Top Ten computer security myths

I thought it is a good idea to make a list with the top ten popular beliefs but in reality misconceptions about home computers security, if you know more please let me know and I will re-entitle this article “Top Twenty computer security myths”. Failing to avoid these wrong ideas result in exposing your computer to a higher risk of infection with computer viruses, compromised online accounts and presumably financial loses. The most recent case was when somebody loses bitcoins worthing $500,000 from his account, due to a computer virus infection with a computer trojan. It was enough that only a single file, wallet.dat containing account informations to be stolen from his computer.

1. If you install the most reputed antivirus solution or the most expensive one, you are 100% protected of computer viruses.

Wrong ! There is not such a thing like 100% computer protection it does not matter what antivirus you run. Every day thousands of new viruses or variants of them are created. Immediately after creation time, for a good time these new viruses have not signatures in the antivirus databases and a lot of them have abilities to pass by the heuristic detection. The heuristic detection of an antivirus works by looking at what functions are called and what actions are taken by a program in the system, but if these malicious actions are hidden among other many inoffensive actions, the antivirus heuristic detection can be deceived.

Thinking you are 100% protected by your “most reputed” antivirus, it does not matter the vendor is a myth.

2.  If you run a firewall your computer can not make harmful connections and the attacks are blocked.

Wrong ! The majority of trojan viruses uses reverse connections(see Wikipedia) to bypass the firewalls. More than this the computer trojans are injecting themselves in the browser memory space looking like all the malicious online requests made by the computer trojan is made in fact by your browser.

3. If you run multiple security programs in parallel(ex. an antivirus, an antimalware, an antispyware) then you have a bulletproof protection.

Wrong ! In the most cases if you run an integrated Internet Security solution from a reputed antivirus vendor(Kaspersky, Avira, NOD32, Bitdefender) is enough, they have comprehensive databases containing signatures for all kind of malware, spyware, viruses and so on. Running complementary antimalware programs is not justified in the most cases. Never run two antivirus programs in the same time in your computer, otherwise you computer will be significantly slowed down or even it will freeze: the antiviruses have the habit to fight for supremacy in the system and will end by fighting each with other eating a lot or all the computer resources.

4. Opening email attachments from known persons is always safe.

Wrong ! Even if you know the sender of an email nobody can guarantee that he has not the computer infected with a virus that attach itself to the files from infected computer. Also there are viruses that once they infect a computer, read the Contacts list and send poisoned emails apparently coming from the computer owner or the email address of the sender can be forged to trick the readers to open infected emails. This is just another method to spread malware among computers. Never open an email sent by an unknown person.

5. It is always safe to visit trusted websites.

Wrong ! Any website can be hacked, compromised and malicious scripts inserted in the web pages.

6. It is alright to visit presumably harmful sites(ex. porn sites) as long as you don’t click anything on them.

Wrong ! Harmful websites can contains exploits kits that silently scan your computer(via your browser) for security vulnerabilities and uses them to steal data, to silently upload in your computer malware or to execute some malicious commands(remote execution) in your computer opening the way for the backdoors.

7. If you use long and complicated passwords for your online accounts, them are safe.

Wrong ! A trojan virus does not guess your passwords, it will steal them as it is. Though it is better to use longer passwords(10 characters or more) containing special characters, letters and numbers for your online accounts, that’s not mean they are unbreakable accounts.

8. Using SSL encrypted connections for online transactions assure the safety of the transactions.

Wrong ! Infiltrated deep in the computer system, specialized banking trojans(ex. Zeus, SpyEye, Carpberp) can attack and steal or modify sensitive data from SSL connections aswell as with simple connections. They achieve this by interacting with the operating system components used by the browser or with the browser itself.

9. If you use other operating system than Microsoft Windows, you are safe.

Wrong ! For example Apple Mac market is growing exponentially these days. The same malicious attacks against the Mac users. The theory that using a Mac is safer than using a Windows machine because it is Unix based, these all are myths. The truth is the Mac’s were safer until recently because nobody(see virus creators) cares of them, they were only a little community of computer users. It’s obviously that growing, this community will attract the interest of the malware creators. The most recent example is the fake Mac antivirus software, Mac Defender.

10. My computer is working normally, I don’t see any computer infections symptoms, so I’m not infected.

Wrong ! Many computer trojans are specially designed to run as stealth as possible. I know cases when computer trojans were running deep hidden in the computer systems for years without to be noticed in any way, though the computers have had antivirus software installed. Scary, huh ?

That’s why I insist saying that installing an antivirus software is not the all you can do regarding your computer security. Trying to improve your knowledge about computers, to adopt a correct behaviour while you are online, it’s of an extreme importance.

Don’t forget, you are the beneficiary of a computer security as strong as it is the weakest link in the defense chain and that’s the human factor.

Keep safe !

Posted in Thoughts.

Leave a Reply