Why Spyware Removal Doesn’t Work (4)
First of all, malware (i.e. viruses, worms, Trojan horses, spyware, and adware) cannot be completely thwarted by any anti-malware program. Think about it this way: you’re a single American guard in charge of protecting the whole Mexican/American border from illegal immigrants. Now, regardless of how you feel about the issue of illegal immigration, you will not be able to prevent it. The immigrants have to find a single place to cross while you have to guard everything. In the same way, the computer attackers have to find one hole in your computer, while you have to plug all the possible holes (even the ones you don’t know about). It’s not possible.
The most important thing to keep in mind when trying to avoid malware on the Internet is behavior. Most malware nowadays depends on you doing something (i.e. visiting a site, opening an e-mail attachment, etc.). If you never do the wrong things, you will greatly minimize the chances of being compromised.
The second most important thing when trying to avoid malware is your computing platform. If you’re using Windows, don’t be surprised when the bad guys start time sharing your computer behind your back. (I am aware that you can keep a perfectly safe Windows box, but can your grandmother?) If you want to truly be safe, you need to ensure that your platform is secure. If you need to be using windows, you can use software like VMware in order to browse the internet and read e-mails. And after you’re done, you just reload your VMware image and it is like nothing has happened. It is the operating systems equivalent of an etch-a-sketch. Another thing you may consider doing is moving to a Mac or installing a Linux distribution. Historically there have been thousands upon thousands of different pieces of malware for windows and only hundreds of these things for both the Mac and all Linuxes combined. You don’t need to be a statistician in order to see which one has a lesser chance of being infected.
The third most important thing is keeping you anti-virus up to date and having a so called internet router in front of your computer, so to speak. Never, never connect your DSL modem (unless it’s also an internet router) or your cable modem directly to your computer. Doing this effectively ensures that you’ll have malware company; sometimes within minutes. There are old worms like blaster which are continually scanning the internet for new victims. Most computers when first deployed directly behind DSL or cable modems are vulnerable to recently (or not so recently) patched worms like the Blaster worm.
If you have to use Windows, make sure that you are using a good browser. It is usually your first level of defense against the bad guys. Never use Internet Explorer 6. It is just bad. Not to mention that it is hardly even supported by Microsoft anymore. If security is key for you, you will forgo Internet Explorer 7 and even Firefox and use Opera. Give Windows Vista a chance. For all its shortfalls, it’s still a fairly good platform as far as security goes.
Finally, spyware removal should not even be an option. Imagine that you live in a castle (i.e. your computer), like the ones in medieval England. One day you leave your castle to go shopping and 1,000 thieves (i.e. spyware) break in. You come back and you realize that there are intruders in your castle. You promptly call the police (i.e. anti-spyware, or spyware removal programs) who go through the castle and throw out the thieves. My question to you is: do you not feel safe to sleep at night in your castle? Are you 100% sure that all of the 1,000 thieves have been thrown out?
Once you are (or you think you are) compromised, format, learn from what you did wrong, and move on.
Really great article!
And dont forget the Firewall. Make sure its configured to thwart attacks. Use everything at your disposal to keep out the nasties.
Doug Woodall
2 Apr 08 at 6:38 pm
That’s right, Doug; a firewall is another layer of security between you and the gangsters of the internet age. The great thing about consumer grade internet routers (i.e. NAT routers) is that they are implicit firewalls by design. I think that this is the silver lining behind the recent spread of wireless routers. Sure, people may leave their wireless networks password-less, but at least they’re keeping themselves safe from the internet.
Emil Swenson
2 Apr 08 at 7:52 pm
Interesting and helpful article. I’ve been thinking about writing a blog about platforms myself. But why is the part about Macs crossed out?
Cathie Dunklee-Donnell
3 Apr 08 at 1:29 am
Cathie,
I crossed the Mac part out because it has begun to be a targeted platform by malware authors. It was also recently compromised at CanSecWest by Charlie Miller, who used an undisclosed Safari exploit (Source: http://www.news.com/8301-13579_3-9905095-37.html).
I’m personally a very happy Mac user, but guess I have to finally give up my peace of mind as far as surfing the internet goes. We’re no longer invincible…
At this point Mac users have to do what Windows users have been doing for a while, namely: run our computers as regular users (authenticate as admin only when necessary), stop installing software from unknown/untrusted vendors (may hurt the software community), patch our machines as soon as the patches come out, and demand that Apple takes a more proactive stance toward security and disclosure. The silver lining here is that since the OS X operating system has good ancestry, we can be reasonably safe in the assumption that Apple won’t fail to secure their operating system is they really try.
Emil Swenson
3 Apr 08 at 8:20 am