Newbie Question: "Where Do I Begin???"

[Richard Steinfeld]

Jay, would you please get some manners! There's no reason
for you to be so condescending.

Richard

"Jay T. Blocksom"
<not.deliverable+USENET@appropriate-tech.net> wrote in
message
news:sbcoovsk4b8s6509iavmg2tgdom88k90ag@news.rcn.c om...
> On Tue, 07 Oct 2003 17:41:23 GMT, in
<alt.privacy.spyware>, "Jeremy"
> <jeremy@no-spam-thanks.com> wrote:
> >
> > x-no-archive: yes
> >
> [snip]
>
> Exactly what do you think you're accomplishing with that
nonsense?
>
> > I just discovered this NG, and I only recently was
introduced to spyware,
> > when my browser was hijacked by Xupiter.com. I was
trying to download a
> > Java applet to enter a chatroom using my browser, and I
got more than I
> > bargained for . . .
> >
> [snip]
>
> Why on Earth did you think you needed "a Java applet" --
let alone an
> apparently site-specific one -- to use a "chatroom"? That
sort of thing
> just *screams* "Trojan!"
>
> > I have completely lost the ability to use MSN's search
engine,
> [snip]
>
> Well, IMCO that's not much of a loss; but notwithstanding
that...
>
> > ...by typing
> > the word "GO" followed by the browse subject, into my
address bar.
> [snip]
>
> Bookmark this:
>
> <http://www.google-watch.org/cgi-bin/proxy.htm>
>
> ...and keep it handy. I think you'll find it much more
useful in the long
> run.
>
> > I don't know
> > how to de-install IE6 and then reinstall it (if that is
even possible),
> [snip]
>
> This will do the part that's worth doing:
>
> <http://www.litepc.com/ieradicator.html>
>
> > Here is my question:
> >
> > What anti-spyware or other software should I be
running?
> >
> [snip]
>
> Only that which you really *need* to run, and only when
you really need to
> run it. Yes, I realize that answer may seem cryptic to
you, but bear with
> me...
>
> > Right now I have McAfee Anti-Virus, updated every
couple of days.
> [snip]
>
> Yuck.
>
> McAfee is probably *the* worst "big name" anti-virus
software extant (it's a
> close race between them and Norton/Symantec for that most
dubious
> distinction). It has a long history of missing more virii
than most others,
> and being buggy and unstable to the point of being
literally unhealthy for
> the systems it is installed on -- not to mention that NAI
are spammers, and
> thus wholly undeserving of your money or your support.
>
> > I have
> > LavaSoft AdAware,
> [snip]
>
> OK. Make sure it is the latest "build" (6.181, I think),
and keep the
> reference files up-to-date.
>
> > ...and it has found and disinfected a number of spyware
> > items,
> [snip]
>
> But that is the telling part. What are you doing to get
so many
> "infections"? *That* is the core issue you really need to
address.
>
> > I also run SpyBot daily.
> [snip]
>
> Why? Not to denegrate SS&D in any way (it is a very
useful tool, when
> properly used); but if you have need to run it anywhere
near that often,
> you're repeatedly doing some *seriously* stupid things
with your computer.
>
> > I also have Spyware Blaster,
> [snip]
>
> An utterly pointless waste of bits, at least presuming
that your system is
> set up anywhere near properly to start with. (But then,
given the above, I
> highly doubt your system *is* set up "properly".)
>
> > Finally, I have Spyware Guard running
> > in the background.
> >
> [snip]
>
> I don't much care for this, for several reasons (not the
least of which
> being that it is from the same Bozos who foisted
SpywareBlaster onto the
> world); but at least it has a *theoretical* basis for
being.
>
> > I do a complete virus scan every couple of days,
> [snip]
>
> If you're exercising anything even close to "safe
computing" practices, you
> *shouldn't* need to do it that often; but OTOH, it can't
hurt beyond being a
> waste of time.
>
> > ...and I have it set to
> > filter internet downloads at other times (I don't keep
it running in the
> > background, because it slows my system down to an
unacceptable level.
> >
> [snip]
>
> This appears to be an oxymoron. If it's not running in
the background, how
> does it "know" if/when you've downloaded something?
>
> > I also have ZoneAlarm, latest freeware version, running
at all times, and
> > it is set to its default settings.
> [snip]
>
> Yuck, again.
>
> First, read these:
>
> <http://samspade.org/d/persfire.html>
> <http://samspade.org/d/firewalls.html>
>
> Then go get a *real* firewall. Since you appear to be on
a dial-up (as
> opposed to DSL or "cable modem"), I would suggest either
of these two:
>
>
<http://www.netgear.com/products/prod...asp?prodID=157
>
> <http://www.dlink.com/products/?pid=59>
>
> > I also use Anonymizer Private Surfing, and I always
browse any unfamiliar
> > sites using it at maximum security, with encrypted URLs
and SSH
> > encryption for downloaded pages.
> >
> [snip]
>
> This is probably not getting you what you think it is
(remember: there is NO
> SUCH THING as true anonymity on the 'net); and there are
near-certainly
> better ways to get what it really *is* giving you. But
this issue is not
> directly relevant to the "spyware" issue, so I won't
belabor the point.
>
> > Finally, I use PC Guardian encryption on a couple of
sensitive
> > directories. I ordinarily leave the application turned
off, except when I
> > need to view or work with an encrypted file.
> >
> [snip]
>
> Also not directly relevant.
>
> > I do keep seeing an Alexa URL ("Related.htm," I think),
that keeps
> > popping up when I scan with SpyBot S&D. I clean it
off, and a few days
> > later it reappears. I have no idea what it is that I
am doing that
> > enables this file to keep coming back.
> >
> [snip]
>
> The simple answer is that you're repeatedly using *THE*
single-biggest
> spyware (and virus, and worm, and trojan) magnet the world
has ever known:
> MSIE. And once again, the cure for this is:
>
> <http://www.litepc.com/ieradicator.html>
>
> > Have I covered all the bases? Is there anything else I
should be doing?
> [snip]
>
> IMCO, yes, there is one thing you *definitely* should be
doing: And that
> is, seriously re-thinking your entire approach to these
issues (and perhaps
> the computer in general).
>
> From your post, it is abundantly clear that you think the
cure for having a
> lot of crappy programs (which do things you don't want
done) installed on
> your system is to install still more crappy programs
(which also do things
> you don't want done, if you would but realize it).
>
> The key to a secure and stable system is *not* to keep
adding more and more
> "stuff", but to *remove* those things which represent
security risks and/or
> destablize the system. Think about it: If an insecure
service or
> application is not installed or running, it *can't*
present it's myriad
> security holes to the world. And as I mentioned above,
*the* single biggest
> security risk on your system is MSIE (and it's ugly
step-child, Outleak
> Excuse). You absolutely need to remove that crapware from
your system
> entirely; until you do that, all other efforts at
protecting yourself will
> unavoidably be at least partially futile.
>
> There's more. But until you've covered these basics,
there's really no
> point in going through all the details.
>
> --
>
> Jay T. Blocksom
> --------------------------------
> Appropriate Technology, Inc.
> usenet01[at]appropriate-tech.net
>
>
> "They that can give up essential liberty to obtain a
little temporary
> safety deserve neither liberty nor safety."
> -- Benjamin Franklin, Historical Review of
Pennsylvania, 1759.
>
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - -
> NOTE: E-Mail address in "From:" line is INVALID! Remove
+SPAMBLOCK to mail.
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - -
> Unsolicited advertising sent to this E-Mail address is
expressly prohibited
> under USC Title 47, Section 227. Violators are subject to
charge of up to
> $1,500 per incident or treble actual costs, whichever is
greater.
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - -