Tiny Code

Tiny Code

Monday, June 18, 2007

Fighting Spyware

Jeff Atwood over at Coding Horror has an interesting article about the numerous steps necessary to fight a Spyware infestation. It goes to show that you can't trust web sites just because lots of people link to them.

I run a Firefox plug-in called NoScript which allows the user to select web sites which should be allowed to run scripting languages like Javascript, Java, and Flash. Scripting languages are very dangerous so it's imperative that users only allow their browser to run scripts from trusted web sites. I'd caution people that they should mistrust all web sites by default. Just because a friend sends you a link is not enough reason to trust a web site.

It's much easier to prevent a Spyware infestation in the first place than it is to remove one from a PC after it's gained a foothold.


Laura E. Goodin said...

Unless, of course, one is using a Mac, which I'm given to understand imparts some measure of protection.... No?

Rod said...

Provided one is only running OS X and not Windows under virtualization software like Parallels, that's the case for the time being. Apple's recent release of the Safari browser for Windows and the security holes discovered almost immediately shows their code is not perfect (no software ever is). This lends credence to the theory that the lack of Mac malware is at least partially due to "security through obscurity."

I'd wager it's only a matter of time before the Mac market share rises to the point of becoming a more interesting target for the people who write malware. Until then I don't bother with cumbersome anti-virus and anti-spyware software on my Mac which bogs down even the fastest of computers and does a markedly imperfect job of protecting them from infection.