Sunday, February 8, 2009

Prevent Virus Infections #1

Much of what is written about security issues requires you to read “between the lines” to get down to what you can do to protect your computer. Here is the lowdown in (hopefully) layman’s terms.

Many of my customers have unrealistic ideas about computer security. According to mainstream media and pundits our computers face mainly three threats:

1. Flaws in Windows being exploited by malicious people.
2. Viruses received from emails.
3. Visiting a maliciously programmed Web site.

All this is all too real but in the big picture the reasons above account only for a small percentage of infections on a home PC; the majority of infections seem to stem from something much more mundane: Downloading and/or running infected programs is the biggest and rapidly increasing risk factor.

I make my living by cleaning viruses from people’s computers and I observe this for some years now. When I ask my customer when and how the problems began the answer is more often that not "after downloading a new program". Ask any tech-support person in any company; they will likely confirm this.

Security research company and software vendor Trend Micro reported that in 2008 about 63% of infections of the top 100 were caused by downloading and running programs. Infections from Email and exploits of security flaws together accounted for less than 5% of PC infections.

Free games, free utilities and free tool bars are at the top of the list of infectious programs; but any other program a web site lures you into downloading can and often will be dangerous too. Currently we see rapid growth of so called scare-ware, programs that scare you into believing your computer is infected with x number of viruses and claim to be able to "clean" your computer; generally the opposite is true. Great risks stem from pirated, that is illegally copied software and from pornography. Pirated programs tend to be very dangerous because they are widely used and quite likely virus infected.

A well known professional software tester needed virus infected software for testing anti-virus programs. He downloaded some 60 illegal copies of commercial software; 39 of these programs were virus infected; that means using any two out of three of these programs would have “killed” his computer had he run them.

I don’t mean to scare you; downloading and trying out new programs is one of the most exciting ways to use the Internet – for me at least. You just need some smarts and you need to go carefully about it. You’ll see it is not rocket science; if I can do it you can do it too! Over the years I have downloaded and tried literally hundreds of programs and never, ever gotten my computer infected.

I am not a technical super-hero or supernaturally gifted fortune-teller. I don’t know THE secret security software that takes care of all of that simply because this software does not exist! My computers have never gotten infected because I habitually apply safe computing practices. Your computer can be just as safe as mine and it is not rocket science as you will see.

Basically I have four rules:

1. Download from reputable sources ONLY!
2. Scan all downloaded files with more than one anti-virus scanner.
3. Run even only potentially suspicious programs in a sandbox.
4. Read (or analyze) the End User license agreement.

I will explain this further in Prevent Virus Infections #2 and #3.

Please note: This by no means invalidates the technical prerequisites of avoiding or mitigating risks I wrote about in my January post "Avoid or Mitigate Risks".

Continued in Prevent Virus Infections #2.

As usual I welcome comments and suggestions right here in the blog.

Thank you in advance.

No comments: