You’ve seen them. Those emails from your friends asking you to click on this cool website or watch this neat video. The lingo is nothing like what your friend (or associate or coworker or family member) uses normally and in fact you can’t recall ever hearing them discuss anything cool about the web in general. You know right off that they’ve been infected by some malicious bit of software. Maybe you send them an email to let them know. Maybe you call them. Maybe you snicker to yourself because you know you would never be caught off guard.
If so, then you can safely stop reading right now. This article is only for those who slip up from time to time, who might still be at risk from unsafe computing behavior.
The fact is that the time of innocence is long gone from computing, if it ever even existed to begin with. And just as with driving, where we expect to have to train someone on how to drive responsibly, there really ought to be a set of instructions on how to compute responsibly. We do this to prevent someone from harming themselves or others when driving and we should do the same for anyone hoping to use a computer that is connected via network to any other computer. So when I talk about “computing responsibly”, I refer to using your computer in a way that takes reasonable steps to reduce danger to yourself as well as to others.
Initially I wanted to mention “one of the simplest things you could do” but as I started considering it, I realized there are a number of simple things you can do. I’m going to bring them out in no particular order. All are pretty easy to set up and all are useful in computing responsibly. For starters, let’s give up some privileges. The fact is, most of is use our computers in some sort of superuser role, where we can do anything, install anything, change anything, anywhere on our computer, at any time. That makes it might convenient when we are installing the latest bit of software, but ask yourself… how often do you actually install new software. For most users that is very rare. What else do you need elevated privileges for? Not much. So what you really ought to do is create a separate user account with those elevated privileges with which you can perform installs and such, and then use a completely different account with reduced privileges that has all of your actual “stuff” in it. That’s the account you’ll actually live in.
Some will say that ultimately that doesn’t matter. After all, if you become infected, one of the first things at risk will be your personal documents. And isn’t that data really the most important thing on your computer? Well, yes it is. But many points of entry for malware are through mechanisms that would require elevated privileges to access. By removing that option, you’ve already eliminated many points of attack for potentially dangerous software. You should feel better already.
What else can you do? Well, you’re going to want some anti-malware software. Not just something that you can run to clean things up, but something that will try to actively prevent infection, or at least limit the worst effects. Malwarebytes Anti-Malware is an excellent first choice. By purchasing a one year license, their software will actively protect your system from things many anti-virus applications won’t pick up on. Because it is a separate class of anti-malware application, it’s still a good idea to combine it with another package. For Windows, Microsoft Security Essentials is a reasonable choice. It’s free, supports operating systems as old as Windows XP and has a pretty good reputation. For OS X, you can use Sophos Anti-Virus for Mac. Now, I’ll be honest with you. I’m an avid Mac fan and I tried Sophos’ product out for awhile. The lone infection I ran into was an infected file sent to me by a Windows user. That’s right, Sophos Anti-Virus for Mac is probably more useful to a Mac user in finding infected Windows machines than as an actual preventative measure for Macs. I won’t say Macs are infection proof, because they have been proven not to be. I’m just saying that right now the infection rate on Macs is negligible, with or without an anti-malware package.
That’s enough for now. You’ve lowered your own privileges so that if something nasty does manage to snoop your way, you’ve closed the big doors that it might have used to gain access to your system. Additionally you have installed some software to actively prevent malware attacks even if they do attempt to infect you. We’ll look into some more options in Part 2.