Safe Surfing + Maintenance

There's a lot of misinformation and informational black holes `out there' on computer safety and safe surfing. I figured I'd add mine to the din.

In case it means anything, I have been into computers since before there was a personal computer. I started on what looked like a big old electric typewriter(ASR33?) which was connected through an acoustic modem to a mainframe somewhere. I hit most stages on the way to where we're at now. If nothing else, I've been around a while. These things have worked for me.

Having been around and worked in large IT departments, I'm aware that not everybody listens (gives a rip) to advice. With that in mind we're going to do Multiple Personality Safety. This is where I tell you the straight facts, then I accurately guess what you're going to do anyway (in a different color).

1. Do not use the computer in the bathtub (when it's plugged in).

[probably will take this advice]

2. Assume everything is hostile, from a floppy to a web page to an email. Your best bet for protection is to act paranoid. Or, as a coworker says, "I'm not paranoid; I'm acutely aware." Most of the people who wind up with malware invite it through commission or omission. Don't recognize the name of the email's sender? Don't open it. Turn off the preview pane because this is the same thing as opening the email - do you want a virus? If you recognize the sender but the subject looks weird, send them an email asking if they sent the previous one. If not, someone got virused. Virus scan all downloads - virus scan every file.

[Is he kidding me? Let's go download something off Limewire.]

3. Stop using Limewire, Kazaa, and those types of file sharing services. Most of the results are fake and the remainder are full of viruses and other lovely things. If you simply can't live without files, at least use a bittorrent client (I like utorrent - it's small and fast). Use encryption any way you can.

[But I like Limewire. Ok, maybe I'll try utorrent or Azureus.]

4. Use a replacement HOSTS file. Whatever your operating system, you have a HOSTS file. If you follow the link, you can download a free replacement file. It has a current list of malware sites, government sites, and MPAA/RIAA sites which it blocks for you, no questions asked. If you run Win 2000 or XP, you can find it in c:\[win or windows]\system32\drivers\etc. In linux it's /etc/hosts. Sorry, Mac people, I don't know. Regardless, anyone can do a file search to find it. Windows users: make sure you don't save it as hosts.txt. You need to leave off the .txt extension or it won't work.

[Yeah. That's a lot to remember. And you have to update it monthly? Right. That'll happen.]

5. Patch your Operating System. Really. That's what Windows Update is for. For the most part, the stuff they're sending you is for your own good (assuming you like using Windows). It's ok to not accept Genuine Advantage or browser `upgrades'. Accept the rest of them though. Windows has more holes than swiss cheese, especially in Internet Explorer. Patch it often. Linux: you know what to do, people.

[I just say NO when it asks me to do anything. Those little reminders are annoying.]

6. Use a good antivirus and update it at least weekly. You don't have to pay out the wazoo for a capable antivirus. There are some good freeware AV's out there. I used AVG (until version 8, when it became bloated). I'm looking at Clam now. It works fine on Windows and there's a linux version too. All of them can be set to auto-update so you don't have to remember. This is worth its weight in platinum.

[Ok, fine. I'll download the free antivirus.]

7. Browser safety. This is where most of the junk gets into your machine. One of the main reasons is because people don't update, don't scan, and use the wrong browser. What is the wrong browser? Internet Explorer. It's like waving a red flag at a bull, saying, "HERE I AM, VIRUSES. COME AND GET ME!" The default safety settings... aren't. I'd chuck it completely and use Firefox or Opera. There are times when poorly-designed sites require IE (and you can't fake it out). Crank the safety settings through the roof. I mean it.

[WHAT? That's too much trouble. I'm using IE. Screw him. Who does he think he is, telling me not to use IE. He's like one of those Windows bashers, isn't he?]

* mmmm...... cookies: cookies are little text files that sites put on your hard drive, sometimes to help navigation or remember who you are, other times to track you. Banking sites will require them, as will others. I shut them off unless absolutely needed. Sometimes I keep one browser for cookies and another without them enabled. Most browsers are now site-specific as to whether or not you want cookies. I'd rather put my login and password in each time than be remembered (tracked). Sites can tell a lot from your cookies, like where you've been and when. Is it really any of their business?

