[ale] Open Fire on Windows Viruses

[arxaaron]

I've (extensively) re-written and (excessively?) embellished
the letter to Lili on avoiding computer viruses that I posted in
the "[OT] good FREE windisease anti-virus software" thread.
The intent was to make it more complete, presentable and
politically correct for posting publicly through ALE and
other outlets.

Constructive criticisms and observations are welcome
(typo and grammar corrections doubly so), though I
feel that the contents are quite accurate and defensible
as written.  Part of the re-write takes Mike Trausch's
notes about acknowledging non-GPL licenses
into consideration, though only by implication.  I try to
address Mike's other critiques by clarifying that the
issues being addressed by Open Source and Free
and Freedom Friendly Software are practical and self
evident levels of trust WORTHINESS, and not an
expectation absolute or automatic "TRUST".  As a
general rule, I think any exchange of goods or services
will be more Worthy of Trust the further that ulterior
motives of greed and secrecy are removed from the
transaction.

Not sure if the subject line is the final title for this proposed
help page on fighting computer infections, so suggestions
for that are welcome, too.

Anyway, here it is... please play nice. :-)

=================================
Just like avoiding contagious illness in the physical world,
the best protections against computer infections involve
simple, common sense precautions.  For instance, taking up
residence in a hospital ward is a sure way to increase your
exposure to illnesses and elevate the probability of getting
diseases. Flipping this analogy affirms that the most effective,
common sense means of protecting your computer health is
to use a secure, competently designed Operating System in
the first place.  Functional, user friendly and widely available
options include popular versions of Linux (the Free, Freedom
Friendly Unix model OS that runs most of the internet) or
FreeBSD (another Free, Freedom Friendly Unix model OS)
or  Mac OSeX (a well known commercial product built on that
same Free, FreeBSD OS).  However, even for those who feel
they have no choice but to handle bed pans in the MicroSoft
Windows ward, there are a few simple guidelines for using
information technology that are extremely effective for avoiding
the majority of computer infections.

After the options of choosing a secure, virus resistant, Unix
model Operating System, the best measure people can take
to keep their personal computers healthy and internet worthy
is to ONLY run programs and softwares that originate from
trustworthy sources.  Contrary to the extensive propaganda
of commercial vendors, a great deal of the most trustworthy
software in the world is free and freely distributable, and
paying money for programs is no indication of whether or
not the software should be trusted.  [aka: caveat emptor]

The guidelines for recognizing and running trustworthy
software, once again, are simple matters of common sense
with direct corollaries to the physical world. At the heart of
this is recognizing that the less a software producer is trying
to hide information from you, and the fewer restrictions they
try to place on your usage of their products, the more likely
it is that they can be trusted:

-- Only download or run software programs when you are
certain that the source for the programs is 100% known and
trustworthy.  Following this simple guideline, users can feel
confident and safe in enjoying the cost savings and freedom
of using any of the thousands of capable free, shareware and
donation-ware programs that can be acquired through the
internet.  At the same time, this rule discourages the
distribution and use of unlicensed copies of commercial
software, since the contraband nature of those programs
makes it nearly impossible to know or trust their sources.
Unlicensed commercial softwares may well be the most
common carriers of computer diseases.

-- The most trustworthy software choices will be those that
are true OPEN SOURCE, where the author(s) have publicly
published the source code and file formats for their products
such that ANY programmers, peers or users can readily see
if there are any serious errors, vulnerabilities or malicious
components in their programs.  Further indicators that a true
Open Source program is trustworthy is when it is distributed
at no cost (free) or with payment on the honor system at the
user's discretion (shareware) or with a request that payment
be made by donating to a charity (donation-ware).

-- The most trustworthy of the trustworthy Open Source
software choices will be distributed under a formal and
Freedom Friendly license that grants full rights for any
user, peer, or programmer to freely distribute, modify,
improve and customize the software to suit their own
needs and interests.   The most common and well known
examples of these licenses are versions of the General
Public License (the GPL) created by the GNU Free
Software Foundation.
(see <http://www.gnu.org/copyleft/gpl.html>)

The remaining common sense issues of computer
security involve managing your system so that programs
are only run, and data items are only exchanged, when
and where YOU want them to be. The increasing numbers
of interactive features on the internet has spawned a
plague of proprietary formats and automatically initiated
web client programs that can make the task of managing
your system resources challenging. None the less, it still
pays to be in control as much as is possible, and there
are a few simple guidelines that can minimize the risks:

-- Never open an email attachment if you don’t know what
it is. Certain types of attachments can trigger your computer
to run them as programs, and these programs can be used
to infect your system. Even if you recognize the name
of the sender, beware of attachments.  It is possible for an
infected windows system to send out email to everyone
in the local  address book without the owner ever being
aware.

-- If you get pop-ups when opening a web page, don’t click
inside the pop-up to close it.  Always click the close
button in the corner of the window frame. Any "cancel” or
“close” buttons inside the pop-up can be fakes that
initiate unintended effects.

-- If you get a message on your computer screen warning
you that it is infected and telling you to download software
to remove a virus, DO NOT DO IT. At this point the system
is already infected. Downloading fake "repair' software will
only make the problem worse.

The final measures for protecting yourself from computer
infections aren't quite so simple, since they address the
increasingly common problem of adware annoyances,
destructive functions and intentional vulnerabilities being
intentionally built into commercial computer products.
Eliminating this kind of viral infection is much more
complicated, since these abusive practices can be legally
protected under concessions to user and usage restrictions
found in the incomprehensible fine print of commercial
software licenses.

Given the obscured program code of todays bloated, closed
source commercial Operating Systems, and the associated
invasions of privacy being introduced by various destructive,
"defective by design" Digital content Restriction Mechanisms
(DRM), responsibly managing your personal computer has
been made a very challenging task. The simple key here, as
with stopping any other malicious computer code, is being
aware of the programs that may be running on your system:

-- Configure your Operating System so that it is only allowed
to run the services that are essential to your applications and
use of the machine. On any computer system, many programs
are run during the startup process that stay hidden in the
background. A lot of these may be services you never use.
These services can become entry doors for viruses or used
for sharing data from your computer without your consent.
If you are not using a Freedom Friendly operating system
that allows you to see and fully control the system background
processes, or if you don't understand which services are
required for the basic operations of your system, seek the
aid of a trustworthy professional in configuring your computer
such that it only initiates the Operating System services YOU
want to have running when YOU want them to be run.

In he long term, the "legal" viruses may be greater threats
to your freedom to use and enjoy information technologies
than any criminal third party trojan or worm on the internet.
These are issues that every computer user who has any
concern about their freedom of speech, privacy and rights
of fair use in the digital age should, at the very least, be
aware of, so that they can take the responsible, common
sense steps needed to keep their computers and the
internet they are connected to healthy.
=================================

peace
aaron