The Internets are dangerous (note the date on that article!). Complacency costs money, and the more people take it seriously and move to prevent compromises of their machines, the better for everyone.

Don’t use Internet Explorer. Forget you ever had IE. *droid gesture* Use Firefox. Let it update itself. Along with Firefox, get the Adblock and NoScript plug-ins and let them update themselves too. An enormous percentage of infestations happen from browsing pages with infected ad networks (hello, social networking sites!), and this array of software will help prevent a lot. NoScript does up the annoyance factor in web-browsing a bit, but if you run NoScript and simply tell it to allow every page it complains about, there isn’t much point in using it. And you do get used to it.

Disabling JavaScript and the Adobe Reader plug-in in your browser is also a good idea. It does up the annoyance factor for me again, because I have to download any PDF I want to read, scan it, and then open it in Foxit, but eh. I’d rather take an extra 5 seconds to do that than deal with cleaning up an infestation. I actually dumped Adobe entirely and went to Foxit after the zero-day exploit reported last year, and it appears to have been a good idea, considering what happened just recently.

Here’s a fun thought. Infected USB drives. Just let that one roll around in your mind for a moment. Tiny, portable, and perfectly designed for the “easiest possible way” mentality which is part of human nature. People take them everywhere. It’s a virus-maker’s Lotto hit. Firewalls do nothing to keep out the bogeys if people walk them in on their bodies and voluntarily connect them to a network. An infected USB flash drive contains the malicious software paired with a malicious autorun.inf file. The autorun.inf file is used to trick the user into running the malware on the flash drive. Panda Security offers an easy to use utility that gives the user the option to either vaccinate the PC or a specific USB drive. I took the easy road and vaccinated my PC. This can always be reversed if needed.

This is the basic stuff; I’m ignoring the need for a hardware firewall, and tricks that can be done with NAT, routing, etc. Windows is here to stay. I use it myself for a variety of reasons.

It sucks. It’s a lot of work to do, all this patching and updating and disabling and and and! It makes me tired just reading my own posts. But it’s the price we pay for having this incredibly complex cool thing we call the Internet, which brings people closer together in variety of unprecedented ways. The downside, as always, is that the bad guys get closer too – and they have way more money and lots less ethics than the good guys, so let’s not make it easy for them.

Spy vs. Spy, as one commenter said.