Safe Computing on a Budget, Part 2: Know what you download

In the previous post, we changed our browser to Google Chrome. This will help prevent a lot of the slowness and security exploits in other more popular browsers. Today, we're going to discuss knowing what you're downloading, which seems like common sense but can be hard to verify if you're a computer novice or you find yourself downloading certain types of files often.

Know Your Source

Don't download everything. It's not always necessary to do so. but when you do, make sure where you're getting the file is legitimate. How do you do this in a vast sea of web sites? Despite the immense number of sites available, very few actually host files. Downloads can take up server space that site owners typically have to pay for, so they choose to host their files in the same place as everybody else. This equates to a finite but still large number of legitimate sites.

The best way to know where you're getting your file from is to look at the bottom of the screen when you move your mouse over a link or button:

The address to the next place you will go to get the file is listed here. It can seem arbitrary, but the main part you need to look at is the address of the web site, which is the first part of the link (everything before the ".com" or ".org" or whatever) called the domain. You can actually open a second window and open this first part of the address to see where it goes. Does it go to a place you recognize?

It complicates things when a web site owner uses multiple addresses for different functions, like CNET using dw.com.com for its download pages and files. This server, if you went to it directly, shows nothing. It would look to a novice like it's something bad, but it is used by a reputable company. The second thing you might want to do is check the owner of the site by using "WHOIS" search.

Who.is is my favorite of these types of search sites but you can use most services you see when searching "whois" in Google. The function here is to see who owns the domain. Because one business can own another, you are looking for something that identifies the web site as owned by someone you expect it to be owned by.

In this example, we see that the owner of dw.com.com is CBS Interactive, Inc, which is somewhat arbitrary to someone who doesn't know who CBS Interactive is. However, we do see that the person to contact has a CNET address, so it should be legitimate (most hackers and scum won't ask you to send inquiries to a major company, because having that information on WHOIS means that company may have some legal control over its ownership).

You can do this your first time, and as long as you're going to the same place each time, you shouldn't have to go back and check WHOIS each time. If the domain was "dw.com.ru", which would be a Russian domain, or "dw.com.co.uk", which would be a British domain, you can decide if you should really be going out of the country for your file and act accordingly. The WHOIS should show the same information if owned by the same company. If it shows some random person with contact info that does not seem legitimate, be cautioned when going there.

Know the Sender

Email is not as common to contain viruses because less people use software like Microsoft Outlook for their email. Attachments in places like Yahoo! Mail or Gmail are often scanned by the provider, and many harmful extensions (detailed below) are denied being downloadable so their clients are not infected. However, some viruses still get through.

Don't open attachments from people you don't know, and verify that people you do know actually purposely sent you any attachment you didn't ask for. Some attachments are sent automatically or have been spoofed by a sender to look like your friend when it was really sent by someone else. And don't use "Reply" to ask a sender to verify themselves, as emails can reply to a different email address. Always type a new email with the original sender's email address.

Instant messaging is also potentially unsafe if a friend sends you a file. Don't open anything sent by a stranger; don't even accept the file transfer.

Know Your File Type

There are tons of types of files, PCs determining the type of file by the extension used (the letters after the dot in the file name, like ".exe"). Viruses are not present in many types of files because they are not "executable", meaning they don't create commands that the computer must follow to use the file. Items with extensions like .jpg, .png, .mp3 and some other media files are not likely or sometimes impossible to carry a virus.

Fileinfo.com discusses common file types and their uses. Use it as a reference to find the kinds of files you want, and know if the file you're downloading has the right extension.

However, the reality of the internet is that it always changes. And the internet community has seen viruses hide in all sorts of files, and new viruses are created everyday.

Treat all files the same is my motto. I scan everything I download from any source I don't know intimately, or at least have an active virus scan that can catch things before I open them. This is especially true for any .exe, .zip, .rar, .pdf, .epub, .mobi, .msi or .7z files that are common to include viruses if not from a well-verified source.

