How to avoid catching a Computer Virus
First of all, forget about Antivirus Software. As Jeff Atwood writes, blacklisting viruses does not work. The sum of all issues Antivirus software causes is a lot bigger than the sum of all issues you avoid by having Antivirus software installed. In other words, the problems Antivirus software causes are worse than the viruses you get by not having Antivirus software.
So how do you avoid viruses? Here are a few hints:
- Avoid market leaders. Viruses generally target software with large installation bases. Use a Mac or Ubuntu instead of Windows. If you have to use Windows, use Firefox instead of Internet Explorer. Do not use Microsoft’s e-Mail applications. Do not use Office applications such as Word, Excel or Powerpoint if you don’t have to. If you have to read documents from these applications, use third-party applications which can read the formats such as Open Office, Google Docs, Text Edit in Mac OS X, or iWork.
- Do not run as Administrator or root. Create a second, normal user account and use your computer running this account.
- Think before you enter your Administrator password. When you’re not running as Administrator, applications will sometimes request additional privileges to access data your current user does not have the rights to. Don’t just enter your password. Consider the application requesting additional rights. Does it really need those rights? What for?
- Run a firewall. Most modern operating systems come with a firewall installed out of the box. Activate it if it’s not activated by default (bad Apple!).
- Use a spam filter. A good solution is to use gmail to access your mail accounts, and then access gmail from your mail application. Gmail has a built-in spam filter, as well as a malware detector. Furthermore, it’s generally a good idea to discard spam messages without opening them. Opening a spam message could potentially exploit a buffer overflow issue in your mail application or browser. If you can identify spam by its subject and sender, just delete it without opening it.
- Do not run applications you did not get from a trusted source. There are only two trusted sources: CDs given to you by an official vendor, and the software vendor’s official homepage.
- Use virtualization for risky applications. You can use Internet Explorer without any risk, as long as you run the application within a virtual computer. Use VMWare or Parallels to run risky applications. Make sure that the application is sandboxed, i.e. has no access to your “real” computer from within the virtualized computer.
- Keep incremental backups. There is no absolute security, no matter what you do. Chances are, you’ll get a virus sooner or later, and you’ll lose data. If that happens, don’t try to get rid of the virus. Instead, roll your whole system back to the state before the infection. Mac OS X makes this extremely easy, just buy a big external disk, plug it into your Mac, and it’ll ask you whether you want to use it for your backup. That’s it. It’s easier to backup than to not backup, so just do it.
Above all, don’t be stupid. If you don’t du dumb things like visiting untrusted sites with Internet Explorer, or launch applications you’ve downrobbed from some torrent site, you probably won’t get infected.