Insecurity Over Security Software
It's time for a confession: I can't remember the last time a security program stopped me from accidentally opening a virus on any Windows machine--even though my public, widely published e-mail address has to be on half the spam databases in the world.
That's because if you know what to look for, much of the "malware" out there is blindingly obvious. You don't need to memorize file-name extensions or research every new Web site; you just need to recognize a con job when you see one. If a strange e-mail message or Web site makes some pitch that seems awfully generous, illogical or just plain pushy, you're right to be suspicious.
(I'm having a hard time remembering when I was even vaguely tempted to open an e-mail attachment that could have caused me trouble... well, there was once a Word file that a publicist for a tech-news Web site [no, really!] sent along with an embedded macro virus, but Word itself warned me about the macro.)
The threats I worry about are those that don't require much--or any--effort on the user's part to get a computer infected. Those include worms that invade the machine from over the Internet, "drive-by downloads" from hostile Web sites that attack through your Web browser or other Web-facing programs.
So for today's review of Internet-security suites, I didn't try to throw the trickiest, deadliest viruses at them and instead assumed that a user could be careless but not reckless.
In other words, if you're going to double-click whatever file shows up in your e-mail and download things at random off warez and porn sites, you're asking for trouble. (If you are going to do that, at least use a Mac or run Linux instead of Windows!)
But at the same time, I don't expect you to use the computer as if you're piloting the Space Shuttle. You don't pay complete attention to what you're doing online; sometimes you click through to the wrong site or on the wrong file. So you need something that can protect you from occasional inattention.
On that scale, these three bundles--Symantec's Norton 360 2.0, released last month, and McAfee Total Protection and Microsoft's Windows Live OneCare, both shipped last fall--got some things right and others badly wrong.
If I could combine their best features, I'd include McAfee's effective but unintrusive SiteAdvisor, the firewall from Norton 360 (it's amazing how much more polite is compared to Symantec's previous, obnoxious products), Norton's system-tuneup and data-backup features, and OneCare's quick, clean install and simple, elegant interface. I wouldn't mind keeping OneCare's cheaper price, either.
But I can't build that kind of FrankenSecurity product, so instead I have to fall back on the usual grab-bag approach. Here's what I recommend:
* For anti-virus, the free AVG anti-virus should suffice for home use. (You have to pay to use it on a business machine.) It's not the prettiest application out there, but it should catch any established virus out there and it's yet to screw up any of my e-mail programs.
* For your firewall, use the software built into Windows XP and Vista. True, the XP firewall doesn't police what data gets sent out from your computer--but if you have a rogue application communicating with some site on the Internet, you're already hosed.
* For spyware protection, I again suggest you stick with what Microsoft gives you for free, its Windows Defender program. It's built into Vista and is a no-cost download for XP.
* To steer clear of phishing scams, use a mail program--like Mozilla Thunderbird and Microsoft's Windows Live Mail and Outlook 2007--and a Web browser--such as Microsoft's Internet Explorer 7, Mozilla Firefox or Opera--that will warn you about these fraud sites.
* Everyday system tune-ups can be handled by the free CCleaner--but make sure you check all its options carefully, as some will scrub too much data out of your browser.
Don't forget to stay on top of security updates for Windows, your browser and e-mail software and all the other programs that face the Web, such as Adobe's Flash and Acrobat Reader and Apple's QuickTime.
If you've got other suggestions for those tasks, let me know in the comments!
The comments to this entry are closed.