Google, Privacy, Antivirus, Antimalware

Discussion in 'Pete's Computer Corner' started by pete, Feb 29, 2012.

  1. pete

    pete Brassica Oleracea Staff Member Administrator

    Joined:
    Dec 26, 2007
    Messages:
    10,649
    Likes Received:
    381
    I've often thought about writing at length on this, but I've never took the time to do so. I don't have that much time this evening, so I'm going to start with something light and fluffy: Google's privacy policy change on March 1.

    An extremely brief take on the new privacy policy is that Google will now be able to take your data from a variety of its services -- remember, that includes YouTube -- and offer you better targeted advertisements.

    There are a lot of websites and media outlets saying that this is going to be the end of civilization as we know it. That's a bit overblown.

    1. Google (probably) isn't tracking you if you're not logged into one of their websites. I'm almost always "logged in" because I leave Gmail running in the background.
    2. I heartily recommend checking out http://google.com/dashboard to see what info they DO have on you and change the appropriate settings.
    3. Yes, it's possible that Google could collect more data on you if you're using the (brilliant) Chrome browser. If you want to be feel more secure, I'd recommend that you use the Iron browser, which is almost identical to Chrome. Do note that they're generally a couple versions out of date, though.
    4. Yes, Google (and other 'sites) can track you with Cookies. You can go the nuclear route and daily wipe out all of your Cookies with something like CCleaner. I do. (Warning: read the fine manual before using it. Yes, that's a kinder and gentler way of saying RTFM. And learn about what a Cookie is and what it can do.)
    5. Some folks have mentioned that you should try http://duckduckgo.com instead of Google Search. While they are similar, DDG doesn't have a "limit search by date range" feature (I use that feature all the time on Google) and generally doesn't return enough entries. As an example, I DDG'd one of our new members and everything came up shiny. I then tried the exact same Google search and found out that the new member was a spambot. YMMV.
    6. Opt out of Google Ads.

    There's a rather good NPR radio bit that gives you some more ideas. The ones I mention above parallel some of the ones suggested by NPR.
     
    Tags:
  2. pete thomas

    pete thomas Distinguished Member Distinguished Member

    Joined:
    Jan 15, 2008
    Messages:
    63
    Likes Received:
    0
    As a consumer, I'm always a bit spooked by the way Google immediately places ads on my pages relevant to a site I was just looking at previously.

    e.g. I was looking at a ladies lingerie site (in the interests of research, honest), and as soon as I went back to looking at my own site, all the adsense ads were racy ads for bras and panties: on pages about ligatures.

    As a seller, I imagine this is great, like your ads follow targeted potential customers around, but it does make me feel a bit "invaded".

    I should look into cookie control software, I'm on a mac and it seems with safari you either delete all cookies or none at all. If you delete them all, then you need to relog in again to all the forums etc.
     
  3. kevgermany

    kevgermany

    Joined:
    Feb 17, 2009
    Messages:
    447
    Likes Received:
    0
    I might be missing something, but afik you can only opt out of the customisation of which ads you get, based on userid. It still pushes ads based on what you've just been doing - may be a problem for PT if he's been doing his research on his kids' pc...
     
  4. Gandalfe

    Gandalfe Administrator Staff Member Administrator

    Joined:
    Dec 26, 2007
    Messages:
    5,536
    Likes Received:
    143
    This is but the latest scare event. Still I checked my settings using the ones Pete provided. The Dashboard link was better than the ones provided by a number of articles I have read.

    However, every time I checked, I was already opted out. Maybe that is the default?
     
  5. jbtsax

    jbtsax Distinguished Member Distinguished Member

    Joined:
    Mar 30, 2008
    Messages:
    1,405
    Likes Received:
    42
    I checked my Google Dashboard and all it said under most headings was, "nothing interesting here". Does that mean I am a boring person?
     
  6. Steve

    Steve Clarinet CE/Moderator Staff Member CE/Moderator

    Joined:
    Jan 2, 2008
    Messages:
    3,560
    Likes Received:
    89
    I checked my google dashboard when I got my new Google Android phone as there were apparently things I wanted to looks it. It has a nickname associated with me in which, for all practical purposes, you cannot change. yes they provide instructions on how to change it but the "feature" seems to be not there.

    I hate computer cookies and I often go into the respective cookie directory and blow out all the ad based ones. There is software out there which will block those to begin with.
     
  7. pete

    pete Brassica Oleracea Staff Member Administrator

    Joined:
    Dec 26, 2007
    Messages:
    10,649
    Likes Received:
    381
    Answering the above questions, "No." "Maybe."

    :p

    As far as Google goes, I'm pretty sure you get tracked multiple ways. Actually, let me change that: I'm sure you and your computer are tracked multiple ways.

    Your computer can be is tracked through cookies. The original purpose of a cookie was that you'd log into a website and change a preference, like the theme (style). The cookie tracks that so the next time your computer hits that same website, a bit of software magic looks at your computer, sees you have a cookie that says that your style is "Mean Green" and automagically sets your background to "Mean Green."

    Your computer can be is tracked by it's IP address. Using a common and somewhat incorrect analogy, the IP address is like your street address. It sometimes changes, but is probably going to remain the same for a little while. Anyhow, a bit of software can look at your IP address and look it up in its own little database and say, "Hmm. Computer with IP 192.168.0.6 was on this site before. I wonder if he's still looking for lingerie. Let's push him some lingerie ads!"

    YOU can be tracked by logging in somewhere, provided you've used your real name to sign up. That's like the original example: you sign into a Google service -- YouTube, for instance -- and start looking for videos of me playing soprano saxophone badly. A bit of software says, "Looks like Gandalfe likes soprano saxophone. Let's push him ads for the new Selmayanibuffet soprano. And Kenny G albums."

    Now, if all you care about is just seeing the ads, you can use AdBlock and Flashblock (or equivalents) in most browsers to get rid of them. However, this doesn't mean that you aren't being tracked. It just means that you don't see the ad.

    At a bare minimum, unless you're using a proxy server or proxy server software (like Tor), it's insanely easy to figure out your IP address -- and you can generally tell the neighborhood the person lives in by that IP -- the browser you're using and the operating system on your computer.

    More later! Gotta run!
     
    Last edited by a moderator: Mar 6, 2012
  8. pete

    pete Brassica Oleracea Staff Member Administrator

    Joined:
    Dec 26, 2007
    Messages:
    10,649
    Likes Received:
    381
    Antivirus/Antimalware

    First, I will address the Macintosh and Linux users: I worked at Apple. I worked for a few companies that had mostly Mac stuff, including Motorola during their StarMax days. While there are fewer viruses out there for the MacOS or Linux, they're still out there. However, in my experience, the most common ones were Microsoft Office macro viruses.

    Anyhow, if you've got a Mac and you don't think you have great browsing habits, get the FREE Sophos product.

    For Linux, I recommend AVG's FREE product.

    =================

    All right, Windows users. Now it's your turn.

    I have evaluated a whole bunch of Windows antimalware products for my job. I've got good news for the home user: the best products are free. They're Microsoft Security Essentials AND Malwarebytes AntiMalware. Yes, both together.

    You're going to ask why I picked the two products I did. Well, in the case of Malwarebytes, it's because they update their definitions database hourly -- or more. This essentially means that someone reports a new baddie to someplace like VirusTotal.com and Malwarebytes then blocks it. Generally FAR earlier than a paid-for antimalware product. The drawback is that Malwarebytes doesn't run on a schedule. 'Course you could use Scheduler, I suppose, or shell out $25 for the pro version.

    Microsoft Security Essentials is extremely impressive because it's very, very fast and it does detect most of the junk that's out there. As a matter of fact, they have a licensed version for large corporations: Microsoft Forefront. No, it doesn't do heuristic scanning. It just works.

    (Of course, there's an obvious bit of humor: Microsoft made their operating system THAT vulnerable to malware, so they OBVIOUSLY should have the best anti-malware product.)

    Absolutely seriously, there is not a better combination of antimalware products out there. No, even together they aren't perfect, but I've had tremendously good results with them.

    As said, you need to use them both -- not one or the other. I'm 100% convinced that there isn't a single antimalware product that's out there that catches everything all the time. Yeah, it's great that McAfee or Norton detect 95% of everything in a lab environment, but shove 'em into the real world and re-run your tests. Hey, I've got about 20 or 30 viruses I've collected in the past year or so. Let's see how fast I can get those AV products to cry "uncle." In addition, both McAfee and Norton do slow your computer down by a "user-apparent" amount (i.e. a normal user would feel the slowness): IIRC, one study said Norton was around 10% and McAfee was around 15%. That's a good size hit! They're also extremely messy (from a programmer standpoint) and can be close to impossible to remove. Oddly, Norton has improved in this respect and McAfee's gotten worse ....

    Being more positive, Norton's customer service is extremely good and McAfee's management tools (for a corporate environment) are unparalleled.

    If you really, really want a paid-for product for Windows, go with GData's product. According to Wikipedia, it was the first company to come out with an antimalware product and now has one of the best detection rates of any antimalware product. It's also fast, inexpensive ($30) and easy to use. However, if you do go this route, buy a copy of Malwarebytes, too. I can't stress enough how important it is to use two products.
     
  9. pete

    pete Brassica Oleracea Staff Member Administrator

    Joined:
    Dec 26, 2007
    Messages:
    10,649
    Likes Received:
    381
    BTB, I mentioned that I use CCleaner to go medieval on cookies and such. There is a Macintosh version that has just come out of beta. I've played with the beta and found that it didn't have all the features of the Windows version, but it might, now -- including the ability to intelligently eliminate cookies.
     
  10. saxhound

    saxhound Moderator Staff Member CE/Moderator

    Joined:
    Feb 1, 2008
    Messages:
    449
    Likes Received:
    68
    I'm a big Malwarebytes fan. I also use SuperAntiSpyware. I got one of those Russian antivirus scam infections a couple years ago (tells you your computer is unprotected, so click here and enter your credit card # for better protection). Yeah, right. Malwarebytes didn't kill it, McAfee didn't even detect it, but SAS did and stomped it right out.

    Another good free one (I may have mentioned this before), is Secunia PSI (Personal Software Inspector). It scans all the applications on your computer and compares them to a database to tell you which ones need updates. In the scan results, it gives you the hard drive location of the program, and a link to the download location for the update, as well as an assessment of the risk. The interesting thing is that it has identified IE (6,7 and 8) as insecure with no solution for the past three years. Can't comment on IE 9, since I don't have it - still running XP. Another good reason to use Firefox, Chrome, Safari, et al.
     
  11. pete

    pete Brassica Oleracea Staff Member Administrator

    Joined:
    Dec 26, 2007
    Messages:
    10,649
    Likes Received:
    381
    I'll write about browsers in a bit.

    The reason I stopped using SAS was because of its very high false-positive rate. It also installs a ton of junk that make using the product confusing for the average end user.

    A good product for a tech to have in his toolkit, but not one for the average user.
     
  12. pete

    pete Brassica Oleracea Staff Member Administrator

    Joined:
    Dec 26, 2007
    Messages:
    10,649
    Likes Received:
    381
    Well, the world obviously hasn't ended. Either that or I'm already in Hell, so things couldn't possibly get worse.

    I have been checking my Google settings, every now and then, and I see that they don't have any data on me, other than what's in my Gmail. The only significant change I've made is to not log into my YouTube account anymore. That's not really that much of an issue for me, because I hardly ever used it. At this point, they've got only data that says that I've enjoyed listening to Debussy. I doubt they're going to send me targeted advertising for Debussy in concert. Although a "Zombie Debussy" concert might be interesting. Braaaaiins ....
     
  13. pete

    pete Brassica Oleracea Staff Member Administrator

    Joined:
    Dec 26, 2007
    Messages:
    10,649
    Likes Received:
    381
    Another bit about malware:

    I've been playing with the new Windows 8 "Release Preview" (and Office 2013). In Windows 8, they've removed the component of Microsoft Security Essentials that allows you TO EASILY scan a single file or directory ("folder"). I use this functionality all the time, so I'm rather disappointed. However, the product seems to still work, in the sense of that it's still small and fast. I really want to infect a Windows 8 machine and see how it copes. I have the technology. I can do this.
     
    Last edited by a moderator: Dec 20, 2012
  14. pete

    pete Brassica Oleracea Staff Member Administrator

    Joined:
    Dec 26, 2007
    Messages:
    10,649
    Likes Received:
    381
    A bit about web browsers.

    Easy summary: if you're using Internet Explorer, you should stop. Seriously. While it may be the most compatible browser (i.e. it works fine with most websites), a lot of malware out there is more-or-less targeted at Internet Explorer and/or how it works. In other words -- and I'm quoting another techie -- "Internet Explorer is a bright and friendly package for a malware delivery device."

    Now, there are a bazillion other web browsers out there, but there are only three that you should concern yourself with:

    * Apple's Safari. If you've got a Mac, this is your overall best option. There seems to be some "secret sauce" in the Mac version that makes it run noticeably faster.

    But not on the PC side.

    Apple's always had a bit of a problem coding stuff for the PC world. I don't know exactly why. I think it's because Apple argued for years that Microsoft was truly evil, so writing a good product to run on a Microsoft operating system means that you're evil, too. In any event, my experiences of Safari on the PC are mediocre, at best: it's noticeably slow.

    * Mozilla Firefox. This used to be the darling of the Open Source Software movement. It's a browser that's much faster than Internet Explorer and it also brought the idea of "Extensions" to the browsing world: "Extensions" are little plug-ins that can do all manner of things, such as block ads and block Flash. However, they've decided to change to a model where there's now a "major" upgrade every 6 weeks. That's just stupid. So, a lot of people are switching to ...

