Keyloggers, trojans, and public computers. All of these can be bad news for you. Really bad news.
Say what? Keyloggers are applications that hide on your computer and send out every keystroke you make to a remote computer somewhere on the planet. On the other end, bad guys troll your keystrokes for things like login names, passwords, and credit card information that they can use. Trojans are a category of malware (software that does bad things) that people install thinking they are getting something helpful or fun, but while the victim is busy being entertained, it does something undesirable in the background like turning your computer into a spamming machine, stealing your personal information, or installing more bad software. Sometimes it takes the form of a popup alert that says you have XXXX infections on your computer and that installing this little ‘scanner’ will clean it up. Of course, that little scanner is a piece of malware you’ve just installed and it’s now doing bad things. But, you think you are safe because you have an antivirus program installed right? Not always. Whenever someone brings me a computer that is giving them trouble, one of the first things I do is check the virus definitions to see if they are up to date. Unfortunately, many of them are hopelessly out of date. I’ve seen some that haven’t been updated in over a year! Antivirus software works by looking for ‘definitions’ that are generated by the antivirus software vendor after first seeing the virus in action. So, if you aren’t updating your scanner, it doesn’t know about all of the newest threats. Also, because of the reliance on definitions, if you happen to ‘catch’ a brand new virus before a new definition file has been released, you are vulnerable even if your scanner is ‘up to date’. Although the chances of catching a virus before your vendor pushes out a new definition file are very small, it’s still something that must be considered. So, how are public computers bad? A report from AWPG shows that over 48% of the over 22 million computers they scanned worldwide were infected with malware. That means you’ve got a nearly 50/50 chance of sitting down at a public computer that is infected. It is true that many of these computers are supported by professional IT staffs, but like anything else, the competency of IT staffs varies. Are you ready to chance it with your bank account information? If you are logging onto anything with a public computer, you are at risk of someone stealing that information.
If that’s the bad news, then what is the good news? You can beat the dangers listed above. The better news? It’s really easy. With the constant refining of alternative operating systems such as Linux, you are able to boot an entire operating system from a CD without it using anything from or writing anything to your hard drive. Since the bootable CD is not writable by the malware, it can’t install itself onto your system. If you think that your computer may be infected, you simply insert your bootable disc into your computer and boot up from CD ROM. When the operating system loads, you can browse the web, check email, prepare documents, etc. without the concern that malware on your computer is stealing your information and sending it away without your consent. Likewise, if you are traveling without a computer, you can take your bootable CD with you and boot up a clean operating system in a matter of minutes if you have access to the CD ROM drive. When you remove the CD and reboot the computer, everything you did is gone. To add to this delightful news, several antivirus vendors have released bootable CDs with their virus scanners pre-installed. This is good news, because if you have a piece of malware that has snuck in, it can render your antivirus software useless. I’ve even seen malware that won’t allow you to go to the websites of antivirus companies in an effort to prevent you from installing antivirus software and removing the infection. For that type of heinous infection, you’ll need either a boot CD or to remove the hard drive and have another computer scan it.
What are the limitations? First, whenever you do anything on the Internet, you are interacting with computers on the other end. If those computers are infected with malware, your data could be stolen. Of course, since the problem is on their end, it won’t matter what you use on your end. Likewise, another computer on the network you are using could be infected and capturing information that you are sending and receiving. That is also beyond your control. If the information is that sensitive, don’t trust a public network unless you are using a VPN connection to a known server. VPN (Virtual Private Network) is a specialized connection that many businesses and agencies setup to ensure a secure connection between themselves and remote computers. Speed is another limitation since every time you open a program, it has to be accessed from the CD, which is much slower than a hard drive. In addition, many of the larger operating systems have to compress the files to get them to fit on the CD. Uncompressing takes additional time to process. This can result in some time spent waiting. Depending on the speed of your system, you may need some entertainment on the side while you wait for things to load. This is particularly true if you are trying out a full blown operating system as opposed to the smaller, specialized virus scanning discs.
Where do I find these CDs? If you are looking to try out something that is different that Windows, or want to carry around a full operating system on a disc, Ubuntu Linux or Mint Linux are two very friendly versions. Ubuntu is a full featured operating system, and I am using it to write this post. Mint is based off of Ubuntu and takes user friendliness a step further. These would be ideal if you were heading on vacation and staying with Uncle Lou who spends his days on one of the twenty or so gaming sites he frequents and doesn’t even know what a virus is, while Cousin Bobby who is still sponging off his parents and is addicted to Lime Wire, uses the same computer to download bootleg software, music, and movies. Consider this machine compromised. Slip in your boot disc, reboot, check your transactions and stocks, then remove the disc, reboot, and enjoy your vacation. Ubuntu can be found here. Mint Linux’ home page can be found here.
For malware removal, I’ll list a few options. I’ve used some of these scanners before, but I have NO experience with these system discs. All of the offerings are from reputable vendors, but I do not know how easy they are to use since I haven’t tried them yet. Also, before you scan with any of these, make sure you have backed up your data! If you followed my advice in Back It Up, I’ll Take It!, this won’t be a problem. While the Ubuntu Live CD won’t write to your disc unless you tell it to do so, by definition, malware removal tools will have to write to your hard drive to carry out their duty. Occasionally, removing malware will make your computer non-bootable. So, while you’re at it, take the time to read that documentation that came with computer that said ‘URGENT: READ BEFORE USING YOUR NEW COMPUTER’ in BIG bold letters at the top of the page. You know, that one you immediately threw to the side to get to your new pc, only to come back later and file it because it was in your way. All of course, without ever reading it. It’s the one about how to make a system restore disc. Yes. This is a lot of work. But, a number of things besides malware can make your system non-bootable . Since you should already have a system restore disc, why not prepare and do that now instead of having a problem with your computer not booting the night before that really, really important report is due and it’s too late. A system restore disc and a working backup strategy can keep you from shelling out money unnecessarily and being without your computer while you get it serviced.
There are other options. Some are free, and some are not. This article is more of a primer than a comprehensive how to. A starting point if you will. You are going to need to know how to burn a bootable CD. These discs are downloaded as one big file (image), which your CD burning software (such as Nero) breaks down into many files and burns them onto your CD. Since there are quite a few options for burning, I’m going to leave it to you to discover how to use your particular software. Newer versions of Windows already have that functionality built in.
As for new operating systems to try, well that’s a wide open field. You can have a look at distrowatch.org. That will get you started with over 100 different versions of Linux and Unix. Where you go from there is up to you.
Edit: As 0f 8/8/2010, I have used the BitDefender rescue CD and it worked very well for scanning viruses.