How to never have a serious spyware problem again
Tiribulus
HOCKEYTOWN USA
Most of this may have been said somewhere, but it isn't that difficult to avoid spyware(and virii/trojans) almost altogether.
1> First and foremost, NEVER use Internet Explorer again except to download Mozilla Firefox after a clean install. Firefox is writtn in such a way that BHO's, activeX controls etc. will not run with it. It does the same things differently than IE and is one million times safer.
2> Porn and Warez sites are the global distribution centers for the most serious varieties of this stuff. I guarantee that 80% of the problems in this forum are from these sources.
3> The other 20% are most likely from P2P clients like Kaaza et al.
4> If there were ten commandments of online computing the first would be: "Thou shalt NEVER download, or indeed even click on ANYTHING that offers itself to you online. Anything worth having you will have to go after yourself. The ONLY exceptions would be Macromedia enhancements and Java runtime. Even if you go to click on the X to close something pay attention that your cursor doesn't turn into a hand, that means they spoofed the close command for a link and you may as well have clicked OK. If you get a hand use the task manager to kill the window even if it closes the whole browser.
This will be tough to take for a lot of people, but unless you really enjoy being here, maybe on a different machine because yours doesn't work any more just ignore everything I've said. Using Firefox instead of IE is so effective at defeating this crap (at least for now) that even porn and warez sites will be a fraction of the threat. I run 9 computers on a fully equipped home network and aside from the NAT piece on my Coyote Linux gateway machine I don't even run realtime anti-virus/spyware protection or a client side firewall for that matter. It's been going on 3 years since our last virus, my weekly spyware scans (Hijackthis, Adaware, Spybot, Pest Patrol) turn up a coupla cookies here and there. I'm happy with my success rate. User education and a few simple rules based on self discipline are all that's needed to keep almost completely clean online. It sucks that it's come to this, but it has... period.
>>>--Tiribulus->
1> First and foremost, NEVER use Internet Explorer again except to download Mozilla Firefox after a clean install. Firefox is writtn in such a way that BHO's, activeX controls etc. will not run with it. It does the same things differently than IE and is one million times safer.
2> Porn and Warez sites are the global distribution centers for the most serious varieties of this stuff. I guarantee that 80% of the problems in this forum are from these sources.
3> The other 20% are most likely from P2P clients like Kaaza et al.
4> If there were ten commandments of online computing the first would be: "Thou shalt NEVER download, or indeed even click on ANYTHING that offers itself to you online. Anything worth having you will have to go after yourself. The ONLY exceptions would be Macromedia enhancements and Java runtime. Even if you go to click on the X to close something pay attention that your cursor doesn't turn into a hand, that means they spoofed the close command for a link and you may as well have clicked OK. If you get a hand use the task manager to kill the window even if it closes the whole browser.
This will be tough to take for a lot of people, but unless you really enjoy being here, maybe on a different machine because yours doesn't work any more just ignore everything I've said. Using Firefox instead of IE is so effective at defeating this crap (at least for now) that even porn and warez sites will be a fraction of the threat. I run 9 computers on a fully equipped home network and aside from the NAT piece on my Coyote Linux gateway machine I don't even run realtime anti-virus/spyware protection or a client side firewall for that matter. It's been going on 3 years since our last virus, my weekly spyware scans (Hijackthis, Adaware, Spybot, Pest Patrol) turn up a coupla cookies here and there. I'm happy with my success rate. User education and a few simple rules based on self discipline are all that's needed to keep almost completely clean online. It sucks that it's come to this, but it has... period.
>>>--Tiribulus->
0
Comments
- Firefox has vulnerabilities, and poor browsing habits can lead to Firefox browser hijacks. FF can be, and in fact, has been hijacked. But it is much harder to make that happen without tricking the user into 'CLICKING HERE!!"
- More vulnerabilities for Firefox will be found as the browser gains in usage and malicious code writers start to hack away at it. Make sure you have automatic updating for Firefox turned on. It is on by default, you can check it by going into Tools -> Options -> Advanced. Scroll down to Software Update, make sure the checkmarks are on for both Firefox and My Extensions and Themes. That second one is important, as vulnerabilities to 3rd party extensions may provide an alternate way to exploit the browser.
- Active protection of Firefox using Spyware Blaster is a good idea. Spyware Blaster protects both IE and Firefox from various known malicious sites. On the Firefox side, it can protect against accepting cookies from known bad sites, which then prevent the sites from loading or functioning properly. Run the program and check for updates regularly, and enable all protections. Download SpywareBlaster here:
http://www.short-media.com/download.php?dc=69
Dexter...
Only click stuff that you know is pertinent to the site. You get one of those pop ups with an "Ok" button, just hit the "X" on the top-right of the window. If you're unsure about a program you're thinking of installing, google it or ask around forums. I'm sure someone has used it. If the program has the option, hit custom installation and uncheck things you don't need. Run AV and spyware scan periodically and you should be pretty safe.
Nothing's foolproof and user education is huge, however educating users like my clients takes someone with much greater psych skills than I. Out of the last 20 or so side jobs I've done I bet 18 have been all about spyware. I support Ford's product Development center here in Detroit(Dearborn actually). Our building has 6000 users which thankfully affords lots of opportunities for side work. I've had people who bring the machine back within 48 hours just as bad off as before who accuse me of rigging it that way to get more money out of them who I had to refuse service to eventually. I've had people who are willing to pay me 20 bux a week to keep cleaning their machine, but it soon isn't worth it for me and every other variation you can think of. Until Firefox I had multitudinously repeated work because these folks DO NOT respond to anything resembling education. In every single case since just convincing them to use Firefox and in a few cases setting the IE icon to the Firefox shortcut has almost entirely halted any major spyware issues they had. I had one guy who had a java based virus that he had to have gotten using Firefox, but that's the most serious thing I've seen. Whenever I go to their desk or see them somewhere( like the grocery store owner on the corner) they say "whatever that new internet thing is you gave me I haven't had any problems since". That's the point I'm making about Firefox.
>>>--Tiribulus->
Dexter...
>>>--Tiribulus->