|No tin-foil headwear...|
While it may be true that there is little likelihood of a genuine criminal mastermind or evil hacker genius taking aim at you and your computer,
|it’s undeniably the case that there are swarms of wannabes who are- and the tools available to even raw beginners in the field of digital disruption have grown more capable and easier to use.|
Never mind potential damage to your hard drive’s contents; there are things in circulation that could, in the wrong hands and with a little motivation, destroy your financial or social status, and potentially even get you thrown in jail.
Some require little more technical expertise than an ability to cut and paste, and there are even shrink-wrapped commercial quasi-hacker products entering the market.
For the record, we are generally not prone to fits of hysteria or paranoia. Nor are we fans of the X-Files, and we seldom wear our aluminum hats outdoors. We’ve been online since before the World Wide Web, and only in the past year or so have felt a need for antivirus or other “security” software.
Despite the timing, this is no "homeland security" pounding of the drums. We cringe at the term “cyber-terrorism”, and despise the hyperbole and scare tactics that have long been a part of the business of security. Even without that level of exaggeration, the problem has grown serious enough, and will probably get more so as computers permeate all segments of society.
It’s compounded by the very scare-mongering some companies employ to push their products. Experienced computer users tend to tune them out, dismissing the real threats along with the bogus ones. Less sophisticated users, on the other hand, caught up in the panic, are more apt to be deceived by hoaxes and deceptive offers. Until relatively recently, reasonably knowledgeable users had no need to be concerned.
No one is immune...
Today, no one is immune. Advances in the black arts realm of malicious coding and delivery techniques have outstripped the defensive abilities of even the most careful, conscientious users, and the basic common sense approach to avoiding ill effects from viruses and Trojans is no longer adequate.
In fact, we are appalled at the relative ease with which someone, anyone, can hijack a typical personal computer and program it to do their bidding, just as though it were their own. The simple act of opening an email could be enough to trigger the surreptitious download and installation of a program designed to cause you trouble. With a high speed Internet connection, you’d hardly even notice. Even with a low speed dial-up, such programs can invade your system, initiate their own connections, and perform their tasks at leisure.
There's no call to panic, but do not underestimate this problem. This kind of software can destroy, modify, or steal your data. It can disable your computer, or expose it to remote control by unknown persons, elsewhere. And, in contrast to the recent past, it does not require an expert to do this.
Just as the Internet allows small, back room businesses to reach a wider market, it enables small-time crooks, sharks, thieves, extortionists, conmen, and garden-variety vandals to extend their slimy reach to include remote computers and the unsuspecting people using them. And their online numbers are increasing.
It’s bad enough, in fact, that we not only recommend commercial-grade antivirus software for all systems, but at least a basic firewall as well. And we emphasize: this is in addition to, and not in lieu of, common sense precaution.
Who is controlling your computer?
At issue is the matter of who controls your computer- who gets to use it, for what purpose? If you think that you’re in charge, it’s best to think again. You do not control your system: that’s what software does. At best, you might decide what software gets to run on the hardware you’ve purchased. Then, assuming all is as it ought to be, your chosen software does, at best, exactly what it claims- no more and no less.
Unfortunately, this may not always be the case. There’s a whole class of software that, while overtly performing some useful (or, more often, semi-useful, if not useless) task, secretly takes advantage of the extra power every modern system has. Any computer system capable of displaying this web page is more than capable of performing invisible “background” tasks- including file transfers, program installation, program execution, and more. At current speeds, you may never notice them as they work in the service of the goals of their creators, potentially using your own computer against you and your best interests.
There are many ways for such software to invade your system, and the newer ones defy evasion by any unassisted means. Masked by the flood of junk email, they arrive in your inbox, possibly (and apparently) from a known associate, with a customized subject line generated just for you. Lest you think that no one’s going to exert that much effort just to get you, there are automated tools available that take the effort out of it. If your email client includes a preview pane, just receiving such an email could infect or compromise your system.
The same economies of scale that have made computer prices plunge make it practical to blast what used to be expensive, custom hacks onto millions of computers, and- among those millions- some are sure to catch.
