Tuesday, December 2, 2008

‘Cyberdoom’: Better paranoid than sorry

Over the past several weeks, we’ve discussed some obvious, mostly internal, computer security concerns that might compromise your privacy, your data and your business.

In this article, our last on computer security, we’ll talk about intentional security threats arising from external sources — in other words, viruses, “spybots,” Trojan Horses and other malicious software. In this context, the old maxim, “If you’re not a little paranoid, you’re not being sufficiently careful,” is assuredly true.

There are numerous potentially serious security problems that have roamed the Internet so long that their exact genesis can be hard to pinpoint. And, of course, new ones are added daily.

Computer viruses and other malicious software are easy to write — 12-year-olds can download virus writing software even though setting any malicious software loose is a serious federal crime.

Viruses typically are designed to simply wreak havoc on your data and, less often, on your hardware. Other malicious software include “rootkits” that burrow almost undetectably into the very core of your computer operating system, and various forms of spyware that quietly send select data and possibly keystrokes such as passwords and PIN numbers, to a remote, often obscure location.

There’s not a single general method of exchanging data that will always be secure without taking some precautions. At one time, most malicious software was thought to spread through floppy disks — remember them? Probably, but only if you are more than 13 years old.

Back then, malicious e-mail attachments and even “free” picture and screen saver files were primary sources of external computer infections. More recently, malicious programs have been hitchhiking within ubiquitous USB flash drives and even digital photo frames.

In fact, the U.S. Army just banned the use of flash drives until further notice, and new Chinese digital photo frames were recently found to include hidden security-breaching software that could transfer to your computer by hitchhiking on your SD photo memory card. Are you feeling paranoid yet?

Yet, even if cyberdoom may someday occur, day-to-day computing can be fairly trouble-free if you take reasonable precautions. Avoid sharing data with users and computer systems that you don’t trust. Be careful about opening certain kinds of e-mail attachments, such as executable programs and files with embedded macros. Set your Windows system to limit the access of Java and ActiveX scripts.

There several basic lines of defense. First and foremost is to ensure that you have properly installed all Microsoft security patches. First, run Windows Update. Then, check whether your operating system’s basic security is current by running Belarc Advisor, available as a free download from www.belarc.com. Belarc is a recognized security provider to federal agencies and their free Advisor program not only does a comprehensive system audit, but identifies any missing or improperly installed security patches and includes a link that takes you directly to the Microsoft Web page that provides further information and, in most cases, a direct download of the missing security patches.

Another generally accepted, free security program is Spybot 1.6, which seeks out and deactivates spyware, a type of software that, in its least malicious form, silently tracks your Web surfing behavior to create a marketing profile of you that is transmitted without your knowledge to third parties and perhaps sold to advertising companies or scammers.

Internet “cookies,” which track your access to various Web sites, are among the most common but typically most benign sort of spyware. Much more dangerous spyware exists and you should periodically scan your computer for it using either Spybot or the spyware component of Internet security suites, such as AVG 8. One reputable source for Spybot is www.softpedia.org. The URL for Spybot 1.6 is http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/SpyBotSearch-Destroy.shtml.

You’ll need comp-rehensive security software to block attempts to infiltrate and infect your computer system. Norton Anti-virus used to be a favorite, in part because there was a time back in the old DOS command prompt days when Norton was about the only one around.

Several years ago, the Norton-branded software started losing favor because it was a resource hog that slowed down computer systems by as much as 30 percent, in my own tests, and because its somewhat dated programming approach seemed to introduce instabilities into Windows computer systems. As a result, other antivirus programs gained a foothold and ultimately expanded into fully functional security suites that now dominate the market.

At the moment, my favorite Internet security software is AVG Antivirus, now in version 8, and typically purchased by paid Internet download, although a free trial version is available. Grisoft (www.grisoft.com) publishes AVG Antivirus in the Czech Republic. (It’s OK — they’re now a member of NATO and switched to our side. )

AVG version 8 has several nice features: It’s updated several times a day and its subscriptions are both reasonably priced and run for two years. AVG 8 does not cause system instabilities and does not make heavy demands on a modern computer’s resources, and hence will not perceptibly slow it unless it’s doing a full hard disk scan.

The entire AVG security suite installs by default and is highly configurable to fit whatever blend of security, performance and ease of use most suits you.

You can easily configure each AVG module using the “components” submenu from the main AVG menu bar and then clicking on the component that you want to configure. When you configure AVG 8, ensure that the system updates itself and scans your system at least daily, even though scanning your computer temporarily slows it.

Automatically scan all incoming and outgoing e-mail and Web pages. Also scan all potentially infectable data and program files traveling solely within your system.

Enable “heuristic” analysis that spots suspicious software behavior even if that software doesn’t match any currently known virus. Enable the “rootkit,” “resident shield,” “Web shield” and spyware modules. Although AVG includes an optional firewall program, I still prefer using Microsoft’s Windows Firewall because it works more transparently. AVG’s firewall is so secure that I am often unable to even access my Internet connection and expose my system to potential virus infections and security breaches.

Now, that’s secure!

Local attorney Joseph Kashi received his bachelor’s and master’s degrees from MIT and has been writing and lecturing about technology throughout the U.S. since 1990 for American Bar Association, Alaska Bar Association and private publications. He also owned a computer store in Soldotna between 1990 and 2000.

No comments: