This particular morning, I started up Opera, which has my Gmail account configured in its inbuilt e-mail client, and clicked Check/Send. “Fetching messages 1/47” it said, so I sighed and went back to the kitchen to nurture my feeble tea-making skills. About 10 minutes later I returned to see the dreaded error message from Avast! Antivirus, proclaiming, “A virus was found!” Panic set in; I rushed to my PC, half spilling my tea along the way, and promptly clicked the Delete option in the pop-up. “Ahh, problem solved,” I rejoiced, after Avast! gave me the all clear sign.
It was only an hour later that I realised how foolish I had just been-when I accidentally stepped on a sticky tea stain on the floor. This got me thinking: “Why are we so paranoid about security?”
Yes, I realise that this sounds like a silly question to the overwhelming majority of the computing world, but I found myself asking this question anyway. So I got a virus, and that too, one that my anti-virus detected; what’s the big deal? It’s not like the virus, whatever it was, could have done any harm once Avast! had detected it. It was in an e-mail anyway, in Opera, so it’s not like I tried to execute a file or anything like that. Still, I’d been so panicky! To top it all, this is my home computer-not the office computer where I store all my important work data!
Several days of discussions and debates with colleagues and friends got me believing that I’m insane… the majority of my friends and colleagues found nothing wrong with my reaction-spilt tea and all! Others just felt that I’d overreacted a “tad,” and were OK with me panicking, but chided me about my carelessness in stepping on spilt tea!
Six lectures about why I shouldn’t fill my tea cup to the brim, and two homemade recipes for stain removal later, I was appalled to find that I was the only one who could see the pointlessness of all this paranoia.
At the risk of starting World War III, I have now started to believe that all these fears we have about computer security have been infused into our collective psyche by clever security software marketing, rumour-mongers, and because of sheer ignorance!
A Bold Statement?
Yes, it is, but I have reasons to believe so. No, I am not another “Big Brother is watching” delusional psychopath. Actually, I just couldn’t care less for Big Brother’s antics, or those of the rest of the family!
I am not saying that spyware, adware and viruses are encouraged by security software developers, but isn’t it just a little too convenient that security firms benefit from all the paranoia raging across the world, with more people buying their products-even for home systems which don’t need such high levels of protection? Thank God for the free software movement, which makes sure those informed enough can always find freeware tools to take care of basic PC security at home.
“What possible use could anyone make of the data stored on my home computer?”, I asked myself. I am still waiting for an answer that justifies my erstwhile paranoia. The only possible way my computer could be at risk is if it were controlled by a hacker to launch DDoS (Distributed Denial of Service) attacks, or used to spam a million people; and I think I’d notice if that started happening-courtesy my bandwidth monitor, anti-virus, anti-spam, anti-spyware, and various other “anti-” tools.
Right about now, scores of people are yelling “Hypocrite!” and waving their clenched fists at me. How can I have all this installed and still say that I am not paranoid about security anymore? Well, it’s my state of mind I have changed, not my computer or software preferences. I am no extremist, and am not about to start uninstalling every software that begins with the word “anti-“. I’d still rather not be attacked by malware, but if I am, I’m not going to consider it the onset of Doomsday! .
There’s just one question all of us need to ask ourselves, “What’s so important on our home computers that we’re terrified of malicious code?” Office computers, or computers in a SoHo setup, need to have increased security. This is understandable. However, do regular home computers, those we use just to check e-mail, play games, surf, watch movies, etc., really need government-level security?
Exaggeration? Perhaps! But surely there are enough of us who would like the RBI’s security system for our home computers, right?
The problem lies in the fact that we’re terrified of losing data, having to format, or face the invasion of our privacy by spyware. And this fear, I aver, has been instilled in us by trends in the security software industry, the media, as well as a lot of hearsay and sensationalism of security breaches.
Isn’t it weird that “a friend of a friend” has always had a nightmare virus hit them, one that formatted their entire hard disk and loaded Linux on it? Or how about that story of the virus that ruined someone’s hardware, causing things like graphics cards and CD-ROMs to never work again? You will even find people who swear that a friend’s mobile phone was rendered useless by a virus which sent lewd SMSes to all people in the contact list, then displayed a laughing skull and shut the phone down for good! Perhaps you’ll like the one about another “friend-of-a-friend” who lost control of his/her computer to a hacker, and even pulling the power plug didn’t relinquish command back to the user! If you haven’t met such people, or heard similar stories, either all your friends are super techie, or you live high up somewhere in the Himalayas!
“Balderdash, drivel and baloney, flavoured with hogwash!” is my reaction to such stories, but unfortunately, there are people among us who swallow such servings with relish and pass them on with a dash of exaggerated side-dishes. Sadly, this is just because we don’t know any better, and are still perplexed by a PC’s complexities
Life After Data
What’s the worst that could happen? This is the question that made me realise that adding all that stress and worry into my life, about my computer at home, was just not worth it. I sat down, thought out all the possible scenarios, and realised that life would go on, with or without my data. Here are the worst-case scenarios I came up with:
Formatting and reinstalling: Surprisingly, it is this irritation of having to unload and load a whole operating system that seemed the most painful. What’s more surprising is that as employees of Digit, we’re used to formatting and reinstalling on a regular basis-the Test Centre guys do it as many as 10 times a day! So why was I so scared of doing the same thing at home? It’s just a question of popping in your Windows boot disk, formatting your C: drive (or whatever is your Windows drive) and following a few silly commands-twenty minutes tops!
