Thread: Protecting a PC - time for an update from the wise heads?

Brett, it helps to use a Mac

For some years now I have also used Bitdefender. They have generally ranked among the top antivirus apps available.

Regards from Perth

Derek

Originally Posted by FenceFurniture

Given the ever-changing plethora of assaults on a PC, I'm wondering if some of those who know best might be able to enlighten those of us who know significantly less.

Malwarebytes still seems to be the choice for getting rid of malware, but what should we be using for all the other threats. Is Windows Defender enough?
There's a bewildering array of companies bidding for my attention and money.

What to do about the current Cyber attack, or is that just a concern for Govts and larger businesses?

I haven't used a third party virus checker for years and rely on Defender and I also have never had problems caused by virus attacks but I do take precautions with what I have on the computer drives. No files are kept on the C Drive, GMAIL is used and external drives are physically unplugged if not in use. That leaves the NAS which is backed up elsewhere and the back up not mounted to my computer/network.

As far as I am concerned if someone decided to have a go and infected or locked my computer they can go ahead and do it but in reality I think the chances are very low and I have never thought much about it. My thinking with back ups is to prevent drive mechanical problems destroying data and has nothing to do with external threats via software. NCArcher tells an interesting story of an attempted network hijack that happened at his work place.

My son works in IT security so he deliberately penetration tests systems and computers and sees a lot of hacked computers/systems.
I chew the fat with him on the latest goings on just about every weekend.

He says he the main issues for users are
- keeping their OS updated to the latest versions.
- using secure passwords and changed them regularly
- never using the same password more that once
- regularly backing up and keep a backup copy off site.
- don't respond to bogus communications etc
- watch out what you are clicking on
He says if you do the above you shouldn't need to use any antivirus or anti-malware products.

There's a whole other side of security for systems admins that users can't do much about. The vast majority of hacks he sees are via older computers left on networks with un-updated or un-updatable OSs on networks. These are the weakest points on mosts systems and are the ones that deliberately target. If sys admins systematically culled these machines and users did the above my son reckons he would be out of a job or at least there would be very little for him to do.

Oh yeah, and he uses many different computers but his personal preference is to use Unix on a Mac laptop.

Yes, Windows Defender is enough, together with having Windows’ auto update enabled.

However PC security in the modern world is much more than that. The weakest link in the security of computers is the human factor, i.e. you and me.

Only install software from known and trusted vendors. Every piece of software, malicious or not is a potential entry point to your computer. Every time you install something, remind yourself that you are giving that program unfettered access to your computer, and consider how much you trust the vendor/random person on the internet who wrote it. Not just their intention, but also their skill in mitigating against security related bugs.

Let me make a special mention of web browsers. They are the primary attack vector today. The requirement for the vendor to provide frequent and timely updates as vulnerabilities are identified is paramount. This is not the place to try out the new flavour of the month, or support the latest hipster save-the-world offering. Stick to Chrome, Windows Edge and Safari. A chromium based browser does not inherently make it safe like chrome.

As above for any file you download or are sent. Your choice to open it should be based on your trust of the sender/source. Attachments in emails should be expected. Any unsolicited file, even from your mother, should be regarded with suspicion.

In closing, fretting about the protection software without being prepared to change our behaviour in how we use computers is a little like the woodworker who fafs about looking for the best chisel steel so that hey can do perfect dovetails. Yes it makes a difference, but to a tiny extent in the grand scheme of cutting dovetails. Like computer security there are far more low hanging fruit to address before questioning the security of mainstream operating systems in 2020.

Originally Posted by LanceC

In closing, fretting about the protection software without being prepared to change our behaviour in how we use computers is a little like the woodworker who fafs about looking for the best chisel steel so that hey can do perfect dovetails. Yes it makes a difference, but to a tiny extent in the grand scheme of cutting dovetails. Like computer security there are far more low hanging fruit to address before questioning the security of mainstream operating systems in 2020.

Yep - Yep and Yep!

I installed lastpass after my credit union brought it to my attention. It's magic. Works across devices. I have not heard of any breaches.

I run one of the top 5 free antivirus programs. Avast at the moment. I change occasionally if they annoy me too much. I'd pay once but I won't buy a subscription.

Why do we fret about stuff like this, the answer is because we are afraid of data loss on our computer. If there is no data worth worrying about on the computer and it is elsewhere then shrug your shoulders and rebuild the drives which takes a few hours at best. BTW I use Opera which is based on Chrome these days and MS did an update on my computer last night to install their browser based on Chrome and while I haven't looked I suspect the old edge has been removed (it has). Opera has not given me any issues apart from it being weird on YT but Chrome in its earlier days had real vulnerabilities and I had to reinstall it a few times when it was hacked. Opera also has a built in VPN for those who use one and it works very well. It is handy for watching geo locked content such as the on BBC site.

The current cyber attack is a beat up by Scotty from Marketing.

Scott Morrison sends China a signal on cyber-attack – but then fear turns into farce | Technology | The Guardian

Lance,
It must be Monday morning: I just thanked you for the non-existent picture....
In trying to avoid using a few passwords "all the time", I've ended up with a list as long as my arm! So, trying to change them regularly is no longer practical...
I understand that there are applications to generate random passwords but I am not sure if they are effective and how easy they are to use!

Cheers Yvan

Originally Posted by woodPixel

Update at least every Tuesday night (Tues is update day!)

Actually, Tuesday in the US is Windows Update release day, although that can happen any time if there is a need. Lets say the regular schedule release is the 2nd Tuesday of the month in the US which means the Wednesday here in AU (usually updates are out before 6am in Sydney). But absolutely, make sure you're applying updates regularly on the OS and any other apps you have that aren't serviced by Windows Update.

As for other comments, I agree you do not need a third party malware solution as Windows Defender is best of breed. Other products these days add more than just the malware protection but are largely unnecessary. And totally agree that the weak links are always the people; clicking links from suspicious emails that you really know you shouldn't, saying OK when you aren't sure to something, using the same password in multiple places, etc. Every issue I've worked on in the recent past, on a family PC, has been because they were tricked into doing something I reinforce they shouldn't have.

As for recent cyber attacks, if you read through the report (as I have) you'll see there's not much that's likely to impact a single PC that's kept up to date and isn't used haphazardly to click links. https://www.cyber.gov.au/sites/defau...ompromises.pdf is the PDF of the report. The first factor noted was a vulnerability in a product from Telerik, that is unlikely to be on a local PC unless you're a developer. This is a 3rd party product that isn't automatically updated as part of Windows update process, again another reason for everyone to routinely update other products that are installed on your local PC.

Switch from Windows to Linux.

There are a variety of flavours, and you can set up a USB thumb drive to try on your existing PC without impacting anything already installed.

Originally Posted by yvan

I understand that there are applications to generate random passwords but I am not sure if they are effective and how easy they are to use!

I was very wary of this t first but not I use the built in mac PW generator for 90+% passwords.

Originally Posted by Moti

The current cyber attack is a beat up by Scotty from Marketing.

Scott Morrison sends China a signal on cyber-attack – but then fear turns into farce | Technology | The Guardian

According to my young bloke there are cyber attacks on govt entities occurring 24/7 - but they only publicly acknowledge notice of attacks when it suits them.

A few years back one 100,000 user govt entity my young blokes team tested found more than 2 dozen old/insecure windows boxes and several easily penetrated VPNs sitting on their networks within 24 hours of looking. No wonder they have problems.

Originally Posted by Moti

The current cyber attack is a beat up by Scotty from Marketing.

Scott Morrison sends China a signal on cyber-attack – but then fear turns into farce | Technology | The Guardian

Yeah thanks for that, making a political statement and quoting from a reliable non biased "news" source.

Originally Posted by yvan

Lance,
It must be Monday morning: I just thanked you for the non-existent picture....
In trying to avoid using a few passwords "all the time", I've ended up with a list as long as my arm! So, trying to change them regularly is no longer practical...
I understand that there are applications to generate random passwords but I am not sure if they are effective and how easy they are to use!

Cheers Yvan

Like I said lastpass. I was suspicious at first but I've been using it for a couple of years now and it's remarkable. You only need remember a single master password, it generates secure passwords as you need them, all are stored on their server so they are available on any connected device and it's almost transparent.

Originally Posted by arose62

Switch from Windows to Linux.

There are a variety of flavours, and you can set up a USB thumb drive to try on your existing PC without impacting anything already installed.

I built my first linux box in 96ish and had been using unix for some time before that. The problem is it's fine for general surfing but a LOT of stuff won't run on it, so you build a VM and disappear down that rabbit hole.

Opera's VPN function is really handy but opera forces you to accept all updates and some of them are a pita. Recent versions have been spawing dozens of processes and bringing my machine to it's knees, and some idiot decided to make the speed dial buttons smaller just after I spent ages getting it all looking nice. They also randomly insert ads in there and mess me up. Quite annoying and I've been thinking of ditching it. MS took it upon themselves to put edge on my PC the other day. I deleted it asap. It's bad enough I'm stuck with their OS without them getting their dirty fingers further into my life...