Straight Talk wrote:
> On Fri, 09 May 2008 06:58:02 GMT, "Just.some.guy"
....
>> Why would anyone *install* spyware? That doesn't make sense since most
>> people are trying to keep it *out* of their computers.
>
> In fact most people *do* install it - by deliberately clicking on all
> kinds of crap and installing all kinds of stuff from dubious sources.

"Dubious" isn't a useful distinction anymore, ST[1].

Legitimate websites (e.g. business and government[2]), have been turned
into malware delivery systems via sql, iframe & javascript exploits.

To the OP;

A lot of us are looking for a silver bullet when it comes to malware
but, it'll never be that simple. It's best to have a /strategy/. This
takes time to learn & research but the benefit is incalculable. There
are a number of security strategies out there. The one that I find
reasonable is referred to as "multi-layered." An explanation of the
multi-layered strategy is offered by Guy Huntington[3]. It may seem
over-the-top but give it time to sink in. It's as relevant to an
end-user as a CIO. Plus, it has pretty pictures <grin>.

hth,
-Craig


1)<http://www.usenix.org/event/hotbots07/tech/full_papers/provos/provos.pdf>
2)<http://www.news.com/8301-10789_3-9925637-57.html?tag=nefd.top>
<http://www.crn.com/security/207401671>
3)<http://www.authenticationworld.com/Access-Control-Authentication/NetworkAccessControlSecurityStrategy2006.pdf>