Sunday, February 21, 2010

PC World has major issue on security tips

The March 2010 yellow issue of PC World has a useful article “How to Stop 11 Hidden Security Threats” by Tony Bradley, link here, on p. 68.

Most of these recommendations are well known, but it is true that a wise home user doesn’t just assume that his antivirus package or Windows firewall takes care of everything.

Bradley recommends that people encrypt their data even on backups, out of concern over physical theft. Of course, people can use off-site backup services (like Mozy) or backup data onto flash drives and put flash drives in safe deposit boxes at banks. People should consider carefully their own travel habits with laptop carriage, along with changes in TSA rules.

He recommends screening a Windows machine with Microsoft’s Malicious Software Tool (often upgraded with automatic update) but admits that its scope is limited.

The article warns about social engineering attacks through Facebook or social networking sites.

It also discusses preview tools for "tiny url's" (as with Twitter) leading to websites that could be triggered with malware. He also uses the term "animalware" (try this report on another fake virus remover for use of the term, discussing the "spy falcon", by "Daniel").

The issue also has an article (p. 42) on flaws in Adobe Reader and Acrobt, by Erik Larkin (p. 42), with issues in EPS files, AIR programs, and Flash players.

There is an article on p 24 by Ginny Mies on risks in social networking games, and even surveys.

On p 41, there is an article by Erik Larkin, “Security Alert: Malware aims to evade Windows 7 Safeguards”. Larkin notes a survey which showed that “automatic” infections on Vista machines from infected web pages were 62% lower than for XP, and Windows 7 is supposed to have even more layers of protection against exploits. I have experienced a couple of problems on a new Vista machine with web pages which Webroot Spysweeper noted as having malicious adware (considered a virus or Trojan, not “just” a spy cookie), in one case an attempt to download fake anti-virus software. In six months, Webroot has quarantined four such Trojans (McAfee never detected anything like these). I suppose that Windows 7 might me less vulnerable to these than even Vista is.

No comments: