Monday, 26 April 2010

New Podcast: Home PC Malware (Virus) Protection

I released my "monthly" Podcast, yes it's officially a monthly Podcast now. Although I cheated and used a recent radio interview for the content.

The Podcast is about basic Home PC Malware (Virus, Worm, Trojan, Keylogger) Protection, and where to obtain decent Windows Anti-Virus Protection for Free.This podcast is aimed at day to day people outside the security industry.
Podcast: Home PC Malware (Virus) Protection

Dave @ ITSecurityExpert.co.uk - IT Security Expert - IT Security Expert UK Podcast - IT Security Expert UK PodcastITSecurityExpert on iTunes

To go with this Podcast I have the following links and recommendations.
Microsoft Windows Security Essentials
Anti-Virus & Anti-Spyware
http://www.microsoft.com/security_essential
Requires licensed copy of Windows
Requires Windows XP, Vista and Windows 7
Windows XP, a PC with a CPU clock speed of 500 MHz or higher, and 256 MB RAM or higher.

AVG
Anti-Virus
www.AVG.com/FREE

AVAST
Anti-Virus
http://www.avast.com/

Spybot Search & Destroy
Anti-Spyware/Anti Adware Protection & Spyware/Adware Removal
http://www.safer-networking.org/en/download/

FURTHER INFORMATION & HELP
For more information read my blog posts Anti-Virus: Completely Free as it should be and Does Apple Mac need Anti-Virus

Monday, 19 April 2010

Does the Apple Mac need Anti-Virus Protection?

If you are running on the latest Mac OS X at home and you allow Apple to automatically update Mac OS X on demand, then my advice is No, you don’t need anti-virus protection on your Mac at home, well not at the moment anyway. Apple themselves go out of their way to state Mac OS X is not effected by viruses and protects itself from other malicious applications - "The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box" - Apple.

A word of caution with my view, which will be highly controversial to some, the Mac malware situation could change in the future should the bad guys decide to target the Mac OS in anger. Theoretically this may happen if the bad guys started to find they aren’t getting any joy out of attacking Microsoft Windows PCs, however this is currently not the case, there are no significant shifts in the malware OS attack vector occurring. In my view, I feel the bad guys will actually move onto targeting the smart phone market in the future, of course this is a market which is well occupied by Apple. In the meantime Mac users should guard against complacency, especially when considering all software will have it faults and therefore will have vulnerabilities to be exploited. Where we have an operating system, we are talking hundreds of thousands lines of code, which is ultimately written by human beings, so it can never be perfect, while operating systems by their nature are a highly complicated pieces of software. So it is safe to conclude no operating system can never be regarded as being ‘secure’ and therefore cannot never be guaranteed to be vulnerability free; there is just no such thing as 100% security. The answer to this problem is to continually fix (patch) the operating systems as vulnerabilities become known, hence the importance of ensuring your Mac OS is automatically updated. Going back to the lead question, today if I was a ‘home’ or mobile Mac user running OS X, I personally wouldn’t bother with deploying anti-virus protection, as the risk is currently extremely low, while Mac OS X itself does have good malware protection built in. I certainly wouldn't criticise anyone who wants to deploy anti virus on your home Mac as matter of precaution, of course the trade off in doing this is an impact on system performance and the cost of purchasing an anti-virus product.


Why aren’t Macs at the same risk of Windows
The fact is the vast majority of malware (including viruses) are written specifically to exploit the world’s most popular operating systems, namely the Microsoft Windows range. There are well over a million documented* “viruses” which specifically target the Windows operating system, while there is only a handful of known viruses which targets the Apple Mac operating system range, and of these, some are actually concept malware produced by good guys, but to my knowledge none currently work against the latest version of Mac OS X. The folk behind writing and deploying malware target the largest market share and the lowest hanging fruit, namely the easiest OS they know is the easiest to exploit from. Microsoft Windows operating systems are by far the most used operating system on this planet and has arguably been one of the weakest for security in comparison to other operating systems like Mac OS.

A third point often raised in this debate, is Windows users are less technologically savvy than Mac users (in other words more stupid!) and therefore are more easier to be "conned" into clicking links which execute and install malware. I think this might have been true in the past, but today I note that many non-techies are using Macs, many people are simply choosing a Mac over a PC as a status or even fashion symbol, so I no longer buy the PC users on average are more stupid than Mac users argument.

Anti Virus Protection is no Guarantee
Anti virus does not guarantee complete protection against all known viruses and malware, AV protection is only as good as AV's latest update, and even then may not be able stop all of the latest malware. So you could well have anti virus installed on your Mac which is bang up-to-date, but if a new type of virus suddenly appears on the scene, the anti virus may not detect the virus anyway, the truth of how ineffective some anti-virus products on Windows PCs is actually quite alarming, but I'll save that one for another post.

Do business Macs need Anti-Virus Protection?
The short answer in my opinion is Yes. Medium to large businesses which have Apple Macs deployed in a mixed Microsoft Windows environment, may well want to consider deploying and running anti-virus protection on their Mac estate.

Why? Macs have been known to harbour Windows based malware, malware which could make its way from the Mac via file sharing on to Windows PCs. Just because Windows malware does not work on the Mac, it does not mean it cannot be stored on a Mac drive, and if that Mac has no anti-virus protection, then the malware files on the Mac drive are never checked for Windows malware, which in turn means the malware files are never removed, and leaving any Windows malware present and dormant on the Mac drive. Should that malware data file make its way onto out of the Mac drive, perhaps via a network share, USB memory device, or server storage, and then onto Microsoft PCs, then there can be real issues in store for the PC estate.

Also there are information security regulations and standards which insist on the deployment of anti-virus protection regardless of the operating system and your perceived risk.