Although this kind of thing is generally not targeted at anyone in particular, it would not take a great deal of effort to tailor a generic hack for some specific purpose. Relationships gone sour, for example, whether business or personal, could easily take on new dimensions with such tools available for spite or revenge.
Keep your system software up to date…
As this is written (Fall, 2002), it seems that there are new vulnerabilities showing up each day, and it’s a safe bet there will be more. Desktop computer operating systems such as Windows were never intended for connection to a public network, and networks have not evolved with public access topmost in mind. Subsidiary software such as web browsers, email, and instant messaging evolve too rapidly to foresee every misuse and abuse to which they’re subject. For the miscreants, such oversights are opportunities. For the rest of us, they're a potentially serious problem.
We’ve never been fans of Microsoft’s (and other’s) automatic updates, having long ago discovered that newer isn’t always better, but the recent spate of exploits is enough to make us reconsider. Without the latest patches you’re a sitting duck for some types of attack, and the collapse of computer prices has swollen the ranks of would-be bad guys to the point of critical mass, increasing the odds that even relatively obscure holes in the software will be targeted and breached. If you have Windows ME or XP, you may want to take advantage of (or, depending on your viewpoint, submit to) the auto update feature. For Windows 98, you might want to consider enabling the “critical update” add-on. If not, regular visits to Windows Update are a very good idea, and ought to be a part of your regular maintenance schedule.
Though it attracts by far the most attention, Windows isn’t the only software on your system with potential problems. Any software (regardless of manufacturer) that accesses the Internet (browsers, instant messaging, java applets, email clients, even office suites) may require updating on a regular basis, just to keep the bad guys at bay. Got a Mac or running some form of Linux? Don’t be smug: you’re still a target, just a smaller one. Once it gets beyond the phase of “hello world”, any software has its flaws. The only variable is the number of people eager to exploit them.
Software manufacturers may scramble to deliver patches for the more easily exploited flaws, but some known holes are considered “low risk” with commensurate priority. Up to date patches to your system software are necessary, but not in themselves sufficient.
Antivirus is a Must
Unless you’re computing in a vacuum, and never introduce floppy disks or home made CD’s or emails or web sites or much of anything else into your system, you are potentially at risk for exposure to any of the many forms of malicious software.
The first line of defense is an antivirus package. There are many vendors for this type of software, which examines code before it runs to see whether it appears to harbor any known destructive or malicious code. Any of these will be effective against the most widespread and common viruses, but as a rule you get what you pay for. The more popular commercial packages will generally catch more types of would-be infections, including email, web-script, and Trojan attacks.
If there's something in distribution that exploits some just discovered operating system flaw, antivirus companies can often block it long before the manufacturer comes up with a cure.
What a drag it is…
As noted above, we’ve resisted this type of software because it slows down the system. The more thorough and effective any given package is, the more of a drag it creates. To do it's job effectively, it has to examine every executable file, every time it's loaded. The effect is visible, perceptibly annoying; but the alternative of leaving systems open to the new breed of exploits is unacceptable.
As though that were insufficient, antivirus software is only as good as its definition files (which is how the software identifies and neutralizes threats). New exploits and mutations of existing ones crawl up from the depths almost continuously. If these recognition files aren’t up to date, you may as well not have antivirus software at all. These things will ooze right through. Coupled with the performance hit, the need to update the definition files makes the project of keeping viruses and Trojans off your hard drive downright bothersome.
Adding injury to insult, a good, reliable antivirus software package costs money- and it’s not a one-time expense, but ongoing: the definition update files are sold on a renewable subscription basis. Typically, an antivirus package will come with one year of definition updates, after which you have to renew the subscription for another year or upgrade the software to its latest version.
For the expense averse, there are some free antivirus packages available, and we’ve used a few of them (AVG for one- see our downloads page). Unfortunately, we’ve found them inadequate for any but the lowest risk situations.
We now use and recommend Symantec’s Norton Antivirus, even though it has a reputation as a resource hog and is anything but cheap. This is partly prejudice on our part (we find the attitude of their main competitor just a tad more distasteful), but primarily because of the convenience and frequency of automated updates. In its default configuration, Norton checks for definition updates every four hours.
This doesn't mean, of course, that new threats arrive so often. It does mean that almost as soon as a new defense is posted, it will be in force on your computer. With a full-time cable connection, our definition files pretty much stay up to date. For dial-up subscribers, the program will wait until there’s a connection, then download and install any updates as required.
Besides viruses, Norton Antivirus (NAV) checks for known Trojans, worms, malicious web page or email scripts, and scans email attachments- both incoming and outgoing. It’s fully configurable, and knowledgeable owners of older systems may want to turn off some of the features to improve performance. Even if you turn off all the automated features and scan your hard drive manually, it would be hard to beat the timeliness and depth of Norton's definition files.
There are several manufacturers, of course, and each package has its advocates (as well as detractors). Symantec is one of the oldest names in PC utilities, and we’ve always had success with the Norton line of products- back to the days when it was a just a one-man company. Moreover, they have the advantage in resources, being by far the largest in the field. We can’t say we like NAV, because we resent the necessity of using it at all, but we think it’s the best choice for the majority of users.
Installation is straightforward, and no configuration is required. The default installation is the most secure, and updates are automatic, background operations. This makes it suitable for even the most novice of computer users, while advanced owners can, if they wish, use just selected options.
Whatever brand you choose, keep your antivirus up to date with the latest definitions, and upgrade the software as required. You may not need to upgrade every year, although it’s sometimes less expensive to upgrade (after rebates) than it is to renew your update subscription.
Antivirus Software: Get it here...
Even with the best and most up to date antivirus program though, you are not immune from malicious software. One of the things we like about NAV is its detailed and educational user guide. Most antivirus software comes with good general advice about avoiding viruses and such, but Symantec’s is both extensive and easy to understand. It’s the kind of information you need to sidestep the pitfalls that antivirus packages can’t avoid.
Even without invasion of your system by overtly hostile software, your computer and its power may be hijacked by a torrent of unwanted email, and increasingly sophisticated hoaxes, scams, and con-jobs designed to take your time and money.
The Great Wall
We’ve been reading that the fabled Great Wall of China really isn’t so much a wall, but a series of walls- each built in its own place and time. So much for fables. Another myth now crashing down the skids is the notion of the personal computer. If you’re reading this online, you don’t really have a personal computer- you have a semi-autonomous workstation, a member of a network of computers. Your machine requests and receives data and instructions from external systems, under the control of unknown persons, somewhere far away.
The vast majority of these external systems are legitimate, good-faith efforts, operating by a code of ethics underlying basic social contract theory.
But even as you feast your eyes and mind on the dazzle of the contents summoned at your bidding, there could be hidden software on your system, put there without your knowledge or informed consent, clandestinely carrying out its own online agenda. Once a program has been run on your machine, it can do pretty much anything your computer is capable of, including downloading and running other programs. Some of these may expose your computer and its contents to an unknown intruder on the Internet. Others may surreptitiously contact remote computers and request instructions, operating as a node in a clandestine, and possibly illegal, distributed network.
If you use a gateway router to a broadband connection, you’re pretty much immune from inbound hacks, but these do nothing to protect you from unwanted outbound communications. If something underhanded has found its way onto your system, it can, without your knowledge, initiate its own communications, opening your system to its distant master.
Firewall software, once the province of only the largest companies, is now a necessity on any computer that spends time connected to the Internet. It examines all communications through the network, determining their source and destination. For example, if a program other than your browser attempts to send or receive information through your modem, the firewall software will interrupt and ask whether this program has your permission to continue. If your computer receives queries on normally unused channels, the firewall software won’t allow it to respond unless you give express approval.
This effectively prevents an intruder from gaining access to your computer from outside, and Trojans from breeching your defenses from within.
Requesting your permission…
Firewall software is permission based- it has no way of knowing whether you intend for certain types of transmissions to take place. This makes it slightly more difficult to set up than antivirus, and the first few days it’s installed it may interrupt you often, asking whether you mean to allow program x to send or receive communications. This makes it essential to read and understand the instructions, as a misconfiguration could render the software useless.
