Safe Computing, Part 2

Our previous article Safe Computing, Part 1 focused on computer users' behavior, which is the bad guys' first and easiest choice for attack. If they can get you to click a link purported to show compromising photos of the pop tart du jour, or more recently a link purported to show a news item from a respectable source, they've got it made. We discuss in this article how your computer can contribute to its own defense, primarily by keeping software up to date and by running defensive software.

Keep your software up to date.

Unfortunately due to weak or inadequate coding standards, sloppiness, and outright errors on the parts of developers, most software has bugs, some more than others. One route for bad guys to attack a computer is to discover a bug and learn how to use that bug for nefarious purposes. Skillful exploitation of some bugs can allow an attacker to take over a victim's computer and harvest account numbers and passwords, or to become a spam generator. Windows is nowhere near as bug-ridden as it once was, but it still has some opportunities for bad guys to discover and exploit, and Mac OS X, which is considered by many to be more secure than Windows, is not invulnerable. Applications, too, can contain bugs that bad guys can discover and exploit. Internet Explorer is notorious, but Firefox has had its own share of bugs, and many music lovers do not know that iTunes software uses QuickTime, which has had many exploitable bugs on both Windows and Mac OS X, as has the Adobe Reader program.

It's a cat and mouse game – bad guys discover a bug, and as soon as the vendor learns of it, they get to work on patching it so as to close that opportunity. Then they have to get their users to download and apply the patch before bad guys start exploiting it. Fortunately, Windows and Mac OS X both support automatic updates; every now and then they phone home and check if there are any new updates to download and apply. QuickTime, Java, Adobe Reader, and some other applications have their own update procedures.

Be careful with iTunes and QuickTime updates on Windows. In addition to updating them, Apple's update procedure will download and inflict the not ready for prime time Windows port of their Safari web browser on unsuspecting users. If you want an alternative to Internet Explorer or a single browser that works well on Windows and Mac OS X, go to www.mozilla.com and download Firefox or to www.opera.com and download Opera.

If you configure your operating system and your major applications for automatic updates, bad guys will still be trying to crack into your computers, but if the vulnerabilities they seek to exploit have been patched, they will not succeed.

Anti-Virus, Anti-Spy, etc.

Keeping your operating system and application software up to date solves many problems, but it is usually wise also to use defensive software, which started as anti-virus, and later on to deal with new types of attacks, so-called anti-spyware products and more recently anti-rootkit products were developed to run alongside anti-virus programs. Separate products can get in each other's way, and are not as effective as single products that defend against all kinds of evilware.

AT&T DSL Subscribers

AT&T (SBC) DSL Subscriptions include Norton™ Security Online for up to seven computers running Windows XP or Vista. If you are running Windows 2000 or anything older, it will download but not install. If you want to take advantage of this, you must uninstall any other anti-virus software, including Norton, and reboot. The AT&T Yahoo! pages change often. At the time of this writing, you can go to att.my.yahoo.com, Sign In, hit the Help pull-down list, and select Download Software. That will get you a page with five options at the time of this writing:

• AT&T Toolbar — This offers a field that goes directly to Yahoo! search, a bunch of useless buttons, and an unnecessary pop-up blocker that can confuse its user when both it and the pop-up blocker built into Windows XP since Service Pack 2 in 2004 get in the way of wanted pop-ups. It also slows down Internet Explorer every time it starts up.
• AT&T Dial — The only advantage of this download over what's built into Windows is a list of all AT&T dial-up numbers, and if you're on the Internet to download this, you probably don't care about dial-up Internet. Even if you do, you can find dial-up numbers on their web site without downloading this extra software.
• AT&T Yahoo! Messenger — If you need it, get it. If you use AOL Instant Messenger (AIM), this is not it. If you don't use instant messaging at all or only use AIM, skip it.
• AT&T Online Protection — This includes check boxes for AT&T Yahoo! Online Protection with Norton™ Security Online, and for AT&T Yahoo! Parental Controls. After downloading and installing Norton, you need to run its update manager, which will download updates almost as large as the initial download. Downloading and installing Norton takes a long time, and then downloading and installing its updates takes a long time again, involving possibly multiple reboots.
• Parental Controls — If you skip this option while downloading and installing AT&T Online Protection, you can download and install it separately.

