Two free tools for Computer Self-Defense
by Alan Zisman (c)
2006 First published in Columbia
Staying safe online is an ongoing challenge. No matter how much
protection you pile on, no matter what computer hardware and operating
system you use, unwanted spam is still going to make it into your email
inbox. Most spam is just an annoyance; hopefully you know better than
to fall for the promises that you can get a share in millions of
dollars of ill-gotten Third World loot. But it can be harder to avoid
falling for 'phishing' messages apparently from banks or popular online
services like eBay or PayPal asking you to enter account name and
password at a realistic-appearing but bogus website.
The vast majority of computer users running Microsoft Windows are
especially targetted, however. Not only do they get their share of spam
and phishing email messages, but they're also the most vulnerable to
computer viruses and spyware infestations. The reality: for a number of
reasons, there are no active virus or spyware attacks on Macintosh or
Linux computers. Zero. Nada.
There are tools to help Windows users fight back, however. Here are a
pair of recent additions to my security toolkit. Nicely, both are free.
McAfee is one of the oldest companies making antivirus software. While
their VirusScan software and their full-featured Internet Security
Suite aren't free, they have a number of useful freebies available
online at http://us.mcafee.com/root/catalog.asp?catid=free
At that site, you can scan your computer for viruses and if any are
found, download free tools that in many cases can be used to clean the
infection. Everyone (at least all Windows users) should go there right
now and download a copy of their free McAfee Site Advisor tool.
This tool makes use of ratings of over 6.4 million websites, which
McAfee calls “nearly every trafficked site on the
Internet”; they have been rated by the company for online safety
issues including spyware, viruses, exploits, online scams, and spam.
The company claims that the sites it has rated account for over 95% of
Web traffic world-wide.
SiteAdvisor is a little add-on for Microsoft's Internet Explorer and
the popular (and more secure) Mozilla Firefox web browser. Once
installed, it works in two ways. When you search the Web using Google
or Yahoo, little SiteAdvisor icons appear next to the search results,
labelling each as green for safe, yellow for caution, or red for
dangerous. If you go to a web site, whether by manually typing in the
address or by clicking on a favorite, a bookmark, or a link, a larger
SiteAdvisor rating pops up, in the top-right for Internet Explorer
users, or in the bottom corner in Firefox. The company has tested over
700,000 downloads for safety; download dialogue buttons also get Site
Advisor colour codes.
Optionally, you can choose to see SiteAdvisor's reports on the
potential dangers of this website or download. Highly recommended.
Last winter, Sony BMG Music made the headlines when it was revealed
that some of the company's more popular music Cds secretly installed
software known as rootkits onto (again, Windows-only) computers. While
Sony did this to control unauthorized copying of these music discs, the
rootkits compromised security on those computers, reporting on the
owners' activities and opening them up for potential hacker attacks.
Under public pressure, Sony was forced to recall millions of discs, but
rootkit software can be quietly installed from other sources as well.
The nature of rootkits makes them hard to notice. Security company
Sophos notes that rootkits “hide the presence of a malicious
object (process, file, registry key, network port) from the computer
user or administrator.” As the Sony BMG case demonstrated, just
inserting a music CD in your computer may be all it takes to become
Sophos (their North American headquarters are in Vancouver, which earns
them bonus points) has released a free anti-rootkit tool (http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html
Unlike SiteAdvisor, it isn't automatic; after downloading and
installing it, you will need to actually run the program. But when run,
it will check for rootkits, removing any it finds.