Anti-virus

Windows SteadyState Can Protect Your Family & Your Family Computer

A while back, I used the Microsoft Public Access Computer Security Tool, predecessor to Windows SteadyState, to secure a credit union’s public access computer. They wanted to make sure that no one could use the PC do do anything but work with their online banking site. After a short learning curve, I was able to deliver exactly what they wanted. They were impressed and so was I.

The other day, after yet another grueling session of cleaning up a family member’s malware-infested PC, it occured to me that I should just put SteadyState on it and set up several profiles, putting restrictions in place for the kids, leaving things a bit more open for Mom and Dad, and completely locking down a profile for guest users. Check out what you can do with this:

• Restrict access to programs and settings
• Return the computer to its original state with Windows Disk Protection
• Enforce time limits on use of the computer
• Control what programs show up in the menus

I haven’t teste this idea yet, but it seems to me that Windows Disk Protection alone would be worth a try. You could set up a profile that would allow completely safe surfing for everyone in the household.

I’m going to take a serious look at this, so stay tuned for my report.

You Clicked? Really? Are You Nuts?!

This has to be one of the most evergreen security topics to come along; no matter how much anyone writes about the dangers of clicking on links or opening attachments in unsolicited email, people continue to do it. SANS NewsBites, March 25, 2008, Vol. 10, Num. 24, begins with this statement:

The Excel story is number two in Top of the News this week because of the critical lesson it teaches: When you see your anti-virus package scanning a Word or Excel file, the odds are VERY high that it won’t find any of the important new vulnerabilities nation states and rich criminals are using to get past the most sophisticated defenses. Don’t open email attachments unless you were expecting them. [Emphasis added] Send a note back and ask the person to embed the text in a simple email. This matters to your career. The people who break this rule will be the reason their organization’s data are stolen and they won’t be able to hide.

(They’re referring to a months-old Excel vulnerability for which the exploit code has just been widely released. For more information on that, you can check out this ComputerWorld article.)

I remember, years ago, a client got a nasty malware infection that resulted in my finally resorting to a full wipe/reload of the OS and all her data. I had solved a couple of minor adware issues for her in the past and, as is my custom, gave her my standard admonition, “NEVER, EVER click on anything if you don’t know where it came from.”

“But I clicked on CANCEL!” she replied. She just couldn’t get her head wrapped around the idea that no means yes, yes means yes, cancel means yes, exit means yes, ANY click means yes.

I’m thankful that most of my clients now either call me or drop me an email if they see a message or pop-up they don’t understand, and malware-related emergencies are way down. But they’re not completely gone. Occasionally, I still get that one dull client who calls to say they clicked on something and now they’ve got popups all over their screen.

All I can say (think) is, “You clicked? Really? Are you nuts?”