(December 10, 2010)
Readers contribute their tips on improving computer/network security.
Last week's entry on my computer security issues elicited a number of
practical security tips from readers. Computer and network security is a vast
subject, matching the breadth of the threats; please do your own research,
as I cannot vouch for the accuracy of any of the information presented here.
J. S.
I really enjoy the blog and have never written, but after reading today’s post I
just wanted to add a little bit to your security advice. I am a computer tech by
hobby and clean infected machines on the side. I read several blogs per day written
by anti-virus companies as well as independent security experts like Brian Krebs
(Krebsonsecurity.com) I highly recommend his site as it is a plethora of information
on computer security and ways of staying safe. To further touch on the topic,
despite what you wrote here:
While I have read about harmful files being loaded from malicious adverts and other
passive files (hence all those warnings about ActiveX), my impression is the
standard way people get malware is via an executable file that they click on.
This is no longer the case. Yes, a lot of infections are contracted from people
clicking on executables and links in spam email, but the NEW #1 cause of infections
is outdated software. Specifically it’s Java and Adobe products (Flash, Shockwave,
Reader, Acrobat). These programs, if not kept up to date, will almost guarantee you
an infection and there is nothing you have to do besides visit the wrong website.
On top of that, you will never know about it. There are what is called "crimepacks"
that criminals use. These crimepacks take known (and sometime unknown aka "0-day
exploits") and package these into a software program complete with a user interface,
and inject these into insecure websites. When someone visits the page, the crimepack
searches the visiting computer for the list of programmed exploits (again; targeting
Java, Adobe, Windows, Office, and many other programs) to see if any of the
vulnerabilities exist. If they do, then they silently exploit the vulnerability and
drop the payload.
The payload, of course, is up to the criminals but includes such
doozies as Zbot (the most prolific banking Trojan used to steal MILLIONS of dollars
through online banking). EVERY computer I have worked on with severely outdated
software was infected. EVERY SINGLE ONE!!! This is the new preferred method.
It’s cheap, silent, efficient and best of all, preys on people NOT knowing the
risks of out dated software. The best way to battle this is constant updating
of software.
There is a 3rd party program called Secunia PSI (Personal Software
Inspector) that will scan your computer and show you which ones are out-of-date or
at the end of life. The other tips you gave are still valid, especially not
trusting public Wi-Fi and secure passwords, but none of that is any good with
vulnerable software, as one backdoor Trojan gives COMPLETE control over the system!
My other recommendation, and I picked up from Brian Krebs, is to completely uninstall
Java. It’s seldom needed and is the #1 infection vector at this time.
P.S. I also recommend using a myriad of antimalware/spyware programs. There are just too many threats out there to expect one program to catch everything. Any of the dedicated antivirus programs are fine, but I don’t see the upside in paying for one (try these free ones: Avira Antivir, Avast, AVG). I use and recommend Avira Antivir as it usually tops the list of detections (even against paid-for models) and it’s ease of use and installation. Also, in combination with the antivirus suite, use Malwarebytes and SUPERAntiSpyware. Both free and excellent! Also, there are numerous online scanners to take advantage of, the best in my mind being ESET. (Links to all these below)
www.eset.com
www.avira.com
www.avast.com
free.avg.com
www.malwarebytes.org
www.superantispyware.com
secunia.com
krebsonsecurity.com (java exploitaion)
krebsonsecurity.com (Adobe security)
Something I didn’t mention in the last email was using a Live CD for internet banking
and shopping. A live CD is a read-only version of an operating system (usually Linux;
Ubuntu is popular one) that will boot up like a normal operating system but will not
allow saving to the hard drive. It’s about the safest way to do any financial
transaction on the internet today.
Couple of other things I didn’t mention last
time: NoScript and AdBlock Plus are two add-ons for Firefox that will greatly
contribute to internet security. NoScript will block all scripts from running
on a page except for the ones you allow. With a little studying and trial and error,
this becomes an excellent tool as many of the redirectors and other malicious code
are done in java script (not to be confused with Java).
AdBlock Plus does just that;
blocks ads. There is plenty more to say on the subject, but even this little bit
of knowledge will greatly improve security. With rogue states like Russia, Ukraine,
the old Soviet block, Eastern Europe and China there are a lot of threats that
cannot be contained. The only hope people have is knowledge against many of these
threats and I hope I can help, even if it’s but a fraction.
noscript.net
adblockplus.org
www.ubuntu.com
Art D.
Best: Lightweight Portable Security, Public edition
(Department of Defense)
You've already paid for it - why not make use of it? Hold you nose over
the "affected" graphics and self important links. (shaking head) These
people need real jobs....
