The Grey Chronicles

2010.October.26

Are Downloads Safe?



Received a recent subscribed email from Microsoft At Work regarding Basics for safer downloading. It expounded three [3] basic steps to protect your PC and your company’s network. Here’s «The Grey Chronicles» annotations:

1. Get ready: Strengthen your computer’s defenses

Start by checking with your system administrator to find out about your company’s security tools and policies. Read the articles Understanding security and safer computing and How to boost your malware defense and protect your PC to get an overview of the kinds of threats that exist and what you can do to defend against them. Because new threats are identified every day, remember to keep your security components—including those on the following list—up to date.

* Firewalls. These include hardware or software that checks information coming from the Internet and either turns it away or lets it pass. Firewalls are built into Windows XP Service Pack 2 and all later versions of the Windows operating system.

* Antivirus protection. Viruses, worms, and Trojan horses are programs that use the Internet to infect vulnerable computers. Microsoft Security Essentials offers free, real-time protection for your PC against malicious software. Or choose an antivirus program from a list of Microsoft partners who provide anti-malware software.

* Spyware protection. Spyware can display ads and pop-ups, collect information, and change your computer settings or default home page without you knowing about it. Use Windows Defender, which is available as a free download for Windows XP Service Pack 2 and is built into later versions of Windows. Or install your own antispyware program.

Annotations : Refer to the series of posts about using Microsoft Security Essentials [MSSE], and the story still continues to be monitored here for certain issues that need to be addressed. «The Grey Chronicles» do not entirely rely on Microsoft Security Essentials, but rather installed other third party antispyware programs, much leaner and effective than MSSE.

* Software updates. Regular updates to Windows help protect your computer against new viruses and other security threats. Be sure you’re using the latest version of your web browser, and turn on the browser’s security features.

Annotations : «The Grey Chronicles» use Internet Explorer only during monthly updates. The default browser is Firefox, which is more secure than the copycat tabbed Internet Explorer. Furthermore, Firefox is smaller in hard disk footprint than Internet Explorer and watch out when Microsoft Updates offer security updates for IE, it installs hidden files during updates and these hidden files will stay there occupying space which could be used to boost the system’s virtual memory.

* Email spam filters. Microsoft Outlook includes a junk email filter, as do many other email programs, along with additional features that can help block unwanted messages, disable links, and warn you about threatening content.

Annotations : «The Grey Chronicles» never used Microsoft Outlook, and this application was not installed during the installation of Microsoft Office and also disabled from running through a registry tweak, yet unfortunately Microsoft Updates still insists on offering junk email filter updates for Microsoft Outlook every once and a while! Huh?

2. Download with caution: Think first. Click later.

With your computer’s defenses strengthened, the rest is up to you. Here’s what you can do to protect your computer.

* Beware of fraudulent email messages. Don’t click links or open attachments unless you’re sure of the source. In pop-up messages or warnings, click the (close box) instead of OK or Agree to get rid of the box.

Annotations : Microsoft employs a bunch of expert software programmers and they could not think of a way to handle this annoyance, except to click the close box instead of OK or Agree to close the box? Maybe they could not, because the Message Box is a regular feature in all Microsoft applications.

* Only download from reputable sites. Be cautious about downloading from unknown sources and from sites containing objectionable material or too-good-to be-true offers. Microsoft Download Center, for example, is the best, safest source for Microsoft products. Bookmark it in your browser’s favorites, and check it out to find the most popular downloads, free trials, and newest software available from us.

* Install and use file-sharing programs cautiously. When you use file-sharing programs to trade music, video, or other files on the web, you make some of your files—or even your entire hard disk drive—available to others using similar software.

Annotations : Most of these file-sharing programs are free to download and install. Thus, to make money, these applications are usually or surreptitiously embedded with either an adware or a spyware. Although, some file-sharing applications claim the contrary, unless

* Save files for safer downloads. . If you’ve decided to download a file from the Internet, save the file first to your hard drive. Then, when you attempt to open the file, your antivirus software can check the file and delete it if it detects potentially damaging code. To do this, in the File Download dialog box, click the Save button instead of the Run or Open button.

Annotations : In the post: MSSE Redux, although MSSE is running in the background, it never detected an executable with a spyware on it. Avira AntiVir protected the system, instead! Although the download was deliberately done to test the Real-Protection offered by MSSE, but it never did do its job!

3. Remove malicious software

Sometimes, despite your best efforts, you may download a program you don’t want. If this happens to you, here are some ways to get rid of it:

Annotations : It is not only your best efforts that could have save your computer from malware. Attempts of Microsoft to strengthen its operating system with security add-ons, yet with million of lines of codes, it became inherently the most vulnerable of all operating systems to security threats. Thus, a better understanding of how the Microsoft operating system protects itself from vulnerability is also a way to handle malicious software.

* Run antispyware tools. Windows Defender, which is built into Windows Vista and Windows 7, reduces the likelihood of downloading spyware in the first place. If you are using another antispyware program, make sure it is up to date and then scan your system, following the instructions for removing suspicious software.

* Run the malicious software removal tool. Users of earlier versions of Windows who suspect that malware is causing their computers to slow down or fail can use the Malicious Software Removal Tool to remove the malware.

Annotations : «The Grey Chronicles» used Malicious Software Removal Tool [MRT] in the past, but other small-footprint removal tools from third party security applications offer much more than MRT. Several years of running updated versions of MRT, the latest is version 3.12, it never found one malicious software in my computer, although other removal tools detected and deleted some.

* Disable add-ons. Web browser add-ons can display things like toolbars and stock tickers but can also install spyware or other malicious software. In Internet Explorer, you can disable add-ons from the Tools menu. Click Manage Add-ons, select the one you want to disable, and then click Disable.

Annotations : «The Grey Chronicles» uses Firefox which handles browser add-ons more securely than Internet Explorer. Most IE add-ons are ActiveX-based. IE add-ons, therefore, could install Object Linking and Embedding (OLE) Custom Extension [OCX], Direct Link Library [DLL] or even an executable file [EXE], all these are exploit-vulnerable compared to the chrome-based add-ons for Firefox! How about strengthening these files. i.e., OCX, DLL, and EXE from exploits?

Due to the changing nature of potential attacks, preventing malicious software from damaging your computer takes continuous vigilance. However, by installing and updating protection tools and by using caution when you work, you can help minimize the risk.

Annotations : Is this statement an obvious Microsoft declaration of passing the responsibility of minimizing risk to Windows users? Instead of really strengthening the Microsoft operating systems, Microsoft is trying to solicit Microsoft users for help? Hey, users paid Microsoft for its operating systems with the belief that such is secure and not vulnerable to exploits. Is it not good customer service relations to freely offer a quality update for a bought and paid for operating system?


Notes:

Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 LicenseDisclaimer: These posts do not necessarily represent any organization’s positions, strategies or opinions; refer to this blog’s self-imposed rules: A New Year; New Rules. Unless otherwise expressly stated, posts are licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License. Comments are moderated to keep the discussion/s relevant and civil. Readers are responsible for their own statement/s.

About these ads

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: