A Sobering Look at Windows Security
Hot on the heels of my other post, I bring you a sobering look at PC security in a Windows environment.
The day after the infamous Comcast “install”, my friend called me up
because she still couldn’t get on the Internet. I dropped by her house,
made a small configuration change to the wireless router and did a
reboot of both the cable modem and the router. I booted up my laptop
and was presented with a Comcast “registration” screen. It was
prompting me to download an application from their server and run it. I
clicked the download button but nothing was starting. I figured that it
might be an issue with their web site not working with Firefox (which
is my main browser), so I started the the page in Internet Explorer and
attempted the download. I still could not download the application.
I unplugged the router from the equation and attempted to “register” by
connecting my laptop directly to the modem and running a registration
program from the CD that Comcast provided. The first thing that happens
when you load the CD is a dialog box comes up and suggests that you
disable anti-virus programs and firewall software before running the
registration program. To make a long story short, I could not get their
stupid registration web page to go away while connected behind the
wireless router and I could not get the registration program on the CD
to work.
I decided to try disabling the Windows firewall temporarily (against my
better judgment) to see if I could get the registration completed. In
the short time (when I say short time, think 2-5 minutes) I was
connected to the Internet without a firewall, my machine was somehow
compromised with spyware (I do have the latest patches and anti-virus
(which I didn’t disable)). Icons appeared on my desktop for XBox,
KMart, and some other crap that I didn’t care about and Internet
Explorer opened popups randomly (as an aside, my primary browser,
Firefox was not affected by the spyware).
Think about this. 2 to 5 minutes without a firewall and my machine was
compromised. This is a perfect example of how important personal
firewalls, anti-virus, and anti-spyware is on Windows machines.
Luckily, I was able to clear everything out with the help of some tools. Namely:
- HijackThis
- Ad-Aware
- Spybot – Search and Destroy
- Microsoft’s Windows AntiSpyware (Beta)
- McAfee’s Stinger
If you ever think that disabling your personal firewall is a good idea,
think again. It’s amazing that Comcast’s registration application
actually recommends that you disable both your firewall and anti-virus
program. I’m also dismayed by the fact that companies still advise
their customers to turn off their firewalls and anti-virus when doing
troubleshooting. This is a trend that needs to be stopped now. It’s
2005, Windows is horribly insecure and can be compromised in minutes,
companies should in no way be telling customers to turn off their
firewalls. Do yourself a favor, the next time you’re told to disable
your firewall or anti-virus by a support representative, ask them, “Is your company going to be
responsible for any damage or costs associated with turning off my
firewall?” See what they say.
Companies should accept the fact that
their customers want to protect themselves and
write their applications to work with firewalls (whether they be personal firewalls or hardware (NAT based) firewalls).
