Some Security Tips and Essentials:
Updated: May 14,2010
I’m frequently asked, when people find I work as a computer tech and trainer, what do I recommend they do to protect their PC’s from viruses and various Internet scams and identity theft schemes. This is actually a huge topic (which I address more fully in my mini-course Practicing Safe Computing), but the essentials begin with basic anti-virus and anti-spyware software, combined with a firewall, and basic system configuration and use guidelines. I’ll start by making some anti-virus software suggestions, but first, a warning:
If you’ve had pop-ups warning you your computer is infected, and offering to download antivirus software to remove it – DON’T! More about fake anti-virus software here: Ars Technica Fake AV article
See here a screen picture of such fake AV – creating what appears to be a Windows XP security alert – on my OS X Macintosh! This appeared simply from browsing to a rigged website. Such fake messages may also look just like a Windows XP Security Center window. In either case, AV and security messages shouldn’t appear from browsing to a page or clicking on a link.
Panda Security, a legitimate AV software maker, estimated in 2008 that there were 7000+ such fake anti-virus programs at large, bilking people of their money for phony protection, and often the download is in fact a carrier for other malicious software payloads. Commonly, such schemes also harvest the personal and credit card information collected for further fraudulent purposes. Recent estimates are the
Free Anti-Virus software:
Many people have become aware that there are free anti-virus options available on the internet. And who doesn’t like free? The free options do come with some slight catches, however:
 | Free anti-virus software programs, unlike paid security suites, generally only cover basic virus scans of your system, and checking incoming, and possibly outgoing, email for viruses – not a big problem, if you’re willing go to the trouble to use other software to round out your protection. |
| Free AV generally restricts its use to private, home computers – not business or commercial computers. It’s part of that End User License Agreement (EULA) you click to agree to in order to install the software. |
| Free AV usually has pop-ups or "nags" when it completes scans to encourage you to upgrade to the company’s full boat, paid AV suite. A minor annoyance. |
| Free AV programs typically don’t block or protect against browser exploits – meaning they don’t scan and/or block web pages that have been compromised or rigged with malicious content that can infect your machine just by visiting the page. This is increasingly an issue, as criminal hackers seek to exploit the web servers that distribute legitimate web sites to Internet users. |
I present 2 top choices for free AV products, each with it's own particular merits.
1. Avira AntiVir Free Edition
While the user interface and configurability are pretty basic, Avira scores amongst the highest of all virus scanners in Virus Bulletin’s testing – none are perfect, but Avira does come close. That means catching the real viruses amongst the millions out there, as well as not falsely identifying safe files as infected. An impressive level of detection, matched by only a bare few paid suites.
As well, Avira, unlike many AV products, both paid and free, is relatively quick and doesn’t use a lot of system resources (read: slow down your computer a lot). One significant potential shortcoming of the free version of Avira is that incoming email is not actively scanned (ie, as it is received), although the email files are scanned as part of regular scans. It does have pop-ups to nag you to buy the paid Internet Suite version.
Avira version 9 improves on it's predecessors' slow scan speeds, but still takes a long time to run scans and slows the PC while running scans. If you are inclined to upgrade to the full, paid version, the pricing is in Euros and rather steep compared to many security suites.
2. AVG Free
http://free.avg.com/download-avg-anti-virus-free-edition
Version 9 the current edition, is improved over previous versions in terms of scanning speed and performance impact, although it's still slow compared to some paid products such as recent Norton and Kaspersky security software. The program has a well laid out, easy to use interface. Just the same, make sure you schedule scans for some time the computer will be on, but you’re not likely to be using it. AVG does have the notable advantage that it actively scans incoming email for infections, which many free AV programs do not. It also has a page blocker to prevent your browser navigating to known-bad sites, and it's "upgrade to the paid version" nag is only a subtle drop-down tray at the bottom of the main interface window.
There is no reason not to upgrade to the paid "security suite" versions of these products if you're inclined to an all-in-one solution, with more protection, features, and control of scan schedules - or for business use.
Paid Anti-Virus software:
I’ll name three strong choices here, based a combination on detection performance, relatively low impact on system performance, and relative value. First the choices, then a little further elaboration on each. I don’t recommend the standalone AV products for any of these (they are offered), because why pay for a security product you need to then supplement with additional software? Just use a free AV and build your own security “suite” in that case. The big advantage of paid AV - for the better products, you get an all-in-one solution (AV, firewall, malware/spyware removal, and other features such as automated backups), with good support and updating.
1.
Symantec/Norton Internet
Security 2010
www.symantec.com – This same basic AV is packaged in multiple
Symantec-and-Norton-branded products, aimed at different user markets. Eg.,
Norton 360 (simpler, more automated interface),
Norton AV (just the AV
without the firewall, page blocking, and other features in the suites), and
Norton System Works.
At the time of this writing, the online download of NIS
was $US 59.99 for a one year licence covering 3 PC’s, making it a good value
if you have multiple Windows PC’s to protect. The only downside - if you are
using it on multiple PCs, the 1 year license starts running when it's
installed on the first PC - so you need all your PCs synched in terms of
renewal/install to get the full year on all three PCs permitted.
2. ESET Smart Security (Nod32 AntiVirus). www.eset.com. $US 59 for 1 year on a single PC, multi-PC licenses also available.
3. Kaspersky Internet Security 2009 www.kaspersky.com , $US79.95 for 1 year, 3 PC licence.
Now, some might be surprised that a computer professional is suggesting Norton AV products – in recent years, Norton, like many of the big name AV products, has developed a reputation for sluggish performance and bloated resource use, as well as being trouble prone. However, for 2009 they have completely rewritten the software, with an emphasis on speed, right down to writing their own installer rather than use Microsoft’s, to ensure even the install is lightning fast compared to previous versions. I have NIS ‘09 on two different machines, and have to confess I’m a converted sceptic – scans are impressively fast, and system performance is much less affected than recent Norton products, or indeed most anti-virus software,, while being amongst the top-ranked AV products in Virus Bulletin’s detection tests. Pricing is favourable as well, as my other top picks are both European companies, and their pricing is hurt by the drop of both Canadian and US dollars relative to the Euro.
Both ESET Smart Security and Kaspersky Internet Security offer comparable performance both in terms of scan speeds and minimizing system resource use, while also having top ranked detection results. One’s initial impression of Kaspersky may not be great, however, as both mine and other’s experience is that installs are long, and require multiple reboots, although once up and running it works fine. ESET and Kaspersky, like Norton's '09 AV products, minimize scan time by keeping tabs on files that have changed and only targeting these for quick scans, but even full disk scans are notably quicker than many competitors.