the online zone
 

Computer privacy matters to everyone - lock up now!

2: Home security - Backup and update!

Computer security @ home

Don't imagine that the dirty toilet-seat syndrome is peculiar only to Internet cafés. Your own computer is just as likely to have become infected by worms, Trojans, viruses or spyware. A recent report in PC World claimed Trojan horse or system monitoring programs had been found on more than 30 percent of all systems scanned. Calls to PC technical support lines about spyware now account for a sizeable proportion of all complaints, and Microsoft reckoned recently that half of all computer crashes may be due to spyware or related malware.

Some common misconceptions:

"I have a good anti-virus program installed; I have nothing to worry about!"
AV programs are good at catching stuff they know about, but their sharpness is limited to the last definition update you did. The "definitions" are patterns of known viruses. Obviously, these will be some days or weeks behind what is really out there infecting computers in real time. The program's "heuristic" skills (deciding if an unknown component is really a virus) are usually deliberately tethered to avoid throwing up too many false positives. Depending on the AV you have installed, it may identify virus, worm or Trojan horse infections and allow you to remove them, but it almost certainly won't recognise key logger programs or many spyware components installed with certain software (in fact, you may have disabled it to install such programs). I have Symantec, Kaspersky, McAfee and Avast! anti-virus programs installed on my computers. They are all reasonable second-line defences, but I wouldn't trust any of them to defend me against malware or Trojans, any more than I'd trust a strip of antibiotic pills to protect me against AIDS.

"I don't surf dodgy porn sites so there's no problem."
Neither do I, but I'm still worried. As long as your computer is connected to the Internet you are at risk. It has been said that very many home computers in Europe and the US are infected with Trojan horse programs that allow them to be used as as "zombies," that is, under the control of a remote operator. Amongst other things, they fire out emails whenever online. Some of the addresses they use might even have been "mined" from your email address book. Such spam doesn't always contain a virus attachment, but if it does, often simply viewing the message (not clicking on the attachment) is enough to infect your machine. So do you plan to avoid reading all email as well?

"There's nothing of any value on my computer."
Think not? How about your Internet connection? Today, many senders of "spam" (unsolicited, junk email) have crossed the line and become virus writers. These viruses (or Trojans, etc) have the specific job of transforming the client machine, once it's been compromised with a "zombie" program, into an "open proxy." It becomes a relay point for further spam messages or for hosting deception schemes known as "phishing," where the victim receives a message apparently from their bank and is asked to enter sensitive information into a fake website. Open proxies are valuable to criminals because tracing the source of messages leads back to a personal computer in a private home - exactly the sort of anonymity a spam baron needs to keep operating. The criminal remains anonymous, but you become just another sucker draftee into the army of extortion. Without solid protection you are sitting there announcing yourself to the world.

As I have repeated more than once, one time there was a clear line between virus writers, hackers and spammers. Now the distinctions are unclear: many spammers send email containing Trojan horse programs which aim to hack control of your machine,  turning it into a "zombie" to be used for further junk email spamming. A small virus embedded in an email attachment may open up a "port" on your computer so that a hacker can install a more powerful Trojan horse program and gain total control of it. Nowadays, many "denial of service" attacks (shutting down a website by flooding it with requests - most of the major ones like Microsoft and Yahoo! have fallen victim) are launched from "zombie" computers distributed around the world. These zombie computers are termed "bots" and may be controlled as part of a larger, "botnet" army by one person selling their spamming/flooding service to criminals. Vint Cerf, one of the co-developers of the TCP/IP standard which underpin all internet traffic, said that up to a quarter of computers on the net may be used by cyber criminals in so-called botnets. He likened the spread of botnets to a "pandemic" at the 2007 Davos conference.

 

There's no better way to see what needs to be improved, than to visit a site which will test your online security (or lack of it). The six sites listed below will give you a report on how secure your PC is at present. Without a firewall of any kind, your home computer is almost certainly shouting to the entire wide world, "Here I am!" If the revealing results from these sites don't motivate you to take at least the rudimentary precautions outlined on pages 2 and 3, only a real attack where you lose your private information or entire hard drive contents will. Don't forget that the infiltration of your PC by snoopers may not be obvious. You may notice a slowdown in your internet connection as the Trojan horse or malware program sends and receives information, or you may not perceive any change. Surreptitiously installed, spying software does not want you to notice it!
 

• http://bcheck.scanit.be/bcheck/index.php  (Try this first)

• http://www.jasons-toolbox.com/BrowserSecurity/

• http://grc.com/ (Go to: "Shields Up!")

• http://www.hackerwhacker.com/ (Click on: "Keep Hackers out with HackerWhacker")

• http://www.testmyfirewall.com/ (Firewall Test or Port Scan)

• http://www.auditmypc.com/ (Firewall tests and others)

There's no need to be sealed in a capsule of paranoia. Even if you don't want to change from using Internet Explorer to surf the Web and Outlook Express to use email, there's a lot you can do to tighten your machine's security. But don't be too gleeful if you recently updated your Windows  XP machine and now have the Windows Firewall running as part of that update. The "Windows Security Centre"  may report you are safe from attacks because of that firewall, but you should remember that it works only to block unwanted inward connections. Outbound connections may result from your already being infected with a Trojan or virus, and the Windows Firewall does nothing to halt those.

On rest of this page and the next two pages I'll give details of improving what you already have by updating it, and then offer advice on a few free tools to help your computer stay free of Trojans, viruses and worms. When you have followed the suggestions, come back to one of the security sites above and check how much you have tightened up the system.
 

Update!

Updating your home computer has become the single best way of staying ahead of Windows' virus writers. Because the operating system is used by 90% of home computers, and is riddled with badly-secured software code, it is the target of most attacks. So update your operating system on the Microsoft update site. You can do this with any version of Windows from Windows 2000 onwards.

Whatever browser you are using to surf the Internet, you should also use the very latest version. Older browsers often have security "holes" which were not discovered until long after their release, and their security may be poor enough that you'll not be allowed to access things like online banking sites because your "secure encryption" is too low. Microsoft's Internet Explorer has security updates released for it almost monthly - so make it a habit to visit the update site (same address as above) and check on what's emerged.

Microsoft's site has the latest version of Internet Explorer available for download, free of charge (the newest version 8 is available, with many advantages over the older versions 6 and 7 (especially version 6, which is now not accepted on many www sites). You should update to this version immediately if you are running Windows XP, Vista or 2003). Netscape has leapfrogged IE by going on to version 8. Get it free here.

If you have downloaded and installed Internet Explorer 7 or 8, the security configuration is by default set to the optimum for a high level of protection. However, if you are stuck with version 6 (because you are running a non-upgradeable operating system such as Windows 2000 or 98), you should make it more secure by adjusting its settings. Ideally, don't use it at all, as many vulnerabilities now exist in this browser. Switch to Opera or Firefox as your main browser. Check here for very complete details of setting the privacy options in IE6 if you must continue with it, as well as in versions 5 and 4 (which you definitely shouldn't be using, even on Windows 98) and in the AOL browser.

Don't overlook the other programs installed on your system. Attacks are made increasingly through unpatched programs that were installed long ago and never updated. For example, do you have the latest version of the Adobe Acrobat Reader? If you are like most people, you had it installed on your machine right at the beginning to read PDF documents and then forgot about it. Nonetheless, as it sometimes launches within your browser once you visit websites which include PDF files, it's a commonly exploited vector for unauthorised access to your personal files. Security firm Secunia reckons that the average PC user has 80 programs on their computer, many of which may be obsolete or unpatched and have one or more vulnerabilities. The programs might include a Flash movie player, a word processor program or a software firewall. It's absolutely critical that you update as much as you can, as hackers have moved from trying to leverage access through Windows itself toward breaking in through insecure applications running on the system.

It's simple to visit Secunia's site and get a one-minute scan of the most common applications on your system, with links to update them if they show as vulnerable. The service is free, and no personal information is collected. Even easier is to download (link is above) and install Secunia's Personal Software Inspector, which works rather like Windows Update does for your operating system. After a quick scan, it lists all of your installed programs which have potential security holes and offers links to the vendors' sites to enable updates. It provides pro-active security that helps you avoid trouble before it ever arrives.

Backup!

You heard it before and did nothing, but now is the time to make a backup of your important files - don't leave it until you wish you had. You will need to restore from a backup if your system becomes infected and your essential data (those irreplaceable photos from last year's hiking trip in Glacier National Park, for example) is lost or corrupted. Even without the risk of viruses and worms infecting you, a backup is an extremely good idea (hard drive lives are measured in years, not centuries), but there's no better fallback if your computer simply refuses to start or loses a whole load of files through some malware exploit.

The backup utility bundled with Windows XP is just good enough if you take some time with it (and it's free) but you'll need to follow these steps to install the utility if you use Windows XP Home Edition:

1. Insert your Windows XP CD into the drive and, if necessary, double-click the CD icon in My Computer.

2. On the Welcome to Microsoft Windows XP screen, click Perform Additional Tasks.

3. Click "Browse this CD."

4. In Windows Explorer, double-click the ValueAdd folder, then Msft, and then Ntbackup.

5. Double-click Ntbackup.msi to install the Backup utility.

There's a tutorial on using the backup tool on Microsoft's site.

Without extra software on your system, Microsoft's backup utility won't burn directly to a CD or DVD, but you can save the backup to a hard-drive folder and then burn the resulting file later with CD/DVD mastering software such as Nero.

If you want better backup software there is a great range out there, much of it free. Take a look here to see a list of applications and their free/price status, with addenda for later programs. Acronis True Image is what I use, and it has saved my skin numerous times (install mishaps and foolish setup options, not viruses). With just fifteen minutes, your system can be restored to when it was working perfectly well and malware-free.

Once you have a backup image of your valuable data, keep it in a safe place, and update it when your files change. I re-image my drives every two weeks.

Part of the MS Office suite, Outlook is vulnerable to all manner of exploits unless bang up to date with the latest security patches from Microsoft. Open Outlook and select "Help" from the top menu, then go down to "Check For Updates." Or go directly to the Office Update site here (it's not necessary to have Outlook running to update it).

Outlook versions 2003 and 2007 by default don't download any pictures in an HTML message, but with earlier versions you're advised to switch off the Reading Pane (called the Preview Pane in OE). Do this by selecting "View" on the top menu, then going down to "Reading Pane" and clicking the button "Off."

On the next page I'll introduce some free tools to help with the job of privacy control on your computer.