The Internet is certainly one of the greatest inventions in
the history of mankind. It helped open the road to unprecedented levels of innovation and communication between people. But,
life on the Internet is by no means perfect.
Numerous gangs of cyber-criminals lurk in the Internet's underground
and plot their attacks against unsuspecting people. Because of this, Internet users have a very real and pressing need to
protect their assets, be them online (accounts of all sorts) or offline (their computer and personal information).
It would be reasonable to conclude that computer security should be a critical aspect for at least a fifth of the world's
population, who use the Internet on a regular basis. However, real-life studies have constantly revealed that a high
percentage of users fail to employ even the most basic security precautions online.
In turn, this ends up
affecting everyone. A compromised computer or account is subsequently used to attack other users, thus directly contributing
to a decline in the quality of the Internet ecosystem.
There are complex reasons why people fail to properly
protect themselves. These range from lack of computer knowledge and experience to social and economic background,
indifference or plain misinformation. Clearly, some of these aspects are hard to address, but the later in particular is the
source of many computer security-related myths.
For example, a lot of people still think that computer security
costs big bucks. It's true that many users are willing to pay for advanced solutions or extended support and there is nothing
wrong with that. After all, without money, companies would not be able to develop better security models or implement them.
But, the sad reality is that a huge number of computer owners, especially those living in developing countries, simply can't
afford such investments.
Others seem to think that users running on pirated copies of Windows installed are
getting infected because they don't have access to the same level of protection as the people who paid for a license. By no
means do we encourage or endorse piracy, but we don't think this is true. While Microsoft doesn't go out of its way to make
this clear, we honestly believe that it is not its intention to keep the software pirates vulnerable to attacks.
Unfortunately, there are a lot of users running on non-genuine Windows copies out there, and for the sake of the rest of
us, they should learn how to protect themselves. This series of articles wants to challenge the belief that security is
inherently expensive and to demonstrate that everyone can achieve a reasonable level of protection online for free. It
doesn't aim at being a complete security guide for the computer literate and will only contain the most basic advice that we
can give to our readers.
In this respect, some of the articles will name and describe easy-to-use free security
solutions from different vendors. However, we are sure that there are plenty of alternatives out there and people are
encouraged to discover them on their own. It is also worth noting that even though the principles described in this article
hold true for most operating systems, they are particularly meant for Microsoft Windows users.
Part I - Update,
The three "updates" in the title of this part stand for: update your operating system, update your
software and update your antivirus program. Updating is a critical aspect of staying safe online. Some of you might find
updating inconvenient, but even if it is not as easy as click and go, it is an effort well worth undertaking and it will make
a huge difference to your security.
If you use one of the still supported versions of Microsoft Windows (XP, Vista
and 7, without counting the server flavors), make sure that you have the latest Service Pack (SP) for your operating system
installed. This is important, as security updates are offered to you based on the SP deployed on your system.
the Windows world, a Service Pack is a stand-alone package which contains all security updates, hotfixes and other
enhancements released over a longer period of time for a particular version of the OS. There are several methods of obtaining
the latest service pack.
The recommended way is by using the Windows Update website, who's shortcut is located
under the Windows Start menu, or the system's Automatic Updates feature, accessible from the Control Panel. The other method
involves obtaining the stand-alone installation package (for Windows XP / for Windows Vista) and installing it manually.
You should note that high priority updates, which include security patches for all Windows components are available
for both owners of genuine Windows licenses, as well as for those who choose to illegally run pirated copies of the operating
system. The difference is that people who fall in the latter category can only get them through Automatic Update.
By default, the Automatic Update feature is set to download and install all updates automatically, but this can be changed
in order to offer more control over the process to the user. For example, one can choose to only be notified of available
updates. They can then manually select only the ones they want.
Through this method, certain updates like the
Windows Genuine Advantage Validation Notification tool, which is distributed as a critical update, can be hidden and never
offered for download again. This is not a hack. This is how Microsoft intended it to be. The user will continue to receive
the rest of the high priority updates normally.
Updating third-party software on your computer is another critical
aspect, as many of the attacks today attempt to exploit vulnerabilities in popular applications. Programs such as Adobe Flash
Player, Adobe Reader, Adobe Acrobat, Sun's Java Runtime or Mozilla Firefox, are installed on a huge number of computers,
which makes them attractive targets for attackers.
So, does this mean that you have to manually check various
websites for updates on a daily basis? Fortunately, no. There are special programs or services that can do this for you both
automatically and for free.
One such tool is the Secunia Personal Software Inspector (PSI). Secunia is a reputed
vulnerability management company, which maintains an extensive database of security issues that affect different versions of
over 12,400 software products, spanning multiple operating systems. The Personal Software Inspector can scan a computer and
detect what software installed on it is outdated. If any is found, the program offers direct download links for the available
updates, which are rated according to their security impact.
An alternative is using an online service such as the
one Softpedia offers. Our software editors work very hard to keep the tens of thousands of programs listed on our website up
to date. You can register for free and subscribe to receive e-mail notifications about updates for your favorite software.
Keeping your antivirus software updated is always a must. The antivirus is your last line of defense. If everything
else fails, this application should prevent malware from being executed on your system. AV software requires updates for
malware definition files, as well as for its own components.
On average, antivirus vendors release malware
definition updates a few times a day. Without these updates, an AV application's ability to properly detect the latest
threats is significantly affected. Most of the products allow modifying the update checking frequency, therefore make sure to
set this interval the lowest possible value.
Free antivirus solutions and their particularities will be covered in
the next part of this series. Stay tuned.