For this reason, once again, we recommend the Symantec product Norton Personal Firewall- it’s a consumer-oriented package, as easy as it gets to set up and configure with the aid of Norton’s wizards and advice.
For firewall and antivirus in one package, you may want to consider Norton Internet Security, which bundles both for a discount over separate purchase prices.
For more about firewall software, and to test your system for vulnerability to the problems it protects against, we recommend a visit to the “Shields Up” section at Gibson Research.
Firewall Software: Get it here...
Kick Out the Advertising Jams
Even with antivirus and a firewall, your computer may already host unwanted software that operates without your knowledge or permission. It can make setting up a firewall an exhaustive task as one mysterious program after another attempts to contact some other system. Most of these are known advertising gadgets (known as ad-bots or ad-ware) whose intent is to deliver ‘targeted’ commercial messages to your computer, and you may have installed one or more of these without even knowing it. They often sneak into your system as a hidden feature of something otherwise at least semi-useful.
Reportedly, some otherwise respectable commercial packages quietly install such advertising modules, and in extreme cases may install even if you try to abort the installation process.
Unfortunately, once it’s been installed, such software may remain active on your system even if you uninstall the program it came in with, essentially inviting those twin banes of the Internet- popup ads and spam email- into your system.
For the most part, antivirus software does not address this kind of intrusion because it’s semi-legitimate. Typically, a user will have given it permission to run, sometimes with informed consent, and sometimes without, as a condition of using some “free” software or online service. Thankfully, there are those who’ll help you spot and do away with this kind of software. Ad-Aware, from LavaSoft, is one of the most highly recommended of these “anti-adbot” packages- and it’s free to download and use.
Like antivirus, it works by scanning files on your hard drive, comparing what it finds against its list of known offenders and allowing you the opportunity to delete any unwanted software of this type. Again like antivirus, it needs to be kept up to date, as adbots evolve and change.
We’d recommend running it before you set up your firewall- it’ll make life a whole lot easier, and you might be surprised how many of these invasive programs are revealed, doing someone else’s work on your computer.
Anti-Adbot Software: Get it here...
Just when you thought it was safe…
With ad-ware removed from your system, antivirus software examining all code, and firewall software standing guard over all communications, you’d think that all your problems would be solved. It’s the nature of computers, though- whatever can be done can also, with a click in the wrong place, be undone.
There is no software anywhere at any price that can protect you from making ill-informed decisions, such as downloading something that disables both your firewall and antivirus, or following instructions in a hoax email. You have to be aware of what’s going on with your computer, with a basic understanding of how and why it works. That’s the only way to exercise the single most important aspect of system security- your own good judgment.
Spams and Scams
Unwanted email is the scourge of Internet users, a rising flood of garbage inundating inboxes everywhere with no sign of abating. The pervasive notion that anyone can get rich easily online has created an industry that threatens to render email useless for legitimate communications.
Basically a variation on the ‘make money stuffing envelopes’ scheme, thousands of would-be entrepreneurs fork over cash for marketing kits, mailing lists, and automated email systems that bombard your inbox with offers for products and services, along with invitations to participate in every kind of fraud and sleaze the human mind can generate.
According to a recent study by a major research group, as much as a third of all Internet email traffic is unsolicited commercial email, commonly referred to as SPAM. Within the next couple of years, this percentage is projected to top the half-way mark, comprising the majority of all email traffic.
A significant number of these propagating schemes are for email marketing kits, which (to judge by the rising tide of junk) are depressingly successful. Spamware producers make their money, even if no one else does.
Aside from the sheer nuisance of unwanted messages, email is the main point of entry for viruses, Trojans, and other forms of malicious coding. Worse, the pure fatigue of dealing with the mass of it is enough to cause even a careful user to click the wrong message and initiate a porn storm or worse.
This is why you need antivirus software, frequently updated, running on your system. It will help to block entry of your system by malicious code and scripts potentially concealed within junk mail. Even so, you have to be aware that antivirus software only goes so far. Some attacks don't exploit computer vulnerabilities, but personal ones.
Antivirus Software: Get it here...
