Thursday, November 20, 2008

What To Do and What Not To Do

Did your grand parents ever tell you what went on when cars were a novelty? Quite a few people that had a car hardly knew how to handle them properly. And rules of the road where widely unknown because they had yet to be developed. That is where we now are with computers. Back then those car owners that educated themselves about their new toys (cars) fared better than the others. Today many computer owners/users are in just that situation.

The Internet is NOT a friendly place where everything is available free of charge just for the taking. There are many malicious programs around that will try to break into your computer; so called "Trojan Horse" programs that get sneakily installed without your knowledge to report your activities back to their authors; "Hijacker" programs that take control of your web browser; "Dialer" programs that can abuse your computers phone connection to rack up large phone bills by accepting call collect calls at your expense; "Foistware" or "Scareware" programs designed to scare you into buying worthless or outright dangerous software; "Key Logger" programs that log every keystroke and report back to their makers and so on, and so on.

All this makes it mandatory to educate yourself; be conscious about what web sites you visit and what links or buttons you click on. Some understanding of how your computer can get infected, what to avoid on the Internet and how to keep the computer clean and safe is required.

Many, many computer infections happen because the users just do not know what they are doing, click on things they should not click on and the like. The following is an incomplete list of things to avoid.
  1. Do not open email attachments from users that you do not know. If you do not know the sender simply do not open the email at all, delete it.
    Even if the email seems to come from someone you know, if they don't tell you explicitly that they sent you an attachment and what it is about you better be very skeptical. Email attachments are one of the most effective methods to infect your computer with a virus.

  2. Never open an attachment with a file extension of .exe, .pif, .com, or .bat unless you have verified that the file is clean. The majority of email attachments with these file types are almost always dangerous!
    You don't see the file type? Turn it's display ON immediately!

  3. If you visit a web site and suddenly a pop-up tells you that your computer is virus infected or the like, ignore the pop-up! These warnings or advertisements are meant to make you click.
    This one click is all it takes to infect your computer with malicious software.

  4. Programs that attempt to scare you into doing the wrong thing are called "Foistware". An example on how this can happen is explained in this article on tech support forum: Foistware, And how to avoid it.

  5. Very often foistware peddles programs that claim to help keep your computer clean but actually do exactly the opposite.
    Spyware Warrior web site has a slightly outdated but still impressive list of Rogue or Suspect Anti-Spyware Products.

  6. Never click on any button or link in these pop-ups; close them ONLY by clicking the X in the top right corner or by pressing Alt+F4 on your keyboard.

  7. Many such pop-ups look like normal Windows message boxes in order to trick you into clicking there.
    Never click on any button or link in these pop-ups; close them ONLY by clicking the X in the top right corner or by pressing Alt+F4 on your keyboard.

  8. Do not visit porn sites! Some readers may not be happy about this, but the majority of porn web sites will attempt to infect your computer with spy-ware, ad-ware, browser hijackers or worse.

  9. Never visit crack or warez sites! "Crack" here defined as "removing the copy protection from a commercial program"; "Warez" here defined as "pirated commercial software".
    These web sites openly peddle unlawful things; do you normally associate with thugs?


    • The few dollars you think you save are not worth the risk for your computer and your privacy. Cracks and pirated software are not only illegal, these web sites are breeding grounds for malicious software and will "kill" your computer as a free add-on.


  10. If you use P2P (peer to peer) software, for example to download free music, you have to be extra careful opening any of the downloaded files. P2P networks seem to be breeding grounds for all kinds of malicious software and I routinely remove programs like Napster, Limewire or the like from my customers computers.
    Here is a link to the Wikipedia article about P2P, and here the link to the part about risks in the same article.

  11. If you want to install downloaded programs you better read the license agreement thoroughly. Many, many free downloads are offered with embedded spy-ware, trojans and similar. Often the license agreement contains hints that something else is installed together with the "free" program. You do NOT want any such software on your computer.

The above list describes only the most often encountered risks. Applied common sense still is the pest protection although common sense alone will not suffice. Some protective technical precautions are mandatory. The following suggestions are by no means a total insurance against computer infections but they are proven in years of real life use.

  1. Make sure that your firewall is turned ON. The Windows XP firewall since Service Pack 2 has proven to be an effective and IMHO fully sufficient solution. There just is no need anymore for additional third-party firewall programs or functionality.

  2. Always keep Windows up-to-date. DO NOT RELY on Windows Automatic Update; this is a feature designed to appeal to our complacency.
    Experience over and over proves that you HAVE to check Microsoft's Update manually and regularly because the automatic feature sometimes is not fully reliable.

  3. Use Anti-Virus software and keep it up-to-date.
    Currently I recommend for home use "avast! Home Edition".

  4. Install an effective ad-ware scanner, keep it up-to-date and use it regularly.
    Currently I recommend for home use "Ad-Aware 2008 Free".

  5. Install an effective spy-ware scanner, keep it up-to-date and use it regularly.
    Currently I recommend for home use "Spybot Search & Destroy".

    In my opinion and experience these last two programs when used together are better in protecting your computer from such malicious software than anything you can buy for this purpose for money, either in a store or on the Internet.

  6. Use Spywareblaster, a free program that writes meaningful information into existing black lists that Microsoft put into Windows but never filled with contents. At the time of writing Spywareblaster protects your computer from over 11,200 different malicious programs and/or malicious web sites.

  7. And finally my last recommendation, incredibly consequential, yet so easy to implement:

    Use the Firefox web browser instead of Internet Explorer.
    If you use an email program:

    Use Thunderbird instead of Outlook or Outlook Express.


I hope that this information proves valuable for you.


As usual I welcome comments and suggestions right here in the blog.

Thank you in advance.