By Peter Daley

In my opinion, the Windows operating system is now owned by the bad guys. They're sitting back laughing at the pathetic attempts of the average computer user to secure their Windows computers.

Recently a hacker group was reportedly caught in control of an estimated 1.2 million computers, mostly home or small business computers. This is just one gang. For this to happen, there must be something drastically wrong with Windows security. Is it that Windows security is simply overwhelmed, or does it need a drastic rethink and redesign? OK, you could point the blame at the large number of inexperienced computer users, but if they can't even visit web sites in safety, what chance do they have.

I am in this business, and I mainly work on Windows machines and I have seen it's security situation deteriorate. Recently, I found three computers, newly purchased, with a virus infection already on them. I re-installed another computer's operating system, using it's recovery disk, only to find the computer had a virus installed by the recovery disk. So what chance does the average joe have if they can't even be guaranteed a clean computer at purchase? These infections were caused by third party programs that had been bundled with the Windows operating system to value add the computer. I am constantly working on Windows computers and it is very rare these days to find one totally clean.

I have been recommending to clients and Sunshine Coast Computer Club Inc. members, who are Windows users, to install at least two virus checkers, two spy ware removal tools, two RootKit Checkers and a good firewall program, plus make sure they get regular updates. This may give them a fighting chance at keeping their system secure! Why? because no single virus checker, spy ware tool, or rootkit checker is not sufficient any more, to detect the avalanche of malicious content presently attacking the Windows operating system.

This is simply put, a ridiculous situation!

(I personally us the Linux Operating System, which is at present, virtually virus free in comparison to Windows. Apple/Macs computers are also far more secure.)

As I see it, Windows users have four options.

1. Only use a Linux, Apple/mac based computer for the Internet. Use your Windows computer for other tasks. Don't connect it to the net.

2. Stop using Windows and use a Linux or an Apple/Mac computer.

3. If you insist on using Windows on the Internet, install the recommended free software, or something similar, which I will suggest in future blogs, and keep it all up to date, and scan the computer regularly. (Read further for the first suggested program.)

4. Do not keep passwords, confidential, commercial, or private information stored in an Internet connected Windows computer!

This security situation is a major issue.

It is a big waste of your personal and business time and money.

It places at risk your confidential, personal and business information.

It places at risk your financial transactions.

It also presents serious issues about national security. Imagine the national chaos caused by 1.2 million computers being shut down at once!

We should all collectively start demanding greatly improved security rather than accepting the present situation as part of owning a computer.

As an exercise, download and install Clamwin, a free opensource antivirus program on to your Windows Computer to use as your second antivirus program. It will be used to cover the back of the other antivirus program, by checking that it hasn't missed anything.

http://www.clamwin.com

Once you have downloaded and installed Clamwin, it will create a rifle sight Icon in the system tray. (The system tray is the line of icons that appear at the bottom right corner of the task bar on your opening Windows screen.) Double click it to open it, if Clamwin asks to update the first time it opens, let it.

A. In the open Clamwin program window, left click the "Preference" button. This is the first button top left of the Clamwin window. Make sure the 'report only' item is selected.

(NOTE: This is important when running a second virus checker on a system. Why? So is to prevent the possibility, (in this case Calmwin), from deleting or removing the other virus checkers virus database. If it were to delete this file, the main virus program will not be able to detect viruses.)

B. Now go to the "Advance" tab, and make sure all the four boxes here are ticked.

C. If your present virus checker scans incoming emails, you will also need to go the "Email Scanning" tab, in Clamwin and untick the email scanning items. This is so it doesn't clash with your other virus checker trying to scan incoming emails.

D. When connected to the Internet, click the update button. After the update is finished, highlight your local disk C drive from the drive list in the main window, and click the "Scan Selected Files for Viruses", button. The furthest button to the right in the button bar.

On some computers this scan could take 8 hours or more, so do this when you can leave Clamwin to do it's job. Now you can get on an with those jobs around the house you been putting off . You spouse will be happy.

It is very likely that a large number of you will find viruses that your other virus checker missed. Be careful because if it says it found a virus at the other virus checkers address in the file system it is most likely a false positive. It has just detected the other virus checkers virus data base as a virus.

© 2008 Peter Daley

By Peter Daley

Hackers have sophisticated tools that are freely available on the Internet that can break simple passwords, like your cats name, 1234, or anything simple, in approximately 10 minutes. So all of you need to re-think how you create passwords. All your systems that use password access need to have a good complicated password.

I can hear all of you greenhorns out there moaning and saying “my simple password is so easy to remember, and I use it for everything. This makes my life so much simpler.” Well the hackers are laughing at you, because it makes their life so much simpler too!

Yes, I know there are computer programs that claim to safely sort all your passwords on your computer for easy access, but truthfully, you can’t rely on them not to be hacked. The hackers see them as a little honey pot of all your passwords, with every thing in one place. It just saves them a lot of work. Never store password information on your computer, and change passwords regularly.

