Here's an article from Windows Secrets
"
How much security software do you really need?
Ian Richards By Ian "Gizmo" Richards
Yes, the Internet can be a dangerous place. But use smart computing practices and the right security products, and you can reduce your risk to very low levels.
What may surprise you is that safe Web browsing needn't require very many computer security products, and you can put together an effective defense without spending a cent.
Break the security-industry-centric mentality
Security product vendors want you to believe that the only sure way to ward off malicious Web attacks is to load your PC to the gunnels with security products — theirs, of course.
I believe the vendors are abetted by some security experts and members of the computer press who have a vested interest in encouraging a climate of fear and promoting a blind belief in technological overkill.
They have been very effective in this mission. It's now common for a typical PC to have four or more security products installed — not just antivirus scanners, but complex firewalls, anti-spyware programs, anti-Trojan programs, rootkit detectors, behavioral detectors, and the like. Ultimately, it's a road to nowhere; it's complex and expensive and can slow your computer to a crawl.
What's worse, all that protection is not as effective as vendors would have you believe. They're fond of quoting test results that show detection rates approaching 100%. For example, AV-Comparatives' most-recent on-demand tests rating signature-file detection (listed on the company's Main-Tests page), gave scores of 96.6% for Microsoft Security Essentials, 98.9% for McAfee, and 98.6% for Norton.
However, these figures most often apply to malware that's already known. The detection rates for brand-new malware are much lower. In AV-Comparatives' November 2009 proactive/retrospective tests, the heuristic detection rates for the major AV programs ranged from 32% to 74%. The popular Norton AV managed only 36%, while McAfee AV achieved 47%.
For specially crafted malware such as that used to steal financial information, the figures are worse. The Malware Research Group recently tested how well security applications stopped malware that targets online banking transactions. The results, published in a PDF-based report, noted that "... having an up-to-date antivirus only reduces the chance of infection [from financial malware] by about 25%."
This is not to say security software is useless — it's useful and necessary. But twice as much security software doesn't make you twice as secure. In fact, no amount of piled-on security software will, by itself, ever make your PC 100% secure.
There's no such thing as total security
The idea of perfect computer security is a myth. It's no different from your home security. No matter how many locks, alarms, and other security aids you install in your home, a skilled thief can still break in. It is fantasy to believe otherwise.
We've learned to live with less than 100% physical security for our homes, and now we need to do the same with computers. The first step is to set aside the claims and promises made by those who sell security products, as well the often self-serving advice of security experts.
You need to start thinking about defending your computers in the same way you protect your house. You don't leave home with the front door wide open, and you balance the level of security — burglar alarms, for example — against cost and inconvenience.
Think of your computer security the same way. Act responsibly and consider whether the benefits of AV products outweigh their cost and maintenance.
The biggest security risk isn't the Web, but us
No security product can protect you from the greatest security risk of all — you, the PC user.
In a Computerworld report, a Trend Micro researcher stated that around 63% of all computer infections stem from downloading and installing infected files. Some of the malware embedded in these files is so potent that it can overcome just about any computer security software.
Downloading software (games, shareware, screen savers, and such.) whose integrity cannot be verified is like giving your frontdoor key to a stranger. Once you allow unknown software to install, there is no guarantee that your security system can protect you against any malware that may be embedded in those files.
One corporate security manager, complaining about how often senior executives' PCs get infected, commented, "You try and stop a guy watching a juicy porn movie he's just downloaded. It doesn't matter what warnings his security software gives, he's going to watch it anyway."
And it's not just visiting suspect Web sites and installing software that you should worry about. Many other high-risk activities, such as opening e-mail attachments from strangers, visiting cracked software sites, and installing software given to you by friends, pose serious threats to your security.
Any of these activities can lead to an infection, regardless of the type or amount of security software you have installed. Sooner or later, you'll get clobbered. And the rational response is not to add even more security software, but to change your behavior.
Good security requires a different mindset
Since you cannot make your PC impregnable with security software, the first step to a safer Web experience is to adopt safe computing practices — and then look for a complementary security-software solution that balances effectiveness against cost and inconvenience.
So what are the rules for safe computing? They should be familiar to any frequent Windows Secrets reader and are well documented on the Web. They include the basic behaviors such as being extremely careful about clicking on unfamiliar sites, not downloading e-mail attachments from sources you don't know, not clicking on odd links forwarded by friends, not installing downloads from sites using P2P (for example, BitTorrent and eMule sites), and being wary of programs friends pass along on removable media. In fact, be wary of the medium itself, as it may be infected with hidden malware.
For more, check out the following sites:
* Gizmo's page, "Safe Hex: The Rules for Safe Computing"
* ResNet's "Safe Computing Practices" info page
* Computer Knowledge's "Safe Computing Practices" article
But it's not just a matter of knowing the rules — it's a matter of applying them in your everyday computing. Print them out and give them to every member of your family and to your co-workers. Have a security war council and get everyone on board.
Match the security suite to your computing
With the right security practices, you need less anti-malware software than you might think. In fact, I have a number of acquaintances who don't use any security software at all — apart from the firewall that comes with Windows — and don't get infected. However, these are not typical users; they're highly skilled and highly disciplined IT professionals who know how and when to use limited user accounts. Most users (me included) need at least some security software.
My first software suggestion is not security software per se, but rather a security measure. I suggest you change your browser to Google Chrome. Currently, it's the safest of the mainstream browsers, due to the way it isolates (sandboxes) browsing sessions. Most security experts agree that sandboxing makes it extremely difficult for hostile Web sites to infect your PC. I noted in my May 13 column that Chrome is not only safer but also faster than most of the leading browsers.
Once you've installed Chrome, go to the Google Extensions/Web of Trust (WOT) site and download the extension. WOT rates Web sites according to their level of trustworthiness. This will help keep you away from malicious sites.
An alternative to Chrome is to use your browser in a sandbox. The free version of Sandboxie (sandboxie.com) is a good choice — though using Chrome is the simpler option.
Once you have swapped your browser, install a single, broad-spectrum malware scanner with real-time protection. There are two outstanding choices, both of which are free: Microsoft Security Essentials (MSE) and Avira AntiVir Free Edition. Neither slows down your PC.
In his May 6 Top Story, Fred Langa was impressed with MSE's anti-malware capabilities, and I fully agree.
According to a recent AV-Comparatives.org test report (listed on the company's Main-Tests page), Avira AntiVir Free Edition offers slightly better overall protection than MSE, though this comes at the cost of a nag screen prompting you to upgrade to the paid version. However, the ad is not overly intrusive and is quite acceptable, given the overall quality of the product.
The only other piece of security software prudent users need is a firewall. Simply use the one that comes free with every version of Windows since XP. Its inbound malware protection is excellent, and that's most important.
Windows' firewall offers little protection against malware already installed on a PC and trying to phone home. Fortunately, this type of outbound malware action is uncommon, and many PC users do would not know how to respond to outbound firewall alerts.
What other security software do you really need? Nothing, if you assiduously follow safe computing practices.
Follow these steps, and your chances of becoming infected are minimal — certainly much lower than for those who pack their PCs to the gunnels with expensive security software but continue to engage in risky practices such as downloading illegal software.
" |
