I’ve preached my security sermon over and over. Now, here is a bank (yes, a bank) telling people to use an Ubuntu Live CD for their banking.

Jay McLaughlin, CIO of CNL Bank: Accessing online banking from your everyday PC is just asking for trouble, he says.

Your everyday pc? Yes – that means chances are good that if you use your everyday computer for banking, then you are asking for trouble. Why? There is above a 50% chance that your Windows pc (XP, Vista, or 7) is infected with malware.

According ot McLaughlin, unless your bank uses “out of band” authentication for transactions, and to quote him: “I would not do online banking at all. Or if I had to I would use a sandboxed browser. I would boot up a mini Linux system from a USB stick.

What is an Ubuntu Live CD? It is a full Linux operating system that will run your computer without harming or changing the installed contents.

Why does it make you safer? Since the operating system runs strictly from the CD, once you restart your computer, anything you have done with it will “disappear” with your RAM.

You download an ISO file and convert it a CD using one many free CD burning applications. You set your computer to boot from CD first in the BIOS. Put the CD in your drive and boot up.

Or – you could just buy a Mac.

Well this might be considered “encouraging” if it weren’t so discouraging. According to a report, 48% of over 22 million computers scanned were infected with malware used in phishing scams and password stealing apps.

I’ve preached this over and over – your anti-virus is only 1 layer of security. Don’t be lulled into a false sense. You have to stay vigilant and aware of layered security. The first layer is always common sense. Preventing 99% of phishing schemes is easy – read how here.

The main point is that you need to be aware of security even if you are just a casual computer user. I get on my technology soap box all of the time and try to preach about “prevention” since there is not a “cure all” solution except staying off the ‘net – and we can’t do that now can we?

Ok..ok. The title of this post doesn’t mean that I sit around watching porn. Without getting too risque, let’s just say that I’m much more into the real thing and leave it at that.

However, the porn industry on the ‘net does help keep me in business. As I’ve tweeted about recently, I had a lot of computer repairs this week – about 20 or so. Here are the rough stats:

• All but one were for “slow downs and pop-ups” or “can’t get on internet very well”.
• 1/2 were Vista and 1/2 were XP – all were infected.
• 1/2 had Norton installed and updated – all of those were infected. The rest had McAfee, Trend, or AVG – all infected.
• About 1/3 of them had porn pics and videos in the cache or p2p download directories.

Nothing is free people. The “free” porn video that you just looked at – and prompted you to download a player or codec? It just infected your computer and turned you into a zombie spewing fake Viagra spam in the background and consuming your bandwidth (internet connection). That’s the best case.

The worst case? It installed a keystroke logger to record your email and bank account logins. Oops – didn’t think about that, did you?

Think Norton or your favorite anti-virus is going to save you? Nope. Just read about it here.

It’s not just the “teenagers” doing it either – pardon the expression. I encounter this across all age groups, ethnicities, and political persuasions. Look – if you insist on looking at porn, go rent a video. It’s a lot safer and less expensive – or just keep using your computer for porn and help keep me in business.

Last week was fun in the IT (information technology) world. Not because of any real damage by conficker – but because of the absolute media over-hype of something they don’t have a clue about. I had a couple of customers call me – and the conversations were short: “Rex, do we need to worry?” – “No Bob you don’t.” – “Ok – thanks Rex.”

absolute media over-hype of something they don’t have a clue about.

None of my normal customers were affected by Conficker – and I have over 500 clients. Why?  Mainly because they follow my Simple Rules for Computing. That means you do the following:

1. You have a good backup of your data files (my docs, etc)
2. Behind a NAT router
3. Use OpenDNS on your network
4. Follow common-sense and don’t open every email attachment sent
5. Don’t install software that you don’t absolutely trust
6. Keep your computer patched (see links below)
7. Lastly – run anti-virus such as AVG

Notice I put anti-virus last on the list? That’s because anti-virus programs don’t stop the majority of complex viruses, trojans, and worms these days. Your anti-virus today is much like an alarm system – it warns you once something is already on your system. Think about it this way – if the anti-virus programs really were that good – we wouldn’t need to worry about anything right?

Here are the bullet points about Conficker:

• If you are running Auto-Updates on your computer – you were patched in October 2007 and have nothing to worry about.
• If you are behind a NAT router (Linksys, DLink, Netgear, etc), then you can only get the worm through attachment, malicious website, or possibly a USB drive.
• Conficker has infected quite a few machines in the US.
• It is a very complex worm and is designed to change itself frequently.
• If you are infected, Microsoft has a removal tool – but I recommend the usual backup, wipe your machine, reinstall Windows so that you can trust your machine again.

——————–
What was the deal about April 1st?
——————–

There was code in the worm that indicated it would do something on April 1st. Nobody knows for sure yet, but many guess that it would download another set of instructions. That’s it.

If you weren’t already infected, you had nothing to worry about. Period.

——————
Helpful Links
——————

Vista Updates
http://www.microsoft.com/windows/downloads/windowsupdate/learn/windowsvista.mspx

XP Updates
http://www.microsoft.com/windows/downloads/windowsupdate/learn/windowsxp.mspx

Happy New Year to everyone! Unfortunately, my first post of the new year is not a positive one.

For example, malware programs now infect computers and then routinely use their own antivirus capabilities to not only disable antivirus software but also remove competing malware programs.

source:
http://www.infopackets.com/news/security/2008/20081216_internet_security_is_losing_the_online_war.htm

Ok – I’ve been preaching for a long time that your anti virus program is one of the last lines of defense on your computer. Anti-virus programs are like an alarm system on your house – and an alarm system tells you when an intruder is already there. This is typically too late.

Once Pandora’s Box has been opened, it is nearly impossible to get her back in the box. Once your computer has been compromised, that is it. You simply cannot trust it any longer. As I’ve recommended over and over, the only way to fully trust a computer is to make sure you have a good backup of your data, wipe the machine, and reinstall from scratch.

Research compiled by PandaLabs suggests that a staggering number of infected computers, as many as 10 million, are being used to distribute spam and malware over the Internet each day.

source: http://www.nytimes.com/2008/12/06/technology/internet/06security.html?em

That’s right – the bad guys don’t have to have a warehouse of computers to spit out fake-viagra ads. They just use your computer – and your neighbors.

Microsoft researchers were amazed to find out that a lot of malware will make sure that the security update features of Windows are turned on – in an effort to stop other competing malware from getting installed! This is a real war being raged.

Microsoft has been releasing it’s Malicious Software Removal Tool for sometime in an effort to combat some of this. However, the truth is that the MSRT is about as effective as anti-virus software – it’s more of a marketing gimmick than anything.

Once a machine has been compromised – you can’t trust it unless it gets wiped clean.

=========
What do you do?
=========

It’s really pretty simple. You have to think of security on your computer in layers. The first and most important layer is common sense – be careful of what you do.

Most people think of their computers like a television set – but it’s not. Your computer is connected to hundreds of millions of other devices as soon as it is turned on if you have a cable or DSL connection. Remember that not everyone in the world has good intentions.

Here is my quick review of how to stay safe:

• Be wary of all emails – use common sense.
• Make sure you have a NAT router.
• Run Firefox – never use Internet Explorer again.
• Use OpenDNS to help protect your network.
• Be wary of phishing schemes.
• Use strong passwords.

Read and review the following posts. The vast majority of my clients DO NOT get re-infected or even infected in the first place. That’s because I preach these things to everyone.

Why did I get infected in the first place?
http://www.smartergeek.com/blog/2008/07/why-did-i-get-infected-in-first-place.asp

Layered Security Basics
http://www.smartergeek.com/blog/2008/03/layered-security-basics.asp

Simple Rules for Your Computing
http://www.smartergeek.com/blog/2008/01/simple-rules-for-your-computing.asp

PayPal Phising Email
http://www.smartergeek.com/blog/2008/11/paypal-phising-email.asp

The Importance of Backups
http://www.smartergeek.com/blog/2008/07/importance-of-backups.asp

References (if you don’t believe me):

Thieves Winning Online War, Maybe Even in Your Computer
http://www.nytimes.com/2008/12/06/technology/internet/06security.html?em

Internet Security Is Losing The Online War
http://www.infopackets.com/news/security/2008/20081216_internet_security_is_losing_the_online_war.htm

Microsoft kicks fake security software off 400,000 PCs
http://www.computerworld.com/action/article.do?command=viewarticlebasic&articleid=9124346&intsrc=hm_list

McAfee Avert Labs Blog
http://www.avertlabs.com/research/blog/index.php/2008/11/

When it rains it pours. This post follows-up to this one.

