What Every Home PC User Needs (UPDATED–see below)

Last year, when I was still writing the monthly NetSec Letter I wrote promoted Personal Firewall Day, an idea of friend and security colleague Paul Robertson. (See http://www.personalfirewallday.org/.)

PFD was January 15. I don’t know what, if anything, is planned for this year. But, it is obvious to be that in addition to personal firewalls and anti-virus software, a critical add-on to home computers is spyware detection software. I have just recently wrote on problems friends and I have had with spyware. (See what I wrote last month in “ Spyware/Adware Removal Disables Windows98 Machine” and “ Malware — the threat is real,” and today in “ Spyware/Adware Removal Disables XP Pro.”

Why this blog entry then? I want to simply spell out what every home PC should have in a form that you and I can send out to relatives and friends.

Every home PC should have the following:
  • Antivirus software. You know this. Surely you have it. If you do not, you are foolish. Keep it up to date. It’s worth the money. Really it is.
  • Personal Firewall. Use a free firewall, such as ZoneAlarm (that’s what I use) or any others you find at www.personalfirewallday.org/firewall.html. If you run Windows XP, enable the firewall that comes with XP. Your antivirus vendor might have a deal with bundled AV and personal firewall. Check it out.
  • Spyware removal software. This is a new (over the last year) problem, and one that many home-users are ignoring. Don’t have spyware? I bet you do. Ever click on something that said “Click here to speed up your Internet connection?” Ever install “free” software? Maybe you’ve added a neat item on your toolbar that shows the weather or stock reports. Computer running slower and slower? Are you now plagued with pop-up advertisements? There is a good chance you have some spyware running on your computer.

    Something called Marketscore has gotten attention recently. Security vendor WatchGuard recommends treating it as spyware. They write, “Marketscore claims to be ‘Internet accelerator software’…” See the complete write-up at www.watchguard.com/RSS/showarticle.aspx?pack=RSS.Marketscore. The University of Maryland, and others, classify it as spyware. See their spyware alert at www.helpdesk.umd.edu/documents/4/4444/.

    Get and run some spyware detection software. Your AV vendor may have something. Microsoft, the University of Maryland, and others (including me) recommend

Other resources:

Be careful out there.

Oliver (no last name given) commented, “SpyBot installs ‘DSO Exploit'” I find no evidence of that, just that earlier versions tagged this exploit but could not deal with it. Everything I see says Spybot gets good grades.

He also recommended Ad-Aware (as I did, above) and SpyWare Doctor.
Colleague and paisano Dave Piscitello has an interesting article on this subject on securitypipeline. Check out “What’s The Difference Between Spyware And Viruses?”
This slashdot post, refers to Microsoft’s AntiSpyware annoucement, and this review of it. It is a test release.

It is worth pointing out that most people recommend using two different products for countering spyware (for example, both SpyBot and Ad-Aware.

Be careful you get the correct software. Some companies put tags on their webpage such that if you do a search for one product, a competitor’s product shows up. This is not merely the search engine company helping you out. It is “deceptive marketing practices,” as Dave Piscitello says in his weblog. See entry #336 in the spam and spyware section of his weblog.

An example of something similar, not as sleazy, but nearly as obnoxious… Type “adaware” (note no hyphen — the product is Ad-Aware) in a Google search and the first thing that you get is a sponsor’s (i.e., paid advertiser) link to something called “NoAdware”” indicating it is the “2005 highest rated spyware remover.” Hmmmm. 2005 is 6 days old as I type this. Must have been a quick test. It does not say that on the web page — not that I can see — but in the advertisement on Google it does. On the web page it says, “21,756,915 downloads by people in over 100 countries as of 04:02PM EST, Jan 06, 2005.” I wonder how many of them thought they were getting Ad-Aware? This product might be great. I just don’t like this practice. But, then Dave did point out that they were infamous in other places. For example, they show up in the The Spyware Warrior List of Rogue/Suspect Anti-Spyware Products & Web Sites.

No comments: