Thursday, February 23, 2006

Danger!

You’re probably thinking that it’s faceless hackers, Muslim extremists, Karl Rove, or James Carville. Nope — statistically those people are very unlikely to be the source of anything that hurts your computers. Well, then who is the most likely?

Your friends.

That’s right, your friends — the ones who email you those funny video clips, or the tear-jerker animal presentations. They are helping the real bad guys (who need red-hot pokers in their rectums) spread their evil. Of course your friends don’t know they’re helping the bad guys, but they are.

And so, most likely, are you. Because, like the vast majority of innocent email users, you (like me) forward those cute movies, those funny foreign advertisements, etc. to your friends.

And some of those attachments are bad.

How can you tell? Don’t anti-virus programs catch all those things?

No, they don’t. They catch some, to be sure. I use anti-virus software on my system, because I know it will catch a lot of the bad stuff. But I also know that it misses things — it misses the newest variations of viri, worms, and spyware. It will also miss the more sophisicated variations, especially the “polymorphic” ones that change constantly, specifically to evade anti-virus software.

But, you say “I would never forward an attachment to someone after it infected my system!” Well, I would hope not. But here’s the rub: you won’t know your system is infected! You see, the evil hackers (may they be plagued by incurable whole-body acne) who write these things understand quite a bit about human behavior.

There are many ways for them to fool you. One of the most common is the “time bomb": they tell their evil software not to do anything bad until some specific date, or until after it’s been installed on your system for some time — plenty of time for you to have forwarded it to all your friends. Another category of evil software simply hides itself, trying hard to never do anything that would bring itself to your attention. That’s because it’s quietly watching all your keystrokes — including when you enter your credit card number for online shopping, or your username and password to your bank account. Then it sends the interesting stuff back home to the scum who wrote the software.

How can you protect yourself against this? Especially if you’re not technically saavy?

The truth is there’s not much you can do. Even being technically saavy isn’t enough — to detect the best of the evil software (fortunately this is the small minority of it), you need to be a specialist with the right knowledge and tools. And you’d have to spend a lot of time, constantly, checking and rechecking your system. It’s a little bit like taking a walk. Someone evil could be lurking behind almost anything. You can improve your chances by being careful where you walk (a walk in San Diego’s Balboa Park is very safe when compared with a walk in San Francisco’s notorious “Tenderloin” district). Likewise, you can try to be careful with the attachments you open. Some of them (for instance, any that end with .EXE, .COM, or any of a few dozen other “extensions") are inherently dangerous, and should be avoided unless you know absolutely for sure that they are safe.

But with such advice, we’re already assuming some degree of tech saavy. Most non-technical people I know have already just given up on this — they either never open email attachments, or they always open them. In the latter case, they’re just hoping that nothing evil comes their way. And aside from running anti-virus software, and keeping it up to date, there’s little I can do to help them out. Chances are that one of these days they’re going to discover that some pimply ex-Soviet bloc teenager has their credit card number, or a Mulim fanatic in Iran has their street address and phone number, or … substitute your own nightmare.

The reality is this: if we want to enjoy the use of this modern technical marvel (the personal computer), we have to accept some level of risk — much as we accept the risk of an accident as the price we pay for enjoying the use of our car. There are things we can do to help mitigate the risk — we can spend money on anti-virus software, firewalls, etc., and we can educate ourselves. This is much like having seat belts and airbags in our cars, and learning defensive driving skills. And we can even try to “drive” our personal computers in better neighborhoods (e.g., be a little selective about exactly what email attachments you open). But we can’t make it completely safe to use a PC…