Computer security that works?

September 30, 2009

While I am happily sitting here typing away in Linux (Ubuntu 9.04), the vast majority of desktop PC users are still stuck with Windows. Yes, I still have a copy of Windows on my PC, but I’m somewhat forced to do so; I need to be able to run Internet Explorer to test websites.

As virtually everyone will attest, possibly the biggest headache with Windows is the threat of viruses and all the other malicious software that wants to control your PC, spy on what you’re doing, or use you your machine to help launch a distributed denial of service attack against some random individual or company. In short, with Windows security software is essential. For quite some time, Microsoft has made a couple of products to help with this – the first was their firewall, and the second is Windows Defender, a tool to scan your PC for hidden-away malicious software.

This left most people without an actual anti-virus solution. Actually, what it generally means is that when you buy a new PC the bundle of software included with it probably included something from Symatec – commonly known to most as Norton anti-virus. I’m old enough to remember when Norton products were good, but that was quite some time before Windows XP came out. The crap they shovel out now will slow your PC down more than having half a dozen viruses installed. And, to top it all, you have to keep paying Symatec protection money to keep it working. That is the whole purpose of the free trial version you get bundled with your new PC. If you do as most people do, you ignore it until that free trial expires. This is a bad idea. At that point, it will no longer download updated virus detection data, and I have actually lost count of the number of times I’ve been unable to get it off a PC without resorting to a boot into safe mode, deleting all the physical files, and cleaning up the mess in the registry. Why? Well, it tells you the software license has expired, and the uninstaller will actually refuse to run until you’ve updated it – which requires you to stick your hand in your pocket and pull out your credit card.

An article on ars technica indicates there may be an alternative to my preferred solution, Microsoft Security Essentials (MSE). You could be forgiven for thinking this means hell has frozen over – the long-standing geek joke is that, the only product Microsoft could make that doesn’t suck is a vacuum cleaner. Ars technica seem to think the new MSE package is worthy of serious consideration. What you’ll find is this is because Microsoft bought most of the technology from a very well-respected company better known for working with large corporations and the military-industrial-complex.

If you want to try it, here are the steps you should go through:

  1. Download the package and save it somewhere you can easily find it
  2. Disconnect from the Internet – pull the ethernet cable or WiFi dongle, switch off the WiFi on your laptop, whatever.
  3. Uninstall whatever anti-virus or active anti-malware software you have
  4. Install the Microsoft Security Essentials package
  5. Reconnect to the Internet
  6. Make sure MSE is fully up-to-date
  7. Run a full, in-depth scan of your PC

If you buy a new PC, I would recommend this is one of the first things you do – if you don’t follow my below instructions for the package I’m still using – Avira. If your shiny new PC offers to do a backup after configuring and installing the default software, DON’T. Defer that backup until you have the latest Windows updates, a half-decent package such as MSE, and all the trial versions of stuff you’re not prepared to pay for removed. Basically, if that’s how the PC supplier get round giving you a Windows install disk, make sure the PC is ready to use before you back it up. Otherwise, if you’re forced to install from the backup CD/DVD six months down the line you’ll be jumping through all these hoops again.

As I mentioned in passing, my preferred solution has to-date been Avira. The procedure with that is exactly the same as detailed above, but substituting Avira for MSE.

Of course, you could always abandon Windows altogether. Several of the current Linux offerings, such as Ubuntu, effectively are ready for prime-time use. Most offer a downloadable version that you can put on a CD and boot your computer from to try it out. The actual installation and setup has a few quirks in it that will stump the non-technical, especially if you want to keep Windows on the machine at the same time. And, if you want to play DVDs and such, you will be installing non-Free software (that’s not “non-Free” as in you pay for it, but “non-Free” as in you’re either using something which you either can’t download the source code for it, or it implements something patented such as MP3 or the DVD format). The good news is that almost all you need is available from what are called repositories – where the software is digitally signed and you’re not searching the Internet and hoping the shiny DVD player isn’t actually a trojan horse.