Thursday, July 12, 2012

Still Checking...

Came into the store this morning to a clean virus scan. So far, so good. We are running a couple more with different programs, just to be certain.

Also, to place our credit/debit card-using customers at ease... The machine we use to process credit/debit transactions is, and has always been, separate and discrete from our point-of-sale system. There was talk of tying them together, but that never happened as I am lazy by nature and didn't follow through.

Now, I'm glad we didn't...

I have been talking with PC about locking down the browser to a few select web sites, and he stated that while it might help, the bulk of the malware he is seeing is being delivered via fake advertisements coming through services like Adclick and the like. If that's the case, then no one is truly safe from this crap, as web ads have become a part of daily Internet life. The malware propagators have found a truly ingenious and insidious way to dispense things to us, whether we want them or not.

We have now entered the era of Internet "pest control". We cannot stop them from getting in 100% of the time, so now we have to settle for killing them when they show up.

Ain't technological evolution grand?

-- GopherDave


  1. There is a solution.

    Use ubuntu running in a window (it will do this) for all your browsing. You can even install ubuntu as a virtual machine.

    You can still use your Windows machine for your POS software, but don't let anyone browse with the windows side.

    When you browse, just click into the ubuntu window running either chrome or firefox or opera.

    Either that, or run two separate Windows VM's. One that runs the POS stuff, and the other that can browse. Keep a backup of each VM. When the browser gets infected, simply copy your backup VM over top.

    I'm sure that there are more pretty solutions, but this one is fairly easy to implement, even for a non-sys-admin like me.

  2. I'd recommend a windows VM or a separate machine for web browsing, etc... LMK if you are wanting/needing help or hardware :-)

  3. I could swear there's a program or a browser plug-in called AdBlock which, well, blocks ads. That might be able to help deal with dangerous ads and the like.

  4. A linux VM (ala ubuntu or other methods, as mentioned above) is pretty much your "bank vault" level of security and is highly recommended for computers with sensitive info if you're also using it to browse the web. The lower-but-still-recommended method is to ditch IE/chrome and use firefox with "adblock" and "noscript" addons installed. You should be using firefox (or opera, I suppose) anyhow, but this is not the place for that discussion. Other good programs to get and run weekly are "spybot search and destroy" and "malwarebytes". These two simple programs, along with beefed up firefox, will get you very decent security. Of course, an antivirus program is still necessary, but for windows MSE (from microsoft) is a proven great, reliable, and free antivirus option (spybot and malwarebytes are free as well)

  5. I'd give another vote for noscript and firefox. It can be a little annoying, as it makes it by default block a lot of activity. Once you establish a level of trust in frequently visited websites it helps. There's some websites I just visit with chrome, just because I trust the sites and I prefer chrome when reading for stretches on certain sites.

    Aside from that, make sure automatic updates are on and java/flash/adobe reader are up to date will help a little. Sad part is there's a lot of unpatched vulnerabilities being exploited out there.