Norton Security Online includes its own firewall, which is much more aggressive that that built into Windows XP Service Packs 2 and 3. If you have a local network that ceases functioning after installation of Norton Security Online, you can disable the Norton firewall permanently and revert to Windows' own firewall or you can properly configure the Norton firewall, which is beyond the scope of this article.

Comcast Cable Internet Subscribers

Comcast cable Internet customers get McAfee's Security Suite with their service. The Comcast pages change often. At the time of this writing you can go to www.comcast.net, Sign In, and hit Security, a tiny link at the right of the topmost bar on the home page. If you have an old version of Roxio's CD/DVD writing software installed, it will have to be removed before McAfee can function, and there is a long list of other products that must be removed before downloading. Hit Get McAfee Now, follow the instructions to download and run their download manager, and either download everything or click Customize to select components to be downloaded and installed:

• McAfee Backup and Restore — saves copies of your most valuable files wherever you want, encrypting and compressing your files on a CD/DVD, or USB, external or network drive.
• McAfee Personal Firewall Plus — More aggressive and more configurable than the firewall built into Windows XP Service Packs 2 and 3 and into Windows Vista.
• McAfee Privacy Service — Identity theft protection, etc. (Details on McAfee's web site.)
• McAfee VirusScan — the current version of one of the original anti-virus products.

Like Norton's Personal Firewall that is offered to AT&T DSL customers, McAfee's Personal Firewall Plus is much more aggressive than that built into Windows XP Service Packs 2 and 3. If your local network stops working after installing this product, you can disable it and revert to Windows' own firewall or you can properly configure the McAfee firewall, which is beyond the scope of this article.

AVG Free Edition

Free often means you get what you paid for, but Grisoft, maker of the well-respected AVG security products, still offers a free version of their anti-virus and anti-spyware product for single PCs of home users. Go to free.avg.com and download the latest. Feel free to use it at home, but if you need it for your business, go to www.grisoft.com and buy one of the commercial editions.

Lavasoft and Spybot

Lavasoft (see www.lavasoft.com) offers a free version of their Ad-Aware product. The free version does not protect against viruses and does not do real-time scanning.

Spybot Search & Destroy, a mature and well-respected anti-spyware product, is still 100% free. Go to www.safer-networking.org and be sure to use the hyphen in the name and remember .org. There are a number of impostors that hope to trap unsuspecting victims with similar product names and URLs. At best they'll not do as good a job as Spybot, and many of them will mess up your computer or even install spyware on it.

Others

For those who can not use the Norton or McAfee products provided with AT&T DSL or Comcast cable Internet subscriptions, and can not use the free products, there are many commercial options, reviews of which are beyond the scope of this article. Look for single products that address what were originally developed separately as anti-virus, anti-spyware, and anti-rootkit products; and do not be fooled by packages that under the covers are still separate products.

Firewalls

The Windows Firewall built into Windows XP Service Packs 2 and 3 and into Windows Vista, and third party firewall products block unwanted incoming traffic, which is almost always up to no good, and our previous article Safe Computing, Part 1 recommended hiding behind a NAT router, which is generally more effective than any software product from Microsoft or a third party at keeping bad guys out.

The firewall built into Windows Vista, and various third party firewalls, also prevent your computer from doing the naughty will of evil software installed on your PC without your knowledge. This can be useful, but might be more trouble than it's worth, as following other safe computing practices will keep such garbage off your computer in the first place.

Summary

This and our previous article Safe Computing, Part 1 provided quite a bit of detail. In short:

• Hide behind a NAT router.
• Don't click links or open attachments in any E-mail messages unless you are expecting them.
• Don't believe your bank, eBay, or any other business wants you to go to their web site and validate your account. This is called "Phishing" and is a ploy to get you to go to an evil web site and give criminals access to your bank account.
• Stay off tacky web sites. Don't look for them, and don't click links in E-mail messages.
• Keep your software up to date.
• Run defensive software. A single product that combines the functions of what were originally developed as separate anti-virus and anti-spyware products is more effective than separate products. AT&T DSL and Comcast cable customers are entitled to download and run products from major vendors as part of their DSL or cable subscriptions.