To all users:

I would like to apologise for recent articles I've been writing here and elsewhere about how Windows users can have a completely virus-proof computer if they just have a properly configured firewall and don't do anything risky online.

At the time, I believed that Windows could be run without any anti-virus or anti-spyware software and be safe as long as no shady websites were visited or risky programs downloaded. My intention was to save Windows users some money and help their computers to run faster without anti-virus and anti-spyware software.

Tonight, my misconception was blown clear out of the water. My father's Windows computer (formerly mine) was infected with spyware despite two firewalls and no risky behaviour. The only websites he visited were sites about trams, visited using Firefox. He doesn't recieve executable attachments nor download any programs from online. He knows what risky internet behaviour is, and even before I looked at his Firefox history I knew that he wouldn't do anything dumb online.

Yet, the fact remains: Windows *still* got owned by spyware, even though I can't figure out for the life of me how the spyware got in.

Therefore, my initial articles are completely incorrect; every Internet-connected Windows computer is unsafe without anti-virus and anti-spyware software, no matter if all ports are blocked by a firewall or two, no matter if the user only visits Flickr and a Yahoo Group about model trams.

I apologise unreservedly if I have mislead anybody into dropping their internet security software, and I especially apologise if the users who had followed my advice are now struggling with infections.

Thank you for your honesty.

And I'm sorry about your situation, which is all too common.

To all users:

I would like to apologise for recent articles I've been writing here and elsewhere about how Windows users can have a completely virus-proof computer if they just have a properly configured firewall and don't do anything risky online.

At the time, I believed that Windows could be run without any anti-virus or anti-spyware software and be safe as long as no shady websites were visited or risky programs downloaded. My intention was to save Windows users some money and help their computers to run faster without anti-virus and anti-spyware software.

Tonight, my misconception was blown clear out of the water. My father's Windows computer (formerly mine) was infected with spyware despite two firewalls and no risky behaviour. The only websites he visited were sites about trams, visited using Firefox. He doesn't recieve executable attachments nor download any programs from online. He knows what risky internet behaviour is, and even before I looked at his Firefox history I knew that he wouldn't do anything dumb online.

Yet, the fact remains: Windows *still* got owned by spyware, even though I can't figure out for the life of me how the spyware got in.

Therefore, my initial articles are completely incorrect; every Internet-connected Windows computer is unsafe without anti-virus and anti-spyware software, no matter if all ports are blocked by a firewall or two, no matter if the user only visits Flickr and a Yahoo Group about model trams.

I apologise unreservedly if I have mislead anybody into dropping their internet security software, and I especially apologise if the users who had followed my advice are now struggling with infections.

It probably came in with some email. When I last used Windows I arrogantly though that I was bullet proof, but a virus got me. It came in through an email from an innocent 3rd party. The thing is no anti virus/spyware/malware software is going to be 100% infallible. The easiest way I have found to say 99% safe is use a *nix based OS, be that Linux, BSD or an Apple.

PS: I hope you got it sorted, there is no need to beat yourself up over it. You should be proud you can admit when you have made a mistake.

Yeah, it seems to be all sorted now. At least it's got my father convinced that he must use Linux :-)

Great article and great person;).
If you didn't make this mistake you won't learn anything new

Aye, my mother's computer contracting spyware after going to a website about Wyoming Tourism. This was through Firefox 3. She does not use an email client and AT&T (Yahoo) scans all the outgoing emails, as if she gets many as it is. It was an exploit through the Flash player. I've already reported the web forgery.

I doubt running antivirus and antispyware would have stopped the infection on your father's computer. The best advice for Windows users is to run as a limited user instead of administrator. I don't think any malware for Windows is designed for a limited user account, and even if one is, at least it's easier to clean up (no system-wide registry modifications) - just delete the user and create a new one.

Are you sure he didn't visit hottramgirls.com?

Are you sure he didn't visit hottramgirls.com?
lol

Doesn't have to be anything. I got a BMR virus just by connecting my Windows XP SP2 Machine to the internet once. It only took 5 minutes, and the computer was down and out.

