Tuesday, 23 February 2010 07:23

Viruses...

Written by 

I've been using computers pretty much constantly for over two and a half decades.  Until last week, I had involuntarily acquired viruses zero times.  I also maintained that record without constantly running antivirus products... after all, they consume more resources than most viruses, and if you adhere to safe practices, no problem, right?

PC LOAD LETTER

I learned the hard way that I needed to make a couple amendments to my safe computing practices.  I'll share my methods, old and new:

 

  • Keep your machines behind a hardware firewall / NAT device, and when using a machine outside of your home network (laptop at wifi hotspot), turn on / use a software firewall.  Windows even comes with one now days.
  • Don't run Internet Explorer for any reason besides testing your own sites for compatibility or working with your corporate intranet, etc... never for personal, random browsing, as it is full of holes.  Firefox is a great alternative.
  • Don't use Outlook / Outlook Express for email, for the same reasons.  Thunderbird is more secure and feature rich.
  • Do not run executable files from untrusted / random sources without specifically scanning them with an up-to-date virus scanner.  Trend Micro's HouseCall is web-based and can scan your files on-demand without installing*.  AVG Free can be obtained for free, and have most of its TSRs turned off, while you use it to scan specific files as needed.
  • Turn on automatic updates for your browser, as even Firefox, et al can have vulnerabilities.
  • Sad as it may be, allow the TSR for Sun's Java VM to remain in your registry's Run section, if you allow it on your machine (*Housecall uses Java), because it checks for updates and the updates often patch security holes.
  • Hold down the left Shift key when inserting an untrusted CD or USB thumbdrive into your system.  This temporarily disables Autorun.  Sony put rootkits on its audio CDs... there are many "insta-root" USB drive packages out there... if you found one, it may have been intended to be found.  You can defend against this more permanently / passively by disabling auto-run.

And finally, the recent additions:

  • Uninstall Adobe Acrobat Reader.  Get a third party, less vulnerable and less actively targeted for security holes reader such as Foxit Reader.  This is where a lot of today's virus deployment is occurring.
  • Install Flashblock for Firefox, or an equivalent for your browser of choice... or, more dramatically, do without Flash.  It has become a virus transport agent.  Flashblock will provide a "play" button in the place of flash on websites, so that you may still click to watch movies, animations, etc... and you may right click and choose to whitelist the site if it is trusted, i.e. Youtube.

Of course, a nice alternative to consider, if you don't need to run modern games or proprietary corporate software, is to just move to Linux.  You can do everything else imaginable, with software that is equal to and often greater than the commercial equivalents.  For an idea of what's out there to replace your favorite commercial apps, check out OSAlt.  For one of the easiest introductions to Linux, get Ubuntu.

Some might ask, "why not use a full-time AV suite?"  I have a couple reasons: first, they devour a lot more system resources than I like, and second, preventative measures are the only defense against 0-day exploits... AV suites are reactive creatures.

Last modified on Friday, 10 January 2014 18:57