Originally published 3/23/11 on lubbockonline.com/glasshouses
The U.S.-CERT site is an excellent resource for information on computer security. It provides information at two levels, technical and non-technical. One of the articles is a list of common myths and the truth about them. I've provided the link, but here's the list of myths and the truths about them:
What are some common myths, and what is the truth behind them?
Myth: Anti-virus software and firewalls are 100% effective.
Truth: Anti-virus software and firewalls are important elements to protecting your information (see Understanding Anti-Virus Software and Understanding Firewalls for more information). However, neither of these elements are guaranteed to protect you from an attack. Combining these technologies with good security habits is the best way to reduce your risk.
Myth: Once software is installed on your computer, you do not have to worry about it anymore.
Truth: Vendors may release updated versions of software to address problems or fix vulnerabilities (see Understanding Patches for more information). You should install the updates as soon as possible; some software even offers the option to obtain updates automatically. Making sure that you have the latest virus definitions for your anti-virus software is especially important.
Myth: There is nothing important on your machine, so you do not need to protect it.
Truth: Your opinion about what is important may differ from an attacker's opinion. If you have personal or financial data on your computer, attackers may be able to collect it and use it for their own financial gain. Even if you do not store that kind of information on your computer, an attacker who can gain control of your computer may be able to use it in attacks against other people (see Understanding Denial-of-Service Attacks and Understanding Hidden Threats: Rootkits and Botnets for more information).
Myth: Attackers only target people with money.
Truth: Anyone can become a victim of identity theft. Attackers look for the biggest reward for the least amount of effort, so they typically target databases that store information about many people. If your information happens to be in the database, it could be collected and used for malicious purposes. It is important to pay attention to your credit information so that you can minimize any potential damage (see Preventing and Responding to Identity Theft for more information).
Myth: When computers slow down, it means that they are old and should be replaced.
Truth: It is possible that running newer or larger software programs on an older computer could lead to slow performance, but you may just need to replace or upgrade a particular component (memory, operating system, CD or DVD drive, etc.). Another possibility is that there are other processes or programs running in the background. If your computer has suddenly become slower, it may be compromised by malware or spyware, or you may be experiencing a denial-of-service attack (see Recognizing and Avoiding Spyware and Understanding Denial-of-Service Attacks for more information).
I especially like that last one. The newest computer in my house is 4 years old and runs everything from online games (free version of D&D) to streaming HD video. Just because a computer is a few years old doesn't mean it's obsolete. But a suddenly slow computer could be, and probably is, infected with malware. These days if you're running your computer as admin you may not be able to get rid of the malware without wiping the computer. So if you can install software on the account you surf the web with, create a new standard user account and start using it. You can usually remove any malware that gets installed in a normal user account. If it installs into an admin account you'll have to wipe the computer to be sure.
