Monday, June 06, 2011

One in Every 14 programs downloaded is malware?

A few weeks ago, Microsoft blogged about Internet Explorer 9's new "SmartScreen Application Reputation" feature. Microsoft quotes a statistic that 1 in every 14 programs downloaded (on the Microsoft platform) is confirmed to be malware. Of course, statistics can be twisted, so I am not sure what Microsoft defines as "malware". I also assume they are talking about files downloaded through Web browsers, and not files downloaded from the Internet.

From my experience, the riskier the behavior the user engages in, the more likely it is they are going to have a problem. When a friend has a computer crash, it generally has something to do with the activities they engage in on the computer. For example, if people visit shady sites to download videos or music, they risk running in to problems. Making things even riskier (though not affected by this study, I assume) are the file sharing networks.

Even if you have an updated antivirus program, and antispyware, and a firewall, you still risk running in to problems. A virus released today may not end up being blocked by antivirus tools for a few weeks. First, the virus has to come to the antivirus company's attention, and then they must figure what it does and how it does it, and then program a fix, test the fix, and make it available for updates. Then, the user's home machine needs to download the update and apply it.

These viruses are called zero-day viruses, and it isn't unreasonable for it to take weeks for a low-priority virus to get blocked. Further complicating matters is that many home users do not always pay for updates to the antivirus tool. It's generally better to have a free, up-to-date antivirus tool than an outdated commercial one, because new viruses are written all the time. I have in the past personally used the free AVG antivirus, and there is also a free version of avast! antivirus available.

Of course, Linux and Macintosh computers deal with less viruses, not because they can't be written for those operating systems, but because Windows has the largest market share and generally has more inexperienced users. If Macintosh ever became more popular than Windows, hackers would certainly work to find exploits for that operating system too.

So, Microsoft will claim IE9 is safer than Firefox, and Firefox will claim they are safer than IE9. If nothing else, turn a critical eye to both claims. And, if you want to be safe, stop doing risky things. They say the safest sex is abstinence, after all, and the same concept applies to computer activity.

Link to Network World article

No comments: