posted on Jan, 13 2010 @ 10:46 PM
There’s a lot of misinformation and informational black holes `out there’ on computer safety and safe surfing. I figured I’d add mine to the
din.
In case it means anything, I have been into computers since before there was a personal computer. I started on what looked like a big old electric
typewriter(ASR33?) which was connected through an acoustic modem to a mainframe somewhere. I hit most stages on the way to where we’re at now. If
nothing else, I’ve been around a while. These things have worked for me.
Having been around and worked in large IT departments, I’m aware that not everybody listens (gives a rip) to advice. With that in mind we’re
going to do Multiple Personality Safety. This is where I tell you the straight facts, then I accurately guess what you’re going to do anyway (in a
different color).
1. Do not use the computer in the bathtub (when it’s plugged in).
[probably will take this advice]
2. Assume everything is hostile, from a floppy to a web page to an email. Your best bet for protection is to act paranoid. Or, as a coworker says,
“I’m not paranoid; I’m acutely aware.” Most of the people who wind up with malware invite it through commission or omission. Don’t
recognize the name of the email’s sender? Don’t open it. Turn off the preview pane because this is the same thing as opening the email - do you
want a virus? If you recognize the sender but the subject looks weird, send them an email asking if they sent the previous one. If not, someone got
virused. Virus scan all downloads - virus scan every file.
[Is he kidding me? Let's go download something off Limewire.]
3. Stop using Limewire, Kazaa, and those types of file sharing services. Most of the results are fake and the remainder are full of viruses and other
lovely things. If you simply can’t live without files, at least use a bittorrent client (I like utorrent - it’s small and fast). Use encryption
any way you can.
[But I like Limewire. Ok, maybe I'll try utorrent or Azureus.]
4. Use a replacement HOSTS file. Whatever your operating system, you have a HOSTS file. If you follow the link, you can download a free
replacement file. It has a current list of malware sites, government sites, and MPAA/RIAA sites which it blocks for you, no questions asked. If you
run Win 2000 or XP, you can find it in c:\[win or windows]\system32\drivers\etc. In linux it’s /etc/hosts. Sorry, Mac people, I don’t know.
Regardless, anyone can do a file search to find it. Windows users: make sure you don’t save it as hosts.txt. You need to leave off the .txt
extension or it won’t work.
[Yeah. That's a lot to remember. And you have to update it monthly? Right. That'll happen.]
5. Patch your Operating System. Really. That’s what Windows Update is for. For the most part, the stuff they’re sending you is for your own
good (assuming you like using Windows). It’s ok to not accept Genuine Advantage or browser `upgrades’. Accept the rest of them though. Windows
has more holes than swiss cheese, especially in Internet Explorer. Patch it often. Linux: you know what to do, people.
[I just say NO when it asks me to do anything. Those little reminders are annoying.]
6. Use a good antivirus and update it at least weekly. You don’t have to pay out the wazoo for a capable antivirus. There are some good freeware
AV’s out there. I used AVG (until version 8, when it became bloated). I’m looking at Clam now. It works fine on Windows and there’s a linux
version too. All of them can be set to auto-update so you don’t have to remember. This is worth its weight in platinum.
[Ok, fine. I'll download the free antivirus.]
7. Browser safety. This is where most of the junk gets into your machine. One of the main reasons is because people don’t update, don’t scan,
and use the wrong browser. What is the wrong browser? Internet Explorer. It’s like waving a red flag at a bull, saying, “HERE I AM, VIRUSES.
COME AND GET ME!” The default safety settings… aren’t. I’d chuck it completely and use Firefox or Opera. There are times when
poorly-designed sites require IE (and you can’t fake it out). Crank the safety settings through the roof. I mean it.
[WHAT? That's too much trouble. I'm using IE. Screw him. Who does he think he is, telling me not to use IE. He's like one of those Windows
bashers, isn't he?]
* mmmm…… cookies: cookies are little text files that sites put on your hard drive, sometimes to help navigation or remember who you are, other
times to track you. Banking sites will require them, as will others. I shut them off unless absolutely needed. Sometimes I keep one browser for
cookies and another without them enabled. Most browsers are now site-specific as to whether or not you want cookies. I’d rather put my login and
password in each time than be remembered (tracked). Sites can tell a lot from your cookies, like where you’ve been and when. Is it really any of
their business?
[What the hell's wrong with cookies? My mom makes great chocolate chip cookies.]
* Java, _javascript: this is where most of the actual trouble is. Leave Java enabled. Javascript is a mess. It fries my patience so I turn it off.
Some sites require it but I only turn it on for very important sites. Otherwise I’d have crapware all over my computers. I stopped using Ad-Aware
because it wasn’t finding anything due to my safety precautions. Unfortunately this can affect the functioning of some pages. More and more are
using it, which makes me less and less happy. Ymmv.
* Flash: this is another personal no-no. There is really no good reason to use Flash (jaws drop all over the internet). Flash is about prettiness
and blinky lights. I don’t have the time for pretty. Flash has also had a number of vulnerabilities over the years, opening your computer to
malware. Why bother? If you need to watch YouTube so badly, download the videos and watch them in VLC. Works for me. There are some sites,
designed by the blind, that are composed entirely of Flash. Sorry - I just don’t go there.
[Oh my GOD. He just said Flash is no good. He cannot be allowed to live. BLASPHEMER! Kill the heretic! He's a witch - burn him!]
8. Malware/spyware/crapware cleaners: As I mentioned, I used to use Ad-Aware but since I surf safely, it stopped catching anything. I highly
recommend Spybot Search and Destroy. It has a component called Tea Timer (you have to indicate that you want it to run) which is