Monthly Archives: November 2009

The moving target that is malware.

While I have been as busy as ever with work, life, and amusements, it’s certainly time for another article. This week, we’re talking malware. The traditional computer ‘virus’ has taken a backseat to the far more prevalent ‘malware’, ‘spyware’, and more recently ‘scareware’. Let’s start with a brief history of viruses.

Old school viruses and infections were usually little more than simple pranks and exploits, ‘mostly harmless’ if you will. Sent as a ‘worm’ that spread easily to others. But things quickly took a turn for the worse as hackers and crackers took to creating viruses that would not only spread and pop up goofy messages, but that would, in fact, erase portions of your data. And that’s just not nice at all. More recently they aim to get your credit card information, which is not amusing either.

The trojan horse method of infection involves a simple disguise for the virus, more often than not running alongside some other desirable piece of software that you said ‘yes’ to, not knowing that there was something else lurking beneath it. Pop-up windows were extremely effective mediums for these viruses until it became frighteningly obvious that pretty much EVERY pop up window is a bad thing. And they are. Any website programmer worth his salt will strongly advise against pop-ups in any form as they are not to be trusted and are just plain annoying. Trojans were originally created for notoriety. A good programmer could use a virus to show the holes in a popular piece of software, gain notoriety and eventually land himself a better job for his efforts. Not landing a better job however can easily lead to bitterness and unfortunately, the viruses became all the more malevolent as an effect. Phishing is the art of crafting an email or a popup that looks legitimate, but links you to somewhere very much the opposite. Some of the most popular phishing scams used Paypal and various bank logos to create very convincing looking emails telling you to login and verify your information. No bank will ever ask you to do this via email. If an email asks you to ‘click here or your account will be deleted’, it is lying. It has nothing to do with your account and wants you to type in a credit card number. Someone in Brazil or India is collecting numbers right now, making a lot of small transfers, and getting away with it.

Spyware is one of the more recent terms that is generally associated with bits of malicious software that are used to track your browsing habits, log your keystrokes, and otherwise gather information about you or your accounts. They are built to make money. Many of these exploits are unlikely to ever show themselves to you as you work on your computer. They are just running in the background, in hiding, waiting for your passwords, and sometimes just sending your browser history to a company looking to collect data for advertising and promotion. Eventually you may find that you get more emails related to your browsing habits. This might seem like a good thing, but it really isn’t. Companies like HP, Google and Microsoft all use spyware to¬† gather information about you. They are not nearly as malicious, but HP in particular installs enough junkware with a printer installation that tries to sell you ink, paper, and lifestyle to ruin your day. This may seem harmless, but it adds up fast. If you aren’t using the latest greatest computer with plenty of RAM, all of these little programs constantly running can slow your system down substantially. All of those ‘toolbars’ that you installed, they are spyware. All of those ‘customer feedback’ options that you checked off (or that you simply didn’t UN-check) installed another bit of spyware. And now your computer is slow. Bummer eh?

Malware is a portmanteau using malicious and software. And that was clearly a gratuitous use of the word ‘portmanteau’. This malicious software is meant to infiltrate and potentially damage your computer without your proper consent. Usually they are small bits of software that you inadvertently obtained while browsing an insecure website. But as of recent, even websites that are generally considered safe including the New York Times website have been hosts to some nasty malware. Myspace is positively soaked with malware, and of course, pornographic sites have plenty of it to offer as well. No longer constrained to pop-ups, the viruses can be easily attached to a simple jpeg picture or flash software piece. The most recent spate of malware has been downright nasty. Without getting too technical and talking about bots and rootkits, I will tell you that it has gotten very sophisticated and increasingly hard to remove. It uses ‘backdoors’ created with one small bit of software to download another malicious component. It hides itself well and it hides itself within a daunting number of files, many of which are essential to your computers operation.

The most recently coined phrase in the world of computer viruses is perhaps scareware. Scareware can best be described as a more advanced form of phishing. If a pop-up that looks very much like a virus scanner comes up an alarmingly pronounces that your computer is infected, it may not be lying, but it could very well be the virus itself. Clicking the button to clean it will do nothing of the sort, it will only dig it’s hooks in deeper. If the message is from the virus software that you personally installed, then by all means, trust it to do it’s job. But if it’s unfamiliar and not from your recognized software, well, frankly, you might as well call the geeks immediately because it’s a real pain to get rid of.

So what is the average computer user to do? Buy a mac? Absolutely. Sure they’re more expensive, but they’re great computers, and how much money will you spend over the life of your computer on anti-virus and professional removals? Stick with your old windows box? Fine by me as well, those viruses make us money. But you really must keep your anti-virus software updated. There are a great number of companies offering paid and free anti-virus solutions. Our favorite this month is none other that Microsoft’s Security Essentials. It’s very comprehensive, and it’s free. We have had excellent luck with Norton, AVG, and Avast! in recent months as well, but it’s an ever moving target. The programmers are working on another unbeatable code for tomorrow while the AV companies try to patch up yesterday’s breach. There is no end in site to this cycle without all of us becoming more educated computer users.

The best advice perhaps is to just be careful out there. Use some common sense when clicking on links. If it uses the word free more than three times, it’s probably fake. If it’s a company asking you for personal information, think twice, or go the old fashioned route and call the company directly to verify the post. If you must view questionable websites, then you really need to educate yourselves to some more advanced protection methods. Simply using a browser other than explorer is probably the simplest thing that anyone can do to be more secure. New products like GeSWall offer insight into the future of protection and we look forward to them being more end-user friendly. I have a feeling that 90% of the time, a user has a moment, a split second before clicking that mouse button, and they realize that their next move is potentially unsafe. The key here is to restrain yourself, and to quickly ask, “Is this the right move?”. Perhaps not. This might not please you, but very nearly all infections on the computer are the fault of the user. Don’t feel too bad though, because they’re trying awfully hard to attract you to that shiny ‘yes’ button with all sorts of claims good and bad that will surely improve your life somehow. So contrary to my ‘geekness’, I will postulate that the best way to improve your life is not the ‘yes’ button, but the ‘off’ button.

Colby Dix is co-owner of Vermont Geeks and is far more scared of computer viruses than he is of H1N1.