Wednesday, September 9, 2009

Using Windows XP safely – Defend against spyware and virus

Keeping Windows Safe and Protect against Spyware and Malware


How can I stay virus-free or malware/spyware free, without disconnecting myself from the world. This is a question I get a lot from friends and family a lot. Windows XP puts a lot of power in the hands of the user and we quite often forget the capabilities and the powerful credentials which we use, until we get infected by a spyware or virus. My personal experience has been that, most of the anti-viruses or anti-spyware tools fall short to some extent, some greater than the other. The most commerical anti-virus programs are the ones that are the worst protectors in most of the cases. Also, as users we often find that we do not update the signatures as often as required, and we do not even update the operating system and the tens and hundreds of softwares and drivers we use on our systems.

An average computer uses atleast 30-40 different drivers on his machine. Almost all of these drivers run as the system user, the highest possible privilege that an any process can run as. The system account has unchallenged power/privilege on the system. An unpatched machine may have known vulnerabilities viz., buffer overflows, which can be targeted for an attack, and exploited.  A process that has been compromised using these exploits can alter user experience dramatically, without the active user's knowledge. In most cases, a spyware process running as the system user account can spawn new threads, or even new processes, can attach itself to any other process it needs to and can most definitely hide itself from the process list thereby totally evading detection from the trained eye. Most importantly it can disable any anti-virus or anti-spyware programs from either starting or alter their behavior such that they do not update themselves or report any problems ever.

There are umpteen number of attack vectors that an average computer user or a casual Internet user may not know of or even understand or comprehend. Technology has advanced so much and it has made computing and computer interaction totally seamless for the end-user, be it for business applications, social networking or casual browsing. The complexity of the software architecture and networking technologies behind keeping everything running has to be seamless for the advent and adoption of computers, Internet and its related technologies.

But luckily, its relatively easy to stay safe in this big bad world of Internet. And best of all, it doesn't have to cost you anything.

I'll list down the safe measures that I recommend and follow. Based, on my experience, this has helped a lot of computers stay safe and relatively unaffected by most epidemics.

a) Never use your computer/system as an administrator or any user with administrative privileges. This includes Power User privileges. The default account most people use on their windows XP home computers is an administrator. This leaves the user open to spyware/malware and virus attacks. I have a whole blog about running as a non-admin user here.

b) Inspite of the weaknesses I mentioned above, you should always use an anti-virus and anti-malware. For Anti virus, I recommend Avira. Its not memory intensive or processor intensive, and has one of the best protections around for the price (free). I recommend it over anti-virus programs such as symantec, mcafee or AVG. Spyware Doctor, which also comes as part of Google Pack, offers the best free protection from spyware available in the market today. The basic version/free version does not protect you in real-time, but if you follow all the steps in this blog, then you can still be safe without real-time protection.

c) Ditch IE as your browser. I agree that IE is one of the most easiest, and most user-friendly browser to use. But its also one of the most targeted browser for attacks. Try firefox. Firefox has some nifty add-ons that make it one of the best versatile browser in the market today. Using firefox with Adblock, and NoScript addons protects you from dangerous popups and scripts that can get you infected. NoScript publishers update thier software very often to protect against new spyware and malware infection techniques. A how to on adding these addons and using them in real world is detailed here.

d) Update Often. Configure your windows to update as soon as possible. Windows Update system is one of the best update tools available out there. Configure it to automatically download updates in the background and install security updates immediately. Since this will run as a service and do all the work for you in the background, you don't have to login as an admin to update your system.

e) Check for latest updates on any 3rd party softwares and update them too.

f) Due diligence is also one of the most important factor in keeping your system safe. The weakest link in system security is the end-user.

  1. Always use a complex, non-dictionary based password to protect your computer.
  2. Don't create or use any user account without a password assigned to it.
  3. Keep changing your passwords often, atleast once every 90 days.
  4. Don't visit sites you have no business going to, and these include clicking on funny video links in your emails, or any celebrity naked pictures links   sent by unknown people or even friends and family. Internet Porn and online videos are the leading sources of spreading spyware/malware or viruses.
  5. Don't fall for fraudulent emails a.k.a phishing attacks. Never click on any link received in an email. There is hardly any easy way for the end user to know that he is being directed to the correct website. If you need to go to Paypal or bank sites or any other site, type in the website URL in the browser yourself. Your financial or social institutions will never email you asking you to check back into the site using a link, to verify your username or anything.
  6. Be vigilant. I has known one too many users who just clicked on some pop-up windows or message popups, thereby allowing themselves to be willing infected. Its one of the easiest mistakes to do, and the most fatal too. So be vigilant and careful about what you are clicking on. A moment of patience, will save you hours of frustration and couple of hundred dollars in trying to get your computer fixed.