Know that double extensions,which can look like .exe.vbs or .jpg.c, are likely to be a virus in disguise. Hackers expect novices to not notice the extra letters, figuring it's some sort of enhanced version of a file type they know. Unless you know for sure the file should have a double extension like this, don't open it, and delete it immediately.

P2P and Torrents Are Plagued

Anyone who has used ThePirateBay.se or other torrenting sites, or used a peer to peer (P2P) networking software to download files from other people will have heard of or have experienced a virus being carried by the files shared. It doesn't seem illogical to assume when you're doing something illegal you will probably run into other criminals who want to mess with you. You also can't trust someone else's computer to be virus free if they're not a corporate server or a high-level tech geek.

Assume everything you download from torrents is potentially infected with viruses, whether you're pirating movies or finding legal free stuff from collections shared by others. Scan everything, verify all files, and don't download anything you don't know how to open. Don't even trust common safe file types like .jpg.

Torrent sites like ThePirateBay.se also have comments posted by other users. It is important to read these comments before downloading anything from a torrent because they will tell you if someone else caught a virus or if it's not the real thing. Communities like this try to tell each other when to beware. If you are active in these communities, give feedback when you can.

Please note: Pirating songs, movies, software or other copyrighted or patented material is illegal and you can be fined or jailed for engaging in communities that traffic this kind of contraband. These are considered black markets, and on top of virus possibilities you should consider the legal ramifications of your actions before choosing to download something that you don't own.

Use Common Sense!

You get an email from a friend that has some kind of general note in it like "This is so funny I almost died laughing" and that's it, but it has a file you have to download to view. Is something so funny you risk infecting your computer and losing your data? Or could you let your friend know you aren't opening that stuff unless they give you more details about what they're going to see, and add something that verifies it's really from them? Common internet courtesy for emails, file sharing and the like is to make sure there's a way you know who it's coming from and what's in the file. If you don't, you might as well delete the email or pass up the file sharing link until you can.

Only download stuff if you know it's really what you want. One of the most common mistakes made by people who constantly get viruses is to download items that say they're something the person really wants, like a cute game or, inevitably, porn, but the file they download uses those popular past times to lower the person's sense of security so they won't scan it beforehand and make sure it's safe.

And speaking of porn, for the sake of your security and family sanctity, find a better use of your friggin' time! Porn really isn't that exciting. Half of it is hilarious, and the other half is gross. But most video and photo downloads that are freely distributed have a higher potential than any other kind of software to contain something harmful, annoying, destructive or curious about your personal data. I have fixed more computers damaged by people who got porn viruses than any other kind of infection. You really want to see people having sex? Get a subscription to a porn site or go to your local smut shack and buy a DVD.

Now that we've covered that...

In the next installment, we will discuss virus software and what I suggest to use to scan and protect your system.

Apple products are less likely to have viruses. Is tax time the right time to switch?

Have questions or concerns I haven't covered yet? Ask in the comments below!

Safe Computing on a Budget, Part 1: Get a new browser

The top question I get involving computers is how to avoid viruses. I've had a computer in the house since 1994, been online since 1995, designing web sites since 1996 and had almost no viruses in that timeframe. What? Wait... did I just write that correctly? Almost no viruses? Well, I can't say never, but they've been few and far between. Never had my identity stolen, never had my computer hacked into. And I am not running state-of-the-art computer software by any means.

(Please note, this is not a challenge to would-be hackers. I know I'm mainly just lucky. The end.)

One of the reasons I keep relatively virus free is because I take a step-by-step approach to using the internet. And I have several free tools that, along with good practices, keep me relatively virus free.

Keep in mind I have found viruses on files I've downloaded. No one can say that they did something to avoid downloading viruses. Even CNET's Download.com, one of the longest-running free software servers in the internet, has let some slip by in uploads that had new viruses their own software couldn't detect. It happens. But there is a difference between "downloading" a virus and "getting infected by"a virus.

In this multi-post series I will outline my setup, and I suggest trying this to reduce your risk of infection. Please note I spend no money on these items at all, but some have a paid version that does have some nifty upgrades you could look into if you are so inclined.

First line of defense: Google Chrome

They like to claim otherwise, but both Internet Explorer and Firefox have exploits and functionality deficits that make them more susceptible to attacks from rogue web sites and overall slower to respond. Here's how it usually works in terms of getting a virus from just looking at a web site:

1. You click on a link or type in a web site.
2. That web site is run by a "black hat", or computer hacker that distributes harmful viruses. Sometimes you can tell by the way the link is read like "http://www.yahoo.nwp1.com/, which kinda looks like yahoo.com but is obviously different). But sometimes the web site is legitimate and has itself been hacked by this distributor of evil.
3. The web site looks for a way to save a file on your computer, which is the only way it can get in. Unless you download it yourself on purpose, files saved to a computer are limited to image files (most of which cannot contain viruses), text and "plugins" such as Flash, Java or otherwise that run multimedia content or provide specific computing functions.
4. The hacker will usually hide the virus in a plugin, which is used by the browser (IE, Firefox, Chrome, Opera, Safari, etc) by downloading a file into a temporary part of your hard drive to help speed up the use of the media.
5. Once the file is saved, it uses how the browser opens the file to launch the virus and start the infection.

This seems like a long process, but it can happen in a matter of seconds. To their credit, browser developers have secured their browser software to prevent these kind of exploits, but there are specific functions of ActiveX, a plugin specifically used on Internet Explorer, that allow functions that can seriously compromise your security, usability and functionality of your computer.

One of the first things I did after I heard that there were other browsers out there was to switch from IE to Firefox. I used that for a long time, and in designing web sites I made sure Firefox users could see my web sites clearly. However, it also had the ability to install browser bars and other plugins that, as well, had exploits hidden in them. It also uses a lot of memory and has processing bottlenecks that cause it to run a lot slower than other browsers. I have admittedly not used it much, but my wife does still, and has had to shut down Firefox so she can run things like media streams without issues.

One of the most common source of viruses today is browser bars, those add-ons that give you a bar at the top of your browser that searches for you, gives you smiley faces in your emails or claims to give you faster browsing speed. These things are not only crapware but potential security risks because they load every time you load your browser. IE and Firefox are notorious for people purposely or accidentally installing browser bars that either stop their internet browsing cold or cause other infections on their computer.

Google Chrome has been historically very clean, a side effect of being based on Apple Safari and its simple yet secure structure. More recently they have allowed the use of "extensions" that give it more functionality, and that can sometimes also be a source of break-ins. So just keep Chrome the way it is and you shouldn't have much to worry about. Chrome even links up with major security indexes and warns you if you're going to a site that has been reported as harmful or dangerous.

Opera, which is another browser software with a smaller following, has also been quite secure but has historically had functionality issues with some web sites. The problem with Opera is that many designers of web sites do not test their site in that browser, which can cause unwanted display problems like images being in the wrong place or text being the wrong size. Many sites suggest using IE or Firefox because of their high level of adoption among internet users. Chrome, the basis of Google's new Chromebooks, is well tested and compatible with almost all web sites. However, I use Opera Mobile on my phone as a much better alternative to Android's built-in browser.

Ultimately the use of these browsers is up to you as to which one will feel most comfortable and do what you want it to do. I just urge you to stay away from Internet Explorer.

Changing your browser is not, in itself, going to keep you from contracting viruses. In my next post, we discuss the reason even Chrome extensions are sometimes bad and what is even more important that finding the right browser: knowing what you're downloading!

While you're at it, check out this good starter laptop for any age of student!

More porn than ever before

If it wasn't for the perverse ways of the internet, I'd let my kids be on it. But this internet is not their father's internet. Literally. What you see these days were not there 10 or 20 years ago. Gawd, the fact that there was even an internet at all 20 years ago makes me feel so old I want to start looking into AARP. But even when I was a teen the internet was not the place for unsupervised children. It gets scarier thinking of that time and the fact that there is so much more inappropriateness than any other time in internet history. We parents have to be smart, or at least aware; the well-adjusted lives you may ruin may be those of your own children.