Tech advice from Slate

Posted by Chris

This piece in Slate about spyware and viruses is pretty crappy. The gist of the article is that user ignorance is to blame for viruses and spyware. On top of that, nasty companies have impossibly long disclaimers that you have to agree to before you can install software - and these disclaimers usually permit invasions of our privacy that few people would agree to. You can do some fancy-schmancy stuff like the author of the piece to get rid of it, but you're safer not to because you'll probably just screw it up.

There's something to all of these points, of course, but it's remarkable what the piece leaves out. For starters, part of the problem - not all, but a good part - has to do with crappy Microsoft security. Microsoft has recognized this, belatedly, and plans to address it with its security pack 2 some time soon. But in the meantime, it has littered the world with computers whose default settings make them sitting ducks. Those spam messages in your in-box - you know the ones I'm talkin' about - many of them come from zombie machines which were taken over by hackers and turned into spam boxes because Microsoft fucked up on security. Microsoft is a target of a lot of viruses and spyware partly because it has a larger market share than any other operating system. But the difference in security between microsoft and the two main rival platforms, MacOSX and Linux, isn't just a matter of what the bad guys are going after. It's because Microsoft has done some awfully stupid things with its security over the years.

Second, Microsoft's browser, Internet Explorer, sucks. It sucks, again, because its security defaults are lousy, and because it makes it hard to protect privacy. You can customize IE by installing browser helper objects that help with both these issues, but in my experience these objects seemed to make IE crash more. (Either that, or IE is crappy without any assistance.)

It's wrong to say that you can't do anything about this situation. Here are just a few things I do to protect my computer as I screw up my courage to make the jump to Linux:

1. Like the Slate author, I occasionally run spyware checks with Ad-Adware and Spybot. These are both free. People who remove spyware from their computers often discover that their computer runs much faster. Spyware doesn't just invade your privacy. It also ruins your computer's performance.

2. Perhaps most important, I stopped using Internet Explorer and got myself the free Mozilla Firefox. It's faster, more stable, and far better than Internet Explorer from the point of view of both privacy and security. Right now, the only thing I use Internet Explorer for is for Microsoft updates.

3. Winpatrol is a free program that tells you what is running on your computer and what loads on startup. Any programs that you don't use or don't want loading at start up can be deactivated through the Winpatrol control panel. And if a new piece of software tries to sneak its way into your startup items, Winpatrol makes a "woof" noise and makes sure that the program has your permission.

4. I use the wonderful ZoneAlarm firewall. This is free if you just want to use the firewall. This product makes your computer much harder to get into from the outside world. ZoneAlarm plugs up all the ports on your machine so that nothing can get into or out of your computer without your permission. That means that if a program tries to "phone home" after I've installed it (i.e., connect to the internet and tell God knows who God knows what), it has to ask me for permission first. Setting this up is a little bit tricky for technophobes. The tricky part is that sometimes legitimate programs with odd names need to contact the internet, so you've got to figure out which those are when you first start to use it. But all you really need to go is google the names of the programs. (Note: I have to turn off ZoneAlarm when I use an FTP program. But it works with everything else.)

Now, these are all practical - and free! - things that just about anyone could do. But besides recommending #1 the author claims we're just screwed. So either Slate, which is owned by Microsoft, got very unlucky with this piece, or it didn't think it could get away with giving an honest account of the causes of the current mess with computer security (i.e., many of the problems are Microsoft's fault) or honest recommendations (for example, recommending a decent browser) on how to deal with it.

Remember that next time you get tech advice from Slate.

Posted by Chris at June 23, 2004 07:59 PM