Bruce Schneier has an article that describes a way that people can steal your passwords just by plugging an iPod or USB thumb drive into your Windows computer:
"...basically you can configure a file on your USB device to automatically run when it's plugged into a computer. That file can, of course, do anything you want it to.
Recently I've been seeing more and more written about this attack.The Spring 2006 issue of 2600 Magazine, for example, contains a short article called "iPod Sneakiness" (unfortunately, not on line). The author suggests that you can innocently ask someone at an Internet cafe if you can plug your iPod into his computer to power it up — and then steal his passwords and critical files."
An article at webuser.co.uk says that spyware and trojans are on the rise. Another good reason to use Linux live CDs when on a public computer.
"Webroot's latest report shows that during the first quarter of 2006 the number of spyware infections jumped to 87 per cent from 72 per cent in the same period in 2005; a rise of 15 percent.
According to Webroot's figures, the total number of Trojan horses also increased from 18 percent over the previous quarter to an average of 29.5 per cent."
I came across several articles today that were a bit disturbing. Apparently some people believe they have found evidence that the US government is using Microsoft Windows to spy on people.
Here, a German site discusses the issue in English.
There is also some information about the _NSAKEY on Wikipedia.
Microsoft have said that over 65,000 viruses exist . What they don't mention is that there are very few virus threats for other operating systems like Linux or Mac OS X. A list of Linux viruses from Wikipedia.org gives some indication, especially considering that most or all of those Linux viruses are extinct in the wild and are no longer a threat. If any readers could provide a list of Mac OS X viruses I would be interested in reading it. I believe that only one or two threats exist for Mac OS X.
McAfee has a great virus map that shows how many computers around the world have been infected with viruses.
The most powerful scanner for Windows that I know of is called AVG Anti-Spyware (formerly known as Ewido). You can download a free 15-day trial version of the program and scan a computer with it. It will often find spyware, viruses, and trojans that all the other programs miss. If you have to use a public computer that runs Windows for any kind of transaction, I recommend at least scanning it with Ewido just to see how infected the computer might be.
If you find a trojan on your computer you should reinstall the computer. Once the computer has been infected by a trojan, it is possible that intruders have gotten into the computer and once they are inside they can make modifications that you will never be able to find with any scanner.
Spybot Search & Destroy has a great "immunize" feature, and AdAware is a good spyware scanner. Neither program is able to find everything so it's good to scan with both programs.
Make sure that you have anti-virus software running. I've seen many public computers that did not have any anti-virus software in use. If a computer doesn't have anti-virus installed and updated, you can download a free version of the AVG anti-virus program.
When using Windows you should always make sure you have a software firewall running. A good software firewall does a couple of things:
- Prevents unauthorized access to your computer from the outside
- Prevents unwanted programs from accessing the Internet, and notifies you of any program that wants to access the Internet
If your anti-virus doesn't already have a software firewall included, you can download a free firewall called Zone
Internet Explorer is not very secure and if you use it you may end up with a lot of unwanted spyware. Firefox is a free alternative browser that prevents a lot of problems caused by Internet Explorer.
Why Internet Explorer is Unsafe
Internet Explorer is unsafe partly becuase it uses a feature called ActiveX that can allow software to install on your computer without your permission. A current list of Internet Explorer security flaws can be found on Secunia's Vunerability Report. More information about why Internet Explorer is unsafe can be found on BrowseHappy.com.
The first step in making Windows more secure is to visit Windows Update with Internet Explorer and follow the directions provided to download all available updates.
If the site gives you the option to turn on automatic updates be sure to also choose "yes" for that option.