[kenberg]

A nearby thread references an article in the NYTimes on technology:
http://www.nytimes.c...me&ref=homepage

One suggestion from the article is to get free anti-virus protection. I am suggesting a follow-up discussion.

Free is nice, but effective is essential. Like a lot of people I am doing more and more financial things online. Christmas shopping was almost completely online. So secure transmission of data is important. Also, the oldest computer I have that is still in use is six years old. No virus yet but it seems to be slowing down. Maybe I need something to go through and hunt up all the trash. On my Windows 7 I have something that wants to fix my file extensions (it installs software to allow such files.t says). I let it do so with no visible harm. Also I have something that wants to fix my registry. I have so far declined the registry help. Keep your hands off my junk, as the expression goes.

In my case I am a semi-retired prof and the university provides me with McAfee from its site license. Maybe I need more. Recently, OIT geeks installed VPN (I can do this myself but I had a number of things I needed so I turned it over to them).VPN is needed to run Matlab remotely (also installed using a site license), and the gal doing the installation offered to replace McAfee by something "better". I said sure. I am having second thoughts and will no doubt soon re-install McAfee.

Anyway, I have more or less been working on the assumption that if I don't download a lot of free music or pictures of Lady Gaga I am probably safe. But the world moves on, and it moves quickly. I would be delighted to learn the thoughts of others on security.

[mgoetze]

I have a lot of thoughts on security. Where to begin? Well, I might mention that I have not used an anti-virus program for the past 8 years or so.

[wank]

mgoetze, on 2010-December-31, 10:49, said:

I have a lot of thoughts on security. Where to begin? Well, I might mention that I have not used an anti-virus program for the past 8 years or so.

quite. i don't use anything and i've never had a problem. only idiots who open spam emails get in trouble

[Fluffy]

I don't use antivirus also, but I get infected with things from time to time, I learnt how to remove most of the stuff myself, but I wouldn't be surprised if someone was able to control my computer from the outside.

[matmat]

amazing what a good hosts file can do

[hotShot]

Right now there are two kinds of threats you need to keep an eye on.

1) Emails:
You get emails with attachments that infect your computer or that contains links to faked or infectious websites.
They usually need your cooperation to infect you. (You need click the link or open the attachment.)

But I bet a HTML-Mail could do without your cooperation .....

2) Websites
Prominent websites are being hacked and turned into infectious sources.
All you have to to is visit the website, a manipulated JPEG picture, somthing made in Flash, Java or pdf can do the trick. Often a javascript is all they need withing a normal HTML file.
Your cooperation is not needed to infect your computer and if it is needed you get a faked text in the dialogbox .....

Modern infections deactivate your anti virus software and do everything possible to stay undetected.
If they want to spy on you, the install keyloggers that capture your passwords and open a backdoor so that they can e.g. change your banking orders on the fly.
More often they are not interested in you, but want to use your computer e.g. to send spam mails, distribute illegal content, participate in DDS attacks or use your calculation power to hack someone else.

The fact that you don't have a problem is almost meaningless.

There are several very good free anti virus software products available, usually they are identical to a commercial product but only update once a day and not every hour or they don't scan emails during download, so they will detect an attached virus later when you save it to disk or open it.

Like a medical virus treatment, a computer virus treatment will take some time to discover the virus and prepare a vaccine. During that time you are vulnerable commercial or not.

[Antraxxx]

(Whoo, my chance to give something back)

Quote

Like a lot of people I am doing more and more financial things online. Christmas shopping was almost completely online. So secure transmission of data is important.

That's correct, but it's (almost) irrelevant to the topic of anti virus software. Generally speaking, if your computer isn't infected with specific software (and assuming your bank isn't fly-by-night), then your communication is adequately secure, meaning that even if someone were to mediate between your and your bank as you're conducting your business, he'd still be unable to gain anything from it, neither information nor the ability to create, modify or replicate transactions. Generally speaking, if you see "https" and your browser doesn't draw broken locks in red all over the place, then you should be fine. However, it's important to never click "https" links from within emails, so if your bank emails you and asks you to please login using the following link, never do.

