How can I avoid computer viruses?

How can I avoid computer viruses?

Category: Viruses

When I wrote in a previous entry "Do I need anti-virus software?" that "You CANNOT get a virus just by opening or reading your email" I fully expected it would unleash a torrent of emails in response. I knew this would happen, because Ask Bob Rankin readers are generally smarter and better-looking than the rest of the online population. Read on for Virus Prevention 102 -- even more information on virus prevention and the merits of anti-virus software.

KAAAAAAAK!

Alert readers will remember that I made this statement before:

"Before you write and tell me that some viruses can be activated simply by opening an email, PLEASE remember I said "if you keep your browser and email software updated." If you have an old, unpatched copy of Microsoft Outlook, then all bets are off."

Nonetheless, the rabid hordes descended wielding spears and axes. Well, maybe that's not a very nice way to put it. Strike that... Let's say the angry masses swarmed in, bearing clubs and torches. Yeah, that sounds more like it...

Most of the people who responded to that article wrote to tell me about N-I-M-D-A, the K-A-K worm, or one of its evil cousins that took advantage of a problem in some versions of Microsoft Outlook and Outlook Express. These nasties could in fact do damage when you opened the message, either by clicking on it, or when it appeared in the Outlook preview pane.

In my extensive research, these are the ONLY cases I know of where a virus/worm thingie could affect a computer without relying on unwitting users who open attachments indiscriminately. However, patches for all of these bugs were available MONTHS (and in some cases YEARS) before the virus writers created the viruses that exploit them. Why is that? Basically, because virus writers are not the type of people who do the research to find security glitches. They exploit known security flaws, hoping to affect people who have not applied the fixes.

"Let Me Make This Perfectly Clear"

I do not know of **ANY** automatic virus/worm/trojan that hasn't been covered by a security fix. None. This includes "html viruses", "malicious javascripts" and "infected hyperlinks". And that wierd virus that your cousin Vinny heard about from his friend who lives next to the police department in a major city. Yup, that one too.

I did qualify my statement that "you cannot get a virus just by reading your email" with the importance of keeping your internet software up to date. There is so much unwarranted fear, media hype and misinformation surrounding the subject of computer viruses and email attachments. That's why I feel it is important to make people aware that they are quite safe if they use updated email software and abide by common sense handling of attachments.

I'll Have The Caveat, Please.

Honestly, I was afraid that if I made a statement like "in some circumstances it IS possible to get a virus by opening an email" then the rest of the message would be lost in the ensuing panic. Never mind that this can only happen to people using old, unpatched email software. Never mind that the fix for this problem has been available for months or years. RUN FOR THE HILLS! THE VIRUSES ARE A-COMIN'!!!

I will continue to stand by my statement that "you cannot get a virus just by reading your email" but I'll add the caveat "as long as your email software is up to date". I was tempted to say "as long as you don't use a Microsoft browser or email product" but then Bill Gates might not invite me to his parties anymore. So I won't say that. :-)

If you use Thunderbird (Firefox's companion email program), or Eudora, or almost ANY email software NOT made by Microsoft, you don't have to worry about this problem, and viruses will only get you if you let them. Hey, that's kind of like the vampire thing -- they can't get you unless you invite them in.

Keeping Current

So how do you keep your software updated and make sure all the latest security patches are applied? If you use Internet Explorer and/or a Microsoft email program such as Outlook or Outlook Express, it's important to use Windows Update regularly and download any Critical Updates recommended for your system.

http://windowsupdate.microsoft.com

For most users, Windows Update will automatically notify you when an update is available. But I recommend that you check once a week just to be sure. And for extra safety, download the latest version of your email and web browser software once every six months.

If you use Firefox, Netscape, Eudora or other Mac Internet software, here are some links to find new versions, upgrades or security patches:

+ WINDOWS UPDATE - http://windowsupdate.microsoft.com

+ FIREFOX - http://www.mozilla.org/products/firefox/

+ NETSCAPE - http://home.netscape.com/smartupdate

+ EUDORA EMAIL SOFTWARE - http://www.eudora.com

+ APPLE SOFTWARE UPDATE - http://www.apple.com/support/

Disable Windows Scripting

It's my understanding that you can avoid most Windows-based viruses (including K-A-K, B-u-b-b-l-e-B-o-y, M-e-l-i-s-s-a, I-L-O-V-E-Y-O-U and many others) by disabling a feature called Windows Scripting Host. Some people warn that this will prevent some legitimate uses of Visual Basic Scripting, but I did this two years ago and it's never caused a problem for me. Click below for instructions:

http://www.sophos.com/support/faqs/wsh.html

What About That !000 Trick?