I recently removed symantec antivirus from my xp laptop. The antivirus hadn't "saved" me from anything in years (probably since 2004 or so) and I was tired of it slowing down my machine and hogging memory.

I am willing to take the risk of getting infected with something. More than likely I could fix the problem. If not, oh well...that's why I back up everything.

-teet

Flash ad's would be my guess. My friend told me about some of the latest SOPHOS security warning about the latest batch of Flash related vulnerabilities. Flash is getting pretty powerful and can draw data from all sorts of places and do some amazing things, but is open to abuse.

It could be that a visit to a web site, such as those about trams, that had flash banner ads, could lead to an exploit.

I doubt running antivirus and antispyware would have stopped the infection on your father's computer. The best advice for Windows users is to run as a limited user instead of administrator. I don't think any malware for Windows is designed for a limited user account, and even if one is, at least it's easier to clean up (no system-wide registry modifications) - just delete the user and create a new one.

I am thinking that also.

Was he using a limited account?

I've seen a WinXP machine get viruses from the mere act of being connected to the Internet for a few minutes to download a virus scanner (and nothing more). It's spooky, really.

I've seen a WinXP machine get viruses from the mere act of being connected to the Internet to download a virus scanner (and nothing more). It's spooky, really.

I remember seeing a similar article, granted a while ago, but after finishing a clean XP install, and connected to the net. He monitored the traffic into and out of the machine and within minutes, it was infected. It was scary to read.

I remember seeing a similar article, granted a while ago, but after finishing a clean XP install, and connected to the net. He monitored the traffic into and out of the machine and within minutes, it was infected. It was scary to read.

Well, XP has open ports with things listening. It is trivial usually to get in that way.

2 things i cannot live without:

a) A nice long hosts file that blocks access to well known ad/phishing sites:
http://www.mvps.org/winhelp2002/hosts.htm

b) noscript

nuff said.

To all users:

I would like to apologise for recent articles I've been writing here and elsewhere about how Windows users can have a completely virus-proof computer if they just have a properly configured firewall and don't do anything risky online.

At the time, I believed that Windows could be run without any anti-virus or anti-spyware software and be safe as long as no shady websites were visited or risky programs downloaded. My intention was to save Windows users some money and help their computers to run faster without anti-virus and anti-spyware software.

Tonight, my misconception was blown clear out of the water. My father's Windows computer (formerly mine) was infected with spyware despite two firewalls and no risky behaviour. The only websites he visited were sites about trams, visited using Firefox. He doesn't recieve executable attachments nor download any programs from online. He knows what risky internet behaviour is, and even before I looked at his Firefox history I knew that he wouldn't do anything dumb online.

Yet, the fact remains: Windows *still* got owned by spyware, even though I can't figure out for the life of me how the spyware got in.

Therefore, my initial articles are completely incorrect; every Internet-connected Windows computer is unsafe without anti-virus and anti-spyware software, no matter if all ports are blocked by a firewall or two, no matter if the user only visits Flickr and a Yahoo Group about model trams.

I apologise unreservedly if I have mislead anybody into dropping their internet security software, and I especially apologise if the users who had followed my advice are now struggling with infections.
Windows doesn't need antivirus. I used Opera and a firewall (nothing else) for six years on XP and never got ANYTHING.

BTW, how do you know that your father's computer has spyware?

EDIT: I also used a limited user account. Browsing as administrator is a bad idea on ANY OS.

WIndows Vista doesnt need it. However, WIndows XP especially does. You probably have some spyware on your computer, but nothing major if you didnt notice anything.

The only websites he visited were sites about trams...

I had to read that twice. I thought it said "trains", which could be confused for...... nevermind.

I recently removed symantec antivirus from my xp laptop. The antivirus hadn't "saved" me from anything in years (probably since 2004 or so) and I was tired of it slowing down my machine and hogging memory.

I am willing to take the risk of getting infected with something. More than likely I could fix the problem. If not, oh well...that's why I back up everything.

-teet

If you are forced to use windows, then at least use a freebie AV program, like AVG or Avast, or a combination of both. To run Windows without one is daft, IMHO.

