This is a kinda FYI/PSA about simple computer security for Windows users. Since the vast majority of computer users cruising the web are doing so with computers running some sort of Windows, and (I’m convinced by daily experience with clients) a large majority of them are regular practitioners of behavior that does nothing to discourage malware writers, identity thieves and crackers, Oh! my!, I thouhgt to meself, “Self, why not share how you’ve kept your Windowz comps free of viruses, trojans and worms (Oh, my!) as well as spyware, keyloggers and adware?”
So, here’s a rundown of some of the simple steps anyone can take to keep one’s computer safe and clean of malware of all kinds. Do note: there is nothing that can prevent a truly determined, exceptionally talented and capable cracker from gaining access to your computer (and yes, that applies to Linux and Mac boxes, too), except for complete disconnection from the internet, but the following will make such access vanishingly unlikely.
1. NEVER open unsolicited email attachments. (I’ll tell you later how to use an exeption to this rule work safely–Never say never, eh?:-))
2. Never open ANY email attachment, even an expected one from a trusted source, without scanning it with a known good, recently updated anti-virus (and even an anti-spyware) scanner.
3. READ THE SOURCE before CLICKing on ANY link in an email. Your email software should allow you to view the source of any html messages you recieve. READ THE SOURCE of links in emails before blindly CLICKing on them (again, I’ll tell you how to make an exception to this later). The danger? Phishing, mostly.
As of this writing, I do not trust any “all-in-one” security suite to handle internet security. Maybe someday, but for now:
4. Select a highly-rated, frequently-updated anti-virus software and KEEP it up to date!
5. USE it. Don’t just rely on background, automatic scanning. Manually scan attachments in emails, downloaded files, even commercial software before installing or executing anything for the first time.
6. Install a “backup” anti-virus software (deactivate any active file monitoring in your secondary anti-virus software and use it only as a backup manual scanner). Keep it up-to-date and scan your entire computer with it at least weekly.
7. Use several (two or three) well-known anti-spyware softwares. Keep them up-to-date and manualy scan your computer regularly (you can set it off and go work on something else–sure it takes a few seconds to fire one of these up and get it running, but you don’t have to sit there and watch a progress bar all day. *sheesh!* :-))
8. Use a good software firewall. No, not the Windows firewall. I said “a good software firewall” didn’t I?
9. Use a good HARDWARE firewall with stateful packet inspection. Most routers come with a fair-to-middlin’ one. If you feel up to it, build your own router/firewall and keep watch over it. You’ll learn a lot and be even more secure.
10. Switch from Internet Exploder for browsing. Yeh, yeh, IE7 looks pretty slick and almost catches up to modern browsers in functionality. But it’s still a pig and has security that works almost as well as a chicken wire swimming pool. Don’t use it (exception coming up). Use a real browser instead, like…
11. Opera or even Firefox. Either one is more secure than IE, and Opera has had even fewer security holes discovered and faster response time fixing them than Firefox. Slick browser with cool built-in features, too. YMMV.
12. Don’t use Outlook Express. Just. Do. Not. Use. It. Nope. No way, nohow. Don’t. Try Thunderbird or Opera’s built-in email client or any of a number of other free alternatives to Outlook Express (or Outlook) that are not based on Me$$y$oft’s approach to email. I like Opera’s email client because it’s even safer than Thunderbird’s, which is orders of magnitude safer that Outlook/Outlook Express, without any serious sacrifice in functionality. In fact, Thunderbird even has some neat improvements over Outlook Express. If you MUST use Outlook/Outlook Express, disable CLICKing on attachments to open and disable viewing email in Rich Text/HTML. Sure, you may “miss out” on some pretty emails, but you’ll also “miss out” on emails that can install malware if you simply view them as HTML…
13. If you absolutely MUST use IE and/or Outlook Express, and you simply will NOT be careful with email attachments or downloaded files, etc., then install AND USE software such as Sandboxie (That’s SandboxIE–*heh*). It’ll enable you to use such insecure apps and engage in other risky behavior with relative safety, IF you use it properly. You’d still be better off, if you insist on using IE, to practice the safe computing practices above AND use Sandboxie when using IE, but even if you do engage in other risky practices (like CLICKing on links you’re not sure of in emails), if you do it within a Sandboxie session, many harms done will be discarded with the session. Do note, though, that if you’re naive enough (or stupid enough after having been warned!) to CLICK on a link in an email and fall for a phishing attempt, Sandboxie won’t help you out. The con will still have your personal info…
Well, there are a few more things you can simply make habits, like keeping your Windows OS fully patched (*duh*) and running your computer in less-priviledged sessions (Admin sessions should be for Admin functions!), but these simple steps can eliminate most Windows security problems before they grab you by the throat. These won’t make you bulletproof, but darned close.
Noted at the Thursday Thirteen Hub and Trackposted to Outside the Beltway, The Virtuous Republic, Blog @ MoreWhat.com, Perri Nelson’s Website, The Random Yak, stikNstein… has no mercy, Pirate’s Cove, Stuck On Stupid, The Bullwinkle Blog, The Amboy Times, Conservative Cat, Right Voices, and Pursuing Holiness, thanks to Linkfest Haven Deluxe.
Continue reading “T-13, 1.21: Safety Belts”