Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Running Without a Net

I discuss those few brave individuals who run Windows without recommended protection.

Become a Patron of Ask Leo! and go ad-free!


Transcript

This is Leo Notenboom for askleo.info.

Every so often I hear of people who run Windows without anti-virus or
anti-spyware software. A good friend of mine runs this way, and the other day I
happened to hear that a couple of high profile tech industry folks do the
same.

Now, while it might be OK for them, I’m concerned that it sets a misleading
example, and might cause others to think that they can get away with doing the
same.

Here’s the deal.

If you’re behind a firewall, and if you really know what you’re doing – and
I do mean really know what you’re doing – it is possible to simply
avoid almost all sources of spyware and viruses.

Unfortunately while the rules sound simple, in practice they’re not. And one
little mistake on your part can result in disaster.

In order to run without malware protection:

  • You would need to never open any email attachments unless you’re absolutely
    positively certain you know where it came from. Absolutely positive – if
    there’s any question at all, the attachment is discarded, no matter where it
    looks to come from. Some folks simply reject all attachments.

  • You would need to never download anything from the web, again unless you’re
    absolutely positively certain you know it’s from a trusted source. Absolutely
    positive – if there’s any question at all, you simply bypass the download.

  • You would never visit any website that might be considered “questionable”,
    since those are often a source of spyware and other malware. You’d probably
    need to tighten the security settings on your browser – including turning off
    Javascript on sites you don’t absolutely trust.

And so on. The key to running safely without malware protection is extreme
skepticism – don’t trust anything – and what I’d call a lower level of
curiosity – don’t visit or run anything just to see what it might be. It
requires a lot of knowledge and experience to know by looking what is, and is
not, potential malware, and to act accordingly.

Knowledge and experience most folks don’t have.

The fact is we all need to be wary and skeptical and develop that sense for
what is, and is not, legitimate, but that only comes with a lot of time and a
lot of experience. For 99% of Windows computer users out there, there’s simply
no excuse: you must be behind a firewall, you must run anti-virus software, you
must run anti-spyware software and you must keep the databases for all these
tools up to date on a daily basis.

I supposedly know what I’m doing, and I run these tools anyway. The cost is
low compared to the cost of infection.

I’d love to hear what you think. Visit askleo.info and enter 11030 in the go
to article number box and leave me a comment. While you’re there, search over
1,000 technical questions and answers on the site.

Till next time, I’m Leo Notenboom, for askleo.info.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

13 comments on “Running Without a Net”

  1. Let me begin by saying I’m not an expert with computers. As a newbie, I’ve tried to “edumacate” myself. But it’s really confusing when it comes to antivirus and antispyware programs. You’ve got freebies and paid. You’ve got scan only and real-time monitoring. You’ve got stand alone programs and you’ve got security suites. You’ve got experts saying all you need is one AV program, etc. but another expert says you should have more than one because not every program is 100% effective 100% of the time. You’ve got some people saying “ABC” antivirus is a memory hog, makes your computer run slow, but it’s effective. Someone else says “XYZ” AV is a lite version, doesn’t hog memory, it’s better. And then you’ve got the companies themselves and their own advertising hype. How does the average user separate the wheat from the chaff?

    As a consumer, I want the opportunity to “test drive” a program for 30 days under my own real-life conditions. I’d be willing to pay a reasonable fee. But I don’t want to get locked into a 1 or 2 year subscription and I don’t want a program that can’t be uninstalled short of reformating my hard drive. Is it any wonder some people just throw up their hands in frustration and just take their chances?

    Reply
  2. The only known damage I ever rceived was from vigilanties accociated with the DVD industry. I allowed “Interactual Player”, a suposidly legitimate program, out through my firewall and as a result lost approx 20 GB of my family photographs. Regardless of how knowlegable you may be never connect a computer to the internet without understanding and use of security. To not do so is like leaving your wallet on the sidewalk over night and expecting only honest people to walk past. D.D.

    Reply
  3. yeah, I pretty much know what I’m doing but I go to alot of questionable sites and download alot of questionable files so I rely on my security programs alot. On this computer there’s Norton’s suite plus cyberhawk, windows defender, ewido, spy sweeper and trojanhunter. I’ve never had a problem that they didn’t catch…so I recommend using as many security programs as you feel safe with…lol

    Reply
  4. Hi Leo,

    I was actually just thinking of disabling AV and AS etc. I gave up on Windows and started using linux, specifically Kubuntu. Since I have a history of XP docs etc., I set the linux up on one partition and the XP on another, dual boot I think it’s called. Kubuntu is nice; loaded in about 15 minutes; no more viruses, no more spies, no more worms or germs (for now). And it’s graphical (read: no typing gibberish into a black terminal screen). Anyway, I still go back and boot XP and use it since I need to visit sites that use plug-ins and authentications which are NOT linux supported. But XP is so slow compared to linux. And, there are something like 60 updates to XP; it was gonna take an hour or two just to patch it. Then, load the antivirus, update it; load antispy, update it; then wash windows; then fix registry; then optimize. Yeesh; so… why not run XP behind my firewall, without protection, only visiting the two or three official sites I need to? Honestly, even if I “protect” my XP, I’m just going to have to wipe clean soon anyway since it is now standard protocol to wipe XP clean and re-install every few months anyway, yes?

