Recommendation
Microsoft Security Essentials
For a while now I’ve been listening to security experts tout the next big anti-virus program for Windows, a tool called Security Essentials. The only problem that I could see is that it was made by- um – Microsoft. Not a company with a track record for excellence especially in the area of malware defense. Actually the lack of security in Window’s PCs is the biggest reason the internet is so inundated with spyware and trojans and spambots. There have been a couple of bright spots, well one- the Windows Firewall which keeps user’s files from being seen/changed by others it only took a couple of service packs to get that turned on by default. And, they do put out patches and security updates once a month. (what if they have a fix the day after? Yes, you have to wait till next month)
However, it looks like a new day dawning for the company formerly owned by Bill. They’ve come closer than ever before to an actual operating system with Windows7 and now they have what looks to be a great Anti-virus solution. It is full featured, free anti-virus, anti-malware, auto-updating software. I’ve installed it on 3 PCs, 2XP and 1 Win7beta and it hasn’t gotten in the way yet. I have it running at a couple of client locations and haven’t had any new infections reported or reports that it is bugging the client every few minutes.
Supposedly the scan is much deeper (the initial and weekly deep scans take for-flippin-ever) and as a result returns fewer false positives than with other faster scanning solutions (avast, kaspersky in my experience). All in all, I’m hopeful that this is the product that should have always been in Windows, but I’m glad that it is here now, and freely available.
That having been said my biggest problem with Microsoft and its security policies is that to install Security Essentials or any of the security patches you have to validate your install of Windows. Thats fine for all the legitimate installs but the problem is that the majority of bots and internet attacks come from illegitimate installs of Windows. The internet, your PC, and all other computers for that matter would be safer if Microsoft pushed the security patches to all Windows users- legal or not, and made the bootleggers validate for features. Actually I think the installation should be validated before any functionality is turned on making it nearly impossible to bootleg a copy of windows at all.
Regardless Security Essentials looks to be a great product and if you aren’t protected or are at the end of your subscription, I would cancel and try http://microsoft.com/security_essentials
Be Safe out there.
Seeing as I rarely ever has an original thought. The opinions expressed in this post were shaped by the Security Now podcast with Steve Gibson and Leo Laportte. There is also a great “First Look” at Arstechnica
Fact of Fiction: Forwarding Myths Hurts the Internet
Hoax emails:
- Waste the time of the people that read and forward them
- They cause well meaning citizens to notify the authorities and waste public funds and resources only to find out there is no “missing person” or other crime
- Shifts public opinion negatively. Pepsi doesn’t hate God, Starbucks DOES support our troops, and Obama isn’t a Muslim (as far as you know, and he’s in the whitehouse now so quit spreading the hate. (I voted for the other guy).
Here’s what I do to verify an email. I copy the subject line of the email (if it isn’t descriptive enough I will note a couple of key words in the message) then I go to google and paste it in with the word “snopes” (without the quotes). Within the first couple of links you’ll find a link that either tells you the story is a hoax or is true.
Snopes.com is THE last word in internet hoaxes, scams, and urban legends. They heave been collecting them since 1995.
On any given day I probably delete at least a couple of emails with subject lines that begin with “Fw:” Its not that I’m not interested in what my friends and family get passionate about, its just that I’ve been around these Internet pipes for quite a while now. Nowhere more than the web is the saying, “If its too good to be true, then it probably is” more true. Most of these emails are impossible at there primise. There is no way for Applebys to track how many people you sent a message to so that they can send you a $50 coupon. There is no way that the disposed ruler of a small African nation has access to your email address.
Read every email as if the sender approached you in a parking lot. How easily would you fall for what they were selling then?
Please people be careful out there.
Spam vs Inappropriate Surfing
Or: “Be better in bed,” “If you help me move this money I’ll give you some,” and “If you don’t send this to 10 people God won’t love you, bring you luck, or help you win the lottery.” How and Why Spammers Spam.
I’ve had a couple of questions lately about spam and how one gets such offensive spam if you don’t go to “those” kinds of web sites. Unfortunately it doesn’t matter where you’ve surfed while online, your email is not transmitted to websites when you visit them. Spam works the other way around. There are many ways spammers get your email address; They will buy email lists from “brick and mortar” retailers, online retailers, people who get you to fill out slips of paper to win a cruise, or anyone else that loves having money more than they care about what’s in your in-box. Or, Programmers build software (“bots” short for ‘robots’) that scour the web looking for strings of words that look like email addresses. someone@domain.com (even now someone@domain.com is getting collected and will get unsolicited email).
“E-mail addresses are collected from [among other places] chatrooms, websites, newsgroups, and viruses which harvest users’ address books, and are sold to other spammers. Much of spam is sent to invalid e-mail addresses.” –wikipedia
As for these bots that are actively, constantly searching the internet, it means that if your email address is posted on a website in plain text it can be collected by one spammer and sold to thousands of others. You should instead use a contact form so people can contact you without “seeing” your email address. Your email can also be intercepted, or if your ISP hasn’t properly secured its SMTP (outgoing) mail server then it is vulnerable to hacking. Or if someone else has responded to a piece of spam while also forwarding it to you at your email address. Or if you ever responded to a piece of spam by telling them NOT to send to you again Then you’ve just told that spammer that they have proof that your email is a “live” account and will then sell the list to other spammers… I could go on. The main point is that the average email address is only live for 6 minutes before it begins to get spam, and there is nothing you can do to stop it, only slow it down.
We have a client, a Women’s Hospital, run by women, with a staff of women nurses, and all women patients. They were being overrun by spam of the worst sort. Male Enhancement, Nigerian money schemes, little blue, red, or white pills, etc. They invested in a device called the “Spam Firewall” by Barracuda as soon as we turned it on 90% of their email was blocked, none of that blocked email was their business correspondence. Imagine that, 90% of their incoming email was trash. Unfortunately the spam firewall costs about 1500 bucks with a 500 a year renewal. I’m trying to find a way to let customers route their email through a company spam firewall and then back to them to combat this issue without having to spend an arm and a leg for it. The way I combat it is with rules set up in my email client. When a new wave comes in I build a rule to try and block it. But as soon as I do I they change the wording and get it past so I have to edit or build a new rule.
And as for the content, lets face it, if you want to be profitable but you don’t know your audience then you should prey on the most base characteristics of humans, sex, greed, and fear.
“Be better in bed,” “If you help me move this money I’ll give you some,” and “If you don’t send this to 10 people God won’t love you.”
If you are one of the folks trying to connect spam with online activity you’re looking in the wrong place. I have many many clients that have never visited a questionable site that get flooded with inappropriate spam. Clean out your junk mail box daily and leverage all the rules you can with your email software. Once an email is on the list, no matter how it got there, your doomed to get spam. And Internet filters don’t have anything to do with your email. Services like K9, OpenDNS, and others only stop your internet browser. This is only helpful when clicking on a link inside the email, which is possibly the dumbest thing you can do with your computer. K9 keeps a password protected history of websites visited which will tell you exactly where someone has been surfing.
Some Services:
JunkEmailFilter.com – I’ve heard this one highly praised by the guy quoted on the site.
AVG - Love the Virus protection but I’m not sure about how in-depth the spam blocker is. Worth a call to support to find out.
Kaspersky Labs Internet Security – Highly configurable Internet protection suite with spam guards
SpamHelp.org – Software list, please don’t use the challenge/response software its highly annoying to your friends.
SpamHelp.org – Managed/Hosted Anti-Spam Service
BTW Here’s a sample of my Junk mail folder. Notice the repeat of subjects, these would have been sent by the same spammer from multiple hijacked PCs or servers.
Must Have Applications on a New PC
I just installed Microsoft Vista (the next OS after XP) It has been a very bad product up until Service Pack one came out. It seems a little better and several clients have it so I’ve got to start learning it. I’ll let you know how its working out. Its a work copy on a machine a client didn’t need anymore. AMD proc with a gig of RAM, not bad but Vista could use a little more.
Installing a fresh OS (operating system) got me to thinking about the programs I instantly download on all my windows machines. Here’s a list: (By the way… None of them cost a dime!!)
**the first thing to do and the thing to do on a very regular basis is to go into Internet Explorer, go to Tools and choose Windows Update and follow the instructions. Windows must be up to date to be anywhere near secure.**
- VLC – the universal video player, if it doesn’t play it, you don’t need to watch it.
- Firefox – the more secure, faster, add-on-able internet browser (IE7 is a good improvement almost)
- Adobe – Reader and the flash plugin for internet browsers.
- AVG free version 8- The anti-virus software that is free, it even scans your email, the pay version is the one I recommend to anyone needing a full security application like spyware, malware, root-kits, etc. AVG free is the bare minimum of protection.
- Jing – Takes screenshots and records video of the screen for tutorials and such
- K9 web protection – the internet content filter.
- X3watch – the internet accountability software.
- OpenDNS – I set the network properties to use the OpenDNS servers to catch any internet baddies that might sneak by
- iTunes – gotta have my podcasts
- Paint.net - the “much better than MSPaint, much freeer than Photoshop” drawing program.
- The GiMP – the “almost as good as Photoshop” free “everything graphic” program.
- Filezilla – The best ftp client I’ve ever used. FTP software allows movement of files from the local PC to a location on the Internet and vise-versa.
- OpenOffice.org – The FREE office suite. That’s right, you don’t have to pay $400 for Microsoft Office.
Do you have any must have applications for your machines
Vista Firewall vs Outlook
If you haven’t heard me say it before, hear me now. Do not buy Microsoft Windows Vista, stick with XP. Vista will not be ready for Prime Time for at least another year (if then).
Today I was unable to add an email account in Outlook on a Vista laptop. I went to an XP machine and was able to add it with no trouble. Came back to the laptop in question, turned off the Windows Firewall, added the account with no trouble, turned the firewall back on, and was able to use the account in Outlook with no problem. So, Vista wouldn’t let me add the account but once I got it working it didn’t mind using the account… go figure.