The exception to this is if you're infected with specific malware that's designed to log your keystrokes as you enter your passwords, then sends them to the bad guys. That's been done before, though relatively rarely.

The other question you seem to be asking is what kind of protective software should an average user get. While I agree that an expert can certainly get by without any specialized software, I don't think an average user, even computer savvy, would fall under the definition of such an expert. For an average user, I would recommend one of two options: either install one of the good free anti virus programs (AVG, Avast, Alvira, probably best to get a recommendation from someone who uses them) and install one of the good free firewall programs (comodo, zone alarm, I'm sure there are more), or commit to habitually (twice a year) format and reinstall everything.
The reason is that malware today isn't as polite as viruses were back in DOS days. Back then you'd get a sign that something's wrong - either all your data would be lost, or funny drawings appeared on your screen, etc. Today it's a commercial business, and there's nothing to gain from butchering the sheep instead of fleecing them. Malware today generally tries to make money one of two ways: the obvious one is to trick people into buying software they don't need, a sort of mafia tactic where the malware itself starts warning you habitually about malware that'll only go away if you buy their specific brand of antivirus. The less obvious, sneakier and much more common way is simply allowing a remote user to gain control of your computer. These guys then rent out huge networks of computers all over the world for cyber attacks of all sorts. I don't *think* you'd be legally liable if your computer were found to be an unknown participant in an attack on some server, but it's still a good bet that you wouldn't want it to be. What I'm trying to say is, people's testimonies about how easily they get by without an antivirus can be misleading, as they may be infected and not realize it.
The reason I'm recommending a firewall along with an antivirus is the aforementioned keylogging spyware. If it can't phone home, then they can't steal your passwords. Antivirus software is geared at stopping things from getting in - it identifies programs that do things they're probably not meant to do and stops them. Firewalls control the net traffic - so they can stop data from getting out, as well as stop some attacks that try to get in not by some piece of code, but by remotely abusing some service on your computer.

Lastly, and I apologise this is so lengthy, there was a question about the attack vectors. The notion that if you don't open attachments and don't download lady gaga you'd be safe is inaccurate. It certainly helps never to open email from untrusted sources, to question email from trusted sources (they may have been infected and sent it without their knowledge) and to not download programs. However, bad stuff can also get in through bugs in the operating system, like the aforementioned JPEG menace. It can also get in through bugs in your web browser, skype and any other program you're using - a bug in it can allow the bad guys to get the program to do what they want. In XP that's enough to inject something, in Win7 it usually needs to be coupled with a bug in Windows that lets a program do more than it should've been able to, but the end result is a silent injection of a piece of code that can do whatever it wants, and what it most often wants to do is spread the joy around before Microsoft patches it.

[helene_t]

These issues is the main reason why I have always used linux at home and try to limit my use of microsoft products at work. But it is of some concern that facebook apps sometimes are malicious, and there was a similar issue with google mail some years ago. And presumably linux isn't 100% safe either, I am sure some day a malware maker will manage to get his product into ubuntu itself or some other trusted software source.

[mgoetze]

LOL Antraxxx, if they own your computer then some measly add-on "firewall" software isn't going to stop them. Get a real hardware firewall in front of your actual computer if you want that.

Indeed I recommend Linux for almost everyone, there is very little stuff you can usefully do on Windoze which you can't easily do on Linux nowadays. (Note: Powerpoint is pretty much the opposite of "useful".) Linux is secure by default, if bugs are found they are fixed much more quickly (of course you must also install these patches), and as an added bonus, it doesn't crash.

Of course, even so, a sizeable part of the protection for clueless users is that Linux is not targeted as often. However, I believe it is much easier to go from completely clueless to somewhat clueful on Linux. And in the end, if you have no idea how your computer works, then you are helpless no matter what software you (try to) install...

[kenberg]

Antraxx, your response is of the sort I was hoping for. (Not meaning to dis other responses, also interesting.) I may have some questions later that would be of interest to others as well. In particular I was interested in your comment comparing Win7 and XP (The oldest computer here, once fast, now slow, runs on XP).

About linux: Many years back, I was using unix. The machines at the university ran on unix so I learned unix. I liked it very much. But there were experts there to ask when I needed assistance. Maybe six or seven years ago the switch was made to linux. OK, but I found myself even more dependent on the experts. The folks I knew who installed RedHat (I think that's its name) on their computers in the early days found it tough going. So since entering my semi-retired status I have been much more involved with Windows. I have not had problems but I sometimes imagine the breath of evil spirits on my neck.

For whatever amusement it may provide, here is a story from back in the unix days. I wanted to contact a mathematician in France and even though this was, I think, before the days of Google I did a search hoping to find his homepage. OK, stuff came up with his name, well sort of his name. I didn't really think that the first listing was for him, and perhaps I even noticed the e at the end of Francois, but I'm a guy so I clicked on it. Up comes a picture of a woman advertising her wares. I closed it. Five minutes later it came up again on its own. I closed it again. Repeat several times. Uh oh. Off to find one of the aforementioned experts. I am not sure exactly what he thought, but we are friends and he fixed it. More than a little embarrassing.

[blackshoe]

That page popping up thing really doesn't have anything to do with what operating system you're using. It's a browser thing.

I have used a couple of versions of Unix, several versions of Linux, OS360, DOS, CP/M, several versions of Windows, and MacOS from its beginning (I used to have copies of all the versions of MacOS ). All of them have their quirks, but on the whole I like MacOS X the best. One of the neat things about it is that at heart it is BSD Unix, so if you know that system, you can use it directly, and if you don't, well, for most things you don't even need to know it's there.

[Antraxxx]

Quote

And presumably linux isn't 100% safe either

Nothing is 100% safe. There was an old saying that the only way to secure a computer system is to disconnect all the cables, cover it in cement and throw it into the ocean, and even then don't count on it. That's an exaggeration, but in real life, your PC will never be safe. However, the common user doesn't have an evil hacker bent on destroying his specific computer, so any de-standardization will usually provide some degree of defense as the primary motivation for most attacks (money) leads attackers to target the most commonly used system (Windows, Internet Explorer, etc). Besides, Unix/Linux has some things going for it that make it generally safer - it's been around longer, it's open source and its basic design was more security oriented to begin with.

Quote

LOL Antraxxx, if they own your computer then some measly add-on "firewall" software isn't going to stop them. Get a real hardware firewall in front of your actual computer if you want that.

Nothing is secure. At home I indeed have a HW firewall. It's certainly better than a SW one, but I disagree that a SW one is useless. I like SW firewalls because they're much easier to use and they take less of a toll on your system, compared to anti virus software. Moreover, the root problem they attempt to solve is decidable (unlike anti viruses), which is how I like the problems I'm trying to solve
BTW I suggest you give Windows another try. Over the years it's evolved, so while it's still bloated compared to Linux, the crashes are a thing of the past and the security design is improved.

Kenberg, if you have time to play around with it, there's a Linux distribution called Ubuntu (or Kubuntu, there's some difference there but it applies to both) that's supposedly very nice and friendly and cool for Windows users. I personally can't stand it, but many people I know can, and you can run it from a CD with no commitment just to get a feel of what it's like.

[gwnn]

I suppose I am a little bit lazy and a little bit computer-dumb but I don't like it that I have to google 'how to (...) in openSUSE' every now and again (I admit that there is almost always a good explanation out there on one forum or another), and in Windows (Vista, on my laptop) whenever I need something I can generally find it after a right click and selecting the relevant button from the popup list.

[y66]

I asked a couple of network admins at work what they do at home. One runs the free version of AVG; the other runs McAfee and doesn't think there's much difference between different anti-virus programs. These guys are both pretty sharp.

The only problem I've had with personal security is with an old hotmail account that got hacked probably because the password was weak.

[gwnn]

I like Avast. Avira is good too but it has these quite big ads popping up every now and then, which I found irritating.

I haven't been infected in the last two years, even though sometimes I visit questionable websites on the internet (let's just leave it at that).

[y66]

I had my Windows PC in the shop last week due to a memory problem which kept it from booting. I asked the owner what he does to improve security on his home computer system and he sent me the following info some of which is beyond my comprehension (not saying much):

Quote

http://www.csoonline...me-network.html has some good suggestions, but they are not the first things that I would suggest for most people. Here are the some other ideas that I think are (more) important. https://www.wired.co...ions-new-year/.

Additionally(?), I do the following...

• Use KeePass to carry and keep all my passwords. I don't use the same password everywhere. See http://keepass.info/.
  
• Don't use Microsoft Internet Explorer or Microsoft Edge.
  
• Install "AdBlock Plus" extension in Chrome and Firefox browsers.
  
• Block 3rd-party cookies in Chrome and Firefox.
  
• Don't do "social media".

p.s. He mentioned in conversation that he is an old Windows guy in the process of moving to linux as recommended by others in earlier posts. He suggested I start by installing Mint on a spare machine from http://www.linuxandu...butions-of-2016.

[kenberg]

Huh!
I saw the topic and thought it might be interesting so I opened it.
Seems I started it more than a little while back.
I suppose BBF counts as social media, so I guess I have violated that one! But I don't do Facebook. I saw a list of various ways to "do social media" and I had not even heard of most of them.

I used Unix and then Linux many moons ago. I liked it, but I have joined the crowd on Windows. I will eventually get around to putting in a new hard drive on a laptop (I have it, I just haven't installed it). I guess I could see if Linux and I are still compatible.

I use Firefox. It suits my personality better than Edge. (I'm not an Edgy person?). .

I had not heard of KeePass. Certainly the multiplicity of passwords, some of them changing every three months, is a pain and I will look at this.

AdBlockPlus? Maybe, but I now have a couple of things and I will probably leave it at that. I use McAffee (The Univ no longer pays for it but the price is low) and I use some other thing that the Univ does supply for five years. They had a hack, and to make everyone feel safer they gave us this program. The five years may be up soon and I may well keep it.

Blocking 3rd party cookies? I have been lazy about that.



It seems to me we are on a collision course with hackers. Sooner or later we will have a serious wreck. For some scams I think it helps to be a small fish, not worthy of serious pursuit. But I don't think that's right anymore. A large number of very small fish can make a tasty dish.

[Zelandakh]

kenberg, on 2016-December-31, 18:31, said:

It seems to me we are on a collision course with hackers. Sooner or later we will have a serious wreck.

CryptoWall 4.0 (and CryptoWall 3.0 before that) were already a pretty serious wreck. I am not sure what the big one was this year but there usually is something doing the rounds around the New Year. I would expect to see another new and improved ransomware in another year - if you know someone that picks it up, perhaps you will get a sense of the wreckage that is already out there.

[hrothgar]

Zelandakh, on 2017-January-02, 05:54, said:

CryptoWall 4.0 (and CryptoWall 3.0 before that) were already a pretty serious wreck. I am not sure what the big one was this year but there usually is something doing the rounds around the New Year. I would expect to see another new and improved ransomware in another year - if you know someone that picks it up, perhaps you will get a sense of the wreckage that is already out there.

FWIW, my best advice is the following:

1. Assume that your system is going to get compromised
2. Make sure that you are in a good position to restore everything as quickly and easily as possible.

I have a windows box that I use for gaming and the like.

Everything that I care about on that box is backed up on a piece of Network Attached Storage that only connects to that device once every couple weeks or so.
If I am worried that something has gone wrong, I just wipe the Windows box down to bare metal, re-install the OS, and then move my games files back over.

In addition, I don't care what kind of system that you use to generate your passwords.
It's not good enough.

Invest in something like 1Password.

[blackshoe]

I was going to mention 1Password, but hrothgar beat me to it. :-)