I’ve preached my security sermon over and over. Now, here is a bank (yes, a bank) telling people to use an Ubuntu Live CD for their banking.

Jay McLaughlin, CIO of CNL Bank: Accessing online banking from your everyday PC is just asking for trouble, he says.

Your everyday pc? Yes – that means chances are good that if you use your everyday computer for banking, then you are asking for trouble. Why? There is above a 50% chance that your Windows pc (XP, Vista, or 7) is infected with malware.

According ot McLaughlin, unless your bank uses “out of band” authentication for transactions, and to quote him: “I would not do online banking at all. Or if I had to I would use a sandboxed browser. I would boot up a mini Linux system from a USB stick.

What is an Ubuntu Live CD? It is a full Linux operating system that will run your computer without harming or changing the installed contents.

Why does it make you safer? Since the operating system runs strictly from the CD, once you restart your computer, anything you have done with it will “disappear” with your RAM.

You download an ISO file and convert it a CD using one many free CD burning applications. You set your computer to boot from CD first in the BIOS. Put the CD in your drive and boot up.

Or – you could just buy a Mac.

Well this might be considered “encouraging” if it weren’t so discouraging. According to a report, 48% of over 22 million computers scanned were infected with malware used in phishing scams and password stealing apps.

I’ve preached this over and over – your anti-virus is only 1 layer of security. Don’t be lulled into a false sense. You have to stay vigilant and aware of layered security. The first layer is always common sense. Preventing 99% of phishing schemes is easy – read how here.

The main point is that you need to be aware of security even if you are just a casual computer user. I get on my technology soap box all of the time and try to preach about “prevention” since there is not a “cure all” solution except staying off the ‘net – and we can’t do that now can we?

One of my New Year’s resolutions is to put more focus into my website and start blogging more consistently. Sometimes I get so wrapped up in working on computers, networks, and websites that I forget to step back and take a break. One of the things I enjoy is sharing information and writing, which is a way of taking a break for me.

I have seen no slowdown in the number of infected Windows computers that I work on each month. In my opinion and experience Vista is no more secure and the jury is out on Windows 7. I have 6 out of 21 computers in my office that have Vista with Norton Internet Securities installed – and they are horribly infected.

If you will follow the next simple pieces of advice, you won’t have to call and pay me to clean your computer.

So why do you get infected?

I blogged about this a few years ago with “Why do I get infected in the first place” and “Layered Security Basics“. The same thing still applies.

If your computer gets infected, then you asked for it.

There is no one solution that will keep you safe. Norton, TrendMicro, even the free ones I recommend such as AVG and Avast will only detect less than 50% of the bad stuff out there. I don’t care what their marketing says – and notice that I said “detect”…not “prevent”. How do I know? Well I’m pulling the percentage out of my hat – but it is based on the real-world evidence that I say day in and day out.

Once infected, all bets are off then. You simply can’t trust your computer. Many of the malware out there today will install a “root kit” which hides from the operating system and thus from everything else. Yes, there are root kit detectors, but removing them is a whole different ball game.

Rex’s Security Rules

(1) You are only as good as your last successful backup from which you can recover.

Backup your important files (pics, docs, spreadsheets, quickbooks files, local email). In the event of a disaster, this is your most important step. You can always wipe your computer and start from scratch, but you data is the key. Use software such as Microsoft Sync Toy or simply drag and drop to a USB drive. Burn to a CD or DVD – anything but make sure you backup and backup often.

(2) Make sure you are behind a NAT router.

If you are on a cable modem (SuddenLink, Comcast, etc), then you need to purchase an inexpensive home router from WalMart, BestBuy, or OfficeDepot. I recommend the Linksys brand and specifically recommend the Linksys WRT54GL – you can’t buy it locally. If you have AT&T’s DSL service then your modem is also a router so you don’t necessarily need one.

Just because you use a Mac doesn’t mean you are safe without a router either. I work on Macs too.

This one single piece of hardware is your first main security layer. period.

(3) STOP using Internet Explorer – use FireFox or Chrome.

Internet Explorer (the blue E icon) is still full of security holes and is deeply tied into the Windows operating system. Switch to FireFox along with 30% of the rest of us. While FireFox won’t stop viruses, you will drastically reduce your attack surface.

Just because Microsoft says Internet Explorer is safe doesn’t mean it’s so. After all, MS claimed that Windows 2000, XP, Vista, and 7 are safe – and we all know how that has turned out.

(4) Stop opening every email attachment sent to you. Just stop.

