shinyPlasticBag

Over the past year, a lot of fuss has been made over Microsoft’s Trustworthy Computing initiative — both good and bad. I personally think that they’re doing a fairly decent job, even in the shadow of Sasser and all those other lovely worms. Their 3 steps to protect your PC page is a pretty good starting point for most people, but I don’t think it goes far enough. I invite you all to take it all the way to the end. I present you with my revised version: 4 steps to really protect your PC.

1. Get Up to Date: First of all, go to Windows Update and install all of the security updates. All of them. Make sure your computer is as up-to-date as humanly possible, even if it means making several trips (since some items must be installed separately). This can be a pain, but it’s for the good of your system and the Internet as a whole — it’s recently been reported that 80% of all unsolicited bulk email originates from compromised Windows machines.
2. Turn On Autopilot: Next, turn on Automatic Updates. You can do this from System Properties (via the Control Panel) — pressing Windows-Key+Pause will open it up, too. Head over to the Automatic Updates tab and check the “Keep my computer up to date” option. I recommend setting it to automaticaly download and install the updates every day. Choose a time when you know your computer will be on, and probably won’t be in use. The default setting, every day at 3:00 am, will be fine for most people.
3. Firewall: Get a firewall. Seriously. I personally detest ZoneAlarm and BlackIce due to strange side-effects, so it’s fortunate that the firewall built into Windows XP is good enough for my needs. To turn on the firewall, go Network Connections in Control Panel. Right-click your connection, go to Properties, and go to the Advanced tab. Check “Protect my computer and network…”, and if you need to open up any ports, click Settings at the bottom of the window. A lot of people will skip this step due to the hassle, but for anyone thinking of doing that, I remind you of Sasser: it penetrated your system without you doing anything at all. If a larger percentage of the world used firewalls at home, it would never have spread so far.
4. Public Enemy Number One: Unfortunately, not a lot of people are willing to take this step, but it offers a final layer of protection. Get rid of Internet Explorer. I recommend Firefox, but there are other great alternatives: Opera and Mozilla are both excellent. All of them have features that make moving from Internet Explorer fairly painless. Not only will you have a browser that can stop pop ads and “floaters”, but you’ll have a more modern browser with great navigation features (such as tabs) and perfect rendering of standards-compliant web sites.

Despite what one would think, thanks to the wonders of Microsoft, even if Internet Explorer isn’t your default browser, it can still pop up from time to time. Pop-Down is the ultimate pop-up blocker: it’s small, free, and can stop Internet Explorer from opening. Ever. Even Windows Update won’t be able to open it. To install it, just download it from the web site, unzip it to a folder, and run PopDown.exe. Right-click the mushroom icon in the system tray and click “Do not allow any”. If you ever need an Internet Explorer window to open up — for Windows Update or whatever — hold down the CTRL while opening it, or turn off Pop-Down.

Of course, there’s an alternative series of steps to keep your system safe:

1. Install a Linux distribution.
2. Stop using your computer because it’s so frigging frustrating now.

Yeah, I know. I’m bitter.