The tubes are full of baddies. It’s not enough anyomore to simply install an antivirus package and pay your yearly virus tax. Antivirus is becoming outdated. Granted, it’s still a requirement for all but the most elite computer users, but in the time of the always-on Internet connection we need to protect ourselves against all kinds of attack vectors. An attack vector is a means by which someone or some automated program can compromise and, in the worst cases, gain access to an innocent user’s computer or network.
As today’s software becomes larger and as release cycles become shorter, there are security holes in everyday packages like browsers (IE, Firefox, Safari, Opera and Chrome), add-ons (Flash, PDF readers, Java machines), utilities (OpenOffice, Microsoft Office, Picasa) and even the operating system itself (Linux, OSX, Windows).
Maintaining a constant watch over all of the programs that you may or may not even know you have installed can be a daunting task. Luckily, for the majority of you who are Windows users, a product called Secunia can help put your mind to rest.
Secunia offers three levels of protection. The first level, which is a no-brainer for everone, is a free web scan. Simply launch your Java-enabled browser and it will scan 70 common programs to be sure they’re up to date. If it finds a program that’s not the most current version, it lists it and provides links to explanations of the vulnerabilities in that older version. I wasn’t able to get the program to run under Chrome. Since Chrome requires the latest Java 6 update 10 release candidate, it’s not all that surprising that it doesn’t support everything we throw at it. Just run Secunia’s online scan in IE for now to check your system.
The second level of protection is their PSI – Personal Software Inspector. The PSI is a free-for-personal-use application you download and install. It scans for over 6,900 possible programs to be sure all the software on your computer is up-to-date.
The third level of protection is for business and is called the NSI – Network Software Inspector. It makes it easy to maintain the same level of updates as the PSI but on a multiple-system scale. It costs $30 per system per year.
I pride myself on keeping my software, nearly all of which is open-source, up to date. I have yet to run a scan on a machine where Secunia didn’t tell me at least one package was vulnerable. I’ll admit the business solution is a little steep for the average business, but the web scan is something that you should do right now and once every month. It’s free and crazy-easy and is one more asset in the reponsible computing tool belt.