Dump your Antivirus and Live Free. Part 1
First published—07 September 2006.
Updated—17 January 2008.
In case of Windows Vista solution is simple: do not disable the User Account Control, in spite of what some snobs are saying. This is the way to avoid antivirus hell.
Introduction
Now let me ask you – what are you afraid of?
For example, I’m concerned about losing my data (photographs, mail, etc.). I’m not afraid though, because I have backups. If you have never done backups, you should. User with timely backups is literally invulnerable. You can always recover. I mentioned that because to me it is stupid to talk about PC security without having backups done.
OK, let’s consider it is a simple idea. It is a well known fact, that human being is the first cause for computer security breaches. I mean the originator and the mediator altogether.
OK, let’s put away originators (virus makers, hackers, script-kiddies) and talk about mediators – users who mostly unwillingly put their system/data/hardware at risk. Take a regular user of home desktop connected to the internet.
How can malware creep to his/her hard drive?
There are five typical scenarios (probability is descending):
- Received an attached file via strange e-mail and double clicked it.
- Visited a website for adults only or other black pages deliberately or not.
- Downloaded a file via Torrent (eMule, etc.) which looked too good to be true – “WinZip11.rar”,”VistaRTM.rar”, and tried to installed it.
- Have always-on broadband internet connection and have not updated the system/programs recently with security patches or have no firewall (hard to believe these days).
- Downloaded programs with unclear origin like key generators and program patches and used them.
None of these scenarios guaranties by itself that you will get infected, but that’s the way to look for trouble. It’s clear that broadband internet is dangerous per se. But I would go further to say that if you really want to keep your data secure, be sure to have no connection from the computer which holds the data to the internet in any form: direct, bridged, wireless, ADSL, dial-up, proxy, via hardware rooter, literally none. Buy another PC and keep it isolated or at least make a separate wired LAN connection to transfer data.
The point is that it’s very unlikely that you have/need that kind of data of that level of importance, so do not go for this overkill. Just be aware.
Real Problem
The real thread is leaking personal information (SSN, credit cards, passwords, etc) and/or turning your PC into the war-bot (so-called zombie PC). In this case somebody is taking control over your PC by means of exploits and Trojan horses. I will try to explain how to avoid this while being smart and not wasting your computer resources.
Root Cause
Let me start with the favorite drum-beating theme of anyone who wants to paint Microsoft Windows black: “Windows is not and will be not secure! Blame Bill! Switch to Mac/Linux!”
Security problems for PC users nowadays have several different root causes.
First in the row is the level of technology progress, computer density per square mile, and home user exposure to World Wide Web. Did you hear about spyware ten years ago? Could you imagine wireless networks ten years ago as they are now? Did you know term “firewall” ten year ago? The Windows evolved, but so did the world. And giving the fact that Windows is the most popular OS, whether somebody likes or not, it has been the most favorable target for the virus makers and other malware developers. Is Windows XP is safer than Windows 95? It is thousand times safer. But I doubt you had a high-speed permanent internet connection back in 1996. Technology enables all the good stuff as well as malicious one. So, can we blame Microsoft for the security breaches in its OS? Of course, we can. They could sometimes test better their products before the final release, but you have to be God to predict all the pitfalls.
My idea is simple: there is no way you can stay safe for certain with the exposure of this magnitude. Otherwise prove me with examples.
Look at the situation nowadays. Security companies search day and night to compromise Windows security and if they find something they publish it in their bugtracks available for all (read “for those who is interested”). Microsoft, of course, has to catch up with the patches. In the meantime script kiddies take their opportunity. In the end, those who do not update in time suffer. Glory to the security pros, blame to Microsoft, we are (the users) in sh%%t. So, who started it?
In the part 2 we will talk about how to dump antivirus and turn your new Windows Vista (same actually applies to Windows XP) to the Fortress.
Popular Searches
Windows Vista Firewall Outbound Protection