Skip to content

Computer Virus

May 10, 2015

Even though I was not directly involved in workstation security at my last job, I did learn a few things about it from dealing with the people in charge of installing workstations, and the people who look after security.  I’ve also kept up with the topic after I retired by reading articles on the web.  The SANS Internet Storm Center is focused on computer security.  The OS news site also has some articles on security issues.

In this article, I’ll consider only Microsoft Windows, because that is what most people run on their desktops, at home or in business.

It used to be true that applications that only displayed information on the screen were safe because that’s all they could do.  Viewers are not safe anymore.  That’s mainly because the data files that they display are not safe anymore.  Today, many types of files can contain executable components along with the data that’s only displayed.  These components can do anything to you computer, including installing malicious software.  Sometimes they can do this without your noticing.

Viruses don’t normally attack your computer from outside on the Internet, and install themselves on your computer.  Firewalls and routers block the direct route.  Instead, they arrive as a result of some activity that you initiate.  If you use an e-mail reader that’s a local application, they can arrive as attachments in e-mail messages.  Most people don’t read e-mail this way anymore because web applications are more convenient.  Some e-mail attachments are malicious files.  Most, of course, are legitimate files that people have sent to you.  How can you tell which is which?  Don’t try.  Let your computer do it for you.  Recent versions of Microsoft Windows keep track of the origin of files and what level of access is requested by an executable file.  They will warn you when this access could be dangerous.

Malicious software often arrives when you use your web browser to visit certain web sites.  This software will sometimes exploit vulnerabilities in your web browser or various viewers to install viruses on your computer.  Your web browser is actually a viewer for HTML data and javascript data.  It may start other viewers for different types of data.  You likely have a PDF reader, an image viewer, and a video displayer.  For document data, your web browser likely starts Microsoft Word.  All of these viewers have their own bugs and their own vulnerabilities.  You can also download files with your web browser.  These are installed in your file system, to be viewed or executed later.  Microsoft calls both of these operations `Open’.  If you use a web-based e-mail reader, remember that it has exactly the same opportunities for virus installation on your computer as any other web site does.

People are often given wrong information on how to avoid computer viruses.  “Don’t open e-mail from strangers” is one.  This doesn’t work.  Everything that your e-mail reader shows you about an e-mail message can be forged by the sender.  It can seem to come from somebody that you know, even though it contains a virus.  “Don’t open e-mail attachments” is another.  This one is impossible.  Everybody sends e-mail attachments.  You have to open them.  Most of them will be legitimate.

What about anti-virus software for your computer?  It may work for old viruses, but certainly not for new ones.  The people who create viruses and let them loose do it to make money.  They test them first to make sure that none of the anti-virus software detects their new virus.  By the time the anti-virus software catches up, the creator has already made their money.

What can you do that is effective?  First, keep your computer up to date with software updates.  Doing this will eliminate vulnerabilities before the virus creator can exploit them.

Pay attention to warning messages, and above all, don’t disable them.  One famous warning says `some files can harm your computer’.  When I searched for that one to get more information on it, I found dozen of instructions on how to disable it.  In fact, the people who installed workstations at my last job did disable it.  They did it because people found it annoying.  Some people even called the help desk every time they saw the warning.  It’s a warning that something bad is about to happen to your computer.  Heed the warning!  Another similar one says `do you want to allow this program to make changes to your computer’.  Heed that one too.  The correct answer is `no’, unless you are doing something that requires configuration changes.

Also, beware of viewers.  Adobe Flash video player is one of the worst just now.  It seems to have many bugs and vulnerabilities.  If you can, don’t even install it.  Many web browsers can display video content with HTML5 video instead.  Some also have a built-in PDF viewer, so that you don’t need Adobe Acrobat reader either.

I also recommend doing all of your normal computer activities from a non-privileged user account.  Set up a separate account, often called Admin, that does have Administrator privileges.  Use it to install software and to do Windows updates.  You can also use the Administrator account itself for this purpose, by enabling desktop logins for that account.  Then remove Administrator privileges from your normal account.  When you are using the non-privileged account, you will certainly get an error message if malicious software tries to do something that you are not permitted to do.  This will protect you from many viruses.

 

Advertisements

From → Uncategorized

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: