Corrine Chorney is a Microsoft Consumer Security MVP and I asked her to answer a few questions about the state of home PC security. You can see her complete MVP profile here and you can scroll to the end of this article for more information about her website as well as her social networking links.
Q. What changes have you seen on the home PC security front over the years?
A. The primary change I see with the people I have contact with in the forums, on Twitter and Facebook is the awareness of the necessity for an up-to-date antivirus software program and a software firewall. That was not the case as recently as five years ago. Another positive point is that, in most of the logs I analyze, it shows that people are also much better at installing Microsoft security updates. That said, there are an ever-increasing number of PCs in homes today, with at least one or two being laptops. This suggests the need to continue knowledge sharing on properly securing a home network.
Q. You participate in a number of web-based forums helping folks with their PC security problems and concerns. What are the main issues you see these days in the forums?
A. You struck a nerve with that question, James. The main issues are out-dated and highly vulnerable third-party software, Peer-to-Peer (P2P) software programs, and indiscriminate use of registry cleaners.
The parents and grandparents who learned the importance of an up-to-date antivirus program and a software firewall now have children and grandchildren using computers. During their learning curve, third-party software was not a significant target by malware writers. As a result, the most frequent problem I see is outdated Adobe and Oracle Java software programs that have received critical security updates by the respective vendors.
Granted, there are legitimate uses of P2P software. However, use of P2P software is also a major source of infection through circumvented security measures. Incorrectly configured P2P programs result in sharing more files than realized. There have been cases where people’s passwords, address books and other personal, private, and financial details have been exposed to file-sharing network by a badly configured program. Taking it a step further, with P2P file sharing, there is no means of identifying or authenticating the source of the download. In addition, with files distributed among many hosts, peers will provide for download the sections that they have already downloaded. This results in the distinct possibility of a distribution method in which malicious bits are mixed with good files.
With regard to registry cleaners, Windows is a closed source system. Developers of registry cleaners do not have the core code of Windows and are not working on definitive information, but rather they are going on past knowledge and experience. Automatic cleaners will usually have to do some guesswork since there is no way for a third-party program to know whether any particular key is invalid or redundant. Modifying registry keys incorrectly can cause Windows instability, or make Windows unbootable. No registry cleaner is completely safe and has the potential to cause more problems than they claim to fix. Unlike the 9X operating systems, the Windows operating systems today (particularly Windows 7) are much more efficient at managing the registry than previous Windows versions. As explained in the Microsoft help article, Are registry cleaners necessary?:
“The Windows registry is a database that lists all of the configuration settings that determine how Windows looks and behaves. Sometimes, settings that are no longer needed will remain in the registry in case they are ever needed again. There’s nothing unusual about this, and this data, while unused, is small in size.”
Q. Generally speaking, are PCs more secure ‘out-of-the-box’ today than they used to be?
A. Absolutely! We have seen enormous strides in technology over the past ten-fifteen years. As one example, the section on botnets in Volume 9 of the Security and Intelligence Report clearly illustrates the significant improvements in security since Windows XP:
“The botnet infection rate for Windows 7 and Windows Vista is significantly lower than that of their desktop predecessor Windows XP, with any service pack installed, which reflects the security improvements that have been made to the more recent versions of Windows. Considering only computers that have had the most recent service pack for their operating systems installed, the infection rate for Windows XP SP3 is twice as high as that of Windows Vista SP2 and more than four times as high as that of the release-to-manufacturing (RTM) version of Windows 7.”
Other security features include an improved firewall, BitLocker, AppLocker, digital signatures for drivers.
Q. Do you recommend any PC security product (AV, security suite, etc) over another? If not, what should a home user look for when deciding which program to buy?
A. I have preferences based on both my personal experience as well as what I see in the forums. For example, I seldom see an infected computer with ESET Smart Security or Microsoft Security Essentials (MSE), both programs that I use on different computers. ESET is a licensed security product. MSE is free for personal use or for organizations with up to ten (10) PCs. However, that is not to say that there are not other excellent antivirus programs available. Although various journals and websites provide software reviews, I prefer the independent testing conducted by Virus Bulletin: VB100 and AV-Comparatives (PDF format reports). Recommendations from friends are always helpful, but I would recommend checking the latest tests conducted by those two organizations. Most licensed antivirus programs offer a free trial period, providing the opportunity to test the offered features.
Q. Is there any other security software you recommend?
A. WinPatrol is a long-time favorite. I have a soft spot in my heart for “Scotty, the Windows Watchdog”. Although described as a system monitor with the purpose of providing a warning about alterations to your system, which may be malware generated, WinPatrol has other benefits as well. Even “legitimate” software programs will sometimes ignore installation instructions about adding to start-up. WinPatrol provides a safe, simple way of delaying or even removing programs from Windows start-up. WinPatrol has features for removing “browser hijack objects”, toolbars, monitoring the HOSTS file, file associations, disabling services, ActiveX controls, removing cookies – the list goes on. I have been using WinPatrol since Windows 95 and Bill Pytlovany, the developer, continues to make improvements and add new features.
Q. Finally, tell us a little about yourself!
A. I have been happily married for almost 44 years. We have two grown children and two beautiful and talented granddaughters. Not to be left out are our four-footed family members – our cat Buddy and our two very active Border Collies, Mya and Jessie. Border Collies are “herders”. However, much to their dismay, Buddy ignores their herding attempts. Professionally, I was a 42-year employee in the Legal Department at Eastman Kodak Company. As has occurred in many companies, we underwent a downsizing, which resulted in the elimination of our staff group. I was fortunate to be in a position to take an early retirement.
I first received the Microsoft Most Valuable Professional (MVP) award in January 2006. It is very rewarding to help people recover their computers from malware infested to a smooth operating machine. Most importantly, however, is the opportunity to teach the people I am helping about how to keep their computer secure. My Security Garden blog also provides a venue for sharing information about not only Microsoft software and security but also third-party software security vulnerabilities and updates. To my surprise, social media avenues have also become a viable venue for not only sharing information but also helping others. I have over 1,000 followers on Twitter and many fans on my relatively new Security Garden Facebook Page.