BGAMUG Application Review

I report on always free, always no-brand, always open source widgets for the Bowling Green Area Microcomputer User Group

Friday, January 05, 2007

Grisoft breakfast

Grisoft and the AVG folks were on the breakfast agenda, providing coffee, juice and a continental breakfast, along with an excellent discussion of the current trends in antiviral protection. The latest direction for this software is taking us away from the classic file-by-file search for viral code, which many security specialists in the field believe is old-school.

The payload for dangerous software we can pick up on the 'net is now an even better moniker, as the current ilk of evil programmers are focused on PAY. In the 90's these guys earned bragging rights for picking up trophies behind corporate firewalls, and for the most part, that is all they were interested in (that and trashing your computer). Today's malware expert on the dark side is part of large, organized and very bad networks that are interested in money, and lots of it. Viruses and spyware are passe, largely because they are easily detected.

So by and large, a typical infection on a home personal computer is most valuable if it does not announce itself, either to you or to your anti-viral software.

Bad software (malware, spyware, crimeware) can be inadvertently downloaded in JPG images, in active-X controls (which are also used by "good" software!), and by Java-enabled sites. Most often, you still need to click on a link or visit a bad site to get the infection, but some of this code is truly low-level and cannot be discovered by ordinary software.

Root Kits, software that masquerades as low-level operating system files, are but one example.

Polymorphic code
is another example of how the bad guys are tricking scanners into not noticing when something is amiss, because it changes regularly, sometimes under control of the program itself, and so anti-viral scanners cannot readily match its profile against their files of known malware signatures.

Fortunately, the AVG family of products is well suited to locate and screen for this type of information, and depending on the safety level you need, you should probably install a commercial or free firewall in addition to the Windows XP firewall service.

Anyone who trades in securities, does online banking, or keeps any personal information (Social Security numbers, for example) on their computer, or has information of a sensitive business nature on their PCs really ought to invest in a self-updating professional online internet safety package such as that provided by Grisoft in their AVG Internet Security package and take additional steps as well, such as limiting browsing to sites that are known to be safe, vigorously questioning and reporting E-mails that may be faked, and in general, adopting very cautious browsing habits. Read fine print. Don't do business with online companies that don't have security certificates and privacy policies that you can live with.

I fall into this category, and I am going to commit to armoring my PC when I get back home. Today's symposia, frankly, scared me to death.

On the other hand, if I only used my PC for playing freecell and doing e-mail, I might be okay with the standard free installation of AVG, provided I was okay with the off chance that my computer might be co-opted and used in a bot net!

Mike Moore

0 Comments:

Post a Comment

<< Home