Thursday, January 8, 2009

Free Security Software, Part 1

I hesitate to start this post, because there is potentially so much detail involved.  Further, I'm not an expert.  However, in taking care of myself as well as answering some questions for family and a friend or two, I've accumulated some useful knowledge and resources.

You need security software.  No, it's not perfect, and it can slow your machine down somewhat.   Nonetheless, it provides some much needed protection.  News articles I've seen that reference recent security studies, state that an unprotected Windows computer that is connected to a broadband Internet connection becomes infected on average in under 10 minutes.

A straight-forward and reliable option is to purchase security software from one of the major vendors, e.g. McAfee or Norton.  These products work well, are fairly straightforward to use, and update themselves with minimal maintenance required from the user.

There are times though when an alternative may be desired or needed.  You may be entitled to software as part of your broadband Internet service.  You may have difficulty with the license fees.  Or you may resent the way the commercial products are difficult to uninstall and try to pump you for license renewal fees, upgrades, and the like in aggressive fashion.

Whatever the case, I myself have found myself needing alternatives, and I've had a number of people ask for the same information.  Here's a brief summary of what I've encountered.

"Free" and Easy Peasy

Do you have broadband Internet at home?  Is it from a major provider, e.g. Comcast, AT&T, or similar?  Very likely, your broadband subscription includes a subscription to a security software package from one of the major vendors.  Although I'm not using it at the moment, as a Comcast subscriber I'm eligible for a subscription to... McAfee, I think it was, the last time I checked.  My parents are now on AT&T, and I just helped them install an AT&T-provided McAfee security suite.  If you have a different provider, check.  The packages offered seem to be from quality brands, and you've already paid for it.

For the AT&T-provided McAfee, installation involved first visiting the Yahoo partner website and signing on with the AT&T account credentials.  You then need to navigate to a downloads area, where their is an option to download the security software.  When the option is chosen, the web site presents you with a license code to be used when installing the software.   After noting the code, you can proceed to download the installation package.

After it downloads, you run the downloaded installer.  It prompts for the license code; once the code is entered, installation proceeds.

Once the security software is installed, it will automatically download updates on a scheduled basis.


Sometimes there is trouble during the installation process.  The problem I read most about is that of conflicts between different brands of security software.  For example, I already had security software installed when I tried to add the Avast product to the mix -- sometimes particular products will co-exist without problem.  After Avast installed and I rebooted, my computer locked up and refused to complete booting.  I was able to use Windows "Safe Mode" to undo this, but a typical user might become stuck and this point with a non-functioning machine.

In general, it's best not to combine products of the same type from different vendors.  If you already have a product installed, and you are going to switch to whatever your Internet service provider (ISP) offers, it's best to uninstall the old product before installing the new one.

Keep in mind that once you uninstall the old product, you may have no active protection.  So, if possible it is best to first download the new product.  Then physically disconnect your machine from the Internet.  Uninstall the old security software, then run the installation program for the new software.  Once the new software is in place and running, reconnect your machine to the Internet.

Be careful of products that only download a "front end" installer but then need an active Internet connection during installation in order to download the rest of the product.  If you have one of these, you can't disconnect your Internet connection.  Try to uninstall the old product and install the new product quickly, leaving yourself exposed for as little time as possible.

As soon as the new security software is installed and you are again connected to the Internet, run the software's update feature.  There will likely be numerous updates for it that were created after the date when the installer was generated.

Once  the security software is updated, it's a good idea to run a full scan to make sure that your system is clean.

Free, but more work

If you don't have access to a commercial package, you can assemble a security suite out of free (for non-commercial use) products.  Some offer a complete suite; others serve only one or two functions and need to be combined with other products in order to build up more comprehensive protection.

Personally, I'm using Comodo's Firewall Pro for my software firewall:

For anti-virus and anti-spyware, I've been using AVG versions 7.5 .  Note that this version of AVG anti-spyware has reached its formal end-of-life.  The current version, 8.0, combines the two products into a single product.  The free version does not offer all of the features of the paid versions; in particular, it provides less pro-active scanning.  If you know what you are doing and are careful, this may be sufficient.  There is still some pro-active scanning, and you can always manually initiate a system scan.

When I had particular concern about making sure my system is clean from spyware, I added the "free" version of Spyware Doctor that is available via Google's software bundling service, Google Pack.  There are actually two free versions of Spyware Doctor.  The version from the Spyware Doctor site will scan but not remove threats.  The version from Google Pack will not pro-actively scan, for example when you download a file.  But it will do a manually-initiated system scan just fine, and it is capable of removing any threats that it finds.

Be careful about allowing Google Pack to install other software.  You can limit it to only installing the portions of the "Pack" that you want.  Pack seems to be very aggressive about taking control of the things that it installs.  I'd recommend limiting it to just Spyware Doctor.

PC Tools, the company that makes Spyware Doctor, also offers a "more modern" scanning program that attempts to identify threats based on their ongoing behavior rather than just a signature identified by a scan.  That tool, ThreatFire, also has a free edition available directly from PC Tools.  If used, it should be used in conjunction with a regular anti-spyware scanner and not by itself.  It's better at identifying ongoing malicious behavior, but its traditional scanning capabilities are too limited to be solely relied upon.

Finally, when Spyware Doctor was complaining about a file that AVG had no problem with, I located and added AntiMalwareBytes to the mix.  It was described online as being one of the few products that was fully effective against the problem that Spyware Doctor thought I had.  Further, it was described as being able to deal successfully with a number of threats that other security software packages failed against.

There are other high quality free products, but I have less familiarity with them.  Two in particular that I see mentioned consistently are Avira and Avast.

There are a number of resources for researching this software product category.  I've listed some at the bottom of this entry.

TANSTAAFL (No Free Lunch)

TANSTAAFL is the acronym for "There ain't no such thing as a free lunch."  The phrase was popularized particularly in Robert Heinlein's science fiction classic The Moon Is a Harsh Mistress.

The "free" products still require development and support.  They are free "for non-commercial use".  Typically, the company involved also sells commercial subscriptions and lives partly from this.  But if their income is not sufficient, the product will decline and they may go out of business.  If you use one of these products regularly, you should consider purchasing a license to support its continued development and support.

Further, in doing so, you allow the product to continue to be available to those who cannot afford or obtain a license.  Since the Internet is one big intersection, this benefits you and others indirectly by ensuring that more of the machines that you interact with, or that interact with the sites you use and rely on, are clean from infection.  With malware thus limited, the system works better for everyone.

If you purchase a license, you do want to be sure you are accessing the legitimate website for the company/product involved, and that the transaction is secure.  That topic is outside the scope of this blog entry, but I wanted to caution those unfamiliar with web purchases against making them when they are not sure it's safe.


No comments:

Post a Comment