What anti-virus software should I use?

So, I’ve touched on this before, but I get asked this question alot. The short answer is: If you are on Windows, use Microsoft’s free built in system Security Essentials or Windows Defender depending on what version of Windows you are running, or none at all. If you are on a Unix/Linux based system, including MAC OS X, then don’t use one either.
For those who want to know why, Anti-Virus is always a cat and mouse game. Attacks constantly evolve so the AV has to chase it. Using good practices is far better than relying on a software program to deal with your mistakes. The newest malware are moving to file-less programs which get written straight to your systems active memory and only live until you reboot. This is a greater challenge for AV. Third party AV systems actually increase the attack surface of your machine and security professionals have been moving away from recommending AV for quite a while. One issue is that many AV products install their own root SSL/TLS certificates so they can insert themselves into your encrypted connections with other sites. While they are doing this for our benefit, this is the definition of a man in the middle attack. There have been documented cases of malware exploiting this proxy.  For a really good paper on the details of this problem click here.

AV products are also notorious for draining resources making your system run, sometimes unbearably, slow.  So why is Microsoft’s product any better?  As the operating system manufacture, they are able to put their AV in the OS where it is more efficient so it doesn’t drain resources, and if they want to proxy TLS connections, which I’m not sure if they do, they already have a root certificate in your machine so it’s not adding any attack surface there.

If you want to understand good security practices you can read my post here.  I also plan to put together a more comprehensive best practices document in the near future.

The bottom line is third party AV is a relic of the past.  Save your money and your sanity.  If you think you may have a virus I do recommend two products for specific scanning of your system.  Windows Defender Offline, and Malwarebytes.  Both of these should be downloaded to a USB drive from a clean computer and ran as needed on possibly infected machines.

What we do

There is a great deal of experience here at Delta Digital Design. It’s not practical to list every service we offer. This simple answer is, if you have a technology issue the chances are very good that we can help.
One of the things we do is computer repair. Any type of computer; desktop, laptop, tablet, and smartphone.
Data recovery is a service many people would take advantage of if they knew it was available. Whether your hard drive crashed or you deleted a file that you need, we can probably save you at a fraction of the cost of a dedicated data recovery company. Those guys usually have a starting price of $1000 or greater so many people just accept the loss of their important files. We can, very often, get your data back for a tenth of the price.
Ransom-ware is one of the big threats nowadays. Being proactive to secure yourself against this is the best approach. Once you’ve been bitten by these it is usually too late to do anything about it.
So, help is out there and doesn’t have to break your bank. There is never a charge for us to talk to you about your needs and see if we can help.

We have gone HTTPS

combination-lock-1239321We talk a lot here about security.  So far we haven’t had any need to make connections to our site secure.  With the developments of the last few years the need for secure connections has shown to be critical to many sites and useful to all.  Maybe you don’t want your ISP knowing what you are reading or writing on our site.  We also wouldn’t want a man in the middle attack to give you bad info or worse, malware that you think is coming from our site.  It’s also become easier to provide secure connections.  As of today we are now accessible at https://www.deltadigitaldesign.com.  We will, for the time being, still remain available over un-encrypted connections too for those who may be using older technology for some reason.  We will also be offering free SSL/TLS certificates to our web customers so we can help encrypt the web.  To put it simply, if you have your site hosted by us you will automatically have a site that accepts secure connections.

Tell Windows not to run scripts locally.

disc-smashed-by-hammer-1-1244240-639x425

For some reason Windows, by default, is set to open Javascript and VBScript files with the WSH (Windows Scripting Host) which then executes the script.  This is a good way for bad guys to get you to run their code on your machine.  In fact, it’s how the ransom-ware CryptoWall was infecting people.  If you don’t know what ransom-ware is yet, you’re lucky.  Basically, it encrypts all your important files, usually with good unbreakable cryptography,  then you have to pay a large sum of money to get the key to decrypt your files which may or may not work depending on the skill of the malware author.  Most people do not need to have these scripts executing on their machines.  Most scripting that people actually use is in web pages where it is interpreted and executed by the web-browser.

I recommend changing the file association for these types of files to notepad.   If it breaks something for you, you can always change it back, but 99% of people who would actually need these files executing would know how to set it up.  To protect yourself create two new files.  You can do this in numerous ways but one is to right-click on the desktop -> new -> text document.  Rename one file (test.js).  It is important that you get that (.js) file extension.  You should get a warning about changing the file extension, say yes.

warning

Now right-click on the test.js file and select (open with->choose another app).  Some wording might be different on different versions of Windows.  Select notepad and make sure you check “always use this app…”

infobox

Rename your other file test.vbs and do the same thing.  Once done, you can delete these two files.  If you ever want to change it back you simply select some .js and/or .vbs file, or make one and associate it with Windows Based Script Host from the screenshot above.

You are now a little safer.  As always, if you need help with this or any other issue please contact us and we can help.  Stay safe out there.

The best way not to get Windows 10

Since I’ve already posted about Windows 10, and whether or not to get it and how not to get it previously I’ll keep this short.

If you don’t wan’t to be nagged about Windows 10, don’t want your machine to download its 3+ GB, and don’t want Windows to update you without your permission I have the be-all-end-all solution.  This is from a developer that I trust, it is free, it is very lightweight (81k) so don’t blink or you will miss the download, easy to use, and allows you to shut Get Windows 10 down, or toggle it back on later if you decide to upgrade.

While you are at GRC.com you should take a look around as there is much great information, several useful freeware tools, and one great commercial product (Spinrite) there.

Disclaimer: I have nothing to gain from this recommendation, I really believe in GRC’s products.

GRC Never 10 Tool here

How NOT to get Windows 10

As Microsoft is aggressively pushing Windows 10, even updating machines without the users consent or knowledge, tools have been created to help disable the Windows 10 nag and prevent updates.  Microsoft has an officially sanctioned method of protecting your Windows 7 or Windows 8 (can’t imagine why you would want to keep that) installation.  This is not for the average user as it requires you to manually edit the registry and group policy but for those who are inclined or who know someone who is (Delta Digital Design could help) it will protect  you from forced updates and nagging about Windows 10.

Click here to go to Microsoft’s page.

For the rest of you there is a tool to automate this, but I link to it here with only anecdotal evidence that it works and with no claims as to the safety of this tool or the integrity it’s developer.

Click here for the simple tool download.

 

Windows 10 and Privacy

I was asked about this article (link below) on Windows spying.  I thought I’d post my response here as I’m sure there are many with this question.

It’s no secret that Windows, especially 10, is pretty chatty with Microsoft and is the last OS that the very privacy conscious would ever use. With that said, this article seems over the top and reads more like a commercial for that privacyDr software, which I am not familiar with and wouldn’t recommend at this point. Unless someone is willing to jump ship and move to some version of Linux/Unix I’d say: Stay on Windows 7, or even XP if you are fairly tech and security savy. If you must be on Windows 10 for some reason, then user Lifehacker or ZDnet’s guides to securing Windows 10.

Windows is spying on everything you do…

WindowsSpying

iPhone Hardware Security

A BBC article with the headline “iPhones ‘disabled’ if Apple detects third-party repairs” caught my eye and my first reaction was, “now they’ve gone too far”.  I’ve been an iPhone user since just before the 3GS.  I’ve cracked open iPhones for myself, and others, to replace batteries, cracked screens and even solder back on a home button back on a 3GS.  To me the idea of paying for a device that I’m not allowed to open is ridiculous. Then I read the article which stated that this was about the touchID sensor.  That makes sense to me.  Apple has gone to great lengths and put security first in their iPhone architecture.  We expect, and rightfully so, that these device makers do everything they can to protect the unprecedented amount of our important information stored in our phones.  An attacker with physical access to a device is a more serious threat to protect from.  While we know our iPhones are encrypted it seems Apple knows that their is a potential attack surface in the touchID module and has incorporated a safeguard to mitigate it.

Now, what the article doesn’t mention, and we could look to ifixit.com to answer, is if you can still open the phone, change a battery or a cracked screen without disturbing the touchID and causing this error.

