Internet Safety: Installing Necessary Programs and Updates
Let’s face it: the internet can be a dangerous place. Yes, we use it every day, and we praise it for many things – like being able to keep in touch with friends and family, or being able to find out practically anything we want to know more about just by googling it.
But there are dangers online, and sometimes we’d rather not think about them, because they can be so horrible to even contemplate. In the wake of recent, and ongoing hacker attacks against major companies, you can go one of two ways: one would be to become complacent, thinking that they will focus only on the big boys, and not little old you – and for most big-time hackers this is probably true. Or you could wake up and think: It’s time that I took all this more seriously. Because it could happen, and it does happen to people.
Recently I had this wake up call, and got into action, and while I’m learning myself, I’d like to try to point out what things you should take into account when online. This article will cover programs and updates, as well as tools you should use to ensure you are properly protected.
Update your operating system
Going online with an unpatched operating system leaves you vulnerable. Always update your O/S, and make sure you run a legal copy of the O/S too, as copies obtained from torrent sites and the like might already be bundled with malware. With Windows, if nothing else, download and install the service packs available off of the official Microsoft website. There are other security updates and the like you might consider too, but you can get them easily by using Windows Update in your control panel on your PC. Important updates should be installed as soon as possible, while optional updates aren't as necessary in most cases. It might also be time to ditch Windows XP in favour of Vista, Windows 7, or Windows 8 as well. These operating systems have increased security measures, such as UAC (user account control). When Windows 9 comes along, then naturally people will start switching to that one gradually.
You should keep Windows core programs updated and patched too, like Windows Media Player, and Internet Explorer, which will happen automatically while updating Windows.
"Always update your O/S, and make sure you run a legal copy of the O/S too."
Keep Flash and Java updated
There’s malware that might exploit an outdated version of Adobe Flash Player or Java. In fact they're said to be the two most prolific methods of infection by some.
Make sure you are running the latest possible version of each when online. Sometimes however there are problems with newer versions of Flash, and people sometimes forego updating until Adobe, Mozilla (Firefox), or Microsoft (IE) - or whichever browser you are using - come out with updates that address the problem, but this isn't the recommended solution. Rather check the official forums for advice in this sort of situation. You may need to run the standalone installer which can be run offline instead of the web installer in some cases.
Some say it might even be safer to just disable Java addons in your browser or uninstall Java entirely, seeing as even with an up to date version, there are exploits for it. And Oracle is slow to come up with fixes.
"It might even be safer to just disable Java addons in your browser or uninstall Java entirely."
Use and Update Internet Security Programs
First off, with any fresh system, I turn to internet security programs. You can go one of a few ways here: you can use freeware programs, or you can splash out and buy a security suite. You can also stick to using the tools that come with your operating system or that are provided for free by the company it's owned by. Windows has a built-in firewall, and you can also utilize Microsoft Security Essentials (a free download), which is an antivirus program, Windows Defender, which is an anti-spyware program, and Microsoft's Malicious Software Removal Tool, which usually runs once a month when you update Windows, although there is a downloadable version, too, that can be run at any time. There are also other tools that Microsoft provides that you might look in to.
I’ll be honest: for most of my years on the web, I’ve stuck with using a combination of the freeware variety and Microsoft's tools. I’ve read some say that the security these programs provide can be good enough for a home user, and while that might not be good enough for a business, it's good enough for me.
Firewall
The firewall’s purpose is to stop hackers from gaining access to your PC over the internet. Hackers will usually use programs called port scanners to scour the internet for unprotected PCs. An unprotected PC will answer the query that the program puts out, basically saying “Here I am, here I am, and how do you do?”
Whereas a firewalled system will not answer; more likely to block the request, and therefore be “invisible” to hackers or "stealthed". Having a firewall will also protect you from other threats online, such as existing malware on your system trying to touch base with a hacker. Never attempt to have two firewalls installed or at least active at the same time though. Only have one - unless you happen to be running one software firewall and you also have a hardware firewall too, which might be built-in to your router, if you use one (some routers have two).
Zonealarm and Comodo are examples of free firewalls, but paid versions are also available. Nowadays people are leaving ZoneAlarm in favour of Comodo, seeing as it has less issues, and the free version is fully functional with all features included, too. It took ZoneAlarm years to catch up and offer a free product that features both a firewall and antivirus capabilities. Windows 7's firewall is said to be rather good, too.
