Update your software often

Every week or even day we see new vulnerabilities popping up in all software packages which we use daily: In the operating system (Windows, Mac, Linux), PDF Readers, Web browsers, Mail clients, Office suites, and so on. It is critical to install the available updates for all these software packages in order to not become a victim of malware and online fraudsters.

A neighbour of mine without any IT knowledge asked me some time ago why she should update her programs when everything works perfectly for her and she doesn’t need other features from that software? She was using her rather old laptop running Windows 95 only for casual browsing and basic email communication. She didn’t have an antivirus solution installed because it was slowing down the laptop significantly. IE6, Outlook Express and Notepad were everything she ever needed and used. She never heard of Facebook, Twitter, instant messaging or drive-by-downloads.

When I am confronted with such a situation where it doesn’t make any sense to explain the dangers of the online world, I try to use simple terms and analogies which everybody can understand. Imagine that your computer is like a house in which you have your goods and where you live. Of course, just like everybody else, you want to feel comfortable and secure in your house, you want privacy and make sure that no one can steal your goods when you are not at home.

Our house
For comfort, a house needs basic facilities like water, electricity and gas. You may also want to have certain commodities like TV with cable network, a telephone and an Internet connection. For security and privacy, the house needs walls, doors and windows with locks. Depending on where you live – for example in a village or a big city where the crime rate is higher – you may want to install a burglar alarm to secure your windows and doors. If you live in a country where the winter is very cold, you may want to insulate the walls in order to keep the heat inside.

Just like a house, the computer also needs some basic components to function correctly and you need some additional elements to give you comfort when using the computer. These basic components are the operating system (Windows, Mac, and so on) with all its elements (drivers, programs) and your commodities are for example a web browser, a document reader, an email client and an office suite.

If you restrict yourself to the basics, never exchange or receive documents with and from the external world, you can compare your computer with a house with minimal facilities or a hut. I doubt that these days this is a real use case for anyone. Assuming that you are just like the rest of us who need a computer with an Internet connection, then the situation looks different.

When you are on the Internet, it is just like you have a house in the middle of a big city. Can you imagine it without doors, windows (with blinds) and locks? Of course not, otherwise it would be like a public domain and you wouldn’t have any privacy and security.

So, you need some security elements. For a computer this means that it needs some kind of security software which keeps strangers away from your information. But a software which has problems (like security vulnerabilities) is the equivalent of a house which has doors and windows but the locks are damaged, thus allowing unrestricted access for everyone. In a house one can enter through the main door, basement, windows or a balcony. These elements which can grant access must be closed or locked in order to guarantee you security and privacy. Exactly like in a house, in a computer there are many ways to get access. A vulnerable operating system or program can be like the basement door left open or even closed but unlocked, no matter if the main door has the latest generation of security system.

This is why it is important to have everything secured, or in a computer, updated to the latest version. A security software is like having a security system installed on the main door and windows. Depending on the type of security software, it can make sure that nobody enters on the basement door or other doors. It might even tell you that some locks in the house are damaged and that they should be replaced. Like in an intelligent house, it could even order the replacements for you and call a technician to install them. For example, this is what an update service does for the software on your computer; it downloads and installs the required software for you.

To close the story with my neighbour, I managed to install the Avira AntiVir Personal edition, scheduled Windows to update itself automatically every day, and installed Firefox and Thunderbird as default Web and Mail clients instead of IE6 and Outlook Express. I created also a free account on an online backup provider and scheduled a synchronization with the cloud every day. This way, her documents were also safe (she didn’t have an external hard drive for backup).

The old laptop of my neighbour wasn’t working significantly slower as before, but now it was like an old house which got renovated: It looks good and it is comfortable, it is secure and provides privacy, but from time to time you hear the floor or the walls making strange noises because the components are old.

With a little help
On a side note, there are various free software solutions which can help identifying the applications which need updates because of known security vulnerabilities. Perhaps the best known is Secunia Online Software Inspector (OSI) and its equivalent for installing on the PC called Secunia Personal Software Inspector (PSI).

 

 

This is a chapter in Improve your Security free eBook. Get it from here: http://bit.ly/18qE48B

All these and many more topics are in the free eBook "Improve your security" available here: www.improve-your-security.org.

About the Author

ImproveYourSecurity
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since 2000 in the IT Security industry and until 2014 for Avira as Product Manager, where he was responsible for the known products used by over 100 million users world-wide. Serving the security needs of so many different users made him think that there are other ways of to help the users: teachning them about security.

Comments are closed.

By continuing to use the site, you agree to the use of cookies and to its Privacy Policy more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close