Welcome to the Fast-Air Tech Talk newsletter. The Tech Talk newsletter is a free service for all Fast-Air customers. Please feel encouraged to suggest newsletter topics.

Other than playful pranks, such as changing screens savers and wallpapers, once upon a time computer users did not worry about other people tampering with their computers. Email existed long before the world wide web, but in those days users did not worry about something called malware. The word is a blending of the words malicious software.

Malware is referred to by many names depending upon the purpose.

• Rootkits
• Viruses
• Worms
• Backdoors
• Trojan horses

• Ransomware
• Spyware
• Adware
• Scareware
• Trickware

Early generations of malware focused on pranks and sometimes malicious destruction of data. Malware today has a different focus. These days much malware is designed by professional criminals. Such software often is used for monetary gain.

Sometimes this type of software monitors what users type on the keyboard, called keyloggers. This malware is used with the hope of retrieving private information such as bank account numbers and passwords.

Sometimes malware is designed to quietly search a user’s data files for such information.

A recent trend is the popularity of ransomware, software that encrypts user data files for the purposes of extorting a ransom to decrypt the files. More about ransomware in the next issue of Tech Talk.

How do computer users protect themselves from malware?

The most obvious way is the least helpful: never use a computer.

A similar preventive method is never allow a computer to connect to the Internet. This method is used by many people. They use one computer to connect to the world wide web. To avoid infections and loss of data they use another computer that is isolated. For example, a small business owner might use two computers. One computer is used for research and web surfing. The other computer is used to store business data but is not connected to the Internet. This technique is called air-gapping because there exists an air gap between the computer and the rest of the world.

A similar approach is used with private networked computers. While such computers are connected within a company in a private network, the computers are not allowed to connect to anything outside the company network.

Those strategies don’t help most people using computers today. The most challenging part of developing basic computer security strategies is accepting that the biggest weakness in any such strategy exists between the keyboard and chair. That’s right — the user.

Humans are social creatures. Humans are quick to learn but quick to develop habits. As children, humans learn by imitating the behavior of other people. Many of the daily actions of any person are performed without any thought at all. That basic personality trait affects how people use computers. This ability to act without thought is called social engineering.

The first preventive step is assessing usage habits and being willing to change those habits.

One challenge with changing personal habits is something security experts call dancing pigs. This is an attitude where people prefer to be entertained rather than choose computer security. That is, many people will choose to watch a video of dancing pigs even when forewarned that the video will introduce malware or cause security problems.

The dancing pigs mentality often comes into play with trusted or reputable web sites. Because such sites are considered safe, people tend to ignore security to watch videos. The lure of watching a free movie or viewing a funny advertisement sometimes leads to malware. For example, if a web search finds a desired full length movie only to find the video is a link to another web site, then stop right there. The redirected web site is likely a malicious web site.

Related to the dancing pigs syndrome is convenience. Like water flowing down a hill using the path of least resistance, humans tend to find the easiest way to do things. With the Windows operating system the default design always has been to provide the primary user account full administrative privileges to operate the computer. This basic design choice is convenient for performing computer maintenance and administration, such as installing software and updates, but is a security black hole and opens the door to easily introducing malware.

Few Windows users change this default design although easy to do. That is, all that is needed is to create a non administrative user account and then use that account rather than the default administrative account. By using a non administrative user account, malware cannot be installed in a way that infects the entire computer. Most Windows computers used in the enterprise are configured in this manner to avoid this serious security problem.

Similarly, Linux and Mac users do not worry about administrative accounts because the default design is to require users to use a non administrative account.

Another step toward avoiding malware is learning some basics about how malware writers trick people into installing their software.

Avoiding malware sent through email is straightforward.

• When possible, avoid using HTML mail. Use plain text.
• Be wary when receiving unexpected email.
• Never open attachments from unknown sources or strangers.
• Use your baloney detector: if something sounds too good to be true then listen to the alarms.
• Any email with poor spelling and grammar is a good clue.

• Be wary of unexpected shipping notices.
• Be suspicious of anybody asking for personal information.
• Be skeptical when an email writer claims to be your banker or some other official contact. These types of people do not use email and still contact you the old fashioned way — through snail mail paper correspondence.
• Most email charity requests are bogus.

When possible, configure your email client to refuse delivery or quarantine emails containing EXE attachments.

Colored fonts in email is fun but not needed. Colored fonts is possible in email through the use of HTML, the same technology used to create web pages. HTML allows malicious links and hidden links too, commonly known as web bugs. These hidden embedded links allow installing malware. All of this is avoided by disabling HTML mail and using plain text. Does disabling HTML email mean boring email? Perhaps. Super safe? Yes.

Avoiding the dancing pigs syndrome is an exercise of will power. When receiving an email with an attachment for a “really cool screen saver” or the latest “really funny video,” be safe rather than sorry and presume the attachment is malware. Resist temptation.

All human relationships are based on trust. Yet accept that most users are not technically savvy with computers. With respect to computer usage this implies that most people should not be trusted — regardless of good intentions. When attachments are from trusted people, presume those trusted friends and associates probably lack the knowledge to know whether the attachment they sent is malware. Much like the old carpenter’s proverb to measure twice and cut once, take precautions before opening attachments from friends and associates.