    * Google Chrome (or the non-Google-coded Iron). Chrome is my default browser on my home computer, but isn't at work. Why? Chrome has problems with some of our intranet ("inside the company") websites. However, it's as fast as or faster than Firefox and has many of the same extensions available for it that Firefox has.

    You'll note that I mention "Iron." Some folks are of the opinion that Google can track you through Chrome even if you don't log on to any Google service. Because the code that makes Chrome work is Open Source ("freely available"), you can make some modifications to make your own version that looks almost exactly like Chrome. That's essentially what Iron is.

    ===========

    Bottom line: switch to Chrome, Iron or Firefox and install those AdBlock and FlashBlock extensions.

    --------------

    You'll note that I didn't mention Opera. It's because Opera is 100% compliant with HTML standards. That sounds like a good thing. It is, until you hit a website that was coded with a Microsoft product and the page won't open. That's Microsoft products aren't 100% HTML standard compliant. It also works the other way: I've coded websites that'll work perfectly in Opera that don't work in Internet Explorer, because IE didn't support some feature I used in my code.

    I'd say that 99.999% of the websites out there are coded to work great in Internet Explorer. If you use Firefox or Chrome, that compatibility rate is 99%. In Opera, it's about 80%.
     
  15. pete

    pete Brassica Oleracea Staff Member Administrator

    Joined:
    Dec 26, 2007
    Messages:
    10,649
    Likes Received:
    381
    I'm actually going to cross-post this in a minute (admins get to do things like that). I wanted to blather about privacy for a moment.

    You probably use e-mail. How many people do you think can read that e-mail that you sent to George in Accounting? You and George? Nope. The answer is generally between two (you and George) and ... everyone that works in IT. Yes, you can use encryption and that'll make it way more secure, but what about systems that don't really support encryption, like, oh, Hotmail, Gmail, private messaging through vBulletin forums ....

    If you're thinking that the Private Messaging (PM) system here or on any forum is all that private, you need to change that thought: your PMs are stored as plain-text (i.e. I don't even need a decoder to see 'em) in a database. Anyone that has access to said database can see what you're PM'ing. That number is between two and however many server admins they have where this forum is hosted. Just keep that in mind if you're planning on sending someone a PM with your credit card number in it.
     
  16. tictactux

    tictactux Distinguished Member Distinguished Member

    Joined:
    Mar 27, 2008
    Messages:
    1,462
    Likes Received:
    21
    Lbh zrna, V unir gb ebg13 vg? ;-)
     
  17. pete

    pete Brassica Oleracea Staff Member Administrator

    Joined:
    Dec 26, 2007
    Messages:
    10,649
    Likes Received:
    381
    Yes.
     
  18. pete

    pete Brassica Oleracea Staff Member Administrator

    Joined:
    Dec 26, 2007
    Messages:
    10,649
    Likes Received:
    381
    If I recommend it, I'll make sure to mention problems with it.

    Today, if you update your antimalware definitions for Microsoft Security Essentials/Windows Defender (I'll just use "MSE" for short), you'll get error 0e800106ba, MSE will deactivate itself and MSE will tell you that your antimalware definitions are out of date. This is caused by a Microsoft update, probably the MSE update, itself. Microsoft is aware of the problem and is working on it.

    I have not checked if the on-access scan (i.e., you try to open something malware-infected and MSE stops you and tells you it's virus infected) has the same problem -- I don't have anything at home I know is malware-infected to test against. I can say that I can do about 90% of a quick scan before I get the error and about 5% percent of a full scan before I get the error.

    My recommendation is that, if you think you've got a virus today, scan with Malwarebytes AntiMalware. Should you update your MSE definitions? I did. You can flip a coin to decide whether you should: I can make a good argument either way.
     
  19. pete

    pete Brassica Oleracea Staff Member Administrator

    Joined:
    Dec 26, 2007
    Messages:
    10,649
    Likes Received:
    381
    It's rare that I revisit a topic, especially one that's this old.

    Microsoft Security Essentials is no longer a good suggestion for free antivirus stuff. Its detection rates are now fairly low in comparison to other antivirus applications. Malwarebytes AntiMalware is still a very good recommendation.

    Let's talk about free antivirus:

    * Avira. I use this, now. It's rated very highly and it gives you only one pop-up on every reboot reminding you that it'd be nice if you bought the commercial version.
    * Bitdefender. I love this product and it rates higher than Avira. Unfortunately, it also is incompatible with a couple apps on my computer. If you can, use this. If you can't, use Avira.
     

Share This Page

Our staff's websites:


Loading...