When our first child was a year old, we had a childproofing company come to our house and give us a presentation about the threats that might endanger our baby. By the time it was finished, we had closed the college savings account because it seemed so unlikely that he would survive into his teens. The world seemed so dangerous!
At the moment, computer security threats are so overwhelming that it’s hard not to have that same level of dread. How can we possibly use computers when the bad guys are so smart and relentless?
Here are a few of the news items from the last few weeks.
- At an annual competition last week, a security researcher hacked into a fully patched MacBook computer in seconds by exploiting a security vulnerability in Apple’s Safari browser. It was one of those contests where the judges said “Go,” and the winner hacked into the computer and said “Done!” before anyone could take a breath. Later that day, Internet Explorer 8 and Firefox were also successfully hacked.
- Firefox will get an emergency patch on April 1 for a vulnerability made public yesterday that would allow the bad guys to take control of computers that go to booby-trapped web sites. It followed announcement of another similar Firefox hole the previous week.
- There are a lot of booby-trapped web sites.
- Millions of computers worldwide have malware installed that is scheduled to do something on April 1. The malware is cleverly designed to make it difficult to stop whatever the bad guys have planned. It might be a non-event, another Y2K, but no one knows for sure.
- Adobe has just issued patches for a hole that allows malformed PDFs to take over a computer (1) when the bad PDF is selected in a list of files by highlighting it with a single click; (2) when the list of files is changed to thumbnail view, without any further interaction with the individual file at all; and (3) when the mouse cursor hovers over the file name, without any click or highlight.
- One click on a strange URL can take you to a booby-trapped web site that will bring up some variation on “Antivirus 2009,” where a professional-looking screen will claim that you have viruses on your computer. If you click “OK” to do a scan, your computer will be compromised. Here’s some background about similar malware. Antivirus software will frequently not prevent it. (Vista’s User Account Control will give you one more chance to stop it before anything is installed. If someone tells you to turn off User Account Control to avoid the “annoying prompts,” hit them in the nose.) In most cases, I will advise you to reformat the hard drive if this stuff is installed – there is literally no way to be sure that it is cleaned off again without flattening the computer.
- You’ve probably seen the term “rootkit” used to describe some of the recent kinds of malware. A rootkit installs software that is difficult or impossible for the operating system to deal with. At best, there will be files or areas of the registry that you cannot remove without extraordinary efforts. At worst, the files have special characteristics that make it impossible for the operating system to display them at all – you literally cannot see the files using Windows Explorer in any mode.
- Researchers are busy proving that it’s possible to create rootkits that are installed in the computer BIOS, which means they will still be present even if the hard drive is reformatted.
What can you do? You can use a computer happily and safely by following all the usual precautions.
- Install updates from Microsoft promptly. (Look for the gold shield in the lower right corner. If you use Windows Live OneCare, keep the icon green.)
- Install antivirus software and keep it up to date.
- Read and think before you click OK. Antivirus software will not always protect you against malware if you click OK at the wrong time.
- Don’t click on links to web sites unless you know exactly where you’re going.
- Follow links with carefree abandon to and from legitimate sites, but don’t click on links that arrive in spam e-mail, instant messages, web forums, or IRC chats, or that start from an untrustworthy web site.
- Don’t click on links in email messages unless you deeply trust the judgment of the person who sent the message.
- Don’t click on links in forwarded messages.
- Never, never, never open email attachments unless you know with 100% certainty that the attachment is something you expected and want to receive.
- The bad guys are liars. They will say anything to get past your defenses, without conscience or remorse.
Be careful out there!