In Windows, by default file extensions are hidden. A simple security trick for Windows users is to enable viewing hidden file extensions. Being able to view an attachment’s file extension often exposes whether a file is legitimate. For example, an attachment might use a PDF icon to trick users into thinking the attachment is a PDF file. Exposing the file’s extension could reveal the file is actually an EXE file. That is, an executable program and likely to be malware.

Likewise when receiving links in email rather than attachments. With both email client software and web browsers, learn to use status bars or tooltip popups to reveal actual links when hovering the mouse pointer over a link. This is easy to do. Do not immediately click on a link in an email. First hover the mouse pointer over the link and watch the status bar or tooltip. When the status bar shows a location different from the original link then treat the link as suspicious.

Social engineering includes scams and phishing. These tactics are designed to trick people into installing malware. These efforts might come in an email but now are common in web browsers. Through the use of JavaScript, web page visitors might be informed through a popup dialog that they need to update a certain software when that is false — a lie. Accepting the request gets the malware installed under the guise of updating useful software.

Sometimes malware is installed by installing known good software. Since most users are not technically savvy about computers, and most people tend to “click through” dialogs without actually reading anything, they never notice they are agreeing to installing various forms of malware. A common type of malware installed in this manner are unwanted web browser toolbars and home page hijackers. An upcoming Tech Talk article will address the topic of safely installing software to avoid unwanted software.

Not all malware is installed by social engineering. Computer software is unlikely ever to be fully secure because humans are fallible and have limited knowledge. Designing bug-free complex software is difficult work. Because of this complexity, malware writers continually seek and discover various security flaws and use those flaws to quietly install their malware. The most common means of doing this is through exploits in web browsers. More specifically, the add-ons and plugins used in web browsers. The most well known plugins for such exploits are Java, JavaScript, Flash, and built-in PDF readers.

Disable or remove the Java web browser plugin. Most people do not need this plugin. Those who do often are online gaming enthusiasts. Some online banking sites require Java (contact any banker who is using Java — this is not necessary and a security nightmare). Regardless, most people do not need the Java plugin. Those who do should use a separate web browser or create separate browser profiles and user accounts.

Controlling JavaScript requires a bit of sweat equity. The basic approach is to create a white list of trusted web sites that are allowed to execute JavaScript. For Firefox users this is best done through the NoScript addon. Disabling JavaScript does affect the display of many web sites, but can be learned to be controlled and limited.

Next is to configure the “click-to-play” option in web browsers to control the Flash plugin. When enabled this feature prevents all Flash content from playing until a user actually clicks on the Flash content. Flash is slowly being replaced by HTML5 videos and some people find they can uninstall Flash completely and still enjoy online videos.

To protect against PDF exploits, rather than use a web browser’s built-in PDF viewer, use an external PDF reader that does not use JavaScript or allows disabling JavaScript. Usually this requires little more than configuring the web browser to use an external PDF or document viewer.

Returning to human habits, avoid web sites known to host malware. This is fairly straightforward for most folks by paying attention to the subject matter provided by web sites. Ad blockers, proxy servers, hosts files, and parental controls can help avoid many of these types of sites.

What about anti-virus and anti-malware software? This type of software helps only to a nominal degree. Most security experts have little trust in such software. Such software tends to promote an illusion of security rather than provide meaningful security. Why? Malware nowadays evolves at such a fast pace that developers cannot keep their protective software updated to detect the newest strains of malware. One author of a report from a known security software developer claimed 325,000 new malicious files every day. Software criminals are getting very good at designing malware that is difficult to detect. Thus anti-virus and anti-malware software is considered a last gasp effort, mostly an effort of futility.

While not immune to the problem of malware, one option for many people to avoid malware is to use an operating system not greatly affected by the problem: Linux. Contact us for more information.

The computer is a complex tool and not a simple appliance. The healthiest approach to avoid malware is knowledge and changing habits. Act as though a computer has no security protection at all, which then will lend toward improving usage habits.

Technical trivia: The first space walk was performed by Alexey Leonov on 18 March 1965 and lasted 12 minutes and nine seconds.

Next issue: Ransomware.

Then they grow up.

Video

• Author
• Recent Posts

Backwoods Geek

Backwoods Geek wrote his first computer program in 1977. He started using desktop computers in 1982 to write training and job aids. These days his home includes routers, switches, computers, a home theater PC, a laptop, and bluetooth phones. His professional career includes instrumentation and controls, computers, industrial training, technical writing, and teaching computer classes. Pastimes include sitting on the front porch, observing wildlife, cutting firewood, reading, watching movies, and tinkering with computers. He is uncomfortable around morning people until afternoon, likes dry and off-the-wall humor, and usually tells jokes with a straight face. He is a believer in the old adage that, "No matter where you go, there you are."

Latest posts by Backwoods Geek (see all)

• Free Gift Phishing Scams (Notice 2020-001) - January 15, 2020
• Tech Support Phone Scam (Notice 2019-001) - March 14, 2019
• VPNFilter Router Malware (Notice 2018-007) - May 30, 2018