About protecting the computer

Posted by Vic Laurie
June 24, 2008

Anybody who has been reading this blog knows that security is a big theme. I have spilled a lot of figurative ink writing about safe Internet surfing. I even have a Web site on the subject. In several of my screeds I have been advocating a different approach to computer safety. I have a page here on this blog and articles elsewhere talking about proactive defense and the use of sandboxes and virtualization. As an experiment, I have run several Windows XP computers for months with no anti-virus and no anti-spyware running in the background although I periodically checked with these types of programs to make sure I had no malware. I never got any. I was on the Internet a lot, I read email every day, I downloaded and tried a lot of software.

How did these computers stay clean? I had a two-way software firewall and a hardware firewall in a router. I kept the security patches up-to-date. I scanned downloads before opening them. I had WinPatrol running. I used both Internet Explorer (6 and 7) and Firefox browsers and I ran them with scripting curtailed. I only allowed scripting on sites I knew. Turning scripting off can be a nuisance but unless you visit many different new Web sites constantly, it is easily managed. I have discussed this approach in a series of posts.

And don’t forget the value of frequent backups to an external hard drive. If something gets infected, I might lose a few day’s work but my off-system image backup would be available so I could reinstate a clean system.

Of course, the most important factor in protecting a computer is common sense. I do not click on strange links. I don’t open the innumerable spam emails I get. If I do open a strange email I read it in text to check it out. I almost never read email except with graphics and scripting turned off. I stay away from offers of things that are too good to be true. I only download software from trusted sites (and I check it out anyway).

Do I have a perfect defense against malware? Of course not, since none exists. There’s no complacency here. If a hacker really wanted to, he or she could find a way to plant something on my systems. Am I advocating the abandonment of anti-virus software? Not at all. Many PC users may feel that they are better off if they keep their present panoply of anti -this and anti-that. But I found that the performance hit from all these programs and the constant updating that is required is not worth the marginal extra protection that I get. Others with different levels of computer skills and different usage patterns will disagree but I am not alone in my contention that, for experienced computer users, conventional anti-virus and anti-spyware programs have seen their day.

In fact, the threat itself has changed its nature. Today, phishing that uses psychology and social engineering is the major problem. So far, there is no software that protects against greed and gullibility.

What’s your opinion? How do you protect your computer?

Computer management, Security

Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.

Comments

Hi Vic,

Here’s how I protect (most of) my computers:

http://www.squidoo.com/security2

Philip

Comment by Tiktaalik on June 24, 2008 @ 3:01 pm

Thanks for the link. I am sorry to be late in noting your comment but last week was really hectic.

Comment by Vic on June 28, 2008 @ 7:35 pm

I’ve been away, so I’m only getting around to commenting on this now. I use a system that is fairly unique. Rather than relying on black-lists — a futile task when hundreds of new malware-spewing sites are created daily — I rely on a white-list approach.

Through several simple registry changes, I make the Restricted sites zone the default zone, while allowing the user to add sites to the Internet zone and no longer allowing sites to be added to the Restricted sites zone (since it is now the default zone).

Unless a domain has already been added to either the Internet zone or the Trusted sites zone, one is very unlikely to experience a drive-by download from a malicious site, since the Restricted sites zone (by default) does not permit scripting or downloads. Occasionally, it can be a nuisance to get certain sites to work properly (many sites often require a multitude of enabled domains to work properly), but it is worth the effort in my opinion.

The practices noted in the squidoo.com link are also worthwhile. However, I would add that one should NOT rely on site ratings given by SiteAdvisor, which are often shockingly inaccurate. However, do go siteadvisor.com and see what the more reliable reviewers have to say about the domain in question. The reviews written by good reviewers (SiteAdvisor has a reputation rating) are generally more reliable than SiteAdvisor’s ratings.

Comment by dean on July 2, 2008 @ 1:40 pm

Thanks, Dean. I think that some form of white-listing is an excellent idea.

Comment by Vic on July 2, 2008 @ 2:21 pm

Sorry, the comment form is closed at this time.