In the last couple of posts we have been hinting at safer browsing for users. You might ask the question what does that mean? Well the answer is not so simple and requires multiple layers of defense or as it is called in the industry defense in depth. Again we don’t want to paint a dark picture of the cyber world but with news articles as the following:
- Dental college computer hacked
- Ohio secretary of state’s Web site hacked
- CRIMETRACKER: Web Only- Ebay Hacked
- Huge Web attack infects 500000 pages
Make it somewhat difficult to avoid entering the dark alley filled with malware. There are several ways to minimize the level of risk ranging from a simple approach to a more esoteric approach. In part I of this post we will be discussing the simple approach.
Step 1 [Keep your system up to date]
All OS vendors distribute upgrades to their software periodically ranging from daily to once a month. For example, Microsoft states “Security-related updates are released once a month. However, if a security threat occurs, such as a widespread virus or worm that affects Windows-based computers, Microsoft will release a corresponding update as soon as possible.” Others such as Apple release updates when they are available . There are several ways to make sure you are keeping up to date.
- Open Internet Explorer and select Windows Update from the Tools menu
- Or enable automatic updates –>open the System icon in Control Panel (or right-click My Computer and select Properties), and choose the Automatic Updates tab
- From the Apple menu, choose Software Update
- Or enable automatic updates –> From the Apple menu , choose System Preferences, and choose Software Updates
Step 2 [Concept of least privilege]
People who have fallen victim to malware will appreciate the concept of least privilege. This concept is defined by Wikipedia as “referring to the concept that all users at all times should run with as few privileges as possible, and also launch applications with as few privileges as possible.” This will minimize the threat level given that malware in order to be effective needs to be executed with administrative privileges.
So what does this mean to you? is quite simple create a regular user account that is not a member of the administrator group, that you can utilize for your everyday activities. You can then utilize your administrative account when installing, updating, or deleting software.
Create a “limited user” account in Windows?
- Open Control Panel by clicking start button on your Desktop.
- Click User Accounts icon
- Click Create New Account
- Type any name for your new account, say “Secure”, click Next
- Select option “Limited”, click Next
Create a user account on OS X
Step 3 [Install and update your Antivirus scanning software]
Antivirus scanning software is still a viable security layer in thwarting yesterdays malware given the fact that most are still based on signature analysis, but some are moving towards a combination of signature and heuristic (pattern) analysis. There are several antivirus vendors out there, commercial and free such as:
Commercial (Windows and OS X)
Free (Windows and OS X)
- ClamAV or ClamXAV
- AVG Free (Windows only)
- Avira personal desktop edition (Windows only)
We understand that certain people will argue that OS X does not need any type of antivirus because it is built on top of a strong platform, but it is not impenetrable see milw0rm.
Step 4 [Personal firewall]
Personal firewalls have increased in usage. They allow the ability to be selective on what traffic comes in and out from your computer. There are several products available in the market today, similar to antivirus software some are commercial while others are free.
Commercial (Windows only)
Free (Windows only)
- XP internal firewall
In this arena OS X already comes with a strong built in firewall, just remember to enable it. See the following on how to enable it:
Step 5 [Use Firefox with No script enabled]
Firefox web browser has gained a lot of popularity over the last couple of years. Given its flexibily of being operating system agnostic and supporting extensions, it has become the counterpart to Internet Explorer and Safari, see the following trend information. Extensions have really made this browser an attractive safer alternative.