ahulett
Life Without Walls
Premium
join:2003-02-02
Bellevue, WA
1 edit | There is always something going around. There is no down period.
It's like your car. You always lock the door. We don't have periods where we leave the car unlocked because there's no reports of car theft... we lock the door no matter what, because it helps protect it and its contents.
And, if someone we know has items stolen from inside their car, and we find out they left the doors unlocked, we immediately think, "Geez, umm, you kind of earned that one, you didn't lock the door."
But yet we don't think this way about protecting our computers.
How come? Well, to help prevent someone from stealing items from your car, on many cars nowadays, one just pushes a button on their keychain remote, the doors lock, the car alarm activates and they're all set (or more accurately, they feel they're all set). This doesn't exist, exactly, for PCs.
Security programs tried heading in that direction by pulling together the important aspects of things, mainly antimalware, firewall, installing system updates and taking data backups, providing one-button fixes when things needed attention, and even there things aren't done yet, such as updating third party applications and browser plug-ins. Just as with our cars, even though we lock the doors, we should hide valuables, or even take them with us rather than leave them in the car to tempt those passing by.
Of course, once you have antimalware, firewalls, updates installed and backups made, you're not done yet. You're never done. Remember, the moment you think you're secure is the moment you're most vulnerable. And to use the original post as an example, you might say run Firefox with scripts disabled, and you may even update to the latest version of Firefox, but that's ok, the 'bad guys' can come in via Flash, or as an attachment in an email that looks like it came from your mom's bank, or if they're lucky enough, SneakerNet will get things in there.
Which is why my other post asked about updating other things, as it appears the solution was to simply roll back to an earlier state, move on and dangerously assume the malware didn't survive the rollback. Its a Secret  has it right... you're not done yet. Going back to the car analogy, someone broke the passenger window, and you replaced it, but you haven't looked around in the car yet to see if anything else is missing or damaged, or if something NEW is in there monitoring you driving.
I hope, that in the long run, you're thinking beyond the browser and looking at a full security solution which includes an antimalware scanner, an inbound firewall, installing system updates, updating third-party software, including browsers and their add-ons, and EDUCATING your mom on how to both recognize attempts to infect (such as by a malicious web page or a fradulent email or instant message), and even more importantly, what to do if she suspects she's infected, even if the first step is simply, "Call you." Remember, you're still not done at this point, but if you get here, you're sitting pretty good in my personal opinion.
//A
--
Aaron Hulett | Malware Researcher | Microsoft Malware Protection Center
This posting is provided "AS IS" without warranty, and confers no rights. |
