chrishoffman at October 10th, 2013 06:41 — #1
Originally published at: http://www.howtogeek.com/173478/10-important-computer-security-practices-you-should-follow/
Antivirus programs aren’t perfect — especially Microsoft Security Essentials. If you’re relying on your antivirus alone to protect you, you’re putting yourself at risk. You should still follow basic, common-sense computer security practices.
pd86535 at October 10th, 2013 10:06 — #2
You also need to keep people you don't know away from your physical computer. A friend of a friend of someone they work with comes to a party at your house and asks to use your computer to print something. If you don't know this person very well be suspicious. Once a malicious person has physical control over your computer, it's game over. They can do anything they want to your machine. And they may not actually be intentionly acting maliciously, maybe they don't follow good security practice and open a malicious from their mailbox and get you infected. With nearly everyone having a smart phone or tablet there is very little reason to give an unknown person physical access to your computer.
jackrock at October 10th, 2013 11:03 — #3
Agreed. My wife thinks I'm paranoid, but I now lock my home computer and encrypt it via Truecrypt.
ladyfitzgerald at October 10th, 2013 11:38 — #4
The answer to letting someone use your computer is to set up a heavily restricted guest account and let them use that. Of course, never let someone you do not know well use it ever.
ladyfitzgerald at October 10th, 2013 12:00 — #5
Most of the article had excellent advice but there were a few things I don't fully agree with.
Windows has a built-in firewall, so you don’t need to install a third-party firewall. That's true and it's also true you should never run without a firewall. However, Windows firewall is easily configurable only for inbound traffic; outbound protection is minimal at best and almost impossible to configure for most people. Third party firewalls, such as the free version of ZoneAlarm's firewall is easy to use and, once "trained" (which doesn't take long), is minimally invasive (only occasional pop-ups). ZoneAlarm protects you from software that phones home looking for updates too often for your tastes and any malware that does sneak in from uploading any of your data or, to a lesser degree, starting many unwanted processes.
Keep Your Software Updated — Automatically if Possible The part of that is excellent advice but the second part can cause problems, such as causing your computer to restart unexpectedly at inconvenient times, possibly causing any work you have in progress to be lost (although frequently saving work as one progresses will minimize that danger). Even worse, however, is occasionally updates are flawed. Waiting at least a day or two to make sure there are no problems is usually wiser and avoids having the computer being shut down at inconvenient times.
One excellent piece of advice given in the article concerned leaving UAC enabled. If anything, it underemphasized the importance of UAC. UAC is there to prevent unwanted processes from any nasties that sneak in damaging your computer or compromising your security and/or data. If anything people should set it to maximum protection. Sure 'tis true the pop ups are a royal PITA but the protection provided far more outweigh the minor annoyance and/or inconvenience.
xhi at October 10th, 2013 16:20 — #6
I would also add to look at the bottom of your browser when you mouse over an unfamiliar link in an email or web page. It will show the actual link that you will be sent to. Make sure the domain is one that you can recognize. ie. paypal.com not paypal.joeshmoe.ni The familiar site must be the one immediately preceding the final period in the URL.
Most all browsers and email programs do this when you simply mouse over a link. Check before you click
cliff_dunaway at October 10th, 2013 20:27 — #7
Great ideas! I have one more:
- Never browse with an account that has administrative rights. Create a separate account for admin, and surf using a standard account.
ecurb at October 10th, 2013 22:07 — #8
Sorry, I don't buy the UAC value. UAC simply says that we are doing something that requires different permissions. Fine, I do that all the time. The PC trains us to say OK because the vast vast vast majority of the time it is OK to do. I've never, yet, seen a report that said "the virus would have been blocked if UAC were on." I'd love to hear of real world examples where this has been the case
An antivirus at least is suggesting that there is something suspicious going on -- something out of the ordinary. Not that we are doing something ordinary and the PC constantly asks "are you sure you really want to do what you said you want to do?"
I recall when we changed e-mail to automatically prompt for confirmation when opening an attached zip file or worse, we could only open a zip file after saving it. We could no longer just launch it. This was for security, so we had to think about it before opening a zipped attachment. Soon after that we decided to save space and bandwidth by zipping all e-mail attachments. What happened? Everyone automatically saved and then launched zip file attachments to see what someone had sent them. We were trained, we just did it. You can guess what happened next. A zipped virus started going around. Just about everyone in this Fortune 100 company infected their PCs. Mindless security ("Are you sure?") is not security. I spent several years as an Air Force computer security officer on a classified networked computer system (and before the internet went commercial) and even then we knew such an approach did not enhance security.
raphoenix at October 10th, 2013 22:15 — #9
There is NO need for UAC.