    Reply
  5. hey todd, why would you have to reformat if nothing’s wrong? I don’t know much about linux but I suppose there’s some maintenance with it. No os is perfect…plus linux has a big learnin curve and windows is more accepted around the world. lol…I know most linux users profess it to be perfect and windows is satan’s os….but with my protection I’ve had no problem, and I go to all the sites not recommended…p2p sites, crack sites, and generally any warez sites. My point is you can use windows for any site or program as long as you protect yourself right. lol…and they don’t cost ya anything…

    Reply
  6. Hi Leo,

    GRRRRReat website!
    Regarding Running Wihout a Net? “Does it make any difference if you run alternative non-windows mail clients and browsers like Mosilla and non-outlook mail clients? I have heard that people who do not run anti-virus software or anti-malware (supposidly to speed up their pc) use these alternative clients because they can not be penetrated by viruses. Of course if you download anything, or open a virus attachment you will also get a virus. I was wondering since the MAC community boasts of less or little vulnerability if using alternative software levels that playing field?

    Bill Zimmermann San Diego
    Monogram Systems Computer Systems and Consulting Inc.

    Reply
  7. Email programs aren’t nearly as critical as they once were. More importantly is simply the knowledge not to open unknown attachments.

    Reply
  8. yeah, most free email servers scan all the attachments and let ya know if its suspect, then lets you choose to download it or not….of course if your machine is protected enough you can download anything….I do…

    Reply
  9. Well, as first regarding the “real-time” protection (be it anti-virus or anti-spyware), I am personally more and more against it. And the main reason in my case to stop “torturing” my computer with “protection” from all these programs (again, I am talking in particular about those programs offering “resident” protection of any kind); is that in all that time they haven’t “catch” anything. But it’s true that even before realizing that I’ve only trialed a few of this type of programs (mostly for not more than a week or so), and that was pretty much it. Finally, I visit more or less same “set” of trusted/well-known websites during my online sessions (i.e. when being connected to the Internet; note that I am still on dial-up so I am not connected 24/7), while I also rely on common sense, so that must be it I guess.

    And secondly regarding the firewalls (particulary “two-way” ones); this particular question was discussed many times on Ars Technica forums where I participate (one such thread was for instance the relatively recent “Kaspersky AV vs. F-Secure AV”: http://episteme.arstechnica.com/eve/forums/a/tpc/f/99609816/m/155000260831 one), and the consensus seems to be (i.e. what the majority of members are saying) that, quoting: “Once the malware is on your computer you are owned. It could turn off your firewall and disable the security center, same result, more headaches.”, although you might notice my post (my nick is “shirker”) in which I say the following: “Yes I agree, it certainly could… But there is also a possibility that it wouldn’t. I mean, there are so many different firewall-programs out there, that it’s almost impossible to “target” them all.” However, I do fully agree with Ars Technica members in regards to other “aspect” of them, i.e. it’s that the average/inexperienced user could never really know for sure what to allow and what not (which process trying to establish/accept connection) when being “asked” by firewall, which was precisely what happened in Don Davis’s case, as we can all read above. That’s why I use default Windows XP SP2 firewall and am completely content with it.

    ________

    best regards,
    Ivan Tadej, Slovenia
    http://tadej-ivan.50webs.com/

    Reply
  10. The only secure computer is at the bottom of the ocean in a location known only to the owner, who is anchored to the computer!!!
    You do not need a safety net (except a completely stealthed firewall) if
    1. You are completely familiar with every single one of the well over 1,000,000 threats to computers.
    2. You know exactly what precautions to take to avoid each of the over one million threats, using the precautions that Leo recommends.
    3. You take practical measures to protect your operating system (sandboxes, VM, etc).
    4. You are not gullible or greedy, and can recognize offers that are too good to be true.
    5. You know and understand the capabilities and limitations of protective measures that anti-virus and other anti-malware programs offer.
    6. You understand the trade-offs of protection and performance.
    If you are uncertain about any of the above items, then you need the insurance that security software/hardware provide.
    Happy New Year Leo, and thanks for all the valuable tips and assistance.

    Reply
  11. I fix pc’s every day … the largest volume of work being malware removal and resulting system repairs … unless the malware is poorly written or designed to take control of the pc to purposely get your attention, you may never know the infection is there.

    I have yet to find a completely clean pc, even among those with protections in place.

    I DO know what to look for, yet I run the protections that Leo suggests, as well as being behind a hardware firewall and running only inside a sandbox, as I’ve seen the mess malware can quietly and surreptitiously make without any red flags at all.

    Reply
  12. I run no AV
    And have no problems.
    Basically I hate AV programs asking me whether I REALLY want to do that.
    And since I’d say ‘sure’ anyway, it doesn’t help.
    BUT I do know a LOT about what I am doing, and if I do get infected I am prepared for it. (Not as well as I should be, but all important data is backed up, or I would have no problems with live cds for data recovery on a corrupt OS.)
    AV doesn’t protect you from phishing and similar scams, and is nowhere near 100% accurate. Its about as accurate as I am manually…. without hassles…..

    Reply
  13. If you start windows as a “guest” account without any administrator privileges, no program can be installed on the machine.

    Have you heard of “sandboxie” ? anything that reaches the computer stays in the sandbox and can be selectively written into the machine.all else deleted.

    Have you heard of “system protection ” software ? All changes to “C: drive” are lost when you close windows.So any malware also gets deleted .

    No need for ANY protection if you use these.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.