It is very important that you create complex passwords for everything, banking, Internet accounts, Broadband/wireless Modem, and Internet Game site access, etc., that contain some upper case letters, numbers, and where possible, characters like #, &, or similar. Unfortunately, some password creation systems will not allow you to use characters like #, &, or similar, in the password. If they don’t, then use a complicated mixture of upper case, and lower case letters and numbers.

It should be at least 12 characters long. Why? Because hacker’s have sophisticated password cracking tools, that can break the average dictionary word based password, with a few numbers thrown in, in a few minutes! The longer the complicated password, the harder it is to crack.

I know some people who have changed banks simply because the bank web site wouldn’t allow them to create a complex password using characters like #,>, &, etc. For those of you scratching your head right now thinking how am I going to create all these super passwords, here is a free tool you can use. It is an Ultra High Security Passwords Generator, kindly provided by Steve Gibson of Gibson Research Corporation.

https://www.grc.com/passwords.htm

Use the second row, the 63 random printable ASCII characters row for general password creation. For those of your ready to panic, you don’t need to use all 63 characters for each password just 12 or more characters, randomly selected from those shown. (For those of you using Linux, use this tool to create a really good admin root password.)

If this bit stressed you, read this Free Book on Stress Management.

The facts are that most computer users are way out classed. The crime gangs are employing some of the best computer minds in the world, and paying them good money to create more ingenious and sophisticated hacks. So everyone using a computer needs to get their act together, and stop thinking that your computer is a communication and entertainment tool, and realize that it is continually under sophisticated attack, and you need to raise your understanding of computer security, and defend yourself.

I am constantly hearing of personal bank accounts being pilfered. In some cases the banks have refused to reimburse the amount lost. The American stats for 2007 were 3.83 million Americans lost an average US$1500 each from their bank accounts through bank pilfering. Now that all adds up to a lot of money!

A month ago the criminal Internet economy was estimated to be making $150 billion dollars annually worldwide. It is now making more money than the north American drug trade. So they have a lot of money to re-invest in research and development.

It is not much use going to all the trouble of creating wonderful complicated passwords if your computer is already hacked. Because hackers will have it as soon as you type it. (The statistic show 25% or more of you reading this articles are hacked already.) So get yourself up to speed, and read my previous blogs that outline how to secure your system, and keep it safe, plus use the suggested tools to check to make sure your system is clean.

© 2008 Peter Daley

By Peter Daley

The Windows virus situation has gone from bad to the ridiculously bad. I am telling you how it is, and not what the industry would like you believe it is. They’re not in control, the bad guys are!

Just look at this virus total site and you will get a good clear picture of what most Windows users, and our Windows IT infrastructure is up against.

This site assesses the effectiveness of the major Windows virus checkers. Firstly click on the “More Information” link, and then scroll down the page. Here you will see a list of virus checkers they are using for testing virus discovery rates. Most of the major Windows virus checkers, free and commercial, are listed.

Now click on the “Statistics” link at Virus Total and look at the first of two pie graphs. The first one shows the number of suspicious files sent to them for virus testing in the last 24 hours. Yes, that’s correct, this snap shot is only for 24 hours. The blue part are files that were not virus infected, the red part are files that in the last 24 hours were found to be virus infected. Large numbers wouldn’t you say! Well, now go down to the second pie graph and check out the success rate of all those virus checkers you saw in the list, at finding virus infected files. OK, the new malicious files here will eventually be added to the viruses discovery data bases of the listed virus checkers. This may take a day or even weeks.

Pretty shocking situation! Statistically, at best Windows virus checkers are only finding 37% of the viruses. So if you are confidently using the virus checker you paid $50 to $100 or more for, it ain’t going to find all the viruses! OK, the salesman told you that it’s all you needed to protect your Windows Computer. Well it is not, and far from it. It doesn’t matter whether it is a free, or commercial virus checker, they’re all in the same boat, which as far as I can see is sinking in a tidal wave of malware.

How clear can I make it, no single virus checker is finding all the Windows viruses.

So as I pointed out in this blog I wrote 15 months ago, you need more that one virus checker in Windows to have any chance of finding all the viruses. Back then, I was suggesting Windows users use at lease two checkers. This year I am suggesting using three.

Here are my free virus checker suggestions for non commercial use. You need to use multiple virus checkers with caution, because one virus checker can find the others virus detection data base, and think that it has found a virus and remove it. This would then disable the virus checker.

Generally, in most circumstances, these virus checkers will work together. If you already have a virus checker installed, and are happy with it, try installing one of these and see if they will work together without clashing.

AVG Free (Use this as your main auto scanning / email scanning virus checker)

Avira Free can be used instead of AVG for those who find AVG clashes with something on their computer.

Both AVG and Avira offer paid versions which provide more protection features.

Clamwin, make sure you read the bottom part of my previous blog here, on how to set up and use Clamwin as a secondary virus checker. Us this as a guide on getting multiple anti-virus programs working together.

Comodo Internet Security suite.

(NOTE 1: Comodo Internet Security is also a firewall, so if you don’t want to use the firewall feature, just download the Comodo Anti-virus program separately.)

(NOTE 2: It is important to turn of Comodo’s Anti-virus background scanning off if it is not going to be your main virus checker. You click on the Comdo Icon an then the “Antivirus tab / Scanner Settings” and drag the  “Real Time  Scanning” to the “Disable” position. )

If you have multiple anti-virus programs all with their real time scanning features turned on at the same time, it will slow down your computer. So only have one program with their real time / background scanning feature turned on at any one time!

Read my blog here on Firewalls.

This will provide you with three virus checkers which will work together. Collectively, their combination will be far more effective than any single Windows virus checker. They should be updated, and run through your Windows computer regularly.

You are also faced with the fact that a lot of modern virus checkers are now flagging more files as viruses incorrectly. Flagging a file as a virus incorrectly is called a false positive. In my opinion, anti-virus vendors are panicking. Most of them now know that they have no chance with their present Windows technologies, of detecting anywhere near all the malware! Ironically, the hackers are submitting their creations to the Virus Total testing site, to see if their code will be detected as a virus. Now that is innovation for you!

What a ridiculous situation,. You will be spending a part of a day or so, every week, just updating and scanning with your virus checkers, to make sure your Windows OS is clean! Well all I can say is good luck, you’re going to need it Watch out for those false positives. A lot of our club members now use Linux for the Internet, and use Windows for other things. (If you use Linux for the Internet make sure you have created a good root password, and have the firewall installed and set up securely, plus constantly install all the latest distros updates, and patches.)

The Chinese are smart, they have created their own secure operating system “Kylin” for their critical infrastructure computers. It is based on Linux / BSD. The Russians, Chinese and the criminal gangs are just laughing at our inability to protect our private and commercial IT infrastructure.

© Peter Daley, 2009

By Peter Daley

Lets look at the facts.

Virus checkers are at best, only finding 37% of the latest threats.

From the statistics of on line virus scanners, it’s generally agreed that 25% of all computers have malicious content on them, (some would argue the true figure is as high as 70%!)

This means hundreds of millions of computer users have their finances at risk. The vast majority of these infected computers are using Windows. Windows has a 95% market share. Therefore hackers aim their exploits mainly at Windows users.

Here is a Solution.

Use a Live CD disk. This bypasses all the Windows keyboard loggers, trojans, viruses, spy-ware and rootkit exploits, that may presently be on your computer. I know of no other system that does that.  There are huge advantages in doing this. As you can run an entire clean operating system from a CD, you can start your computer from it, and get on the internet with a lot more safety because:

1. If your normal operating system has been infected with keyboard loggers, trojans, viruses, spy-ware, rootkits, or bootkits, these will be inactive, because the CD loads a complete clean and separate OS (Operating System), each time you use it. The operating system is completely separated from your normal OS etc., Windows, Linux or Apple.

2. The CD can’t be written to, so no keyboard loggers, trojans, viruses. spy-ware, rootkits, and bootkits can be recorded on the disk, hidden, then activated from the CD later. When it pops out, and you pop it back in the next time to use it, you know it is totally clean!

3. The Mandriva Live CD has a good firewall. This helps prevent intruders breaking in, and installing malicious programs.

4. You can use it for safer Internet banking, financial transactions, changing your online passwords, or as a safe system when your are travelling. (You can’t assume other people’s computers, or those in Internet kiosks are clean.)

5. You can also put visiting friends and relatives on the Internet, using the Live disk, and know that when they’re finished using the computer, you can restart, and it is totally clean.

Of course once you master using the Live CD, in a Live CD session, you should change your important passwords. The reason is that hackers may already have stolen this information, by hacking your Windows computer. Using the Live CD does not change your computer in any way. You can go back to using Windows, and it is exactly as it was before you used the Live CD.

Most of the present exploits are designed to install trojans, viruses, spyware and rootkits, on the hard drive of mainly Windows computers. This is so they can control the computer, and steal passwords, credit card numbers, personal information, and banking information etc. The Live CD system bypasses all this, and in my opinion, if used wisely, can give a great deal of extra security.

Ok, the Live CD can’t be updated with a patch. This is one of it’s great strengths, because it can’t be recorded on to, so no malicious content can be recorded on it. (Lots of these Windows machines are fully patched, and still infected. Patching doesn’t mean the machine is clean. If you already have malicious content on your computer, patching does nothing. When a hacker finds a vulnerability, he doesn’t tell the world, he keeps it hidden, so he can exploit it. Patches only fix those vulnerabilities, the honest computer experts discover.) Live CDs are regularly updated to new versions, with all the latest updates and patches. They are available as a free download, or can be purchased for a small fee as a CD. The Live CD updated versions are generally available every 3, 6, or 12 months, depending on the version. There are differences in security between different versions, so you must do security checks before using any.

There are no perfect systems, I give no warranties on the use of this system. You use it at your own risk. The computer security situation is such, that new unknown hack techniques, and systems, are being developed constantly. No one can honestly give a guarantee that any system is totally safe. This is the safest system I can think of at present.

(c) 2008 Peter Daley