Computer Security: The Missing Link
Is your computer really secure? If you have antivirus software, malware scanners and a firewall, you might think you're safe from hackers, crackers and identity thieves. But chances are, you're missing one critical piece of the security puzzle. Read on to learn how to secure your software and truly lock down your computer...
Securing Your Software
You may feel safe behind a firewall and anti-virus software. But you're not. Bad guys can still get to your personal information stored on your computer, and even take over your computer and run it as if it was their own. The gap in your armor? It's the application software you use every day. Let's look at two recent examples.
Do you ever read Adobe PDF files, in your browser or with Adobe Reader after downloading? Tens of millions of people do; PDF is one of the most widely used file formats. But unfortunately, hackers have found ways to embed malware in PDF files that can spring to life when you view the document. Another high-profile case involved the Java software, which for years had been touted as a secure cross-platform application environment. Some serious security holes in Java prompted many pundits to recommend removing it altogether. New vulnerabilities are discovered in software every day, it seems.
Software developers issue patches and updates that close these doors to hackers in a never-ending game of Whack-A-Mole. A vulnerability pops up here, hit it with a patch. Another pops up over there, hit it with another patch. Developers provide the patches, but it's up to you, the end user, to whack the moles by applying these patches.
Staying on Top of Application Security
It's vital to keep all your software up to date with the latest patches and upgrades. If you haven't been keeping up with your Windows system updates, see Is Your Operating System Secure? and then come right back here. In addition to the operating system, the average computer holds about 80 application programs! Some are pre-installed, and some are downloaded from the Internet. How can you keep up with it all?
First, concentrate on the programs that are most often targeted by bad guys. They are the most commonly used programs: Microsoft Office, Adobe Reader, Internet Explorer, Skype, etc. The more people there are using a program, the more targets there are for a hacker's arrows. Naturally, the hacker goes after the biggest potential "market" for his malware.
Second, activate automatic update features when they are available. Then your software will check its home site for patches and upgrades every day, or week, or whatever. It can download and install updates without bothering you at all, or tell you when updates are available and give you the choice of when to install them.
Some security experts tell you to turn off automatic updates because a connection to a server is an open line through which hackers can invade your computer. But turning off auto-update closes one door while leaving untold numbers of others wide open. Who are you kidding? You're not going to remember to check for updates manually on a regular basis. You'll let it slide until your software is so outdated it contains dozens of vulnerabilities. Leave auto-update on and let the software remember for you.
Third, you can check all the software on your computer for vulnerabilities using the Secunia Personal Software Inspector (PSI). This free program comes from a trusted security site, and scans your software for known vulnerabilities. It will tell you which programs need updating and provide links to sites where you can download patches.
I recently ran PSI while researching the issue of software security, and I was very surprised by the results. I have security software in place, and I thought I was keeping up with all my patches. I felt pretty confident about the security of my computer. But PSI flagged Adobe Reader, Skype, iTunes, QuickTime, Java and a few others as needing updates. At least THREE of these vulnerabilities were marked Critical, meaning that under certain circumstances, an Evil Hacker could have exploited them to gain complete control over my computer. Yikes.
Other Software Security Tools
The FileHippo Update Checker is similar to PSI, and has been recommended by many readers here over the years. It runs a quick scan of your installed software, then shows a list of software for which updates are available. Keep in mind that when FileHippo flags an application, it's not necessarily due to a security issue. It's just letting you know that a newer version is available. During installation, the FileHippo "run at startup" box is pre-selected. If you don't change that, FileHippo will do a scan every time you start your computer.
I also recommend the free Qualys BrowserCheck scanner, which reports the status of your browser plug-ins. If any are out of date or need security updates, it will alert you and provide a download link to fix the problem. Run BrowserCheck in each web browser (Internet Explorer, Chrome, Firefox, Opera, or Safari) that's installed on your computer.
I want to issue a caution about the CNET TechTracker, which is yet another software scanner checker updater utility. Although this tool has gotten positive reviews in the past, I cannot recommend it for several reasons. The first has to do with the pollution of CNET by what I call foistware and crapware. Because of a variety of tricky and deceptive practices, it's nearly impossible to download anything from CNET without getting some other invasive or unwanted software. See CNET/Download.com: A Six-Part Horror Story for the details on that.
The second reason is that TechTracker is being discontinued, and it's features will be rolled into CNET's new Download App. I thought I'd give Download App a try, just so I could see if the Tech Tracker replacement was worth recommending. But no... the "recommended" Express Setup on the download page tried to foist the "Sweetpacks Toolbar," and wanted to change my browser home page and default search engine. After choosing the Custom Setup option, I noticed a sneaky pre-checked box giving permission to install all of the same crapware! After unchecking that box, the next screen blared "Support the ASPCA!" Turns out that option would have installed the "We-Care" browser parasite. At that point, I just said NO and decided to abandon the install. CNET, I'm done with you, until you clean up this mess. (Sigh.)
I started off this article by mentioning anti-virus and firewall protection as a given. If you're not 100% sure you have both of those bases covered, see my related articles Free Anti-Virus Programs and Do I Really Need a Firewall? to learn more.
Bottom line... the trusted software you use every day can be a source of danger to your personal information. Keeping your software up to date is your best defense. You cannot afford to let vulnerabilities go unpatched.
Your feedback on this topic is welcome! Post your comment or question below...
This article was posted by Bob Rankin on 24 May 2013
|For Fun: Buy Bob a Snickers.|
How Does Antivirus Software Work?
The Top Twenty
Google Search Alternatives
There's more reader feedback... See all 28 comments for this article.
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Computer Security: The Missing Link (Posted: 24 May 2013)
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Computer Security: The Missing Link"(See all 28 comments for this article.)
24 May 2013
I agree with your comments re: Secunia Personal Software Inspector (PSI). I've used it for years. It's easy to use and quite useful for someone as PC-Challenged as I am.
However when I recently "updated" it to Version 3.0 (the Version your link points to) I found it almost unusable. It took 30"-40" to load, 1-2 hours to scan and 1-3 hours to patch a program. (Version 2 takes about 1" to load, 3"-5" to scan and 5"-8" to patch a program.)
When I went to the Secunia Forums I found the LONG loading, scanning and patching times for Version 3 were NOT unique to me.
So...my suggestion...go to http://secunia.com/products/consumer/PSI/sys_req/ to download Version 2. The link is on the middle far right-hand side of the page ("PSI 2.0").
24 May 2013
My comments below refer to the PORTABLE version of kcsoftwares (kcsoftwares.com) SUMo only. I DO NOT RECOMMEND ANY OTHER VERSION as the others may contain the software Relevant Knowledge and/or Open Candy. Relevant Knowledge has been described by some as Spyware and Open Candy places ads on your computer.
I like the portable version of SUMo for determining which software needs updates and where to get them. SUMo does a good job doing all of that, sees 99% of the software on your system, and determines which, indeed, can be updated. It bases the need for updates by comparing the version number on your computer with the version numbers on all of the other computers it has scanned that have the same software. It is not perfect, particularly in areas where the software version depends on the hardware in your computer, but still gets it right about 98 - 99% of the time. It doesn't take long for a user to know whether or not to take SUMO's suggestion to update.
After suggesting updates, SUMo uses Google to help you find the update. Here, it is less useful, as Google will find correct update pages only about 90% of the time (using whatever terms SUMo sends it), but that is still helpful. And the user has the option, of course, of using other terms for the search.
All in all, the portable version of SUMo does the job for me. It is not perfect, but it is very, very good.
24 May 2013
Thank you for your very helpful computer/internet/software, etc information.
Thank you for being one of the Good Guys.
24 May 2013
I would mention one other place to check for updates: Ninite (http://ninite.com/) allows you to create a custom program to update or install software on your PC. What's REALLY nice about it is that it updates or installs without any crapware. I REALLY like how much easier it makes updating my software.
24 May 2013
I'm not sure I agree with your somewhat harsh criticism of CNET downloads. Even someone as PC-Challenged as myself can easily see (and UNcheck) the boxes for the crap (or click "DECLINE" at the bottom of the page). After years of CNET downloads I've NEVER ended up with any unwanted "surprises".
I never used their TechTracker (the User Reviews have always been pretty negative) nor tried their new Download App.
But any program you download on CNET (if you remember to sign-in first, of course) gets automatically added to your "Download Watch List".
This has 2 major benefits (to me, at least). First...when a newer version of any program on the list becomes available you're automatically sent an email notification with a link to the new version download. Second...after I had a PC crash and had to re-format I went to this list, scrolled down all my programs, clicked on the "Download" button to the right of each one and was back up-and-running almost effortlessly.
25 May 2013
I, too, just got nailed by CNET, and you can't just remove everything at once. They have a list of 16 things you must do if you want all that Crapware removed! That's it for me and CNET, too.
25 May 2013
You wrote, “Some serious security holes in Java prompted many pundits to recommend removing it altogether.”
That was a very good recommendation indeed.
Please note that when one tries running the Secunia Online Inspector, one is required to install … Java.
Thank you for your useful site.
25 May 2013
Can you confirm what one poster says about CNET? Is there something wrong with download.com?
26 May 2013
Bob, You I trust - others I verify! Thanks much I just downloaded Secunia Personal Software Inspector and I was amazed at how many programs are on my computer. They all checked out up to date. Too bad I'm not smart or I could probably determine which ones I don't need or use. I also have been with you since the Tourbus days. You are doing a great service for we unsmarts.
26 May 2013
I agree with you re: Secunia's PSI. It's the best of the lot, and it catches a lot of the "under the hood" stuff that is otherwise overlooked. It doesn't have the widest range of applications in it's library, however.
CNET's new Download App is, as you and many others have pointed out, full of foistware (I like that term! TY :) if the default auto-update feature is used. If the updates are done manually and individually, it works just fine (granted, it takes a little longer). Alternatively, just use it to identify the applications that need updating, then go to the application site's download page. I use it about half-and-half between two methods. CNET does have the most extensive library (doesn't get a lot of the under-the-hood stuff that PSI does) and does the best job of identifying programs in need of updating.
I've been trying out FileHippo's update checker for the past month: I'm not that impressed. It only catches between 30-75% of the possible updates for my applications, then doesn't recognize that they've been updated after the updates are installed.
(Thanks to Geri for the link to PSI 2.0 - I agree that 3.0 takes way too long. And thanks to Coover for SUMo - that's a new one. I'll check it out (question: often, portable versions are simply that - portable, but are otherwise the same as the non-portable versions. Have you tried the non-portable? I'm wondering if the Open Candy, etc., are part of the auto-default install, but can be declined if the "custom" install option is used. Can you clarify any of that?)
26 May 2013
I recently read an article (I think it was here, but maybe not) about the percentage of malware sites returned by the various search engines. Chrome returned significantly fewer than Bing; that was the big reveal.
Here's a link to an article I received from EmsiSoft. They find that IE10 is safer than Chrome when it comes to running malware.
Up to you if you want to share it with your readers.
Ciao for now.
26 May 2013
Major Geeks has a free update checker that you might want to take look at.
27 May 2013
Sad about CNET. Back in the day when everything was NOT online CNET was such a trusted name. I don't know what happened to them but it would almost seem they have fallen into a funk of greed I suppose. My guess is that somehow someway they get a kickback from this "crapware". I too have pretty much boycotted (sp?) CNET.
27 May 2013
I downloaded & installed Secunia PSI, it was unable to connect because it said it doesn't work with Proxy servers. I use Verizon wireless. Don''t even know how to use a Proxy. Would love to be able to teach this tool to others if I could get it to work on my 6 computers. Is there a patch of some kind or what?
I use your columns extensively to teach seniors about their computers & how to operate safely.
27 May 2013
The third time I ran the Secunia PSI it ran.
Sorry for the intrusion
28 May 2013
Excellent article. Been using PSI for years. Not a fan of version 3 yet as I thought version 2 was more intuitive. Finally, C/NET gets called out ! If enough of us keep on C/NET, there may be hope for them yet. Wish I could get my company to put PSI everywhere !
29 May 2013
Not only C|Net but also TUCOWS is putting foistware in their downloads. They both used to be trustworthy, it is sad to see the pursuit of the almighty dollar corrupt the integrity of once trustworthy sites.
A couple of updates ago Avast! Free Antivirus added a software update checker to the program. I am not too impressed with it yet, but it is there.
I have been running PSI on my systems for several years now, and was very disappointed with the update to version 3. They did at least add the view all programs capability on the second iteration, but it is still too slow. I thought it was just my slow computers, now I see from earlier comments that it is not just me. One other thing about Secunia PSI, they, by their own admission, only check for critical updates. So if you have a program that has been updated but not to fix a security flaw PSI will not tell you about that.
Thanks for the info on FileHippo, I just downloaded it and man is it quick, makes me wonder what PSI is doing that it takes so long.
28 Apr 2014
good article as usual but i believe you owe your readers a response to all the negative comments on your recommended Secunia software and the alternative use of Ninite which you also recommended according to a reader.
I have Avast and it recommends software that need update but even though I update Adobe it still shows as needing update?
EDITOR'S NOTE: I just downloaded Secunia PSI on a Win7 PC and while it did take several minutes to scan my software, it did correctly identify what needed updates, and the updates went quickly. I continue to recommend PSI.
07 May 2014
Secunia PSI takes forever to run - use FileHippo Update or Glary Utilities instead. JAMES is right about Ninite which, while slow, takes out the dangers of downloading. The only sites that I still consider safe (besides author's sites) are Bleeping Computer, FilePuma, FileHippo, and MajorGeeks. CNET has sold out and you must never download from there!
20 Jan 2015
I had FileHippo on my old computer and this article prompted me to install it today on my new computer... seems that now you have to download their App Manager 1.45 and that gets the file checker program installed... low and behold, when I got to the point of starting the download I noticed they wanted to install the "Ask" toolbar... heeding your many warnings about this piece of crapware I terminated the download immediately... guess I'll just stick with Secunia Personal Software Inspector for now.