How To Properly Utilize Anti-Virus Software Reviews

August 29, 2011

As with several of my blog posts, this post is derived from my experiences providing volunteer support on AVG Technologies’ Facebook Community. Recently, I’ve noticed that some people, most notably a trolling community member who would return to post the same content each day, have started posting reviews and ranking lists of AV products from blogs as evidence that AVG is superior or inferior to other products.

Of course that same troll did bring us "AVG SOCKS!!!", so we can't really stay mad at him.



There are a couple of problems with this logic though.

  1. First of all, these are not necessarily reliable sources. It’s just some guy and his blog. There is no editorial oversight, there is no rigorous fact checking. These are not sources that you could turn in even to support your 8th grade essays, there’s a reason for that.
  2. Bloggers are people too. They are influenced by their own biases. A review or a product comparison is just the opinion of the person reviewing/comparing. The reviews will focus on the aspects that are important to them. They may focus on things that matter to them, but not to you. In the case of product comparisons, they may (even without knowing it) root a little too hard for their personal favorite product to get the top spot in the rankings (the very reason that I don’t do reviews on this blog, I have a bias, so it’s of little value to my readers.)
  3. Many of these people mean well and try hard, but have no idea what they’re doing. I touched on this in point one, but there’s no oversight. If these guys get something wrong or make a mistake (which from what I’ve seen happens quite frequently) then you don’t get the full picture of the product being reviewed, and that does you a disservice as a consumer relying on this source for accurate and unbiased information.
  4. In the case of YouTube videos of guys “testing” AV software, there is no utilizing the scientific method, a lack of testing standards (such as failing to use the same hardware and software environment, set of malware, etc to test each product), tests which don’t represent real world applications of the product, “It’s great that you can show me how this product would hold up in your controlled lab testing environment. It’s not so great that the controlled environment you created does not represent real world methods for how computers become infected, and therefore means nothing outside of your controlled experiment,” and generally a lack of common sense altogether.


I’m sure I could take this further, but those are personally my biggest issues with the logic of “I read this product sucks at *insert unknown, unemployed basement dweller’s blog*, so it must be true! They have tests and everything!”

So, where does this leave you as a consumer looking for information on what product to choose? Well, here are a few more points to consider.
  • Online reviews and comparisons can have value, but be sure to look at a large sampling to weed out inconsistencies and/or false claims. If you see something that doesn’t pop up often in reviews, or seems inconsistent, but is still a deal breaker for you, then try doing a bit of research to verify the claims in the reviews before making a decision.
  • Whatever you do, don’t base your entire decision off one bad (or good) review. Understand that no matter how great something is, there will always be someone out there that it didn’t work for, or that it didn’t meet their expectations (or in many cases, they misused it and therefore didn’t get the desired affect from, but I digress), and even beyond that some companies pay individuals to pose as unaffiliated consumers online, to either boost the reputation of their own products, or decimate the reputations of their competitors, so you can’t just base your entire decision off what one person has to say. Like any data set, this information only has value when it is analyzed as a whole, giving you a full picture of what you’re really looking at.
  • My top suggesting for figuring out if a product works well for you or not, is to try it for yourself. Nothing you read elsewhere is worth your own personal experiences with a product. You can’t please everyone, so someone will always have something bad to say about anything, rather than basing your opinion off of what someone else tells you to think, try out the product for yourself, and decide if it works well for you based on your own opinion. Luckily with AVG you have the option of free trials or even a completely free version to decide if you like it before you buy!

This advice can serve you well beyond just choosing an Anti-Virus product like AVG, much of it applies to any buying decision you might base off of unverifiable reviews, comparisons, and other opinions.


Help AVG Win!

July 12, 2011

AVG was recently nominated for the 2011 Small Business Influencer Award! It is an award which “honors companies, organizations and people who have made a significant impact on the North American small business market.” AVG is certainly deserving of this honor, with their extensive efforts to help small businesses, such as AVG’s partnership with SCORE, a small business counseling service, to provide small businesses with educational resources and tools to help keep them safe online. After all, according to a recent USA Today article, “Hackers target small business websites because they know those companies “do not have the resources for sophisticated security measures.” It’s certainly not new information that small businesses are a common target for hackers and other cyber-criminals. Through the use of tools like AVG’s free Online Security Audit, small businesses can measure the threats to their company and with AVG’s extensive user education efforts on all fronts they can come to better understand the specific threats they face and how to mitigate them. It’s easy to see why AVG was nominated!

If you’d like to vote for AVG to help them win a 2011 Small Business Influencer Award, please click the vote badge below! This will direct you to AVG’s page on the Small Business Influencer website, where you can click the yellow “vote” button to the left of the description to cast your vote for AVG! Remember to come back each day to show your support for AVG, as you can vote again every 24 hours!


It’s Time: Take Personal Responsibility For Your Online Safety!

May 30, 2011

Rather than make excuses, take responsibility, educate yourself, and start making better decisions. You’ll be much more satisfied with the results.

Staying safe online requires more than just installing anti-virus software. It also requires that you have some understanding of the threats that are out there and how to avoid them. There are many things you can do that will undermine your anti-virus software’s protection. Social engineering, a popular technique among hackers and cyber criminals, is just one way that the bad guys can manipulate you into doing something that undermines your protection without you ever even realizing or understanding the weight of what you’ve done.

Technology allows us to do many great things, but it is not magic, it is not perfect, and we should never assume it can do everything for us. Anti-virus software is a tool to keep you safe, but as anyone should know, a tool is only useful in the hands of someone who knows how to use it properly and safely. A table saw is not useful in the hands of someone who will likely cut their hand off because they do not understand how to safely use it. Just as if you make a mistake and cut your hand off with a saw, you cannot hold Sears at fault for your injury, you cannot hold an anti-virus vendor at fault for getting infected if you don’t understand how to use your anti-virus software safely and effectively. Remember, you are personally responsible for learning how to use any tool you purchase, this includes your anti-virus software.

 

Just like this table saw, AV software is a tool that you must learn to use correctly. If you do not understand how to use it correctly then you may not find yourself very satisfied with the results.

 

A great way to better understand how to use your anti-virus software correctly, how malware infects you, what sort of sites to avoid, and what the latest and most effective threats are, is to become a member of the AVG Facebook Community! At the AVG Community you’ll find highly skilled AVG employees, as well as helpful and knowledgeable volunteers such as myself, who can and will answer any questions you may have, as well as help you troubleshoot any problems you’re having with your computer, AVG related or not! You’ll also get information on the latest threats and how to stay safe online right in your newsfeed! But don’t worry, AVG limits the daily posts so that they never overfill your newsfeed with too many posts. So come be a part of the most helpful online community on Facebook to take advantage of these great benefits and take personal responsibility for your online safety!


My Thoughts on the Social Networking Privacy Act

May 22, 2011

There is currently a lot of debate about the Social Networking Privacy Act, proposed by US Senator Ellen Corbett. The act seeks to force social networks, such as Facebook, to make it the default option that users’ information is hidden. I thought that I would join in on the debate as well, and logically I chose this blog to be my platform for sharing my two cents.

While I agree that it is best that privacy settings be set to their most secure and locked down state by default, I personally don’t believe the government should have so much of a part in it. This bill would benefit people who don’t know how to secure their information, but as others have stated, everything is not so cut and dry in Washington as the government would have you believe. I’m not into conspiracies and general mistrust of the government, but I do recognize that there is a lot of corruption in Washington, and that politics is a game of manipulating others so that your point of view becomes the law of the land. There are many sneaky things going on, sneaking things into bills and only discussing the positive merits of the bill, “grassroots” campaigns, PACs, and parties that are actually ran by major party members with tons of capital backing them up (that’s the meaning of grassroots, right?), and all sorts of other unfortunate shenanigans.


Government regulation of the Internet is a bad thing. All the rich guys (read: politicians) who don’t know what it’s really like to actually live in our world, to live on our salaries, or to deal with our daily problems, are not the ideal people to go to when it comes to deciding what’s best for the rest of us. Not to mention that many of these people further expanded their wealthy by abusing the power of their office. Take for example that many times large corporations donate to a candidate’s campaign. This is not free money because they like the candidate, this is basically a legal bribe, and when they have a certain piece of legislation that they want passed, perhaps something that is unpopular because it’s good for this small group of people and bad for everyone else, then they’re going to come to call in that favor. These are the sort of reasons that many of our laws today are against our own best interests, why our government’s power is growing far beyond what our constitution grants it, and why we don’t want them deciding what’s best for our Internet, because as a whole they tend to be uninformed about many of the issues they decide on, and easily influenced by the people who helped them get where they are, people who don’t tend to have anyone’s best interest at heart but their own.I agree that it would be wonderful if it could be as cut and dry as, “the government says you guys have to set privacy settings to hidden by default” and that was the end of it. Unfortunately, it doesn’t end there. Even more far reaching than anything else unfortunate that gets snuck into the bill that isn’t advertised to the general public, is the fact that by passing any piece of legislature, you are also setting a precedent. In our government, and our legal system (which is actually the Judicial branch of our government) precedents are very important. Basically what it means is that when you’re looking at whether to pass a new bill, or whether to decide on a case if you’re a judge, then you look at how people who are or were in your position decided on similar cases from the past. That’s why lawyers tend to study similar cases to the client their representing’s case, because chances are past decisions by other judges in similar cases will have at least some, likely a lot, of weight in the judge’s decision. The reason for this is that judges and politicians are only human, they cannot know every aspect of how everything in the world that they must decide on works, so oftentimes they look at past decisions by others in similar positions for guidance. My point being that if you pass a piece of legislature that approves government regulation of the Internet, even a good one such as this, then you make the next proposed government regulation of the Internet more acceptable. The next proposal for government regulation may not be such a good thing, but by passing this act, you’ve made it easier for a future unpopular attempt for government regulation to pass, because there’s a precedent for government regulation then.