Data loss: Sure, there’s always the risk of losing data, especially from your Windows drive. But why would you store anything on that drive? I know I don’t. I make sure all my data is on a different partition, so the only thing I lose is time, which is spent on reinstalling my programs.
Reinstalling programs: This can be very painful, but thanks to Windows XP’s System Restore, or third-party utilities such as Norton Ghost, life can be a lot easier. All you need to do is select a point to restore Windows to, or if you use a utility such as Norton Ghost, create a backup image, save it on another partition and then load it as and when you want to get a perfectly clean system. The trick is to format the computer, load all the essential software that you use regularly, and then make a backup image!
Spyware: This is a sensitive issue, and people have different views about spyware. It’s the same reason why many of us use Google’s Gmail service, while others still refuse to because Google claims to have a robot read your mails and display relevant advertisements. Honestly, I don’t care if a machine reads even my most intimate e-mails, but many do. It’s just a matter of choice really. So as long as you don’t store passwords and credit card information on your computer, or within your browser, you have nothing to worry about.
Hackers: Yes, many of us are paranoid about being hacked. The fact is, unless you work for an atomic power plant, are an aide to the Prime Minister, or have a T3 line at home, 99.99999999999999 per cent of hackers couldn’t be interested in your home computer that connects to the Net via dial-up or even a ‘broad-(hah!)-band’ connection! If someone actually tried to hack you, it would only be to test his or her skills and then move on. Why? Well, I hate to be the one to break it to you… but you just aren’t important enough! No one wants to hack your computer and look at pictures of the family dog, your trip to Mussoorie, or your baby photographs! Hackers have a purpose, they want money, information, control, or access to another more secure computer on your network. The majority of home computers in India offer none of these: you don’t store credit card information on your PCs (hopefully), you have no information of global importance, your connection speed (or lack thereof) makes your computer useless for participation in DDoS attacks, and it’s not like you’re on the same network as the RBI or the US Department of Defense!
These happen! Unfortunately, this rarely has anything to do with anyone’s computer; instead, it’s more to do with the person controlling the mouse and keyboard! Alas, it’s stupidity that most online con-artists prey upon, and not weak passwords or hacked computers!
Most of us laugh at some of the e-mails we receive, supposedly from Nigerian princes or Saudi oil barons, claiming that if you let them deposit millions of dollars in your account they’ll tip you with a few thousand. Sure, 99 per cent of us just hit [Delete], but that one-in-every-hundredth person makes the con-artists’ efforts worthwhile!
Being paranoid about spyware, adware and Trojans is like thinking that the entire world of hackers is out to get you
There was a story in leading newspapers, early in January 2006, about an Indian girl who gave out her Internet banking password to a prospective groom. The picture in her head was of a young, handsome, jet-setting executive who traversed the globe; the reality was a 50 man who successfully conned her out of over Rs 2 lakh! Love, especially the online kind, ladies and gentlemen, can be a very sharp double-edged sword. Though most of us tch-tched at the story, you never can tell what you would have done in the same situation!
Advice
I am told that I have to offer some form of advice or another if I want this little rant to ever get published. So here it is, my four cents worth on how you can prevent lapses in security:
- Don’t ever store credit card information on your computer
- Storing passwords in your browser is a no-no, and you should remember to clean your browser cache regularly
- Make sure you store everything that’s important to you on a drive that’s different from the one that the OS is loaded on, and always set all your “anti-” software to update automatically!
- Never-and I mean Never-trust anyone! Especially someone you have only met online. Never part with credit card details and Internet banking passwords-especially with your shop-till-you-drop better-halves!
1. Never take things too seriously! Spyware on your system does not mean that all your deepest darkest secrets are now part of the public domain. It probably just explains why your browser navigates to some silly site, and nothing more.
2. Try not to hyperventilate every time you see a message on your system that contains the word “virus”. What is the point of such panic after all? If your anti-virus found some malicious code, it obviously cannot harm you. If the anti-virus let a virus slip by undetected, you won’t know until it’s too late anyway. So in actuality, there’s nothing any of us can do to stop our PCs from attempted infection, or even infection itself.
3. Realise that you and your home computer are really just motes in a desert of computers, so being paranoid about spyware, adware and Trojans is like thinking that the entire world of hackers is out to get you. This is perhaps a little too narcissistic, isn’t it?
4. Try not to drop tea on the ground. If you do, clean it up immediately-it really can leave a terrible stain if it’s not cleaned up for a while!
Moving On
This experience of mine has been akin to seeing the fabled light. I now waste less time looking through what services and threads are running on my computer, and more time enjoying myself actually using what I have. I have begun trying out more software, visiting more sites that ask me to install ActiveX components and running a lot less spyware checks, ever since I saw the futility of being paranoid. Overall, my computing experience has become a lot more fun!
Perhaps I will start a support group-PTA: Paranoid Techies Anonymous-where people can stand up and say, “Hi, I’m Jon, and it’s been 4 days since I last ran SpyBot S & D and AdAware!”, and hand out cookies to those who share their secret methods of staying paranoia-free.
I’ve also formatted my C: drive once, just for the heck of it, and found, intrestingly, that despite the fact that I was paranoid about security and an obsessive-compulsive tweaker, Windows XP still runs the fastest just after a clean format-and-reinstall!
Big brothers, mothers, fathers, sisters and hackers alike listen up, “Heres one computer user who can stay smart, secure and unworried. After all, I am armed with weapons of my own: a Windows XP boot disk, a DVD of all my favourite freeware and an 80 GB external hard disk that has all my important data, movies and music! So give it your best shot, the worst thing that could happen is that I format my PC and get a faster computer as a result!”