But; these
do not protect you from “zero day”
threats; i.e. ones that have not yet been categorised and profiled by the AV
software. These are the main vector for crypto viruses. Further, it is quite
possible to browse mainstream sites today and be hit by these viruses that have
piggy backed on top of ads being shown on the site without you clicking on
or doing anything actively yourself. (Known as “drive-by” attacks). Ensuring you are not running as an administrator (not always practical) and the registry policy changes noted in the previous blog are another level of protection - but also not infallable.
One means
to mitigate this threat is to use a combination of ad blockers (uBlock Origin
on Firefox is currently the best regarded) and script blockers (which prevent
anything from the web site running on your machine). The latter can work well –
but are extremely difficult to use; so much so that most people stop using them
a couple of days after installing them as they are too much trouble.
At this
point in time, the best way to deal with this class of threat is to sandbox your web browser. i.e. have it
run in an environment that is actually separated from the rest of your
computer, so that anything that “infects” it, actually only does so in the
sandbox – affecting nothing in your “real”
computer. Your AV software may or may not pick up the threat. But even if it
does not, the infection is limited to the sandbox – and automatically deleted
when you exit the browser.
The current
programme of choice is Sandboxie (with
a new
version in beta form for windows 10 – for those who have upgraded). This
works extremely well at preventing
the crypto-viruses from getting to your system. I have bought their perpetual
license bundle for all our computers – and it just runs now invisibly and
automatically anyone runs a browser. You have to go into the sandbox settings and tell it that you want it to run automatically by the way!
I would note that if you are concerned about data privacy, Sandboxie in its current version and without AV does not necessarily prevent a very specialised virus exfiltrating data from your system. The sandbox only prevents data being written in your real system and data file areas. However, the risk of a virus just aiming to snoop your data and being able to sidestep AV systems is very, very low.
In summary:
In summary:
- use an anti-virus programme and keep it up to date. Under windows, the free Defender programme is actually fine. If you want to pay $, then Kaspersky is probably the current front runner
- use an ad blocker with your browser. My current browser of choice is Firefox in terms of speed, resource efficiency, flexibility and security. Keep it up to date. uBlock Origin is my current ad-blocker of choice; Adblock Plus has been regarded in the past as the best - but it will let ads through if they are paid!
- run your browser in Sandboxie; keep it up to date too! Ensure the settings make Firefox (or other browser of choice) run with it every time.
- additionally, if you are concerned about the privacy and security of your data online, the from the Electronic Frontier Foundation has two excellent Firefox add-ons:
- Privacy Badger to stop sites tracking you, and
- HTTPS everywhere to force secure connections to the sites you choose - to the extent that this is possible.
No comments:
Post a Comment