Thursday, March 25, 2010

Principles of Security:Keeping it Simple

Computing on the Windows platform today can be very rewarding .The problem with Windows applications is that as Microsoft has made improvements in patching security holes in Windows, the Black Hat hackers have begun to focus on third party applications to exploit the platform. Recent highly publicized exploits on the Adobe Acrobat PDF reader have been the tip of the iceberg. According to Secunia creators of PSI a security tool that scans your PC  for out of date software, half their users had 66 or more programs on their PC's. Once all the programs and patches were tabulated it totaled over "75 patch incidents annually". per average PC. "That averages out to a patch every 4.9 days." (Source InfoWorld Security Central http://www.infoworld.com/d/security-central/typical-windows-user-patches-every-5-days-630?source=IFWNLE_nlt_firstlook_2010-03-04InfoWorld)
This obviously puts the average user at risk. Many people do well just to keep their Windows OS patched much less check more than once a week for patches to their other applications. This leads to the crux of my point, keep it simple. Don't download every application you see or hear about. Pick a core of useful applications that allow you to use your computer in the way you need and stop! Your computer is a tool that can be very useful, so treat it seriously. You still can have fun with your computer, but you don't need 5 different media players, choose one and stick with it. If you find one you prefer uninstall the old one first. Many people use old out of date programs because they don't like the "feature creep" of many newer applications. This is a mistake, keep what programs you have up to date, this especially true with PDF readers, browsers, email clients, and media players. Keeping your flash player up to date is extremely important, Adobe Flash is a major exploit vector and I frequently run with it disabled.
Trying new applications can however be fun and rewarding, the best way to try new applications though is in a virtual machine. Using a program like Virtual Box from Oracle Systems is a great way to safely try new applications without committing yourself to a new program or loading your hard drive with a ton of unnecessary applications that need to be constantly updated. And lastly run Secunia’s free PSI it will help you keep your applications up to date and add another layer of security to your computer.http://download.cnet.com/1770-20_4-0.html?query=Secunia+Personal+Software+Inspector&searchtype=downloads