Head blueLogoText.gif NCF HelpWiki
Help | StartPage

Using Windows safely

From Support
Revision as of 07:53, 19 February 2014 by Fn352 (talk | contribs) (→‎Don't use Internet Explorer: formatting)
Jump to navigation Jump to search
A Windows store display

Microsoft Windows can be safely used on the internet, but because it has inherent design limitations, using it safely requires more knowledge, skill and care than using other operating systems. This article will attempt to give less experienced NCF members who choose to use Windows on the internet some background knowledge to help them avoid problems.

Some experts have estimated that almost half of all Windows computers are part of botnets, due to malware infections. Malware installed on your computer can can not only slow your computer down, steal your data, steal your banking and credit card information, but also use your computer to send out spam, individually or as part of a large spamming network, known as a botnet. It is the spamming that results in NCF email getting on email blacklists. When NCF mail gets blacklisted due to spamming, malware on your Windows computer is now affecting everyone else. The best defence is to make sure your computer is clean and used safely.

Anti-virus

Make sure that you have an installed and functional anti-virus program and that its virus definitions are updated daily. New malware is identified every day and unless your anti-virus has the latest virus definitions it can't identify new viruses. Most anti-virus programs can be set to update their definitions automatically and also do a complete system scan automatically as well. On Windows it is recommended that that a full system scan be programmed every day. Because a full system scan can take a lot of computing power, it is best to set these to run in the middle of the night when you aren't using the computer for other tasks.

A scanner that offers real-time scanning of email and website downloads will give much better protection, but no scanner can protect users against zero day exploits, that is new malware that hasn't been identified yet. Because of this, anti-virus is not a complete solution to keeping your computer safe, but it is one useful tool.

Effective anti-virus doesn't have to be expensive, in fact the high-cost ones often slow your computer down a lot, while the free software and freeware ones tend to use fewer resources and are at least as effective. Especially with older computers not overloading the computer with resource-intensive programs is important, as they cause it to slow down.

Some free anti-virus applications that NCF members have tested are:

Anti spyware

An anti spyware application is recommended in addition to an anti-virus program. Some that have been tested by NCF members are:

Firewall

You need to have a firewall program running to block potential intrusions. If you are using an NCF-supplied DSL modem then it will have a hardware firewall already configured and running. In other cases ensure you have a firewall at the DSL modem or at the PC level in use to prevent intrusions.

Don't install random programs

A lot of malware is offered as "free screensavers" or programs to "make your PC run faster". Be aware that these are all tricks to get unwary Windows users to install malware.

Only install software from reputable sources. If in doubt, don't install it.

Be very wary of any file that has an extension of ".exe" (Windows executable) or ".scr" (screensaver). Be very careful of files that have double extensions such as ".txt.vb" or ".jpg.exe" as these are tricks to make your think the file is safe when it isn't. Many versions of Windows hide file extensions and this can display only the "safe-looking" extension and not the ".exe" extension. If you get these in your email from someone you know it is likely malware on their computer that sent it to you to spread itself.

Many attempts to get you to install malware are browser pop-ups that are designed to look like warning originating on your computer. Almost all browsers can be set to block pop-ups so you won't see these. If you do get a pop-up examine it carefully before you accept installing anything. Most malware uses "social engineering" to fool you into installing it.

Think critically about everything you are going to click on.

Browser toolbars

A lot of users install browser toolbars, sometimes many of them all at once! Some of these are malware and nearly all the rest are adware, essentially spamming you to get you to buy things. Most of these slow your browser down and make the internet run slower for you. Most tool bars are at best useless and take up screen space that could be used to show websites instead.

If you really need one certain browser toolbar then make sure it is from a reputable source, otherwise, give these a miss.

Watch out for USB drives

Other people plugging USB drives into your computer is a quick way to spread malware. If a friend brings a drive over to show you something ensure it is scanned for malware first.

Don't use Internet Explorer

Internet Explorer (IE), Microsoft's own browser that comes with all versions of Windows, is not the best browser choice. Most versions of it are not standards compliant and don't display websites, like Zimbra, correctly, which can make it frustrating to use.

Older versions of Windows, like Windows XP, cannot use the latest versions of IE and the older IE versions, which are no longer supported, have unpatched vulnerabilities that can be exploited by malicious websites. There is no reason to use out of date browsers, when better browsers are available for free download and have new versions released frequently. For Windows users NCF recommends:

Lightweight browsers:

Most of these other browsers have add-ons available. The use of Adblock-Plus and Ghostery will greatly reduce the number of opportunities to download malware and so installing these two add-ons is highly recommended. Adblock Plus will result in faster page loads, almost no advertising and the blocking of malicious javascript code. Ghostery blocks a lot of tracking and spyware, but may cause some websites to not work right.

Users should be careful of adding other browser add-ons, especially for Chrome, as some of these are malware themselves. Stick to browser add-ons that have been recommended by reliable sources.

Some people may have to use IE to access work-related websites that only work on IE. These websites are becoming rare these days, but there are still a few of these non-standards-compliant websites around. If you need to use IE for one website in particular then there is no need to use IE for all your other on-line work. You can open and run two browsers at once if need be.

It can help to have a second web browser installed on your computer as some websites do not work with all browser correctly. It may be helpful, for instance to use Firefox as your main browser, but have Chrome installed in case a particular website does not display correctly.

Don't use Outlook Express

The Outlook Express email client came with older versions of Windows, including Windows XP. The latest version is Outlook Express 6.0 which was released in October 2001 and has been unsupported since October 2005. It has many unaddressed vulnerabilities, including:

  • Database corruption issues
  • Security issues
  • Incorrect handling of PGP/MIME signed messages

This article explains more about the problems with Outlook Express.

It is much safer to use Zimbra, NCF's webmail client, or if you want to use a local email client, then Mozilla Thunderbird, is a free software email client that has much better security. Thunderbird's interface is very similar to Outlook Express and so it is easy to learn how to use it. Another alternative is Windows Essentials by Microsoft, which is commercial freeware.

Run your updates

Windows operating system updates are very important, so don't skip installing them! They often contain patches to fix security risks that have been recently identified. If you don't install your updates you are leaving yourself open to malware.

If you find that installing the updates ties up your computer then install them at the end of the day so they can run overnight when the computer is not being otherwise used.

Unsupported operating systems are at risk

Older versions of Windows that are no longer supported are security risks. Malware writers know that any vulnerabilities they discover in older Windows versions will not be corrected and that they are free to exploit them.

Here are Microsoft's official dates for the end-of-life for various Windows versions:

In the past, by the time most versions' support ran out there were very few users still employing the system, and therefore it attracted very little interest from malware creators. This meant that the risks of running unsupported systems were relatively small in the past. For instance today very few people are writing malware for Windows 98. But Windows XP is an exception, because, as of February 2014 about 14-18% of all computers are still running this soon-to-be-unsupported operating system, making it a large and valuable target for malware writers.

Keep track of your operating system end-of-life date and plan to either upgrade to a newer version of Windows (usually requires buying new hardware) or install a different, supported operating system on your existing hardware.

See also

Additional reading