People who have sat down at my compute to use it on the web discover very quickly that I run a tight ship. I view surfing and the work I do on the web similar to how many people view sex. If I do a lot of it, with a lot of unknown partners then I’m taking on considerable risks; Thus, I have to either protect myself accordingly or I have to not be so promiscuous, and promiscuity is so much funner on the web.
With this mentality though, I’ve been able to avoid a computer virus or spyware for a very long time and I have only a few more complications when surfing the web than the average user. After having to recover friends and coworker computers time after time when they get a virus, and not just viruses they’ve downloaded via trojans, and being worried crapless about new viruses like the bitlocker virus I think it’s time to explain the 6 techniques and tools I use to perform safe computing.
Be particular about which sites you visit. aka. “Don’t put your computer into crazy.”
This one is the most obvious of the rules, but most people don’t even think about it when they go around surfing the web. Even if your computer is fully up to date, and all of your plugins are clean and you are using a better quality browser, you can still get computer viruses from untrustworthy websites.
If you are going to run something you download from a website, be ready for a commitment.
Trojans are the number one way that viruses get spread on the internet. Before you download anything from any website and run it locally, be certain you trust the site you downloaded it from, because if you are wrong, you may have a little surprise waiting for you which will cost money and time to resolve.
If you want to be promiscuous about your web use, use protection.
A lot of people don’t realize it, but many websites are regularly doing things behind the scenes that you probably don’t want them to. If you truly want to practice safe web surfing and you may visit sites that are infected, you should use protection. My practice is to use the following for my web browsing:
- Firefox, an open source browser which has many years of proven stability and security. (you can download it from Mozilla Corporation)
- Adblock Edge, a adblocker that isn’t being undermined by google ads or other corporate investments.
- NoScript, this blocks all scripts until you explicitly tell the computer it is OK to run them. Now, this could be very irritating to some people because it takes some time to get all of the exceptions in place for your favourite sites. However, once it is in place, it runs in the background and you really only notice it when you hit a website that is doing something that it shouldn’t be.
- RequestPolicy; This is probably the most advanced and security centric add-on I have for Firefox. This blocks any cross-domain requests unless I explicitly permit it in an exception list. When/if you run this, you will discover very quickly how many websites are contacting random servers around the world simply to show you the websites you see day to day. If you have little patience, I don’t recommend using this. However, if you want to have the peak of protection with your browsing, this will cover you.
Know who uses your computer without your knowledge.
This is a very big reason I find people have had their laptops infected, their uncle or whomever over the Christmas break decided that they needed to use the internet, and instead of just reading their email, they had to also run this_is_totally_not_a_virus.exe that was sent to them by their second cousin, thrice-removed’s coworker’s boss as a “totally hilarious” video.
Check your computer regularly and get updates promptly when required.
This one is pretty obvious. When there is a security update for your computer, it means that every hacker and script kiddie around the world will know the vulnerability and be working on programming scripts to take advantage of it. If you see a security update for your software, you should implement it as promptly as you can.