My sacriest experience with a virus happened when I'd disabled the copy of AVG I had on an XP machine, fired up another antivirus sytem (which shall remain nameless for now, it wasn't avast or ClamAV), opened up a suspicious attachment, and promptly infected my computer. Several hours later, after a full scan and a full reinstall the system was back up and running "properly" again. The scan even found copies of the beast in a place I didn't expect it to be......

Lesson 1: Be wary of attachments from unknown sources
Lesson 2: don't take security for granted

The best scanner I've found so far is ClamAV on Linux scanning a Windows partition.

NOD32 comes in second in you have to be in the system.

The best scanner I've found so far is ClamAV on Linux scanning a Windows partition.


It is even on some live disks.

If you are forced to use windows, then at least use a freebie AV program, like AVG or Avast, or a combination of both. To run Windows without one is daft, IMHO.

I am not really forced to use windows. My laptop is about 6.5 years old but is still functional (P3 1.06 ghz, 512 mb ram). XP runs great on it and everything works. I've used ubuntu on it in the past, but the newer versions have all had issues that most likely will never get fixed (nor should they really seeing as how freaking old it is).

I do not want to run any AV program of any sort...especially the free ones. As I stated before, the AV program has done nothing but suck up CPU cycles and RAM for the past 4 years. If my system got infected with something, I am confident that I could fix the problem (I worked as a computer tech part-time in the summer for 5 years after high school). Worst case scenario is that I would have to wipe the hdd and reinstall...which is why I always back up my important documents.

In MY opinion, AV programs are all junk.

-teet

To all users:

I would like to apologise for recent articles I've been writing here and elsewhere about how Windows users can have a completely virus-proof computer if they just have a properly configured firewall and don't do anything risky online.

At the time, I believed that Windows could be run without any anti-virus or anti-spyware software and be safe as long as no shady websites were visited or risky programs downloaded. My intention was to save Windows users some money and help their computers to run faster without anti-virus and anti-spyware software.

Tonight, my misconception was blown clear out of the water. My father's Windows computer (formerly mine) was infected with spyware despite two firewalls and no risky behaviour. The only websites he visited were sites about trams, visited using Firefox. He doesn't recieve executable attachments nor download any programs from online. He knows what risky internet behaviour is, and even before I looked at his Firefox history I knew that he wouldn't do anything dumb online.

Yet, the fact remains: Windows *still* got owned by spyware, even though I can't figure out for the life of me how the spyware got in.

Therefore, my initial articles are completely incorrect; every Internet-connected Windows computer is unsafe without anti-virus and anti-spyware software, no matter if all ports are blocked by a firewall or two, no matter if the user only visits Flickr and a Yahoo Group about model trams.

I apologise unreservedly if I have mislead anybody into dropping their internet security software, and I especially apologise if the users who had followed my advice are now struggling with infections.

For this reason exactly is why we use Linux in our home exclusively. I did the same, but used virus scanners, firewall protection and router security, and noe of it helped.

Windows ships crippled from the start and only gets worse over time.

There is too much money involved in Windows, Norton, security and antivirus companies that there is no way that a Windows PC will be safe unless it suddenly become Linux.

I believe what hacks off Ballmer so much is that he would like to use Linux as the underlying source code for Windows, but he can't buy it anywhere.

We will just have to get one convert at a time to Linux if we are going to solve the worldwide issue of insecure computers running mission critical applications.

F
Windows ships crippled from the start and only gets worse over time.

That is true.



There is too much money involved in Windows, Norton, security and antivirus companies that there is no way that a Windows PC will be safe unless it suddenly become Linux.


I think it would be possible. If Windows came with a non admin account by default and enforced its use. If it stopped associating file extensions with programs, and stopped executing random things, and didn't hide file extensions, then it would be pretty safe.

That is true.



I think it would be possible. If Windows came with a non admin account by default and enforced its use. If it stopped associating file extensions with programs, and stopped executing random things, and didn't hide file extensions, then it would be pretty safe.
The catch22 is that they have already overindulged their customers with ease of use in this sense. Not having to enter your password, not having to worry about selecting a program, not having to worry about what .msi means.

They are basically stuck in the position they are in.

WIndows Vista doesnt need it. However, WIndows XP especially does. You probably have some spyware on your computer, but nothing major if you didnt notice anything.
Windows XP doesn't need antivirus/antispyware either. At the end of the six years, I scanned using four different programs and found nothing. I just used the following:

* Opera/Firefox
* NoScript
* Limited user account
* Safe surfing habits
* Small firewall

Windows XP doesn't need antivirus/antispyware either. At the end of the six years, I scanned using four different programs and found nothing. I just used the following:

* Opera/Firefox
* NoScript
* Limited user account
* Safe surfing habits
* Small firewall

Firefox?

...

Firefox?

...
That was before I discovered the path of wisdom. I used Firefox for three years on Windows, then Opera for three years on Windows, and now Opera for two years on Linux/BSD.

That was before I discovered the path of wisdom. I used Firefox for three years on Windows, then Opera for three years on Windows, and now Opera for two years on Linux/BSD.

Oh good. I thought you were one of those that "don't care" and use "whatever as long as it isn't IE".

Oh good. I thought you were one of those that "don't care" and use "whatever as long as it isn't IE".
Yeah, or one of those crazy "I want an Open Source browser thats proven itself and runs on everything including the toaster."

Those are some crazy people.

Yeah, or one of those crazy "I want an Open Source browser thats proven itself and runs on everything including the toaster."

Those are some crazy people.

Opera supports many platforms, more than Firefox I think (http://www.opera.com/download/index.dml?custom=yes)

Opera has more features as well.

Opera supports many platforms, more than Firefox I think (http://www.opera.com/download/index.dml?custom=yes)

Opera has more features as well.
Still doesn't support that
"I want an Open Source browser... thing...

Still doesn't support that thing...

That is true.

I am not a fanatic; I use what works best.

That is true.

I am not a fanatic; I use what works best.
Opera 9.5 is very nicely done. I won't lie. It's definitely good for older computers.

Though, the relatives I do try to help with old computers usually stay with Fx 3 just because they've used Fx since it was known as Netscape.

and didn't hide file extensions
+1

Totally agree. Whoever thought that it would be a good idea to have this set as default should be shot.

BTW how safe is WinXP inside VirtualBox? No AV, no firewall, no updates, nothing.
I have the most stupid network setup, DSL modem does NAT -> Wireless router also does NAT -> VirtualBox does NAT a third time. I'm surprised I can browse at all inside VirtualBox.

Opera 9.5 is very nicely done. I won't lie. It's definitely good for older computers.

Though, the relatives I do try to help with old computers usually stay with Fx 3 just because they've used Fx since it was known as Netscape.

Yes, it runs nicely on older computers.

Well, I think there comes a time (not related to age exactly) that people don't want to try things when things already work for them.

Yeah, or one of those crazy "I want an Open Source browser thats proven itself and runs on everything including the toaster."

Those are some crazy people.
Until Firefox (or preferably Opera) releases a NATIVE NetBSD port, there will be no "toaster-browser".

I doubt running antivirus and antispyware would have stopped the infection on your father's computer. The best advice for Windows users is to run as a limited user instead of administrator. I don't think any malware for Windows is designed for a limited user account, and even if one is, at least it's easier to clean up (no system-wide registry modifications) - just delete the user and create a new one.

Although I have never used a MS setup on my on computers this advice seems to be the best. Limited access to a root system is what keeps the open source a bit more stable. :)

When I owned the computer, the only time I let Windows touch the Internet was in a special limited user account called "lockdown".

My father just uses the administrator account, but I still thought he'd be reasonably safe; none of Windows' ports were visible outside my network and he's the only male member of the family never to get caught in a phishing attack (yes, including me! Long story).

It's made him realise that he should be using Ubuntu anyway, so all's well that ends well.

Are you sure he didn't visit hottramgirls.com?

I was so disappointed when I realised this site doesn't actually exist. :(

Anyway, all I've got running on XP is the SP2 firewall but the only place I take it online is to the couple of forums I frequent. Otherwise, I don't use XP on the net.