Maybe you've received a chain letter advising you to add a bogus nickname of "!000" to your email address book to prevent viruses from spreading. Read the article below by About.com columnist Mary Landesman to see why it's bad advice.

http://antivirus.about.com/library/weekly/aa082801b.htm

Notes On Revealing Windows Filename Extensions

In my Virus Prevention 101 article, I warned that you should be careful when using the apparent filename of an attachment as a guide to whether or not you can safely open it. I gave instructions on how to make Windows reveal the entire filename, but my very smart friend Uzi Paz says: "Be aware that this doesn't always work." And he explains in much greater detail in his "Security and Filename Extensions" article how Gatus of Borg has deigned to hide certain file extensions even when they are supposed to be unhidden; along with instructions for revealing ALL potentially harmful file extensions, without using run-on sentences or improperly-placed punctuation marks.

http://www.uzipaz.com/eng/safe.html

What About Macs? And Linux?

One thing I didn't mention before is that there are very few viruses that affect Mac or Linux systems. This isn't because those platforms are inherently safer than Windows PC's, or because it's harder to write a virus for Mac or Linux. The reason has to do with market share. Since Mac and Linux users represent less than 10% of the computing population, virus writers generally choose to ignore them.

If you're an Evil Hacker about to unleash a virus on the world, and you want it to affect the maximum number of people, you'll write a virus that affects Windows-based computers. That's not to say that viruses don't exist outside the Windows world. They do, but they number in the dozens, as opposed to the tens of thousands that potentially threaten Windows users.

So what do I recommend for people who use Macs or Linux? Nothing different, really. Don't open attachments unless you know these three things:

- Who sent it (confirmed by phone or email) - Why they sent it - What it is

When It DOES Make Sense to use Anti-Virus Software

My conclusion in "Do I need anti-virus software?"was that anti-virus software is a waste of time and money for most people. I stand by that statement.

I'm not saying that some horrible new virus won't be invented tomorrow. Let's say an Evil Hacker does exactly that, and the virus exploits a previously undiscovered security hole. Will your anti-virus program protect you? Most likely NOT!

When a brand new virus hits the Net, it tends to make the rounds very quickly. Tens of thousands of people can be infected worldwide, even if they have dutifully installed A/V software -- because it will take the A/V vendors 24-48 hours to update their software, and maybe another day for your software to receive and apply the updates.

That is my primary concern with A/V packages. They give people a false sense of security which probably makes them MORE likely to click on just about any attachment because they think they're safe. I also have concerns about A/V software because sometimes they interfere with other legitimate programs or report "false positives".

However, there are always exceptions to the rule. For some people, it makes a lot of sense to run anti-virus software. If you fall into one of these categories:

- your job requires you to receive email attachments that contain word processor or spreadsheet files

- you frequently download new software, or receive files on disks

- your computer is shared by others (especially children) who are prone to clicking, opening or downloading almost anything, despite repeated warnings, threats and knuckle-whacking

- you have a nagging suspicion that Cousin Vinny might be right about that wierd virus, or the item above applies to you. :-)

...then you SHOULD use an anti-virus program.

I don't discount the fact that people do make mistakes. If using anti-virus software makes you feel safer, if you understand that it's not a GUARANTEE to keep you safe, if you don't mind spending the money, then maybe it's right for you. You can find a bunch of popular anti-virus packages here:

http://search.yahoo.com/bin/search?p=anti-virus


Close    To Top
  • Prev Article-OS:
  • Next Article-OS:
    • Now: Tutorial for Web and Software Design > OS > Articles > OS Content
    Photoshop Tutorial
     

    Special Effect
      3D Effect
      Photoshop Articles
    Programming Tutorial
     

    C/C++ Tutorial

      Visual Basic
      C# Tutorial
    Database Tutorial
     

    MySQL Tutorial

      MS SQL Tutorial
      Oracle Tutorial
    Geek Tutorial
     

    Blogging Tutorial

      RSS Tutorial
      Podcasting Tutorial
    Graphic Design Tutorial
      Coreldraw Tutorial
      Illustrator Tutorial
      3D Tutorials
    Webmaster Articles
     

    Domain Service

      Web Hosting
      Site Promotion
    Java Tutorial/ Articles
     

    Java Servlets

      JavaEE Tutorial
     

    JavaBeans Tutorial

    XML Tutorial/ Articles
     

    XML Style

      AJAX Tutorial
      XML Mobile
    Flash Tutorial/ Articles
     

    Flash Video

      Action Script
      Flash Articles
    OS Tutorial/ Articles
      Linux Tutorial
      Symbian Tutorial
      MacOS Tutorial
    Personal Tech
      Hardware Tutorial
      Software Tutorial
      Online Auction