Basic rules for keeping your computer safe

Don't open an attachment that comes in the mail unless you asked somebody to send it to you.

technofile
Al Fasoldt's reviews and commentaries, continuously available online since 1983

Basic rules for keeping your computer safe

Dec. 12, 1999

By Al Fasoldt
Copyright ©1999, Al Fasoldt
Copyright ©1999, The Syracuse Newspapers

   "Stop telling me what's wrong," a letter-writer said after I wrote about security flaws in PCs. "Tell me what to do about it."
   Fair enough. Here are the five most important things you should do to protect your PC against intruders and viruses, in order of importance.
   1. Buy and install a firewall program.
   The firewall will block intruders from breaking into your Windows PC across the Internet. If you have a home network or network at a small office in which all the computers access the Internet through one Windows PC, install the firewall on that one PC. A program called BlackICE is the best by far. Get it from www.networkice.com.
   If you don't have an Internet connection, you don't need to install a firewall program. A firewall has no use except as a barrier against unwanted entry from the outside. If your PC is not connected in any way to the outside world, don't install a firewall program.
   2. Buy and install antivirus software.
   But listen up. Nobody else will tell you the bad part about antivirus software: Most of it is overstuffed and underpowered, so skip the two big names (Norton and McAfee) and buy Fix-It from Mijenix instead. Fix-It comes with good AV software that doesn't overload your PC the way the Norton and McAfee programs do. (Norton is made by Symantec, so avoid Symantec antivirus software if it's sold under that name, also.)
   Antivirus software is no good if you don't run it. In an ideal world, you would run it all the time. But you probably can't. AV software usually gets in the way when you (or your kids) are playing serious games. So as soon as you install your AV software, find out how to disable it so you can keep peace in the family. Then make sure you know how to reenable it when the PC is not used for games.
   3. Unless you have a VERY good reason to use it, do not use Outlook Express for e-mail.
   Outlook Express is deadly. It allows viruses to enter your computer when it gets the mail. You don't have to read the mail; just getting the mail is enough. (I'll explain how this happens in a minute.)
   Use another program. Netscape Messenger is fine and does not have the problem. You can get Netscape Messenger free by downloading and installing the Netscape Communicator suite. Go to www.netscape.com.
   Outlook Express is not the same as Outlook 97, Outlook 98 and Outlook 2000. If you are now using one of those Outlook programs, you can keep using them if you turn off the View function. Viewing a message in Outlook can allow viruses to enter your computer. Just as with Outlook Express, users of Outlook don't have to open or read the mail to let viruses in. Just viewing the mail is enough. (Outlook Express always shows the mail in the View function, visibly or not; even if it seems that you can turn it off, you actually can't stop this behavior. So you can't block some of the newest viruses. That's why Outlook Express is unacceptable.)
   If you can't switch to a safer e-mail program right now, or if you want to keep using Outlook Express despite my warnings, go to http://www.microsoft.com/security/Bulletins/ms99-032.asp and follow the directions you see there. But please understand that the basic problems of Outlook Express are not fixed by the directions Microsoft will give you at this site. The fix is only good for one kind of problem.
   4. Don't open an attachment that comes in the mail unless you asked somebody to send it to you.
   I doubt that you'll ever ask someone to send you a virus, so I'm confident that following this simple rule will keep your PC from getting infected by viruses that arrive in attachments. The only help you'll need is sticking to the rule. An example will show what I'm talking about.
   Suppose you are at work and an e-mail letter arrives from your mother on the other side of town. It has an attachment. "This is cute!" the letter says.
   Should you open the attachment? Not on your life. You didn't ask for that file. You have no idea what it is. And your mother probably doesn't really know what it is, either. Most people who pass along attachments of this kind (a "cute" kitty that tiptoes across your screen, for example) do not know what the attachments actually do. It's child's play for a virus creator to hide a virus in a program that makes a kitty appear on your screen, but you can be sure that the people who pass along "cute" attachments never realize that.
   Here's another example. Let's say you're at home and an e-mail letter arrives from "a 911 dispatcher." The letter has been forwarded 4,729 times, and each time it picked up a few more comments that say something like, "I swear this is true. A friend of mine knows the brother of the priest who heard the confession of the woman who waited on the guy who was in the diner when the whole thing was shown on TV" -- you know what I mean if you're used to chain letters. The note from the "911 dispatcher" says the attached file contains important information about some sort of crime.
   Should you open the attachment? Not a chance, pal. You didn't ask for that file. And you can be sure that 911 dispatchers don't spend their time sending out e-mail to strangers. So, since the letter is almost surely a hoax, you'd better send it straight to the trash.
   Notice that I didn't say what some of you think I said. I didn't say, "Don't open an executable attachment. ..." I said, "Don't open an ATTACHMENT," period. Viruses can enter your computer in all sorts of ways. Attachments of any kind are suspect. Don't play a game with your safety.
   5. Stop using cookies.
   Cookies are small files on your PC that Web sites use to keep track of you. Some of them are harmless and even useful. I was neutral about cookies for quite a while, but now I'm very much against them. Why? Because cookies are too invasive. They're out of control. Cookies can even be generated in e-mail. (Play that part back if you're not sure what you just read. Yes, cookies can be generated in e-mail.) Sites that pick up e-mail cookies know even more about you than you might think. They know your e-mail address, and that means they can track your every move from site to site. They can tell exactly which ads you viewed and which Web sites you visited at any time.
   That's unacceptable. Your privacy is only as valuable as you want to make it. Don't let somebody who sells ads take it away.