[What the hell's wrong with cookies? My mom makes great chocolate chip cookies.]

* Java, javascript: this is where most of the actual trouble is. Leave Java enabled. Javascript is a mess. It fries my patience so I turn it off. Some sites require it but I only turn it on for very important sites. Otherwise I'd have crapware all over my computers. I stopped using Ad-Aware because it wasn't finding anything due to my safety precautions. Unfortunately this can affect the functioning of some pages. More and more are using it, which makes me less and less happy. Ymmv.

* Flash: this is another personal no-no. There is really no good reason to use Flash (jaws drop all over the internet). Flash is about prettiness and blinky lights. I don't have the time for pretty. Flash has also had a number of vulnerabilities over the years, opening your computer to malware. Why bother? If you need to watch YouTube so badly, download the videos and watch them in VLC. Works for me. There are some sites, designed by the blind, that are composed entirely of Flash. Sorry - I just don't go there.

[Oh my GOD. He just said Flash is no good. He cannot be allowed to live. BLASPHEMER! Kill the heretic! He's a witch - burn him!]

8. Malware/spyware/crapware cleaners: As I mentioned, I used to use Ad-Aware but since I surf safely, it stopped catching anything. I highly recommend Spybot Search and Destroy. It has a component called Tea Timer (you have to indicate that you want it to run) which is sort of like a firewall (see below). Whenver a program tries to write to the registry, `phone home' or make system changes, Tea Timer/Spybot will alert you and ask your permission. It's worth the very short amount of training time to make it work right without your intervention.

DO NOT UNIVERSALLY HIT YES OR NO TO MAKE IT GO AWAY. Pay attention to what it's asking you. If you don't, you'll wind up with all sorts of things you're trying to avoid. Much as I don't like Vista, there's a good reason why it asks you for permission to do things. (of course I won't USE Vista....)

Hijack This is a tremendous tool. Unfortunately it's also very detailed and can do a lot of damage if you use it incorrectly. Fortunately there's a lot of support on their forums, where you can post your logfile and ask people to help you analyze it. If you're not careful, you could wind up learning a lot from this.

There are a lot of spyware programs out there in the wild. Since I don't do much surfing on Windows, I don't use them. I hear good things about one called SUPERantispyware or something to that effect.

Cleanup: there's a really good program called CCleaner (formerly Crap Cleaner - I kid you not) that will go through your system and clean up huge amounts of things you don't need. Just make certain to review the delete list before you actually delete anything.

9. Firewall: you should not be connected to any network without a firewall. Yes, recent versions of Windows come with a firewall. No, you can't trust it. You can, however, find some nice freeware to install that will do the job admirably. Click the next link to check out some. A firewall is just that: a wall between you and THEM, which protects you from THEM. No firewall? You're hacked.

A really good site to compare and download freeware can be found here. All links go to free downloads. None of the software mentioned above will cost you anything. Would you invest a little time in protecting your system with freeware? It will be time well spent.

If you follow the above (preferrably the ones in black text) you'll be in pretty good shape. Remember - treat everything as hostile.

[Ya know.. that's just too much work. I don't wanna.]

Personally I don't care whether you're careful or not. But when your system slows to a crawl, gets a virus, sends your financial info to Russia and China, gets remote-controlled and starts spewing out Viagra ads to your friends and family, don't come crying to me. I'll just laugh and tell you that it's an awful shame, isn't it. Maybe I'll even refer you to this page for some tips (after you pay a lot of money to have the computer cleaned or reformatted, losing all of your data). Yes, some of the malware is so bad that all you can do is reformat (or spend a few long hours researching and trying to fix the problem). It becomes faster to just start over from scratch. I hope you have backups....

There's a very old story about how people learn to back up. They invariably learn the hard way. A computer blows up, taking all the data with it, and the person didn't have any backups. If it's business data, they can spend a few thousand bucks going through the recovery process (which isn't guaranteed). After that, they start backing up religiously. Or they just do the whole thing again.

If you have any tips or tricks that have worked for you, please chime in!