A few weeks ago I was reminded that it still isn’t common knowledge that antivirus software will not protect your computer from all threats. A conversation with a family member that works for a small business revealed that their “IT Guy” thinks Windows Updates aren’t necessary, yet he continues to install antivirus software on workstations religiously. Unfortunately, that could not be further from the truth. Keeping your Windows machine properly patched is, in my opinion, more important than having antivirus software. Attackers are known for using worms that attack the vulnerabilities of a Windows machine from the outside without user interaction. The conficker worm is just the latest example of how improperly patched Windows machines can be compromised remotely and completely outside of the protection of antivirus.
Think that your firewall or router is protecting you from attacks like this? Think again. Once one compromised machine is on the network, all bets are off. Infected machines can be used by attackers to completely circumvent the firewall and infect any other vulnerable machines on the network. Mobile devices that roam from network to network can make matters worse by being the carriers of these infections, much like influenza is spread by humans. Worms like Conficker waste no time gathering personal data, logging keystrokes, and propagating to other systems. In Conficker’s case, the infection spread incredibly fast. In January, the infection count jumped from 2.4 million to 9 million Windows machines in just four days.
Clearly, there are a significant number of users with a false sense of security. It is estimated that 30 percent of the Windows machines connected to the internet are unpatched. I’m guessing that a lot of the same users that aren’t updating Windows believe their system is secure because they have installed antivirus software. This is just one of the many myths that many computer users believe today.
Please spread the word to your friends, family, coworkers, and acquaintances that Windows Updates ARE EXTREMELY important to the health of their PC and that Windows Updates, firewalls, and antivirus applications by themselves are not an all-inclusive solution to computer security. Instead, all of these security tools should be used in order to effectively protect a computer.
Some time ago, I devised a scheme for backing up my critical data that was both simplistic and inefficient. Every other morning at 4:00am I would create an image of my hard drive using DriveImageXML and then copy it to my NAS using the Windows Task Scheduler. This worked great for a while. However, as my hard drive contents grew it began to take too long to do these backups. Moving into an apartment that required me to use a wireless network was the final nail in the coffin and I finally discontinued this practice.
Since then, I have tried several different free backup solutions. None of them worked quite how I liked, for various reasons. Additionally, many of the ones that promised “set it and forget it” features rarely worked as advertised. In fact, after a month of using AceBackup I discovered my automated backups weren’t working for some reason. When a backup application has failed once, it’s hard to trust it again with such a critical task. I’ve heard a lot of great things about Jungle Disk but was reluctant to start paying monthly fees for a backup service that I ought to be able to handle myself.
Then, I stumbled upon the open source utility Areca Backup while looking for an acceptable backup solution for my work machine. Had I noticed at first that it was written in Java, I probably wouldn’t have tried it. However, I went ahead and installed it and I must say that this is the best backup utility that I have come across, at least for my needs.
Getting e-mails after backups is also a nice feature. Custom e-mail notifications can be set up for each backup. I setup mine to tell me in the subject of the e-mail if the backup was successful (1) or not (0). That way, I can filter successful backups that I don’t need to see to a reports folder while still getting the message when a backup fails.
The user interface of Areca Backup is surprisingly intuitive. I was able to create a compressed, encrypted, network-based backup with little trouble at all. There are several storage modes and backup types and backups are very fast. The coolest part about this software is the logical view screen. It allows the user to peek into their backups at files and restore any version of a file that they please. To recover, simply right click and select Recover… and then point to the folder where you want the recovered file(s) placed. Another incredibly useful feature is the ability to search within your archives for files.
The only part of this backup utility that seems half-baked to me is the scheduled backups feature. Areca does not run as a service (which can be good and bad) so it is up to the user to create a Windows Scheduled Task to automate archiving. Fortunately, the Areca has a feature that will automatically create the batch file with backup commands so that the user is only required to point their scheduled task to execute a file instead of manually entering the command line parameters. I can live with that.
Overall, this seems like a great open source project and I am impressed with how the software has worked so far. My plan is to start using this at home for backups both to my NAS and an offsite FTP/SSH server. Check it out.
An increasing trend lately seems to be the creation of malware targeted not only at Operating System vulnerabilities but also vulnerabilities that target popular applications such as Adobe Acrobat, Mozilla Firefox, VideoLan Media Player. In many ways, these vulnerabilities can be more appealing to an attacker.
One possible reason: most modern Operating Systems, hotfixes and patches are typically installed automatically. This means that a majority of systems can be patched in a short period of time, greatly reducing the lifespan and impact of a vulnerability. On the other hand, many applications have no automatic update mechanism. Users often forget to update software until there are significantly improved features in a newer version. This can help increase the useful lifespan and impact of a vulnerability, giving attackers more incentive to take advantage of them.
Although it has become clear that maintaining a secure system now means that all software on the system should be kept up to date, finding a solution to do this quickly and accurately has been reason enough to forget about the problem. However, there is software that may help save time performing application maintenance. Secunia’s Personal Software Inspector (PSI) automatically scans a system regularly for any and all applications that have known vulnerabilities. Additionally, PSI will help resolve software vulnerabilities by providing links and instructions for updating vulnerable software.
Secunia PSI is available at https://psi.secunia.com/ . As of this posting, it is still in the Release Candidate stage. However, I have not had any issues running it on both Windows XP and Vista.
One of the most interesting things I discovered with Secunia PSI is that when I updated the Java Runtime in the past, the older versions were not uninstalled automatically. While this may be for compatibility purposes, I had several versions of Java installed on my computer that were vulnerable. Be sure to uninstall older versions of the Java Runtime if you don’t need them.