I think that it would be great if it were that simple, but it really isn’t. I still think that the best way to go is education, like what we do at the AVG Community. Teach people that they need to be aware of what their privacy settings are. That they shouldn’t share anything online that they wouldn’t feel comfortable becoming public information. As others have correctly stated, no one but you is responsible for your data, and oftentimes when you put too much trust in someone else with your data, you’ll get burned. Keep track of what you’re sharing and who’s allowed to see it, rather than depend on a private company that’s only interested in profit (Facebook), or the federal government to take care of you.

Oversharing Is An Education Issue

I’ve also noticed that a lot of people complain that “many people aren’t “savvy” enough to know how to control their privacy settings.”

This is also an education issue. As we move into a more connected world, where almost everything is moving towards information, and the ability to access and share it from anywhere, anytime, we have to learn how to correctly control our own personal information. When you’re raising your children, you don’t go to the government and ask them to pass a bill saying that kids have to stay out of the street. You teach them not to play in the street, and what might happen to them if they do.

I like the analogy that “people who don’t have a license shouldn’t be driving cars.” In our connected age, it’s no longer acceptable to be ignorant of how to monitor and control your personal information. You need to be able to identify what’s personal, and when, where, and how you should share it. If you make an account on any type of website, you need to take personal responsibility for ensuring your information stays private. If you’re going to get behind the wheel, then for both your safety as well as the safety of others, you must first learn how to drive safely. The same can be said for getting online. If you’re going to share information online, then you should first learn how to do that safely, for your own benefit. It’s not as though there are a lack of resources out there. AVG regularly shares information through the AVG Community to help you, AVG employees and helpful volunteers (such as myself) are more than happy to answer any questions that anyone may have about how to safely share their information, this very blog has many articles about staying safe online, and there are thousands of other resources online to help you as well.

There’s no excuse for not understanding other than not taking the time and effort to try to understand. And I don’t find that acceptable in our information driven world. It’s akin to taking the wheel of a car without even knowing what it’s called and must less how to drive it. It’s no longer about “that’s too technical for me” that’s the same as saying that how the gear shift in your car works is too technical for you to bother to try to understand as you mistakenly plow into the car behind you while in reverse, because you expected to go forward. Information is an important part of our world today, and it’s only becoming more so important. I recommend you learn how to control it.

The answer to “people don’t understand how to protect their own personal information” isn’t to have the government protect it for them. Facebook and other social networking sites are by far not the only places personal information can be shared, this act isn’t a fix, it’s just a band-aid over the underlying problem.

This is an education issue. When you’re a kid how do you know to call 911 if someone is injured? How do you know not to talk to strangers? That’s because you were taught in school or by your parents, likely both. The answer to this problem is for correctly classifying information as personal and knowing what information to share and what not to share, as well as how to monitor and control that information, to become as much a part of the learning process as the common knowledge I referenced above.


I Have Anti-Virus Software, Am I Safe?

April 13, 2011

I’ve heard many different variations of the question “I have anti-virus software, am I safe?” from friends, family, clients, AVG Community members, and even strangers. As hot a topic as this is, I felt it was a question worth addressing.