Expertly crafted lures…
Everyone knows there’s no free lunch, but somehow the magic of the Internet induces otherwise reasonable people to abandon all sense of reality. The nonsense that comprises much junk mail is rendered semi-plausible by the zeal of legitimate tech vendors with aggressive market-building rebate schemes. If a well-known company like Symantec or Intuit sometimes makes selected products free after rebate, it’s not that big a stretch to believe that someone really does want to send you a free PDA or pick up the tab for your next vacation.
This kind of fantasy segues into darker areas, where predators feed upon the underlying isolation and personal insecurities that characterize the state of our society. In the shadow of the Internet’s relative anonymity, we’re subject to pitches like a sleazy carnival sideshow for snake-oil elixirs and forbidden entertainments, phony investment schemes and stolen merchandise. Perhaps a lonely teen hacker slut really does want to act out your fantasies on a web cam while exchanging pirated video files and repairing your credit and helping you lose weight without exercise. Sure.
It may be depressing, but all the personal foibles have been analyzed and categorized, fed through the pitch machine, and expertly crafted into lures designed to exploit any weakness. Playing with the same set of tools as mainstream advertisers, some of these can be remarkably persuasive. Whatever the bait may be, the hook is to extract a price- now or in the future. We don’t want to moralize, but the best course of action with these come-ons that appeal to any of the standard sins (and especially the more exotic ones) is to follow the much-derided advice of days gone by: just say no.
For sale: access to your computer
The best way to avoid this stuff is never to receive it in the first place, but this grows increasingly difficult. Valid email addresses have commercial value: marketeers will pay for lists of them, and even the most ethical of sites are under pressure to increase their revenues by selling contact lists. At least one major one has gone so far as to modify its privacy agreements, shifting retroactively from optional opt-in models to optional opt-out, meaning that (unless you explicitly reset your preferences) your formerly private information is now fair game.
The ethics of such an act are too low to measure, but there’s nothing to prevent them doing it, and nothing to prevent others from following suit. The result is that any email address ever entered in a web form anywhere is potentially for sale- if not now then some time in the future.
To defend against this, we strongly recommend setting up a web-based account at hotmail or some place like it, and using only this address for situations where a service requires a valid email address. Keep your “real” address reserved for only the most trusted recipients of it- friends, family, and associates. Treat it as you would your own unlisted telephone number.
Chains won't keep us together...
Even then, you have to be careful. If some (or any) of your friends, family, and associates are prone to forwarding those massively annoying chain mails, there’s a good chance they’ll inadvertently expose your private email address to others. We routinely receive, at our hotmail box, some well-meaning “funny” “cute” “inspirational” and “urgent warning” messages with hundreds of email addresses listed among the headers. Were we so inclined, it’s a ready made spam list, ripe for exploitation.
We delete almost anything that bears the telltale FWD:FWD. Even those arriving from our hard-headed daughter (who, because of her fondness for these things, has only our hotmail address). We're happy to receive genuine, person to person communications, but this stuff simply doesn't qualify.
If you absolutely must participate in these “email all your friends” extravaganzas, please learn to use the BCC (for blind carbon copy) feature of your email, and educate your friends as well. And if someone asks to be removed from your list, don’t take offense. Instead, try to understand just who it is that’s acting without consideration. And please, whatever else you do, refrain from forwarding “virus warning” email. Why? Click here.
Just as telemarketers make use of sequential dialers that target every feasible telephone number, defeating the intent of paying extra to have an unlisted one, email generators can deliver to any feasible address. Popular domains like aol, msn, hotmail, and yahoo are magnets for corrosive emails, and if you’re using one of these accounts you’re almost certain to receive garbage mail no matter what you do. Even if you have your own domain, web-crawling harvesters similar to search engines ferret out any published reference to it, adding your address to potential hit lists.
This is a real problem for web site owners, and others whose address may be published in online directories. The ubiquitous mailto: links on many sites are easily deciphered by these automated parsers, and their owners soon begin to get far more in their email than they ever bargained for.
Once spam begins to find its way into your inbox, it can self-perpetuate and multiply. It’s like the classic video game where ever-denser waves of aliens descend on the hapless player in a doomsday scenario. HTML mail, which is essentially a web page in your email, can (by calling coded images from distant servers) identify an email address as active. From this, a patient robot somewhere compiles a list of known-to-be-good email addresses to be sold to marketeers and troglodytes of any stripe to be seen on the spectrum.