Have used image backups (like your friend for decades). This package
beats all of the commercial products I've used:
clonezilla.org
Use it the next time you have a new/clean machine (early - *before* it
becomes infected). Helps with the "Oh lord pleeeez let me git it back
the way it wuz".
Michael Goodfellow
Here's my advice about computer security:
Viruses almost always come in via email or the web browser. There have
been ones that attack other services running on your system, but those
two paths are the big ones.
To avoid email viruses, make sure you set your email program not to
automatically view the mail. You want it so you only see a list of
messages, and then have to click to open a message. That way, you can
delete all the obvious spam without viewing it, which is when the
sneakier viruses get executed. And you should just delete anything with
attachments or a subject line that looks bad. Never, ever, open the
attachment unless it's from someone you trust and is something you expected.
For the browser, the virus generally has to come in via Javascript or
Java or Flash or PDF files. Standard text and graphics are hard for
hackers to do much with. So I run a tool called "NoScript" under
Firefox. It turns off anything on the page that requires a script. You
can selectively approve sites, or view embedded videos, PDF files, etc.
It makes for a kind of ugly web viewing experience sometimes, but it's
the only way I know of to more or less safely roam the net. The VM
trick your friend mentioned will work, but it's a pain in the neck. And
you still have to worry about any file you download from a dubious
source. It could have a virus attached.
Ishabaka
The key to a password is that the number and words have NO CONNECTION to you, but you know them by heart.
If you know a foreign language, all the better, although I'm told the really strong password crackers use all words from all languages in Roman characters that are in dictionaries - but most foreign NAMES aren't in dictionaries. If you do pick a name, use an uncommon one - don't use Pierre if using French, for example.
This way you never have to write the password down, so if people break into your house, they can't find it.
anon.
One simple trick you really need to know about is "Data Execution Prevention". The essence of many computer
security attacks is to give you a chunk of "data" (audio, video, some fancy texty thingy), and then trick your computer
into fetching instructions to execute from that data. If you can prevent execution of data, then you pretty much
limit attacks to things that YOU decide to run, not data you want to render. How do you do THAT? Just set the
"DEP bit" in your CPU. Go to your control panel, dig down through layers of configuration settings until you find
the DEP bit, and set it. There is probably a set of step-by-step instructions if you search, or you can just browse
down. Some applications, though, have digital rights management schemes that require DEP, so there's a place
to log exceptions on a case-by-case basis.
I don't recall whether this was in your
original advice or not, but nobody should surf the web with "root" or "admin"
privileges enabled.
Bill S.
Try Avast antivirus from Czech Republic (no USA government ties)
www.avast.com
I've found it faster and superior to anything else.
Edwin A.
Sorry to hear about your computer. From experience fixing computers for friends and family I would say ditch antivirus programs altogether and download Windows Security Essentials (if you have Windows 7). I have often fixed computers that had Norton, and McAfee. Antivirus programs are bloated and suck a lot of your computer's resources. Antispyware programs don't work either. Its all about being careful to what sites you visit. Its good that you have firewalls. If you find that you have a virus (you would know if your computer is acting funny) then I suggest back up all your data and reinstall the operating system. I find this method to be the only way to get rid of viruses (scorch earth method). If you must have a antivirus program then I suggest ESET
www.eset.com
Leo Laporte a tech radio host from the Bay Area recommends it.
Tim
Good advice on your blog today about computer security. I think you mentioned you had your web mail account hacked into recently. That happened to me a few months ago and I suspect it was an inside job at AOL because I always use strong passwords and change them fairly often. I say inside job because it could be relatively easy for a system administrator or programmer to crack your password, or even be able to read in the clear depending on their security set-up. It is easy for these people to access any file on their systems and do what ever they care to do. Nothing on-line is private.
I know this because I have been a system administrator for a long time.
If you are interested I have written an article that you and your readers may find helpful:
Safer Surfing for Survival
By the way, I recently de-installed my McAfee because it was bogging down my PC and
switched to AVG for improved performance. I also scan with a 2nd scanner periodically.
What one misses the other catches.
Morris P.
just a couple of suggestions to help keep your PC clean above and beyond what
you discussed; 1) never click on an e-mail that has been forwarded to you,
even if from someone you know. Just delete it and forget about it. This is a
number one source of bugs entering your system.
2) Use the following tool for deleting advertising (ads) from websites: Adblock Plus
is free for Firefox users but a small charge for Internet 8 users (Adblock Pro).
What a joy to have advertisement free surfing! Websites can be unblocked, as
yours is for me because I know you derive some revenue from them plus I know
they are virus free.