No matter what safety measures you put in place, if you open the front door for the intruder he will walk right on in. Just because your best friend for 20 years forwarded you a joke video that has been forwarded through 50,000 people, does not mean it is safe. Just because your best friend opens attachments on their computer doesn’t mean they are safe. There is a 70% chance your friends computer is infected – they just don’t realize it yet.

What attachments are safe? Only those that you trust. Generally jpg pictures are safe. Legitimate links to youtube videos are safe. Powerpoint shows, Word docs, untrusted WMV files, etc, are not.

(5) Don’t visit sites you don’t trust.

If you insist on clicking on every link to every site, then you are asking for trouble. See rule #1.

MySpace falls into this category too. Why? Because often people “pimp their profile” to include 3rd party ad scripts. Sometimes these scripts send malicious code that will exploit Internet Explorer – known as a drive by exploit. You get infected from moron’s blinged up profile.

How do you fix an infection?

Simply put – you don’t. I back up your data, wipe your computer (format, etc), reinstall your operating system and software, and put your data back on.

Happy New Year to everyone! Unfortunately, my first post of the new year is not a positive one.

For example, malware programs now infect computers and then routinely use their own antivirus capabilities to not only disable antivirus software but also remove competing malware programs.

source:
http://www.infopackets.com/news/security/2008/20081216_internet_security_is_losing_the_online_war.htm

Ok – I’ve been preaching for a long time that your anti virus program is one of the last lines of defense on your computer. Anti-virus programs are like an alarm system on your house – and an alarm system tells you when an intruder is already there. This is typically too late.

Once Pandora’s Box has been opened, it is nearly impossible to get her back in the box. Once your computer has been compromised, that is it. You simply cannot trust it any longer. As I’ve recommended over and over, the only way to fully trust a computer is to make sure you have a good backup of your data, wipe the machine, and reinstall from scratch.

Research compiled by PandaLabs suggests that a staggering number of infected computers, as many as 10 million, are being used to distribute spam and malware over the Internet each day.

source: http://www.nytimes.com/2008/12/06/technology/internet/06security.html?em

That’s right – the bad guys don’t have to have a warehouse of computers to spit out fake-viagra ads. They just use your computer – and your neighbors.

Microsoft researchers were amazed to find out that a lot of malware will make sure that the security update features of Windows are turned on – in an effort to stop other competing malware from getting installed! This is a real war being raged.

Microsoft has been releasing it’s Malicious Software Removal Tool for sometime in an effort to combat some of this. However, the truth is that the MSRT is about as effective as anti-virus software – it’s more of a marketing gimmick than anything.

Once a machine has been compromised – you can’t trust it unless it gets wiped clean.

=========
What do you do?
=========

It’s really pretty simple. You have to think of security on your computer in layers. The first and most important layer is common sense – be careful of what you do.

Most people think of their computers like a television set – but it’s not. Your computer is connected to hundreds of millions of other devices as soon as it is turned on if you have a cable or DSL connection. Remember that not everyone in the world has good intentions.

Here is my quick review of how to stay safe:

• Be wary of all emails – use common sense.
• Make sure you have a NAT router.
• Run Firefox – never use Internet Explorer again.
• Use OpenDNS to help protect your network.
• Be wary of phishing schemes.
• Use strong passwords.

Read and review the following posts. The vast majority of my clients DO NOT get re-infected or even infected in the first place. That’s because I preach these things to everyone.

Why did I get infected in the first place?
http://www.smartergeek.com/blog/2008/07/why-did-i-get-infected-in-first-place.asp

Layered Security Basics
http://www.smartergeek.com/blog/2008/03/layered-security-basics.asp

Simple Rules for Your Computing
http://www.smartergeek.com/blog/2008/01/simple-rules-for-your-computing.asp

PayPal Phising Email
http://www.smartergeek.com/blog/2008/11/paypal-phising-email.asp

The Importance of Backups
http://www.smartergeek.com/blog/2008/07/importance-of-backups.asp

References (if you don’t believe me):

Thieves Winning Online War, Maybe Even in Your Computer
http://www.nytimes.com/2008/12/06/technology/internet/06security.html?em

Internet Security Is Losing The Online War
http://www.infopackets.com/news/security/2008/20081216_internet_security_is_losing_the_online_war.htm

Microsoft kicks fake security software off 400,000 PCs
http://www.computerworld.com/action/article.do?command=viewarticlebasic&articleid=9124346&intsrc=hm_list

McAfee Avert Labs Blog
http://www.avertlabs.com/research/blog/index.php/2008/11/