Just disable that so called feature in Windows.
ladyfitzgerald at October 10th, 2013 23:38 — #10
Not quite. The idea behind it is to report every time a process is being started, including possibly unwanted ones, so you have the chance to block unwanted ones.
ladyfitzgerald at October 10th, 2013 23:40 — #11
I agree UAC is annoying. So are seatbelts in a car. That doesn't mean they aren't needed.
xhi at October 10th, 2013 23:55 — #12
So how do the malware and viruses get started on computers with UAC activated?
Would seem to me that folks smart enough to get on your machine and start something are smart enough to bypass the UAC. On all the machines that I have resolved problems on none have reported that they clicked on a UAC which caused the problem. Most of the folks I deal with would have no idea how to turn it off either.
I have never personally seen a UAC pop up that was not caused by me starting a legitimate program.
A more useful procedure would be to allow one to opt out of a UAC on an individual program basis, thus only bothering folks once and remembering that the program is legitimate.
Between the UAC and the Avast NAGS I could sure waste a lot of time if I used them.
ladyfitzgerald at October 11th, 2013 10:09 — #13
You are completely missing the point. UAC doesn't stop malware and viruses from getting on a computer or from starting processes. The purpose of UAC is to alert the user a process is starting and let the user decide it the process is valid or not.
That is why UAC should be set for maximum protection. If UAC set for a lower level of protection (such as the default setting, which is a concession to complaints about UAC), a really clever malware writer could write the code to appear as a program that UAC has been set to ignore.
Seriously? That's like saying one doesn't need auto insurance because they have had or caused an accident. Just because you have never seen it doesn't mean it hasn't happened. And how many people will admit they messed up their machine because the clicked when they shouldn't have?
And we are right back to malware emulating a legitimate program so it can sneak in under the radar. There is a way to do so (there is a tutorial for that somewhere on Seven Forums) but I never bothered to try it; dealing with UAC just isn't that big a deal.
Come on, it takes a whole second or two to read the alert and click on it. Annoying though it is, at worst, it isn't going to cut more than a minute or two out of an entire day's productivity; average users won't see even close to that much.
straspey at October 11th, 2013 10:38 — #14
Forgive me if I sound like a broken record.
I have always used the default setting of UAC and have never turned it off. However, while the UAC may be able to stop a malware from entering your system - once the malware is inside, and tries to go about its nasty business of making changes to your system...it's too late, because UAC does not monitor the system in real time.
Once again - I highly recommend a little program called WinPatrol - which monitors the system in real time, and will interrupt you with a pop-up warning you that a program wants to make changes to your system, or add entries to the registry, etc. - and then asks if you want to allow the change.
WinPatrol is highly and easily configurable, rarely gives false warnings, and is free for the basic version. The pro version, offers some more sophisticated options - such as an online database where you can look up a file or process to find out what it does and if it's safe.
UAC can help protect the point of entry -- but WinPatrol can catch them not only at the point of entry - but also if they happen to make it inside.
(And no - I do not have any personal, financial, or any other interest in this program - other than the simple fact I've been using it for over ten years, with great results.)
WinPatrol was the first program to use a behavioral approach to detect newchanges due to infiltrations and Zero-Day attacks. WinPatrol continues to add unique features and remains the smallest, fastest system monitor of its kind. We recommend installing WinPatrol as your first program anytime you rebuild or purchase a new computer. A snapshot of critical system locations and resources are recorded so if anything changes you'll know what changed and when! This will allow you to maintain or restore your computer to a stable environment.
ladyfitzgerald at October 11th, 2013 11:33 — #15
Good grief, isn't anyone paying attention? UAC is NOT an AV or antimalware program. Again, the purpose of UAC is NOT, repeat, NOT to stop malware from entering your system; it's job is to alert you a process, primarily programs, is being started, which could include malware. And UAC DOES monitor the system in real time. It's job, however, is not to monitor for malware but, instead, to alert the user a process is being initiated, which, again, may include malware.
straspey at October 11th, 2013 11:42 — #16
I see your point. Mea culpa.
Perhaps it might be a good idea for (ahem) someone to write an HTG "article" --
UAC - What is it ? What it does and does not do. Should you use it, and do you really need it?"
ladyfitzgerald at October 11th, 2013 13:52 — #17
Someone already has:
HTG Explains: Why You Shouldn’t Disable UAC
straspey at October 11th, 2013 18:39 — #18
Thank you for that link - much appreciated.
scott_vt at December 19th, 2013 14:35 — #21
This topic is now closed. New replies are no longer allowed.