Another great tool that automatically deletes "cookies" can be obtained from Maxa.
Although they have a free version, after you try it out you will surely want the
expanded program that also eliminates web bots that have attached to your PC like
ticks on a dog. It sells for $35 but certainly worth it. The last time I checked
Maxa had eliminated more than 30,000 cookies and over 10,000 bots! from my machine.
Your machine will also run much faster as a result.
The most important tool I use to prevent my PC from becoming infected and that tool
is OpenDns which is what the schools, libraries and hundreds of thousands of businesses
around the world use to prevent access to websites that have the potential to carry
a virus. It is essentially a filter that can be set at several different levels of
security to prevent access to nefarious sites where most of the bugs are planted.
It is well worth the $9.95 annual premium and I highly recommend this one also.
Here are some additional tools I have found helpful:
I use Firefox as my main browser because it is not as vulnerable to hackers and
viruses as Internet Explorer. With a few tweaks it might even be faster, see here:
https://www.mozzilla.pl/firefox-tweaks.html. Firefox offers thousands of add-on's
and plugin's free to download and several that I use almost daily are ScreenGrab,
AdblockPlus, and Ant Video Downloader. There are many, many others one might be
interested in trying.
Over the past few years I have downloaded and tested many "freebies" as I call
them but only from reputable sites like CNET, and only after reading their review(s)
and selecting the most popular program/tool. Some on the following list require a
payment, but usually very affordable for the job done:
- Malwarebytes Anti-Malware (the free version is more than adequate)
- Adblock Pro for Internet Explorer ($9.95)
- cCleaner (does several things but mostly used for registry cleaning and junk
file removal)
- Defraggler (defragments files quickly and efficiently)
- Revo Uninstaller (even removes registry entries most uninstallers leave behind.
The free version is adequate).
- Foxit Reader (replaces the bloated Adobe Reader and does a better job)
- Freecorder 4 (an excellent program for recording audio)
- RadioSure (free internet radio from around the world)
- VideoLAN (plays just about any video file and completely replaces Windows Media Player)
- Weather Underground (the absolute best weather site on the net)
- Faststone Image Viewer (does everything with photos; you will want to make a donation
after using it or feel guilty)
- Maxa Cookie Manager (keeps your machine clear of all cookies and web bots thereby
improving PC performance; $35)
- Erunt (Creates a save file for your registry, much better than System Restore;
also compacts your registry)
CHS note: to locate the programs mentioned above, please do a web search
on the program's name.
Dan P.
Use Ctrl +F4 to close popup windows. At first they started getting cute with the option buttons so it would ask if you wanted to install whatever and the underlying code would install the virus when you clicked no. Now on some of these even clicking the X to close it, installs the virus.
On a very small number of popups you can’t close it with Ctrl +F4 however if the programmer has went to the trouble to force you to click on the popup- the last on earth thing you want to do is click on it. Try restarting to computer or if all else fails use the power button to force a manual shutdown. Just hold it down until it turns off.
New recipes on
What's for Dinner at Your House?--Elsewhere Cafe Muffins, and Louisa's Vegetarian
Baked Beans
If you would like to post a comment where others can read it, please go to
DailyJava.net,
(registering only takes a moment), select Of Two Minds-Charles Smith, and then go to The daily topic.
To see other readers recent comments, go to
New Posts.
Order Survival+: Structuring Prosperity for Yourself and the Nation and/or
Survival+ The Primer
from your local bookseller or from amazon.com or in ebook
and
Kindle formats.
A 20% discount is available from the publisher.
Of Two Minds is now available via Kindle:
Of Two Minds blog-Kindle
"This guy is THE leading visionary on reality.
He routinely discusses things which no one else has talked about, yet,
turn out to be quite relevant months later."
--Walt Howard, commenting about CHS on another blog.
NOTE: contributions are acknowledged in the order received. Your name and email
remain confidential and will not be given to any other individual, company or agency.
Thank you, Helen S.C. ($5), for your most generous continued
financial support
of this site--
I am greatly honored by your encouragement and your readership.
|
|
Thank you, Bruce W. ($50), for your exceptionally generous contribution
to this site--
I am greatly honored by your support and your readership.
|
Or send him coins, stamps or quatloos via mail--please
request P.O. Box address.
Your readership is greatly appreciated with or without a donation.
For more on this subject and a wide array of other topics, please visit
my weblog.
All content, HTML coding, format design, design elements and images copyright ©
2010 Charles Hugh Smith, All rights
reserved in all media, unless otherwise credited or noted.
I would be honored if you linked this wEssay to your site, or printed a copy for your own use.