Getting Rid of Antivirus 2009 – Antivirus 2008
http://www.smartergeek.com/blog/2008/12/antivirus-2009-is-actually-spyware-or.asp

——————
From Email
——————

im so aggravated at this thing all i do is check my yahoo mail and talk to my niece on yahoo messenger

———————-

My Response
———————-

As I told you yesterday via email and on the phone, I will be glad to help you fix it. I realize that you just want to check your email; however, when other people use the computer, typically they will do more than just check email. If something unintentional happens, then your email checking suffers the consequences.

We can put some systems in place to help prevent this sort of thing from happening in the future. However, I can’t change the behavior of the people using the computer – except to warn you of the consequences.

Myspace.com itself is not evil (in a tech sense). It has great social networking value. What happens though is that malicious content gets inadvertently posted on someone’s profile page.

People (teenagers and adults) add anything and everything that looks silly to their profile pages, and then Myspace users just click at any “jumping monkey” on the screen. That’s where the problem lies – in the behavior of users.

*85% of Myspace users are 18 yrs or older.

source: http://www.web-strategist.com/blog/2008/01/09/social-network-stats-facebook-myspace-reunion-jan-2008/

Fortunately for me, that sort of behavior keeps me in business even though I am an evangelist for responsible behavior. As people screw up their computers, I get paid to fix them and warn them.

Please review the following links:

Why did I get infected in the first place?
http://www.smartergeek.com/blog/2008/07/why-did-i-get-infected-in-first-place.asp

Layered Security Basics
http://www.smartergeek.com/blog/2008/03/layered-security-basics.asp

————————–
From an Email:

i have a question to ask you , my computer keep popping up anti-virus 2009 and saying i have two virus trying to get in but i’ve checked everything and and run  every update and they all say i’m protected but that anti-virus 2009 want quit popping up so what do i do please help
—————————

Antivirus 2009 is actually spyware (or malware) running on your computer. It is not a “virus” really, but rather tries to get you to purchase the premium version. It’s a scam. It will tell you that your computer is infected whether it’s true or not. Of course, it doesn’t protect you from anything.

If you click on it, it will typically try to redirect you to antivirus-premium.com, webscannertools.com or one of several other websites that are fradulent and malicious. Many of these sites have exploitative code that is capable of doing more harm to your system, especially if you use Internet Explorer.

Antivirus 2009 gets on your system the same way that it’s previous versions did – Antivirus 2008, System Antivirus 2008, Ultimate Antivirus 2008, XP Antivirus 2008, etc. They arrive via trojans such as Zlob or Vundo, which typically come in through bad video codecs or other installed software that was not safe.

Important: DO NOT INSTALL any software that you don’t absolutely trust. If in doubt, contact me.

———-
How to Get Rid of It
———-

You have to be careful when using software to get rid of malware. Many times software that advertises itself as helpful is really spyware also!

Download the following programs:

(1) CleanUp by Steven Gould
http://www.stevengould.org/index.php?option=com_content&task=view&id=29&Itemid=72

Install and run it to remove all temp files.

(2) Next, download and install MBAM

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

1. Download, install it and update it.
2. Then run the quick scan – this can take some time.
3. When the scan is complete, clock OK to close the message box.
4. At the main screen, click “Show Results”.
5. Then click “Remove Selected”.
6. Close the log and restart your computer.

 

 

  

 When you are finished with the scan and have removed the files, restart your computer. Make sure you are running the latest version of AVG with updates installed. I’d suggest running a full system scan.

UPDATE:
This saga continues here: http://www.smartergeek.com/blog/2008/12/myspace-and-antivirus-2009.asp