"Having a firewall will not only protect you from threats online, but even existing malware on your system trying to touch base with a hacker."
Anti-virus software
The majority of these will have scanning abilities, which will comb your system for threats and then alert you if something is found – often giving you the option of quarantining the threat, removing it safely, and hopefully cleaning your system so that it might resume it's normal functioning state.
Some anti-virus programs will have this, but you might have to look in to something separate: anti-spyware. Anti-spyware programs will also allow you to scan for spyware, malware, trojans, adware; the lot. The programs that I use nowadays are far more likely to bundle anti-virus and anti-spyware scanning together than they were years ago – but not all do this. Some will even include anti-rootkit scanners too. If you can get all three, then that’s good value for money (or not, if it’s free anyway).
It’s a good thing to remember that you should be choosy when picking your internet security. Programs will often conflict with one another, and it’s a hell of a job to uninstall or reinstall programs to try and find out what’s causing one to be blocked and so on.
Also, it’s like they say: there are new threats online every day, so it pays to update your anti-virus and firewall software frequently, and the virus definitions.
Paid programs might well offer you features and increased security that the freeware versions don’t. If you want increased security, then consider spending a little money. This isn’t to say that freeware programs are rubbish. I’ve used them time and time again and I’m usually happy with them. Some freeware products are even better than the commercial ones according to several independent tests. Good free anti-virus programs include Avira or Avast. AVG is known for picking up plenty of false positives which is a pain, and so has been abandoned by some for this reason among others. MSE (Microsoft Security Essentials), which I mentioned above, was recommended until it failed a series of tests over at av-test.org.
One thing that paid suites will offer is real-time protection, which actually monitors what’s happening on your PC at any one time. This can be a lifesaver, as it can spot processes and programs that are up to no good, where programs that offer no real-time protection are stumped. Free programs that offer real-time protection are likely few and far between, but they do exist. My only gripe with real-time protection is that it can be quite intrusive – blocking programs and processes that are necessary for your PC to run smoothly, and end up causing freezes or crashes. You might have to dedicate some time to sitting down and whitelisting a lot of these processes (check to see what they are first) so they aren’t blocked by the program. And never have two real time scanners switched on at the same time as this can be responsible for a lot of chaos.
Another thing that some commercial programs offer is a bundled rescue CD. This operates similarly to how you use your Windows CD. You stick it in the drive and reboot, and from boot up, the program actually boots into a different operating system (usually Linux-based), rendering malware that runs on Windows ineffective, and you can begin sweeping for malware, particularly rootkits, which some experts claim are very difficult if not impossible to find while operating from the desktop using Windows. You can also get free rescue CDs for download as well.
One last thing: be careful if your anti-virus scans find anything potentially threatening. Sometimes they will single out trusted, entirely harmless things, like programs you’ve been using for years. This doesn’t necessarily mean they’re infected or malicious. It could just be what’s referred to as a “false-positive”, or that it’s a potential threat. If the scans bring back results indicating that drivers and processes that are necessary for your system to run are infected, be careful removing them, as this could make your PC or laptop unstable or even unbootable. Become familiar with what’s all right and what’s not all right. If it’s a program or process that you don’t know about, then perhaps it really is malicious. You can look up programs on an online malware encyclopaedia like one that is provided by TrendMicro. It even gives you advice on how to remove or fix files. Some AV programs have a feature like this built into the program. It will scan your system and catalogue which programs are installed and give descriptions of what they do. There can be errors however. Spyware Terminator is such a program.
Sometimes it might be a good idea to use more than one program to scan, as one program might pick up something that another missed. But then we’re back at the issue of conflicting programs again. You can try online scanners; browser-based or browser-independent, like ESET and TrendMicro Housecall, respectively. These install on your system, offer no real-time protection, and operate from the cloud, as they call it. You have to be online in order to download and install updates, and to run the scans. It’s often recommended that you run at least one or two of these in addition to your regular anti-virus scans. Why it's recommended to run one of these is because your resident anti-virus program might be blocked by malware, or you may have problems installing anti-virus programs because of malware blocking it, or your anti-virus program just might not be that good at detecting anything at all.
Security suites
Security suites are fully-featured software packages that have practically everything: an anti-virus, anti-spyware, anti-rootkit, firewall – all at the very least. These suites can be free, such as the one provided by Comodo. You also get the paid versions. More often than not, these suites will only provide you with a 1-year licence, which you have to renew annually. Vipre is a paid security suite that is just as expensive to buy as the others initially, but you don’t need to renew it. You can keep updating it and using it for as long as you like.
