Helping people with computers... one answer at a time.
After following all of the recommendations to keep your machine safe and secure, it's tempting to think that you're done and you are now safe. You're not.
If my Windows firewall is active, my line through my USB modem is authenticated and encrypted, and I have anti-virus and anti-spyware installed on my device, does that mean that I am safe and my laptop cannot be hacked?
First, let me say good on you for having all of those security measures in place, knowing what they are, and being aware of security in general. That alone puts you well ahead of many.
I get variations of your question frequently, so I'm going to address it and a few of its related issues.
To be blunt, the answer is very clear and simple:
Why it's "no", after having everything in place as you describe, requires a little explanation.
One clarification: I'm going to lump "hacking" (unauthorized access to and use of your computer) with malware infections because it's usually by placing malware on your machine that hacking is most likely to occur. Regardless of how you view it, the same concepts apply.
There are three ways that malicious software can still weasel itself into your machine:
You could let it in.
Your security software could let it in.
Hackers could figure out a way in.
Let's look at each of those.
Assuming that you had perfect security technology in place in all of the roles that you list and even a few that you don't, there remains one weak link in the chain of security.
Don't take it personally. We're each the weakest link in our own security. That includes everyone, from the clueless newbie to the most seasoned veteran.
The problem is simple: we all make mistakes.
And no software, technology, or security system is going to be able to protect you from yourself.
If you accept and run what turns out to be a malicious download, you've just bypassed your firewall and many of the other anti-malware tools that you've placed on your machine. If you blindly click OK to a warning that your system or software provides you, then you've just bypassed all of the security on your machine.
The single most important thing that you can add to improve the security of any machine that you run is your own education coupled with a healthy dose of skepticism.
Actually, there's no such thing as the "best" anti-malware tool. Some are better than others, but none are perfect.
No anti-malware tool or combination of anti-malware tools is guaranteed to stop all malware.
Even whatever it is that you consider to be "the best".
That's not a negative reflection on anti-malware software vendors - it's simply the result of two different things:
Different anti-malware tools use different techniques and technologies to look for malware. Infections that one tool or technique might catch could be missed by another. That's not the intent, but it's simply how these different software solutions work.
Malware is always on the move. You've seen me recommend that not only do you run the most up-to-date version of anti-malware tools, but that the databases of known malware used by those tools should be updated daily. If malware suddenly appears that your malware tool has yet to know how to detect, your machine remains vulnerable.
That last point actually leads into the next.
I've characterized the malware landscape as a race between anti-malware tools and techniques and the writers of malware.
These days, most malware authors are smart - sometimes scary-smart. They're constantly looking for previously undiscovered vulnerabilities in systems that haven't been patched yet and then quickly writing malware - often very sophisticated malware - to exploit those vulnerabilities. They then just as quickly deploy the newly written malware before the anti-malware tools have a chance to catch up and detect the malicious software.
The more complex and sophisticated that the malware is, the more difficult that it is to detect. As I said, hackers aren't stupid; they put a lot of effort into creating malware that is as difficult as possible to detect.
Sadly, there's a lot of money in malware, botnets, and other related illicit technologies that the incentive remains for hackers to keep creating it.
Throw the complexities of international law into the mix to make finding and prosecuting hackers extremely difficult and you'll quickly see that they're not about to stop any time soon.
Staying safe on the internet is, in part, an educated game of chance.
I say "educated" because by being aware of the issues yourself, by putting appropriate security measures and software into place, by understanding what is and is not safe, and by maintaining a healthy dose of skepticism (if not paranoia), the internet can be a richly rewarding and safe place. I know it is for me.
I just don't want you to ever think, "OK, I'm totally safe now," for any reason. You're not.
Thinking that you're completely safe is a recipe for letting down your guard. Sadly, that's something that you should never, ever do.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.