Friday, February 29, 2008

On Antivirus Applications, Malware, and Safety on the Net

Over the years I've tried numerous antivirus apps. I've used several versions of Norton, used McAfee, Kaspersky, Avast, AVG, Panda, and Nod 32 from Eset. For years Norton was the standard with McAfee a close second. Around 2003 or so Symantec the maker of Norton piled on the features and became ridiculously bloated and unmanageable. Around this time I tried Panda which sounded better and in fact slowed my computers down far less, and seemed very effective. I've tried AVG and Avast both excellent for free software. AVG in particular is a lightweight application that seems effective.

Lately after reading a recommendation in PC Magazine I decided to give Norton 2008 a try. The new version of Norton is less hassle than the old versions and seemed to slow down my PC less. I was happy with it until it did its daily scan, at that point everything slows way down. I frequently have 3-5 applications open at once and often have Firefox and or IE 7 open with multiple tabs. But when AVG or Nod 32 are running scans I saw little or no performance hit. Another point of annoyance is that I also have an IBM ThinkPad which has Symantec's corporate edition of Antivirus and Firewall. This application runs extremely fast both in the background and when doing scans. Why can't Symantec use this antivirus engine in their consumer grade product? Why does their consumer grade product suck so badly compared to the corporate version? I've noticed pretty much the same thing with McAfee which I use at work.

Of course do antivirus suites work anymore? With today's virus and spyware writers having the huge monetary incentive to keep crap from being removed from your machine probably the best antivirus/malware is the end user.

Some general rules to live by in today's computing world are:

  1. Keep Windows updated, keep your Automatic Updates on and set for a time your machine is usually running.
  2. Keep your Virus and antispyware definitions up to date.
  3. Scan your machine daily, with antivirus and antispyware. Run only one antivirus but use multiple antispyware tools. Generally it's best to run only one antivirus at a time. However you can run as many antispyware tools as you like. The 3 best known free spyware programs are Ad-aware, Spybot Search and Destroy, and Microsoft Defender. It also makes sense to run a commercial antispyware program such as Spyware Doctor. All of these programs can be had at www.download.com
  4. Do most of your computing especially online work as a limited user. Not operating as an administrator is always safer even if you are using a Mac or Linux system.
  5. Don't click on links in an email. Never log on to EBay, PayPal, or any online financial site from a link in an email. Always type in the website manually to go to your bank or EBay account.
  6. If you have teenagers using a family computer always have them log into the computer on a non-administrator account. Consider using Microsoft Windows Steady State program which will undo any changes done to the hard drive by limited users at the next re-boot. This program works great but may be a little on the geeky side. It does take some time to set up properly, but I've been playing with it and find it quite remarkable. Its designed to be used on public computers, such as in libraries so at the end of the day the administrator just re-boots the machine and it returns to its pre-configured condition.
  7. Use Internet Explorer 7, Firefox, or Opera. Internet Explorer 6 is notoriously insecure and should be upgraded to 7 ASAP. Even IE 7 should only used for windows update on Windows XP. Firefox or Opera are generally less targeted by hackers and mal-ware writers. Firefox is getting more popular and is now becoming a target for exploits more and more. Use the add on, "No Scripts" which allows users to opt in for sites running scripts. "No Script" disables all scripts on a site until the user allows scripts to run hopefully preventing dangerous java script exploits from unknown or miss typed URLs. Vista users are safer in IE 7 than XP as Vista runs IE 7 in "protected Mode" which attempts to sandbox the browser from the hard drive. IE 7amp; also has a fairly effective phishing filter, which notifies the user if the link you clicked on in an email isn't taking you to the banking site you thought you were going to.
  8. Use Windows Vista, if you can. Windows Vista was built with a priority of safe computing being one of Microsoft's primary goals. Unlike Windows XP which claimed to be safe when first released Vista truly does have a number of features that make you safer. The UAC or User Account Control is a feature similar to account permissions contained in most UNIX based OS's, that asks for an administrator's password whenever the user install software, hardware, or changes the system in a major way. This has saved me, it can save you from, "drive by malware attacks" where just browsing to a website with malicious code and infect you without clicking on anything.
  9. Use virtual machine software such as Microsoft Virtual PC or similar software from VMware. Or a simpler solution is to use Sandbox IE. Sandbox IE allows you to use your browser in a "virtual sandbox" that protects your computer from malware as long as you don't save anything to your hard drive.
  10. Last but certainly not least, use a nat router. A cheap but effective router either wired or wireless is a must have, in today's online environment. A router will reject traffic from the Internet that was unsolicited thus effectively acting as a hard ware firewall. Even if you only use 1 PC and it's connected to your modem, you should put a router between you and the internet. This applies to high speed connections of course, I'm not sure they make routers for dial up. Dial up users should probably use a third party software firewall such as Zone Alarm or Comodo both are free and work quite well.


Friday, February 15, 2008

Sayonara Powerbook

Today I finally unloaded my old G4 PowerBook. It was a great little computer but it's age finally caught up with it. For a long time I've gradually become distant from the old girl, my last fling with her occurred after I installed Leopard. It wasn't pleasant, it took seven tries at a clean install, finally I reinstalled Tiger and then tried an upgrade install and finally, it worked. But, in the end it was to little to late. Leopard is not really at its best on a G4, I never really got used to it and I never bothered to go back to 10.4.

I think the 12 inch Powerbook had the combination of elegance and utility that the new MacBook Air can't even come close to. In fact the "Air" is well, kind of like a beautiful woman with no substance or depth. Sure it looks incredible, but without well, everything, a decent ultra potable needs it's pretty much useless. Instead we get an under powered over priced, style is everything, substance can't be found, piece of crap. I think it's proof you can be to thin. A 12-13.3 inch MacBook Pro with dedicated graphics, a Superdrive, and high end core two duo processor with a 250 gig hard drive would have been a world class, kick ass, road warrior machine. The MacBook Air is a fine lapdog for some spoiled, whinny, air head, who mindlessly stairs at her Myspace page, pouting cause daddy won't buy her a bimmer.

Enough already on the "Air". The PowerBook was hard to part with. I almost backed down on the sale at the last minute. Now it has a nice home with a young college student who will hopefully get some more quality time with her. I gave it a clean install of Tiger so the thing is actually useful. Fact is, I just didn't need it anymore.

My new production laptop is a beautiful 4 month old Dell Inspiron 1420. It's not as pretty as the PowerBook but with 2.2 ghz core two duo, and a 7200 rpm 160 gig hard drive it it pretty much smokes any other computer I've used.

One of the better jokes going around right now is that the 15.4 MacBook Pro is the fastest notebook for running Windows Vista out there. The hardware spec on the high end Mac's is impressive, but I doubt it will match the high end XPS Dells or Alienware machine's out right now.

Another compelling reason for not buying a Mac notebook is the difficulty of doing an upgrade. I recently upgraded the hard drive on a 4 year old Dell. It took exactly 1 screw to get the hard drive out of the computer, 4 more screws for the enclosure, and that was it. Try that on a new MacBook or MacBook Pro. Just forget about it unless you have a weekend to kill.