Review Index:
Feedback

Greater than 20 Percent of Malware Articles Miss the Point

Manufacturer: PC Perspective
Tagged: Malware

Infectious fear is infectious

PCMag and others have released articles based on a blog post from Sophos. The original post discussed how frequently malware designed for Windows is found on Mac computers. What these articles mostly demonstrate is that we really need to understand security: what it is, and why it matters. The largest threats to security are complacency and misunderstanding; users need to grasp the problem rather than have it burried under weak analogies and illusions of software crutches.

Your data and computational ability can be very valuable to people looking to exploit it.

The point of security is not to avoid malware, nor is it to remove it if you failed to avoid it. Those actions are absolutely necessary components of security -- do those things -- but they are not the goal of security. The goal of security is to retain control of what is yours. At the same time, be a good neighbor and make it easier for others to do the same with what is theirs.

Your responsibility extends far beyond just keeping a current antivirus subscription.

View Full Size

The problem goes far beyond throwing stones...

The distinction is subtle.

Your operating system is irrelevant. You could run Windows, Mac, Android, iOS, the ‘nixes, or whatever else. Every useful operating system has vulnerabilities and run vulnerable applications. The user is also very often tricked into loading untrusted code either directly or delivering it within data to a vulnerable application.

Blindly fearing malware -- such as what would happen if someone were to draw parallels to Chlamydia -- does not help you to understand it. There are reasons why malware exists; there are certain things which malware is capable of; and there are certain things which malware is not.

The single biggest threat to security is complacency. Your information is valuable and you are responsible to prevent it from being exploited.  The addition of a computer does not change the fundamental problem. Use the same caution on your computer and mobile devices as you should on the phone or in person. You would not leave your credit card information on a park bench unmonitored.

Read on to understand what malware is and what it could do.

May 13, 2012 | 09:10 AM - Posted by Moogle Stiltzkin

the best computer security i think is this .....

anti virus: nod32

anti pop up: admuncher

sandbox: sandboxie

other things to do ...

1. regularly update windows 7 64bit

2. update the other software mentioned

Essentially the sandboxing will be the biggest help in ensuring even if a virus does get onto your pc, it wouldn't be able to do anything and can be easily cleaned.

i tried sandboxie browser setting. when your browse under sandbox, now and then you would download something and want to move the file out of sandbox to your hard drive proper. you can easily do that in sandboxie to authorize the downloaded file like a video etc to move out of the sandbox.

PS: forgot to mention a hardware router with firewall and portforwarding is a must these days. i don't recommend upnp, instead do the port forwarding manually :X

May 13, 2012 | 09:26 AM - Posted by Goofus Maximus (not verified)

We're all human, and that means that we will all be tricked at some point or other, no matter how paranoid we get, short of living in a concrete cell with no communications at all.

I just live my life normally, with nothing more than my usual habitual paranoia (such as turning off/blocking all services that I don't need or want like remote access or NetBIOS, and running NoScript in my browser). For the rest, I just keep an eye on things like my credit reports, or reports of e-mails from "me" that I never sent, that will tip me off if things are wrong.

May 13, 2012 | 09:30 AM - Posted by Goofus Maximus (not verified)

Shimata! I forgot to mention one very helpful security utility for Windows, that I always use and recommend! EMET 2.1 from Microsoft, which lets you turn on/manage all those windows security enhancements, both globally, and for individual programs, even if those programs don't support said features.

May 14, 2012 | 05:23 AM - Posted by aussiebear (not verified)

Since I use both Windows and Linux...

For Windows
* Windows XP or 7 (Professional versions)
* Password the default Administrator Account.
* Set up Limited or Standard User Account. (SUA or LUA)
* Apply Software Restriction Policy. (Default Deny)
* MS Enhanced Mitigation Experience Toolkit. (Applied on browsers, Flash, Java Runtime, etc.)
* Stay updated. (Use "WSUS Offline Update" if multiple machines.)
* Practices adopted from Linux...
=> Only use Administrator account to install/upgrade/update. Daily computing use is only done with SUA/LUA.
=> Disable or remove anything I don't use.
=> Only install applications from trusted/known reputable sources.
* Firefox with NoScript.

End result? No malware encountered for the last 5+ years.

For Linux (Desktop)
* Stay updated.
* Standard User for daily computing use.
* Disable or remove anything I don't use.
* Only install applications from trusted/known reputable sources.
* Firefox with NoScript.
* Use SELinux or AppArmor (Depending on Linux distro) for refined access control of applications or vulnerable areas.

End result? Never encountered malware since using Linux from 2005 onwards. (Spent 1 year learning and breaking old, bad habits: "Transition Period". Started using Linux full-time in 2006).

For home network firewall/gateway, I use a custom build, low-power PC with Linux-based solution called ClearOS. Has anti-malware, intrusion prevention, URL filter, Protocol filter, Spam filter, Multi-WAN, etc.

I never use remote access. I take the perspective that I must be physically present to use the system.

March 11, 2014 | 10:25 AM - Posted by Nafis (not verified)

HI Scott!
I am grateful for this post, it was informative. But my lap restarts these days after showing a blue screen. i tried this Spyhunter anti spyware tool. the issue is now solved after i scanned with it, but now some error notifications appear.
any solution?

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote><p><br>
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

By submitting this form, you accept the Mollom privacy policy.