"There are new threats online every day, so it pays to update your anti-virus software frequently, and the virus definitions."
Use a secure browser
People don’t often think of browser security being a big thing. But the truth is that it can often mean the difference between unknowingly walking into a trap and having malicious software downloaded on to your system, and being informed before venturing into a potential threat, or even having the threat blocked completely. Methods of infection have changed over the years and browser-based attacks are responsible for most infections.
First off, I’ve read time and time again that Firefox is much safer than Internet Explorer – any version. IE often has holes that can be exploited. Google Chrome is another recommended one.
You can extend the security of your browser by using addons You’ll have linkscanner addons, that might be bundled with your anti-virus software, which will scan sites for malicious code and the likes, and inform you that it’s either safe or not safe, before you enter. You have siteadvisors and websecurity guards which will warn you about entering various websites; about the risks involved. MyWOT or Web of Trust is one of these.
AdBlock Plus is a plugin for Firefox which will help you block unwanted pop-ups and ads. You can add subscriptions when you first set it up, but when you visit a site, you can also block ads manually. This will help prevent you from clicking ads that could have some undesirable effects and might well allow sites to load faster – since ads are often blamed for long loading times on websites. AdBlock Plus can interfere with the appearance of a site however. On HubPages, for instance, for Amazon ad capsules to display, one needs to open up your blockable items in the ADP interface and disable the filter, then reload the page, or at least edit the capsule and save it.
NoScript allows you to surf websites without some malicious scripts executing without your knowledge. You can choose the websites to allow javascript on. Several websites like Facebook and Twitter heavily depend on javascript.
Also check your browser settings, like the settings for cookies. You can turn on Private Browsing, and you should especially use HTTPS whenever visiting a website, if it's available. There are extensions like HTTPS Finder or HTTPS everywhere that will do all the hard work for you. Not only will some force HTTPS, but others will even alert you when an SSL certificate seems phishy (pun intended).
There’s also a program out there called Sandboxie. This is the program to use if you want to prevent your HDD from becoming infected in the first place. It’s likened to using tracing paper, and layering it over regular paper, which would be your hard drive. Anything that is downloaded during a sandboxed session will be kept isolated from your HDD. And threats that might have been downloaded to your system during a session of surfing will be inside Sandboxie, and after a session, you can then recover the files you want to keep, and then delete everything else.
It’s an ingenious program that might be compared to a virtual setup of sorts (it's called browser virtualisation). You can also run other programs in Sandboxie too if you don’t particularly trust them. Any changes that take place will be confined to the sandbox, and won’t interfere with your actual system or the files on it. The most used feature would likely be the browser plugin. You can use it with your browser, so if anything makes it past the defences of your browser and the plugins and extensions you use, then it will end up in the sandbox.
"First off, I’ve read time and time again that Firefox is much safer than Internet Explorer – any version. IE often has holes that can be exploited. Google Chrome is another recommended one."
Tools that will help
There are two programs that operate while online that will save your bacon. Try GRC's Shield'sUP test. This will test your system to see how invisible it is while online. It's a good way to see whether your firewall is set up properly, and if ports are stealthed, closed, or open.
Another tool is Secunia's online vulnerability scanner. Running this will scan your system and will alert you when programs that are covered by Secunia's list of covered programs need updating. In addition to some mentioned above, like Windows (or your operating system of choice), Java, Adobe Flash Player, your browser, and anti-virus products. Other programs that you should regularly check for updates include Adobe Reader (a good alternative is Foxit Reader because it's more secure, as long as you don't install Ask Toolbar); Skype (be aware of tracking cookies it installs on your system); Quicktime; instant messenger programs; media players (like Winamp); Winzip; and email clients like Mozilla Thunderbird.
You can also download and install an offline version of Secunia's product that isn't run through a browser.
These are some of the most important programs you should keep updated. But the recommended advice is that you keep all programs you use up to date. This minimizes the chance or at least the effects of infection.
____
So that's it for this piece. Join me in future as I delve in to steps you can take to secure your system further, how to surf safely, and how to become security conscious so you can enjoy the benefits of the internet without much of the hassle.
Which do you think is most important?
© 2012 Anti-Valentine