I’ve thought about the idea of switching platforms a few times.  As a programmer I’d like to have the option of compiling and side-loading an app without having to buy a Mac or pay Apple.  The thing that has kept me loyal to the iPhone, besides the lack of apps for Windows phone, and the chaos of the Android platform, is Apples attention to security.

As usual I think the headline paints a picture of the sky falling when really it’s just a rainstorm.

With that said, keep making sure your OS, whatever it is, is up to date.  TechTimes had a story this morning about an iOS update with numerous security patches but my phone is still reporting it is up to date.

Deciding on Windows 10

It’s been six months since the consumer release of Windows 10. As of the 4th of this month Microsoft reports that it has been activated on 200 million devices. This is no surprise given their aggressive campaign to get people to upgrade. However, Windows 7 is still the most used computer operating system by far with over 55%. So, should you upgrade?

The short answer is, give it a try. If you are on Windows 7 or 8, upgrading to 10 is really a painless experience. There are numerous tutorials on how to do this so I won’t go into instructions here.  Unlike upgrading to previous versions of Windows, you can keep all your data, settings, and installed programs.  After upgrading two of my own machines I can say it really is that easy.  The thing that really makes this a no risk option is that you can roll back to your previous version of Windows within the first 30 days if you don’t like version 10.

For me personally, Windows 10 doesn’t really offer much in the way of improvements that I care about.  I’ve been using it for almost 6 months now and I’m moving my primary machine back to Windows 7.  As privacy and security is much more of a priority to me than cloud based inter-connectivity and integration which is one of the central aspects of Windows 10, 7 is a better fit.  Sure, it’s cool that Windows can be aware of my calendar and traffic and weather to be able to notify me that I should leave for an appointment early to be on time.  However I don’t feel that Microsoft has given Windows 10 users enough control over how the system can be configured.

The purpose of this post isn’t to go over all the pros and cons of this new operating system.  I just want everyone to know that it is truly easy to try it, and to undo that upgrade if you decide it’s not for you.

You don’t have to get viruses.

I just read an article about a local business that is a small computer repair shop.  I won’t link to it, as it’s not my intention to pick on anyone.  The author tells how the woman fixed her computer and reported finding “hundreds of viruses” and told her that “this was perfectly normal”.  The author concluded that she should expect this to happen and have to have her computer cleaned periodically “sort of like going to see your dentist for a cleaning”.

Even on highly infected machines, usually ones that teens and tweens have access to, finding hundreds of viruses is excessive.  More importantly, getting viruses doesn’t have to be normal at all.  It’s true that there is no 100% guarantee to preventing viruses, but there are steps you can take to make it extremely unlikely to get infected.  Running anti-virus software is at the bottom of the list.  My family’s main computer has never had a virus and the people who use it mostly (my wife, kids and guests), are not security savvy.  The only AV software I have on it is Microsoft’s Security Essentials which is usually rated poorly in comparisons.  I use it, or none on some of my machines, because it doesn’t noticeably impact my machine’s performance, and it’s all you need when mixed with security best practices.

I’m not going to go into every aspect of keeping secure in this post but just give a general idea to show that it is not necessary to accept viruses as part of life.  Some of the things you can address are: 1.  What type of user accounts are being used?  What permissions do users have?  Do they need them?  2.  Do I have a software firewall running on my machine?  3.  How is your web browser configured?  Do you have scripting enabled?  What about plugins like Java in the browser?  4.  Is your operating system up to date and patched?  What about your software products like Adobe Flash?  5.  Should you be using an extra layer of protection like Sandboxie or a Virtual Machine?  6.  Are you behind a NAT (network address translation) router?  Does that router have Universal Plug and Play enabled?  Did you change the default passwords on your router?  7.  Do you have good passwords for your computer and online accounts?

I could go on but the point is that we have powerful technology interwoven into our lives now.  We rely on them for our communications, businesses, storing our most important documents and pictures, and our finances.  Accepting intrusion by the bad guys should not be an option.  With viruses like the Zeus banking trojan and the Cryptolocker ransom-ware, the stakes are too high.  There is help for your digital security.