

3.3. You don't really need all the shit (generic version)

You are happily running SuperDuper Multi-Extra-Complete DreamMAker Express version 5.0, but they just released SuperDuper Multi-Extra-Complete DreamMAker Express Definitive Solutions, version 6.0. You MUST upgrade, right ?

Myea. Does this new version have anything you actually want ? If it doesn't, or if you don't know, then the answer is NO.

4.1. You need a good operating system.

There exists no such thing as "the good operating system", much like there doesn't exist the perfect cock sucker. I run Debian because I am God. If you are not God, you might find it uncomfortable. That is however no proof of the superiority of God (me). Someone from Nigeria might find the average Boston winter uncomfortable, that doesn't prove you're so great for living in Boston all these years.

Everything has it's pro's and con's, and everyone has their needs. Try and match the two lists as best you can. At this point in time, it mostly comes down to

Graphic intensive image/media processing uses : Mac.
Critical (security, resources, customization) tasks : Linux
Playing games, getting together with friends etc : Windows.

For free : Linux
For a buncha money : Mac, Windows (easier to get a pirate copy)

4.2. You need a good browser.

Since the browser will be on the select list of programs allowed on the net, it must be configurable to only do what you tell it. If you can't disable plug-ins, activex controls, java and javascript, images, media, if you can't change what user agent it identifies as, if it doesn't let you choose which cookies to keep and which to reject, it's no good. The more stuff it does behind your back, especially without asking, the worse it is. Basically, if you can't turn it into lynx should you want to, it's shit.

Never state your name on a web form, not even in the field next to the "name" caption. It's none of their business. Never state your adress, or phone number. Use a free service email. Do not imagine they "know all this already". They don't or they wouldn't be asking.

If you have an account with site A, never tell site B it's password. This may seem trivial, but if it were we wouldn't know what phishing was.

Periodically (like yearly) switch ISP's. It costs nothing to do, in fact you might get discounts that way, and it's about one million times more effective at destroying any link between your person and any IP you ever used than anything else you could do. Nobody keeps closed accounts' data forever, and by the time you're about to make the switch, nobody remembers what your previous IP did. And you will most likely get a new one.

More money is spent every year for "purchasing" software (not that it's clear exactly what your money buys you, if you ask the sellers, nothing at all, much like in the case of the music and film industries) than the combined damages viruses, trojans and other bits of malware ever did in the history of desktop computing.

All the money you pay for stuff you don't need, don't use or could have found under an open source license only goes to finance idiotic proprietary code developers, with their useless formats, badly designed data structures and buggy code. Do you really want to perpetuate their existance ?

It's a strange matter of inversion, if stuff is free, people only use it if it's any good, but if it costs money, the marketeers manage to force feed it up everyone's ass, so the fact is, in the world of computing, the best things are free.