Monday, November 22, 2010

Secure that PC!

I really should change the title of this blog, as the title refers to computer security. Since buying a router and switching to Linux, I really haven't been that interested in the topic- my PC sits behind the router firewall and it's not vulnerable to Windows malware.
But today a couple of web pages caught my eye. The first was this page, a collection of anti-virus tests and and an attempt to collate the results. How useful the exercise is, is moot, but this test caught my eye. Partly because it's a review sponsored by Norton in which Norton comes out top (dubious) but mainly because it tests AV products on Windows XP SP2 with Internet Explorer 6 (even more dubious). That not even SP2 updated, that's SP2 as it was when it came out without any updates- by now as full of security vulnerabilities which can be levered to install malware as Swiss cheese is full of holes.
I would like to have seen the results obtained if the testers had used XP SP3 fully updated with IE8 or an alternative browser. My guess is that the system wouldn't have been infected even without any AV present, but that's not what Norton or any other AV company want you to hear.
Krebs on Security, the second page to catch my eye today, makes the point that it's often the non-Windows applications that are a security threat on Windows PCs:
A study released earlier this year found that the average Windows user has software from 22 vendors on her PC, and needs to install a new security update roughly every five days in order to use these programs safely.
Linux has the advantage here, because the popular Linux distros check most applications the user is likely to install on the computer to see if they are up to date; windows leaves third-party software unchecked- a nightmare until applications like Secunia came along.
(The main point of the article is that vulnerability counts don't mean anything by themselves- a very sensible point.)
The first line of defence on a Windows computer is ensuring that applications are kept up-to-date and secure, and , if necessary, avoiding applications with a poor security record, as Krebs has suggested in the past.
The second is probably ensuring users don't have admin rights, as Krebs has again suggested several times.
An AV is probably a good third line of defence. This is where those comparative tests come in. If the collation above has any merit, Panda, Avira, Avast! and AVG are the best free options.

No comments:

Post a Comment