This isn’t a simple “yes or no” question though. The short answer is “it depends.” There are multiple factors at play that can contribute to your susceptibility to being infected by a virus despite having anti-virus software installed, some of which include…

  • Which software you’re using is a key influence. As with pretty much anything mankind has ever manufactured, quality of products differs between manufacturers, and although software isn’t necessarily a tangible good, the same age-old rule applies. Some companies make a better product than others, and some of the free software is better than some of the paid software. Based on my personal experiences with many different AV products, my professional experiences working with my IT consulting business and many other businesses, and my extensive knowledge of InfoSec in general, I recommend AVG. Free or paid, I’ve used both and they both do a great job.
  • What features your software has available is equally important. This ties in with the previous point, different vendors offer different features. Some AV software includes sand-boxing (a type of virtualization) to put a layer of separation between files or applications and your operating system, some include social networking protection, or the ability to check the safety of websites without having to actually visit them. It’s up to you to decide which features are most relevant to your own personal computing habits and keeping you safe while you go about your typical online activities.
  • Your personal computing habits are an interesting element because this causes the answer to the question posed by this article to differ completely depending on who is asking it. There are actions you can take that will undermine the protection your AV software has afforded you. There are threats out there that specifically prey on your trust to manipulate you into allowing them to have their way with your computer. Through the practice of social engineering (basically a type of con), instead of superior coding and advanced technology, these threats can infect your computer. No amount of technology and features in your AV software will protect you from these threats. The best defense against these threats is safe browsing habits and educating yourself on the types of threats that are out there.
  • Some infections are unavoidable. It’s sad, but true. There are at least 25,000 new malware variants released each day. It is impossible to keep up with that volume of malicious software on a daily basis, and while many AV vendors do a great job of gathering samples, creating virus definitions, and getting those virus definitions released to their users in updates, as well as utilizing technologies like behavioral detection, none of them can catch everything. As such, at any given time there are at least a few, and likely many more, malicious pieces of software floating around the web that your anti-virus won’t pick up on.
  • Are you using multiple anti-virus programs? In the case of anti-virus software, less is more. Most anti-virus software includes processes which “lock” specific files, a way for the anti-virus software to dynamically monitor your files in real time. This works great with one program, but when you add a second anti-virus program that offers full, active protection this can lead to one program not being able to function properly, making it useless (but not preventing it from consuming your system’s resources) or even making it interfere with the functionality of the other anti-virus software you have installed. What’s the best solution if you want a second opinion when you scan? Use an on-demand scanner like Malwarebytes Free alongside your primary anti-virus software. Malewarebytes Free does nothing to actively protect you against viruses (so it won’t interfere with any AV software that does), and only scans when you start a scan manually, but it does a great job of detecting and removing most malware that may slip past your primary anti-virus software.

As you can see, the question “I have anti-virus software, am I safe?” has a multifaceted answer that differs based on which brand you’re using, how you use your computer, how educated you are on how the threats and scams work, and in some cases pure luck. You are of course much safer using anti-virus software than you would be if you were not, but it’s important to remember that anti-virus software is not your get out of jail free card to do whatever you want on the Internet and not worry about getting infected. You can increase your odds of avoiding viruses even more by practicing safe browsing habits and becoming more educated on how online threats work and how to identify and avoid them. One great way to do that is by “Liking” the AVG Facebook Community, where information on the latest threats and how to stay safe online is shared, and your questions can be answered by knowledgeable volunteers (such as myself) and AVG staff.


5 Simple Tips To Guard Your Facebook From Hackers

March 20, 2011

As usual, the idea for this post came to me through my efforts to provide volunteer support to the AVG Online Community. While researching an example to prove to another community member that AVG’s LinkScanner is superior to a competing product, I encountered an AVG user in the comments section of the AVG Threat Labs report page for Facebook. He stated that his Facebook account was being continuously hacked, and wanted to know what AVG could do to help him with this. While there isn’t really an outright technological solution to this problem, I decided to write this post to address this issue. This blog post is also featured on AVG’s Social Media Blog!

So I present to you five tips that will keep hackers out of your Facebook account.

1. Be sure to use strong and diverse passwords. Don’t use a simple and easy to crack or guess password, and don’t use the same password across multiple online accounts. If one account is compromised by a hacker then that same password can be used to compromise all of your other accounts.

2. Be aware of your security questions. Security Questions are backdoors built into most online accounts to help you gain access to your account if you should ever forget your password, so that you’re not just forever locked out of your account. Consider that with all the information we share on social networking platforms like Facebook, security questions with answers that can be readily found on your Facebook profile, such as “Where did you go to high school?, What was your first pet’s name?, or “What is your mother’s maiden name?” are not going to cut it! Also consider that many times the people who compromise your online accounts or steal your identity are people you are close to or know personally, so even more personal questions may not work in all cases. My recommendation is to make a contrived answer to the question that you can remember. This way even people who would know the correct answer to your security questions could not use them to gain access to your accounts.

3. Beware of phishing sites. Always be sure that you’re at https://www.facebook.com/ when you log in. That way you are sure that you’re not at a duplicate site that copies the look of Facebook and has a *similar* URL, but is actually a clone that will store your login information in a database for hackers. If you were to ever realize you submitted your information at one of these fake login pages, immediately change your password and the hacker will be unable to access your account when they later try the e-mail and password combination you accidentally provided to them. The above login address also has the benefit of being an encrypted login page! This is great if you’re on a public network, as it prevents other people on that same network from being able to intercept the IP packets containing your login information!

4. Always remember to log out if you access Facebook on a public computer. If you leave yourself logged in then anyone who finds your account left up on the computer in their house, the local public library, etc is a potential hacker! They can go through your personal mails, post status updates as you, contact your friends impersonating you, etc. Worst of all they wouldn ‘t have to do anything to gain access other than navigate to Facebook. So be sure to log out of Facebook on any computer that someone else may potentially use when you’re done with it!

5. Setup your account to experience Facebook through a completely encrypted connection whenever possible. This is again great if you’re on a public network or computer and want to be sure no one else on that network or who later uses that computer can get at your information or “sniff” your IP packets. Here are some great step by step instructions I found to setting this feature up on your Facebook account!

By following these five simple tips you can keep hackers out of your Facebook profile and be confident in knowing that no one is going through your personal mail or impersonating you through your account!


Craigslist Rental Ripoff

March 17, 2011

I recently visited the Anderson Districts I & II Career and Technology Center‘s Computer Repair and Networking Class, where I presented on the importance of end-user education in keeping users safe online, explained my work with AVG Technologies, and fielded some questions in a Q&A session with the students.

One thing that came up during that presentation was an anecdotal story from one of the students, who said his family were nearly victims of a home rental scam on Craigslist. I’ve heard similar stories from others recently, and another AVG Community member who actively helps on the AVG Facebook page encountered one as he was searching for an apartment.

Considering how renting property you don’t own seems to be all the rage amongst cyber criminals as of late, I thought I would share some tips to help you avoid these clever criminal entrepreneur’s schemes.

  • As Craigslist already suggests as a golden rule in any transaction, deal locally. It is unlikely that the owner of a rental property will live ridiculously far from the property being rented. So there’s no reason that the landlord shouldn’t be able to meet with you in person if the property is local.
  • Look for the hallmarks common to any scam:
  1. A convoluted back-story to provide a series of ridiculous excuses to avoid transacting in person.
  2. Requests for wire transfers.
  3. Assurance of a guarantee on your transaction (Craigslist provides no such guarantee).
  4. A poor command of the English language (grammar and spelling).
  • View the property and meet the owner in person. If you’re moving far away from your current location and cannot deal locally  I would recommend talking extensively with any purported property owner by e-mail first, looking for any of the signs mentioned above. By pre-screening you can weed out any scams before you waste your time and money traveling to see property you can’t rent or own.
  • Speak with the neighbors when you view a property in person. Chances are they will know about the owner of the property, and can probably tell you if it is indeed the person you encountered in your e-mail correspondence.  They will also be able to tell you if the property is really available or if it is currently occupied, a sure sign that you’re being ripped off.
  • Don’t send off personal information via e-mail before knowing you’re dealing with a reputable individual who does indeed own the property you’re interested in.
  • Don’t agree to having keys mailed to you for a self-guided walk-through for a small fee. This is also a common tactic across scams renting property they don’t own. This suggestion will of course be accompanied by the aforementioned convoluted back-story to explain why they cannot be there in person.
  • Cross check with other rental or realty listing sources. If property really is for rent or sale it will likely be listed in several places. But be aware that the scams sometimes try to pass off for sale properties as for rent. Just because it is for rent or sale doesn’t mean you’re really speaking with the owner.
  • Be on the lookout for deals that are just too good to be true. It’s easier to convince people to do something dangerous like wiring money to strangers if they feel like they’re passing up an amazing deal if they don’t. Even if it’s not a scam, if the price looks too good to be true there are probably some issues you need to know about the property.
  • Last but not least, go with your gut! If your instincts tell you something’s not right, trust them and back away from the transaction. Better safe than sorry!

By following the advice contained in these few simple tips, you can identify and avoid housing scams and rental scams on Craigslist, and feel confident in your digital search for shelter!


Follow

Get every new post delivered to your Inbox.