Wednesday, November 11, 2009

Stop Paying for Windows Security; Microsoft's Security Tools Are Good Enough


When it comes to keeping your Windows PC secure, all of the scare tactics and overblown virus stories out there make it hard to feel safe online. The fact of the matter is that you don't need to pay for Windows security.

From time to time we like to go on long, opinionated rants about subjects that bug us. This is one of those times. So let's have a frank and honest discussion about Windows security, and leave the scare tactics and FUD for money-grubbing corporate marketers.

Microsoft Security Essentials is a Great Antivirus Application

The release of Microsoft Security Essentials has changed the landscape of antivirus software. We've finally got a completely free application that protects against viruses, spyware, and other malware—without killing system performance like some of the "suites" tend to do. In my personal experience, it barely slows down the machine and rarely affects my work—and during a deliberate attempt to download some viruses (for testing purposes), it immediately found and blocked them from doing anything.

You don't have to take my word for it, however. Not only did AV-Test.org find that it detects 98% of their enormous malware database, but AV-Comparatives (a widely known anti-malware testing group) found that MSE was one of only three products that did well at both finding and removing malware, including the leftovers. It was also the only free product to grab their "Advanced+" rating—the top honor for an anti-malware solution.

The more tech-oriented readers will probably note that MSE does not do any fancy heuristics to detect viruses that aren't in the database already, which is a feature offered by some paid solutions. In my opinion, this feature is usually unnecessary and a massive system drag if combined with a healthy dose of not installing questionable nonsense.

Stop Whining About "Outbound" Firewalls

Every time I read an article about the built-in Windows Firewall, I see comments complaining that they use Zone Alarm or some other software because they handle "Outbound" connections. Let's put it on the table—the Windows Firewall has plenty of capability for handling outbound connections if you really need that level of paranoia. In fact, if you just look through your start menu you'll find a link for Windows Firewall with Advanced Security. You can head into there and pretty much configure any setting that you can possibly imagine, getting right down to the port level if you want.

The fact of the matter, however, is that outbound firewalls on a desktop PC are Completely Pointless. If the malware has made its way onto your computer, you have already lost the war. Your PC now belongs to whoever is running the botnet, and your outbound firewall isn't going to stop it—after all, the malware can simply add a rule to the firewall to allow access. It's better to focus on keeping malware off your PC in the first place.

Let's not forget that most of us are using a router with a firewall built right into it, and as long as you aren't using easily-cracked WEP encryption, you should be perfectly safe behind your firewall.

User Account Control (UAC) is Not a Security Tool

The single most irritating feature introduced in Windows Vista was those annoying UAC prompts, asking you for permission to do nearly anything on your computer—and the fact is, even if it makes you feel more secure, it's a false sense of security. Malware researchers at SophosLabs found that 8 of 10 malware samples can actually bypass UAC on a system with the default Windows 7 settings.

The fact of the matter is that unless you've pushed the UAC slider all the way to the top, it's not meant to be a security feature. The original intent was to change the way Windows works so that you can more easily run software as a standard user account, instead of running as administrator all the time. So there you have it—if you aren't going to run as a standard user or turn the slider all the way to the top, you may as well disable UAC.

Keep Windows Updated

When it comes to protecting yourself, it's laughable how many people install multiple antivirus applications but don't keep their system updated with the latest operating system patches. Last April, the Conficker worm was exploiting and spreading on millions of PCs through a critical security hole in Windows—one that had been patched the previous October.

If everybody would simply keep their systems patched, we wouldn't have to worry so much about these problems. If the constant rebooting action of Windows Update has you frustrated, you can always temporarily delay Windows Update's forced reboot, or just make it not restart your PC automatically—but you should always have Windows Update running at all times. 

Keep Applications Like Acrobat and Flash Updated, or Uninstall Them

Even though we're complaining about people not keeping Windows updated, the fact of the matter is that the most likely cause of drive-by malware infection these days is through your browser plugins. Adobe Flash is notoriously full of security holes, and the latest attacks have been using vulnerabilities in Adobe Acrobat to infect your PC without installing a thing—just go to the wrong site that redirects you in a hidden frame to a PDF file containing the exploit, and your system can be exploited.

Keeping your applications updated is critically important to protecting your security. Your firewall won't protect you, and an antivirus software is unlikely to help if you're using an old, vulnerable version of Flash in your browser—what you need is a piece of software that scans your PC and makes sure that you are using the latest, patched versions. We've got you covered with the five best software update tools for any OS, but my personal recommendation for Windows is for Secunia PSI.

Stop Downloading Questionable Files

There's a little-known fact that I don't usually tell anybody, but I'm going to share with you today: I haven't used real-time antivirus software on my PC in 10 years, and I've never been infected with a virus. About once a year, I run through an online virus scanner to make sure that my claim still holds true, and it's never happened.

How have I managed that, while being a geek and testing software all the time? There's a couple of simple rules that will protect you:

  • Use an online scanner like VirusTotal to scan questionable files before installing them.
  • Don't download and install those questionable files in the first place.
  • Use some common sense. That pre-release copy of the latest video game you got from a torrent? Yeah, it probably has a virus in it.

So what do you say? Are the built-in tools, combined with Microsoft Security Essentials, good enough for you, or are you going to stick with the full paranoia route? Let's hear your thoughts in the comments.

The How-To Geek thinks a little common sense and system patches goes a long, long way towards a secure system. His geeky articles can be found daily here on Lifehacker, How-To Geek, and Twitter.


[link to original | source: Windows - Lifehacker | published: 11 hours ago | shared via feedly]


No comments:

Post a Comment