At the least, Windows XP users should consider DropMyRights. Windows 7, which I hate with a passion, does a great job of running as a restricted user. An explanation of this belongs in the fictional Internet User Guide.
- Windows autorun:
Microsoft keeps trimming it back, but it still exists in Windows 7. It should be thoroughly, completely and totally disabled. Microsoft does not offer this as an option. I did back in January 2009. The technique I described then still works and is still necessary in Windows 7.
Sometimes, perhaps often, the bad guys are more motivated than the good guys. Maybe its the potential for a huge payday, a sense of pride, the desire for respect from their peers or a sense of nationalism (it has been suggested that some hacking is state sponsored).
- Bad guys rarely get caught.
- Competent techies:
When hiring nerds, it's hard to judge technical competence. Computers are a new and fractured field. Plus, as noted above, programming is still an art rather than a science.
- The good guys may not be perfect:
Some good guys are not well trained for the task at hand. Some are optimists (only a pessimist will think of everything that can possibly go wrong and plan for it). Some are lazy. Some are intellectually challenged (think boss's brother-in-law). As noted in the first point on this list, the good guys only need to fail once for the house of cards to fall. Then too, some good guys are not good guys at all - it only takes one rogue techie to undermine the good work of their honest techie colleagues.
- SQL injection:
If anything points up the imperfect nature of developers, it's SQL injection, a way of hacking into websites. SQL injection is totally preventable (I say this having worked with databases for many years). That it succeeds, is a mark of sub-optimal application developers. Perhaps lazy, perhaps ill-trained, perhaps an honest oversight here and there, or maybe just under the gun to finish a project as quickly as possible.
- The bad guys are constantly getting better, both in the sophistication of their software and their scams. They also adapt to pick on the weakest link in the security chain. For example, as Windows got better at keeping itself updated with bug fixes, the bad guys moved on to attack other popular software (Java, Flash, Adobe Reader).
- Not enough sandboxing:
Sandboxing refers to putting a virtual wall around an application to insure that it does not harm the rest of the system. My favorite Windows sandboxing utility is Sandboxie. It can prevent the permanent installation of malicious software on Windows PCs. It does not prevent malware from getting onto a computer in the first place, and the malware can execute if not caught by standard antivirus software. But Sandboxie can prevent malware from permanently residing on a Windows computer. It does not get nearly the attention it deserves. Highly recommended.
- Antivirus software:
Speaking of antivirus software (for Windows), any single product offers flawed protection. Many computers with up to date antivirus software get infected anyway. And, even if an antivirus application detects malware, that doesn't mean it's cleanup of the infection will be perfect.
Sign up for Computerworld eNewsletters.