First, some background. Despite my memory frequently failing me these days and a frustrating inability to even remember certain people's names if I don't write them down like 6 times, I distinctly remember the first virus I was ever infected with: SCORES (http://en.wikipedia.org/wiki/Scores_(computer_virus) ). A very nasty virus indeed. And of course, in those days the poor little Macintosh System 6 had only one ally: Norton. Since that incident, I've cleaned many computers of viruses including some of my own, back in the days when the computer operating systems were significantly less protected, and peer-to-peer (P2P) networks ran roughshod. KaZaa alone was the cause of a lot of infected computers from what I saw; that was when people were downloading MP3s like mad horses. These days, companies like Google, Amazon and some others have made this less of a problem, and KaZaa is less prominent, but the risk of virus infection is still there from ads, scripts, and rouge software installed as part of other software.
You need to understand the difference in some terms before I get into details.
- A virus is a program that was designed to target, infect and damage software. What software varies, but it often will attack the operating system.
- A worm is a type of virus that attacks by spreading throughout the operating system and the computer, causing increasing damage as it goes.
- A trojan is a piece of bad software masquerading as good software. For example, you might install a program claiming to be an antivirus program when in reality it's causing the damage, with your permission.
- Malware is any software that is designed to be harmful to you but doesn't necessarily trash the operating system. An example would be a toolbar that installs itself without your permission and blocks your ability to browse properly.
- Spyware is software designed to steal information about you, including keyloggers. So instead of stealing your password by hacking you, they simply wait for you to log into your site, your computer then transmits the data back to a server where they can get into your accounts without you knowing. Or it might be benign, just gathering information about your surfing and shopping habits so that they can display ads to you without your consent.
In the days of Windows XP, Microsoft purchased a company called GIANT that made a program called OneCare. Its purpose was to be the best antivirus program around, though it did not deal with anything else; for that, Microsoft purchased other software that eventually became Windows Defender. To be totally protected, you needed to run both Microsoft Windows One Care (now Microsoft Security Essentials) and Windows Defender; and in truth, they both together were powerful applications for protecting your computer. This seemed obvious since Microsoft controls the operating system code. Unfortunately, the invent of Windows Vista started to change Microsoft's strategy somewhat. It is this that I want to help you understand.
In most circles, the expectation was always that Norton and, to a lesser degree, AVG were the top of the mountain with regards to virus and malware protection. Norton still is to this day somewhat of a household name, with its being installed on most computers you buy these days. Customers don't know that there are other options out there, nor do they care really. But when Microsoft started to ramp up with Security Essentials and Defender as free, seemingly equivalent or superior, product offerings to the customers, a lot of people started to question the value of paying for antivirus software. Why should one pay for something that Microsoft, the owner of the OS, gives away for free? In the XP world, this question has an obvious answer: Don't. In XP, Security Essentials/Defender is probably the most powerful combination you can have.
However...if you have Windows Vista, Windows 7, or Windows 8...I implore you to consider an alternative, because what Microsoft is deploying for those operating systems makes too many assumptions and, unfortunately, too many compromises. In order to be effective, Security Essentials/Defender is directly dependent on three other tools. That's fine, but it's critical you understand the limitations of those tools when deciding how to protect yourself.
- Windows User Account Control (UAC) is Microsoft's answer to the "stupid consumer" problem. In the Windows XP days, creating a new account made you an administrator by default, allowing you in effect to destroy your own computer just by using it day-to-day. Rather than address this at the installation level, Microsoft introduced, with Vista, the User Account Control. Without getting into details, the computer won't let "administrative" actions happen without an administrator providing access to the action. Sounds good in concept, practice showed a whole different beast. In Vista, you were nagged constantly while doing benign tasks, and while Microsoft swears it's better now, the problem is the OS itself. Installing software is considered "administrative", so every application you run has to ask for permission. Updating Java, updating Flash, every day basic tasks all require you to say "yes". The only way to stop this is to (A) disable UAC, or (B) have UAC run silent. Both negate the planned value of UAC in the first place.
- SmartScreen is Internet Explorer's way of filtering things it thinks are or will be dangerous to your computer, regardless of there being no evidence of danger. It does this by analyzing sites and working from sources that tell IE that a given site is likely dangerous or has dangerous content. It's mostly a crowdsourcing application.
- Secure Boot, available with Windows 7 but default in Windows 8, is a hardware BIOS level setting that works to prevent bad applications from taking over the operating system before you even get to start the computer. It does this by disabling anything that is not "signed" and authorized to run - essentially, everything but the specific operating system.
These are great tools and yes, for the newish or less informed computer user, it is strongly recommended to leave these on as you browse the web. For those who are "power" users and understand the risks but would like to ensure they are not delayed by these applications, know one thing: without the above three, Security Essentials is effectively worthless in comparison to paid virus applications.
In Windows 8 in particular, the definitions provided in Security Essentials and the effectiveness of the real-time protection are muted and "just enough" to catch half of what you might encounter. Numerous tests and reviews have shown that on its own, Security Essentials fails to prevent or even cure most of what ails the computer. Obviously, you want to take responsibility for the sites you visit and the software you download, but certainly it's reasonable to expect your virus application be good at...well...stopping viruses?
For those with bad memories about the memory hog known as Norton, they've made tremendous strides in streamlining the operation of their virus application. I know I've used ESET's NOD32 Antivirus to cure ails where all others have failed. Malwarebytes is still a solid application for malware cleansing, and in truth Windows Defender is solid for this as well. Remember, the easiest way to clean up an infected computer is to yank the drive, attach it to a clean computer with a USB cable, and scan it. The virus can only escape the drive if the operating system is in use, and it will be dormant when attached to a separate computer. but if you're finding that even Security Essentials is coming back clean when you can tell something's wrong, try a different virus program. You may be surprised at what you find.
No comments:
Post a Comment