Hi Kids. Its … that guy; during the holiday season there is much more malicious activity on the 'internets'. I've seen too many e-mails from friends warning about the coming Internet Armageddon. It gets tiring hearing the same mantra year after year 'There is a virus coming and we're all gonna die ...'
Fact: There are people in this world that are really good with computers and really shitty with ethics. They could be disgruntled city workers, bored kids or very real very dangerous crime syndicates.
Fact: You will never be 100% protected if you are connected to the internet.
Fact: Many folks do not follow simple guidelines to successfully protect themselves. Its not because they do not care, they have just never been educated.
Moving forward ...
Currently there is a '0-day' exploit for Internet Explorer that was made known last week and is actively being exploited. There is no patch for it, last week’s cumulative patch for Internet explorer doesn't cover this exploit.
There is also an XXS vulnerability for Facebook that is making the rounds. If you’re not familiar with XXS, that’s ok, Google will hook you up.
There are vulnerabilities all over the place, I could keep listing them but its pointless, the list would be antiquated before I wrote it.
Lets take a look at some simple guidelines, even I can follow these.
Don't click on stuff that you don't know, don't trust that the message you receive is really from your 'friend' especially if it seems completely out of character.
The easiest way to alleviate these little baddies are pretty simple...
•Run windows update all the time, it may seem like a pain in the ass; but, when was the last time you had to recover from a backup … what’s that you say … you don’t do backups. Well I hope you didn’t put your music/ wedding pictures/ important documents/ shit that’s important to you on your hard drive.
•Run Anti-virus and get in the habit of making sure that its actually updating. If you don’t know to do this empower yourself and learn how – if you don’t know you ‘betta ax somebody’
•Turn on the Windows firewall, leave it on, you dint need XYZ-vendors super anti-hacker-firewall-malicious-code-killer- thingy, windows has one, and it works.
•Be mindful of what your surfing to - Remember nothing comes for free. Nothing.
•Download and use an alternate browser like firefox - take advantage of add ones like "no script"
•Download adaware – and update it – and use it.
•Download spybot search and destroy – and update it – and use it.
More extreme steps,
•Buy a Mac (and I don't care what they say put some effing Anti-Virus software on it). Enable the firewall on it. – Don’t get a false sense of security or superiority; just know you’re better off.
•Consider running and alternate Operating system like Linux or Desktop BSD, run antivirus on it. – Again, don’t get a false sense of security or superiority; just know you’re better off.
Don't make your regular user account a local administrator. 95% of the things you do on your computer do not require you to be a local admin. 95%* Of the vulnerabilities you would come across require the account you're logged in as to be a local administrator to work.
More to come …
#!/usr/bin/me
*total guesstimate.
Posts