Where can I get Mac Anti-Virus Protection
If you feel you need anti-virus protection on your Mac at home, or within your business environment, most of the usual big commercial anti-virus vendors provide a Mac OS anti-virus client, personally I'm independent of security vendors, which is important, as I try to keep my advice independent and objective, so I'm not going to be suggesting any vendors here. But there is a free home Mac anti-virus client called ClamXav - http://www.clamxav.com/, as I said in my blog post last week, I believe anti-virus protection should be free for all home users and provided out of the box by the OS vendor - http://blog.itsecurityexpert.co.uk/2010/04/home-anti-virus-is-completely-free-as.html

The Biggest Threat to Mac Users
Finally home Mac users should be still be wary of attacks made through their web browser and their email client. For instance phishing attack is just as likely to be successful against a Mac user as it is a Windows user, always remember many online fraudsters are targeting your personal information, your credit card details and your online bank account login details, which are often obtained through attacks through web sites (the web browser) or through the Email client, either way by conning the person into sending the details. Some third party applications on Mac can also provide a way in for malware, such as file sharing apps, to be wary about what you agree to install.

This is an interesting topic, and has been hotly contested in the security industry for years, especially between AV vendors with Mac anti virus products to pendle, and Apple enthusiasts (BTW I'm neither!), so if anyone has any different views whether in agreement or not, or indeed recommendations, please post in the comments - Thanks.

* April 2008, the BBC News reported Symantec now claimed "their anti-virus programs detect to 1,122,311 http://news.bbc.co.uk/2/hi/technology/7340315.stm

Tuesday, 13 April 2010

Home Anti-Virus is Completely Free, as it should be

It's a real travesty that many home users are for paying for anti-virus protection on subscription, not realising they can obtain solid anti-virus protection for free. Commercial anti-virus vendors have been snaring home users for years by providing their commercial AV applications with new PCs, often pre-installing their anti-virus application onto the PC operating system itself as a free trial. Once the free trial has finished, home users end up signing up to the AV on subscription through fear, not believing they have any other free alternatives for anti-virus protection. However home anti-virus protection should be completely free, and it is completely free.

For many years it has been long my personal belief home anti-virus protection should be provided completely free of charge, and in the case of Windows Operating System (OS); the OS most plagued by viruses, worms, spyware and other malicious software (malware), it should be built into the operating system itself.
Malware: A term which is short for Malicious Software, the collective term for describing Viruses, Worms, Trojans, Keyloggers, Spyware, and Adware.

I believe free and built in anti-virus is a necessity to protect the individual PCs of non-security savvy home user, and to protect everyone else on the Internet as well. As 100,000s of PCs infected by malware affects and impacts everyone online. Malware infected PCs are used for everything bad, from sending spam Email messaging on mass, to the mass propagation of malware, to highly intricate network based attacks. It has been a long personal criticism I had of Microsoft, in that they didn’t provide built in anti-malware (anti-virus) protection right out of the box, well until now.

Yes the good news is at last Microsoft has finally got around to providing free anti-virus and anti-spyware with their Windows operation systems for home and small business users, the only proviso is you actually own a licensed copy. Over the last six months I have been trying the Microsoft anti-virus protection on a multiple of Windows operating systems and different hardware, and I have to say I have found it to be up to the job, and indeed I would say it’s on par with most home commercial anti-virus applications, in fact in one test I found it scans much faster than some of the commercial AV products. Now commercial anti-virus vendors will claim their specific product is better than everybody else’s anti-virus application, and that their product provides extra security protection, has won awards etc. However the truth of the matter is no anti-virus application can ever guarantee 100% protection, and it is a dangerous game to play to assume one anti-virus application protects better than another, given the fluid nature of malware threats which changes by the hour.

It is true many anti-virus products come packaged with additional security protection for your money, some are more useful than others. Many of these additional services such as web filtering and anti-spam can be obtained for free elsewhere. For instance home users should be aware Microsoft Windows 7 provides web filtering out of the box while email providers such as Google's Gmail have pretty good anti-spam built in these days. And as for operating system firewall protection, well that's already built into the Windows operating systems. Some of these extras can actually unnecessarily slow your PC operation down for very little security benefit, especially on older PCs.

Free Anti Virus: Microsoft Security Essentials

Aside from the Microsoft offering, there are several other good free Windows based anti-virus applications available, which have been around for a number of years, such as AVG and AVAST. However for home users I would recommend installing and trying out the Microsoft anti-virus application first, which known as Security Essentials. But that’s my personal opinion, the important thing is you install and use an anti-virus application on your Windows PC, regardless of who provides it, as it’s a vital component of home PC security.

My recommended Free Anti-Virus\Anti-malware Products are:

Microsoft Windows Security Essentials
Anti-Virus & Anti-Spyware
www.microsoft.com/security_essentials
Requires licensed copy of  Windows
Requires Windows XP, Vista and Windows 7
Windows XP, a PC with a CPU clock speed of 500 MHz or higher, and 256 MB RAM or higher.

AVG
Anti Virus Protection
www.AVG.com/FREE

AVAST
Anti-Virus Protection
http://www.avast.com/

Spybot Search & Destroy
Anti-Spyware/Anti-Adware Protection & Spyware/Adware Removal
http://www.safer-networking.org/en/download/

Microsoft Malicious Software Removal Tool
http://www.microsoft.com/security/malwareremove/default.aspx

Finally I would like to stress the importance of ensuring your anti-virus application receives updates automatically, without automatically updating enable with your anti-virus application, your PC won't be protected against the latest threats.  And equally the important, is to check Microsoft security updates (patches) are automatically downloaded and updated upon their release, these updates tend to be released on at least monthly basis.