What does this mean, exactly? Well, computer security is a concept not easily grasp by many. I know this all too well, based on my experience with troubleshooting other people's computers. Security comes from a combination of common sense and knowledge, and not completely relying on a program to keep safe. For example, no program in the world can prevent your email account from being hacked if the password is "password". You'd be surprised how easy it can be to get into account just by guessing a password.
However, don't get me wrong. A security program is still essential to keeping your computer safe. It also depends on your browsing habits, what sites you go to, what you download, what programs you actually run from said downloads, and even the browser you use. Let me break it down.
Popular sites such as Facebook, Google, and GameFAQs are generally safe to visit. However, it's when you start to search for... Questionable content is when you increase the risk of getting viruses or malaware. Say, for example, that I find a site called "http://www.littlekittenwarez.com" (I just made that up, don't actually go there... Could actually exist), chances are that site has some malicious code that'll install... malicious code onto your computer. Even sites you visit often has a chance of injecting spyware into your system just because of ads, or because the site got hacked.
Downloads are another matter. Even if the site doesn't have malicious code and you think it's safe, the file you download could possibly have malicious code in it, that could quite literally ruin your computer. It's best to download from reputable sites, and do some research on the program before you actually run it unless you're sure it's legit.
Speaking of such, common sense comes into play when dealing with threats, especially when it doesn't look like a threat. What I'm talking about Rogue Antiviruses, or programs that are disguised as real antivirus programs but in actuality are only there to make a quick buck off of ignorant users and possibly even infect your system with, say, a keylogger. It's important to be able to identify these programs or else you'll fall into a trap. If a security program doesn't catch it, you'll have to.
Lastly, a browser plays a role into how secure you are on the internet. If you're still using Internet Explorer 6, upgrade to Internet Explorer 8 or use a different browser such as Firefox or Opera. IE6 has so many security holes, flaws, and is the utter bane of web designers up there due to its non-compliant HTML standards. It's possibly the worse browser out there due to those reasons.
It does take some time to get a better grasp of surfing the internet securely. For me, I can spend hours searching horrendously infected sites without getting a single piece of malicious code. The reason why is, first off, I use common sense to not download any suspicious looking programs. Second, I ditched Internet Explorer for Firefox. Lastly, I run Adblock Plus and Noscript.
Adblock does as the name says, it blocks ads saving your bandwidth and whatever chance there was for an ad to infect your computer. You also get a nice clean page to look up instead of a convoluted clustered page with ads. Although, if you love your sites, you'll whitelist them so they can continue getting revenue off of your visits to the site.
Noscript is a bit more complicated, but extremely useful as a first layer of protection. With it does, in a nutshell, is stop ALL code from running on a page. Java, Flash, etc... This completely prevents anything malicious from running. This is a double-sided sword though, since this quite literally breaks most sites such as Youtube. But it's an easy fix, all you have to do is allow the website using a few simple clicks. Functionality restored. For the first few days of using this addon, you'll be annoyed by the amount of times you have to allow a site. But after a while, you'll have all the permissions you need and you'll only have to allow a new site maybe once every few days. Used effectively, it would be possible to browse the internet without the need of a security program.
One last addon I'd like to talk about is called Web of Trust (WOT). WOT tells you if the site is safe or not. So easy, a monkey could use it. If the icon's red, the site has some questionable stuff, whether it be the content, trustworthiness, or files. If it's green, you're good. This addon is extremely useful for searching the web, as it also shows you during Google searches the status of that site. And if you do end up going to a bad site, a big fat popup appears saying this site cannot be trusted. You can still continue if you want to, or panic and click the X button.
The final results of those addons can be seen here.
How you browse the internet is entirely up to you. I highly recommend using Adblock and WOT, since they're non obtrusive and simply work. If you're feeling lucky, you can give Noscript a shot.
You don't only have to stick to Firefox though. Google Chrome is actually a very secure browser, due to its sandbox nature. This means that everything is contained within Google Chrome, so it's very difficult for malicious code to execute. I'm not sure about the nature of Opera and IE, but I'm sure they're decent.
---------------------------------------------------------------------------
Now for something new. You should be well aware by now that there are three types of operating system. Windows (Microsoft), Mac OSX (Apple), and Linux (Open Source, or freedom to do whatever the hell you want). It's common knowledge that the majority of exploits, hacks, and malaware are written specifically for the Windows operating system. This is due mainly to the large user base of users. However, this doesn't mean the OSX and even Linux are safe. In fact, it would be easy to attack such systems since the chance of them having any sort of virus protection. However, in the case of OSX, their kernel is locked down so it's difficult to do permanent damage to the system, to my knowledge. So if I ever see you on the street and you tell me OSX is a safer system then Windows because Windows suck, expect a swift kick to the face. Well, a slap. Depends how coordinate I am.
64 bit operating systems also play a role in security too. Since certain code made for 32 bit operating systems CANNOT run on 64 bit operating systems. I'll write about 32 vs 64 bit some other time, however.
Anyways, since I know more about Windows then I do OSX and Linux (Although, I DO have the operating systems on me so I can explore them some more), I will mainly be talking about Windows security since most users seem to have issues grasping the basics of it.
First off, Windows Update exists on your system for a reason. It's because there are hundreds of exploits on the OS that can be.. exploited. Generally Microsoft fixes these exploits through Windows Update.
Secondly, Windows XP is an age old OS and doesn't have the protection of Vista and Windows 7.
Third: The user is running either a crappy antivirus program or IT ACTUALLY EXPIRED. I can't begin to describe the horrors I felt when I had to deal with one such computer. Which brings me to my next point.
Free security programs are as good as paid programs for the average user. Seriously, you don't need to pay $60 every few months just to have a program (Norton) that will catch a virus, maybe once every few months, and also bogs down your system. Free solutions work just as well, such as AVG, Avast! and my personal that comes directly from Microsoft themselves, Microsoft Security Essentials.
I highly, HIGHLY, recommend Microsoft Security Essentials in the place of your current security program (with the exception of maybe Sophos), or even if you aren't running one (For a few weeks I actually did this). It's memory footprint is extremely light, it's VERY effective at catching malicious software, even browser hijackings, and it doesn't impact the system performance at all. It does everything you need, it has active scanning and protection, meaning it scans every file you download, every file you're viewing, and yet it doesn't affect system performance. And of course, it does quick and full time scans. You'd be amazed how quickly it identifies malicious software. Even more so, it can actually identify if something is malicious or could cause problems even if it doesn't have it in MSE's definitions. One HUGE flaw and pet peeve I had with other antivirus programs were their false positives, or they would identify a program as malicious even if it wasn't. With MSE, I literally had 0 problems with this.
Finally, Firewalls. To be honest, I believe the default Firewalls on Windows Vista and 7 are good enough. Unless you have someone out to get you or have extremely sensitive, then you really don't need anything else if you're even a tiny bit careful. In my personal experience, third party firewalls only created more problems than they solved, so I simply stuck with the default. However, if you're paranoid, Comodo Firewall is good.
To recap:
Firefox
-Noscript: Blocks ALL code. It's like god mode.
-Adblock: Blocks ads
-Web of Trust: Tells you if site good or bad
Operating Systems:
Windows: XP, not so good. Vista and 7, fairly security. Could do with security though
-MSE: Really good security program, highly recommended. Lightweight, unobtrusive.
-Firewall: Default should be good enough
Well, this turned out to be a lot longer then I expected. I realize that some of the information may not be true, and the quality isn't exactly as I wanted. And there's some things I decided to cut out. I'm tired, screw it. I do have a few more things to say, however.
It took me several years to get hang of this "Security" thing. Notably, from my years in middle school with dial-up to high school with broadbrand. Now, I think I've got a fairly good grasp around it, and I'm fairly safe online. The trick is to leave your comfort zone and learn how to implement security measures. In time, they'll become second handed nature to you and you'll find you feel a lot safer when using the Internet. Lastly, your little brother or pet goldfish getting a virus on your computer is a retarded excuse. Put a password on, or use MSE and almost nothing can go wrong.
Edit: Something I failed to mention. Also be wary of those "Hahaha look at this it's so funny!", especially if you know your friend never types like that or it's someone you don't know. Chances are their computer (or account) has been compromised, and following their link or whatever will also compromise your system. Unless, you have ample security of course.
No comments:
Post a Comment