I occasionally get called up to fix someone’s computer after it’s befallen the evils of the Internet. Fortunately my immediate family has become relatively computer savvy over the years, so this is less of a problem now. (Although now Mom stumps me with more complex problems that I have no idea how to fix.) In the interest of possibly helping some newbies out there, I’m gonna list some tips for keeping the baddies out of your computer. There are plenty of lists like this on the net already. I’m not claiming this one is better or more complete – just that it’s mine. 🙂 If you’re on a Mac, you’re on your own. If you use Linux, you’ve already declared your independence. This is for the people out there who are stuck on Windows and want it to “Just Work” – not the avid user who argues about vi vs. emacs.
- Get a Recent Version of the Operating System (OS). I know it’s expensive, but if you’re running anything other than Windows 2000, XP or Vista, suck it up and buy a new version of the OS. Windows 98 may run fine on your PC, but it has no security. Just give up and move into the modern era. If your PC won’t run at least Windows 2000, then you can hope and pray or you can go buy a newer computer.
- Get an Antivirus Scanner. Do you ride in a car without using your seatbelt? Do you own a computer without an antivirus program? Either way you’re being stupid and may have to pay the consequences some day. Sorry, but time to face reality. There are free antivirus scanners out there, so no excuses. Just buckle up, already.
- Get an Anti-Malware Tool. Malware (aka spyware) is the latest threat. Anti-malware tools are not as common as antivirus programs, but you should get one. There’s at least three major ones available – Ad Aware, Spybot – Search & Destroy!, and Microsoft’s Windows Defender. I personally use Windows Defender, but anti-malware tools are like condoms – it’s more important that you use one than it is to argue about the best brand.
- Run Automatic Updates. You may have heard that automatic patching is a bad idea. If you have a test environment to download and validate patches before using them on your production machines, please do. But if you don’t, suck it up and enable Automatic Updates.
- Use Old School Email. Email used to be plain text. Then someone figured out you could send HTML and it would be pretty. Then hackers figured out you could send HTML and fuck up someone’s life. Keep it old school, use plain text email. Set your mail program to send plain text. Set it to open all mail as plain text. This will stop almost every email security attack out there.
- Run as a Limited User. Running as a Limited User prevents a virus or malware from completely ruining your computer (most of the time, at least). Check out this article from Microsoft for details on how to set it up.
- Turn On Windows Firewall. Like Automatic Updates, just suck it up and do it.
- Stop Clicking on Everything. A whole lot of attacks on computers rely on the user (that’s you!) actively doing something to start the attack. So stop opening the spam emails offering you better mortgage rates or a bigger penis. And stop visiting every website you can get your hands on. Curiosity can kill your computer just as surely as it can kill a cat.
- Spend 15 Minutes on Education. There’s plenty of places where you can learn a little bit about security so this whole thing isn’t so mystifying. If nothing else, check out Microsoft’s Security page and learn something new.
Well, there you go. I’ll probably add more to this page over time, but those tips should get you started.