In combination with a “preview” pane, you don’t even have to open such a message for it to do what it will. Inconvenient though it may be, we recommend turning off any options for display of HTML, and disabling preview panes for incoming mail. Better, if your email client software permits it, do away with HTML mail altogether.
Most unwanted email has some kind of clause affixed to “unsubscribe” with the promise that if you just click the link you will be removed from future mailings. Originally a genuine service of legitimate mailing lists like newsletters or other opt-in mailings, these are now more often just a means of verifying active addresses. Rather than reducing unwanted mail, such links may serve to guarantee receipt of more. Your best course is simply to delete it.
The law of rules
Most email clients have, somewhere in their tool kits, some kind of “rules based” filters for incoming mail. You can set up a “safe list” that allows only mail from pre-approved senders, but most would find this far too restrictive. What you have to do is attempt to identify common characteristics of spam, characteristics not shared by wanted emails. That, or arrange for all wanted emails to have some key component not likely present in the junk.
It’s harder than it sounds.
In response, there are now several vendors for various anti-spam products. These attempt to recognize and divert unwanted email, based on subject lines or content. The problems with these are many, not the least of which is a tendency to flag legitimate communications as spam. Some go so far as to ban entire domains, or mail coming from any user of an ISP who’s managed to get black-listed.
Although their task is similar to antivirus products, it is much more difficult. Where viruses and Trojans must contain some kind of common code, spam is more or less free form, making it nearly impossible to sort out by mechanical processes.
In its current state, there is no foolproof automated way to deal with it. Filters will, inevitably, allow some junk through and worse, inadvertently dispose of wanted, possibly important, email.
Anti-SPAM Software: Get it here...
Barbarians at the gate…
The only way to deal with spam is not to interact with it at all. Don’t open it, don’t respond to it, and don’t forward it. Delete it.
Even that is not as easy as it sounds, though. Before you can delete unwanted email, you have to recognize it as such. The difficulty of doing so highlights the problems with automated anti-spam systems. Among current spam assaults:
Formerly respectable companies like Verisign have come under fire for underhanded practices, with emails designed to trick distracted domain name registrants into transferring their accounts.
Worms and Trojans may invade an associate’s system, sending out emails under their accounts, with or without malicious attachments.
Many web sites have an “email this page” link, which sends the URL as an attachment ending in dot com, which coincidentally can identify the extension for an executable program, and one of the oldest tricks in the book achieves new life.
An email link connects to a counterfeit version of a known and trusted web site.
There’s an online greeting card arrangement that, as part of its user agreement, transforms your computer and your email account into its very own spambot.
One of the popular “music sharing” download programs quietly installs a distributed network module on your system for future activation.
A widely installed ad-bot is discovered to have enlisted the aid of its not necessarily voluntary users in committing massive fraud.
No less a site than Yahoo has unilaterally and retroactively modified its user agreement.
All we can say is arrggh!
Bottom line, you have to be aware of all the pitfalls out there, and assume responsibility for skirting them. Security software, once a sign of gullibility, ignorance and/or unbridled paranoia, is today an online prerequisite, but it alone is not sufficient: you have to educate yourself, and be careful. The barbarians are at the gate. Don’t let them in.
Commercial programs you can buy from well-respected vendors:
Direct Connects at Amazon
See our review of Norton System Works
OEM and Clearance software...
If you know what you're looking for, you can save a lot with More...
Freeware you may find useful:
There are free antivirus and firewall programs available from our downloads page.
E-Secure Hoax and Scam Alert
Online safety guide
Virus Myths Homepage
Symantec Security Response
Maintain your system's performance and reliability...
When you add extra "background" software such as firewalls or antivirus, you may find your system seeming slower. This is to be expected, but the effect can be lessened by the simple act of adding more RAM to your system. We've consistently obtained both good prices and good results with RAM from:
Our favorite source for all types of RAM (including Compact Flash, Smart Media, and others) makes it easy and economical to get the RAM you need for almost any application.