Low End Living

 | 

Low End PC

Protect Your PC

Andrew Fishkin - 2006.01.05

January 2006 – Welcome to the inaugural issue of Low End Living and my inaugural column. While the primary focus here is living smart, be it in terms of money, health, or relationships, all three of those things can be improved by taking other stress out of your life.

In the early 21st century, computers can add a whole lot of stress to our lives, with viruses, spyware, Trojans, and worms (collectively known as malware) responsible for a very large chunk of it.

You’ve no doubt read articles in the newspaper or online about companies brought to their knees as malware with names like Melissa, I Love You, or Klez either clogged or stopped corporate networks. Don’t think for a second that attacks are limited to big companies, or that you, mister or miss law-abiding citizen, may not also be a part of the problem.

Me? Part of the problem?

You’d be surprised how many home and office computers, unbeknownst to their owners, spew out hundreds or thousands of emails per hour, emails infected with malware that turns other computers into automated malware servers.

I’ve been hit in the past, more than once, and chances are that if you are reading this, so have you.

The Bad News

First, I’ll give you the bad news: There is no absolutely sure way to keep your computer clean. It doesn’t matter if you use a Macintosh or a Linux computer instead of some flavor of Microsoft Windows – there are people out there who want to gain control of your computer to either steal your personal information or turn your computer into a spambot.

The Internet is no longer a place where you can go out and play without supervision, and that includes protective hardware and software plus a good backup strategy.

Things are bad now, and they will only get worse.

The Good News

Now the good news: Your computer can spend most or all of every day on the Internet and remain very (though not perfectly) safe. The key is choosing the right tools to protect yourself and adopting a few common sense strategies to reduce your risks.

The best defense is a hardware firewall for your computer to hide behind, but since we’re also dealing with mobile users and portable computers, hardware firewalls are rarely an option when you’re on the go. Still, you can at least protect yourself with a hardware firewall at home and at work, and if you’re using a high-end wireless or wired router, you may already have such protection and not even know it.

Other hardware relates to your computer itself.

A Mac is safer than a PC – not because the hardware is any better, but because most malware are programs written to run on the PC platform generally and Microsoft Windows specifically. There are far fewer Macs out there, and therefore fewer (none yet!) malware programs targeting them.

If you are using a PC, Linux is safer than Windows, but either way, some basic common sense and a few good software tools can still keep you quite safe.

Software

Next comes software. First, I’ll talk about operating systems. Microsoft Windows represents, by some accounts, up to 95% of end user desktops and laptops (non-servers). Since it’s such a large target, malware authors overwhelmingly target Windows with their latest creations.

Just because there are so many hazards out there for Windows users doesn’t mean that you can’t use Windows and stay clean and clear of malware, even when a hardware firewall is not available, such when roaming with a wireless connection. Here are the four essential software tools that will keep Windows relatively safe and help you restore its speed if it is compromised.

Antivirus

Antivirus software is the big one, and you have many choices. Virus scan and removal software ranges from free to hideously expensive, but all programs work basically the same way, matching incoming files to “signatures” of known viruses.

Some programs have better controls, and others are less demanding of your computer’s resources, but what matters most is the signatures. Simply put, if your antivirus company only updates the signatures file once per year, you will be unprotected when new viruses come out that are not in your existing signature file.

This is where you usually get what you pay for. Expensive, name-brand programs such as Norton and McAfee include automatic signature updates, and the companies behind these products update them very frequently. There are other antivirus programs out there, and the PC magazines review and compare them every year or two. Choose one from a reputable company that is big enough to make the computer magazines’ comparison tests, is well rated, and is updated regularly.

Anti-spyware

The next type of program is an anti-spyware application. Like virus scanners, these depend on signature files that are updated frequently. I use two such programs, as none of them catches everything, and there appears to be very little collaboration between companies to fight new spyware threats, unlike the antivirus industry.

As with antivirus, price is no indication of quality, with one of the best such programs, Ad-Aware from Lavasoft, consistently rating among the best. I use it as my primary anti-spyware program, though I opted to pay extra for the “Pro” version, which automatically updates its signature files.

Firewall

The third protective software tool is a good software firewall. Again, you have many choices here, including popular brands like Symantec (Norton) and McAfee, as well as other popular programs like ZoneAlarm. I have both the Symantec and the ZoneAlarm programs running on my PC and find that they, like the other defensive programs, have different strengths and weaknesses.

While a software firewall tries to keep malicious code out of your computer, it does it in a different way than a antivirus software or a spyware scanner. Antivirus and anti-spyware programs scan incoming files and emails so they can compare them with known traits in their signature files.

Firewall software also uses signature files, but they compare that file to data in packets coming into and going out of your computer. This is much more difficult, as a networked computer is constantly sending and receiving data packets, and the software must quickly identify packets it recognizes as malicious access is in progress.

Of course, you also want your computer to be usable on the Internet, which itself adds much in and out data for the firewall to analyze. The result is that firewall software puts a noticeable drain on your computer’s resources when set to its more secure settings, and if you want to retain access to non-malicious Internet and network functions, there is a risk that some malicious access may get through by masquerading as routine data packets.

That is why I use two firewall programs when I’m on a network not protected by a hardware firewall. I’ll sacrifice performance for peace of mind when I’m mobile.

When back in the home or office and behind my hardware firewall, the software tools automatically go into their least restrictive modes (trusted network settings) and interfere very little in my computer’s performance.

Browsers

The fourth and final software defense is to avoid Internet Explorer for Windows at all costs. There are so many great browsers today, programs with features and speed that Internet Explorer cannot match, that it’s absolutely amazing that anyone uses this malware-magnet anymore.

Simply put, Internet Explorer is designed to run Active-X controls, which are little programs that are triggered by your browser and install to your system directly. A website with malicious Active-X coding can infect your computer just by you viewing that site – no clicks or downloads necessary.

Recent versions of IE added confirmation of Active-X downloads, but there are other security holes.

Give Firefox or Opera a try – anything other than IE. [Update: Google introduced its Chrome browser in 2008, and it has gone on to become the most popular browser on the Internet.]

Email Software

Microsoft Outlook Express, the free email client that comes with Windows, is another application to avoid, as it renders HTML in messages with – you guessed it – Internet Explorer. Outlook Express has many other security flaws as well, so it’s best to just stay away.

The full version of Microsoft Outlook isn’t much better, but at least there are security additions in the 2003 version to prevent any Active-X programs from running or the download of images or attachments. It’s still a common method for malware to reach a PC, but it’s better than it used to be.

Non-Microsoft email programs are a safer way to go, with Thunderbird (the companion to Firefox) and Eudora both popular and more secure. [Eudora has been discontinued.]

Common Sense Security

Common sense applies no matter what computer platform you’re using and regardless of the hardware and software protection you have available. Simply put, be careful what you click on.

I know its tempting, but don’t download that free Elf-Bowling game in December or the Rabbit Hunt in April, as freeware is a common delivery method for spyware and other malware. Usually the malware is an integral part of the free program you are downloading, and it is sometimes part of an additional “feature” like a web accelerator.

Just avoid all such programs: They are usually garbage anyway, and the malicious parasites will slow and compromise your computer long after you’ve bowled your last elf.

Instant Messaging

Also be careful of attachments and links in both emails and instant messages (IMs). Last year, I received an instant message from my brother-in-law in Korea saying, “Check out these pictures.” I clicked on the link, and next thing I knew I was infected with some virus that started corrupting MP3 files in my music library while blasting out similar IMs (with the same malicious program) to everyone on my buddy list.

I would not normally click a link in an IM that I didn’t ask for, but my brother-in-law and I always send each other pictures of our kids and often notify one another via IMs just like the malicious one I received. Now I verify by asking before I click, even with people I know and trust.

This is a very simple and basic list of tools and practices to keep yourself safe when using a computer away from the safety of your secure home network. Use some basic common sense and decent tools, and you will not be an easy target.

If you still do get hit, well we all know the merits of a good backup routine (I use an external hard drive and Norton Ghost). Simply put, back up completely and back up often.

Well, that was a long introductory article, but I consider this an important topic. Next time I’ll share some of my thoughts on choosing a laptop computer, with the emphasis on highly mobile users.

Join our Low End Living group on Facebook.

Keywords: #malware #antivirus #firewall #spyware

Short link: https://goo.gl/SmRzfg