Helping people with computers... one answer at a time.
While it seems like temporarily unplugging from the internet would block much of what malware might do, in reality it doesn't stop much.
I have a file on a USB which contains my bank details. Presently I switch off the router and load this file from the USB, work on it, disconnect the USB and switch on the router.
This is a bit tiresome. I have Avira and Threatfire protection.
If I leave the file on the computer itself, will the software listed above and the router protect me from anyone on the Internet entering my computer and reading my files?
There are really two questions here:
1) Does disconnecting help?
2) Do you have enough protection against malware?
The answers are: not really, and maybe - maybe not.
I think there may also be a misconception about how malware works.
There's a common fear that hackers randomly connect to your machine while your using it and suck up all your data or important files.
That's not at all how the vast majority of data theft occurs.
For one thing, you have a router. No one can "reach into" your computer uninvited. That's what a NAT Router acting as a firewall prevents completely.
Disconnecting your router or disconnecting from the network prevents the same thing that your router is already protecting you against quite well.
No, for a hacker to access your data he either has to be sent the data somehow, or he has to be "invited" in to your computer somehow.
That's where malware comes in.
For a hacker to have access to what you're doing, either of two things have to happen:
You had to let him in. In reality, of course, it's not you at all, but malware that has already infected your machine. Once your machine is infected malware can easily establish a connection to an overseas hacker and invite him in. That person could then do whatever he wants on your machine.
You sent the hacker your data. Once again this isn't you, of course, but malware on your machine. In practice hackers aren't interested in going out to machines one at a time and poking around; that's much too time consuming. What they prefer is to have hundreds if not thousands of machines automatically sending them sensitive data when they can.
While pulling the network plug could stop the direct-connect hacker in his tracks, he could have left behind a present: malware that automatically reports back.
And it's that kind of malware that you're more likely to run into on your own, without the hackers direct intervention.
Let's take a keylogger as an example.
Sending each keystroke you type across the net as you type it is pretty inefficient, and actually makes it easier to detect that there's a keylogger installed. While there are probably keyloggers that do that, more robust ones will do something different.
What's more likely is that the keylogger will simply quietly collect data as you type. It won't send it right away, it'll just collect the keystrokes, and perhaps mouse clicks and screen shots, and wait.
At some point, when it's accumulated enough data it then sends that bundle of data off to hacker headquarters. It might be a direct connection, it might be via email, it might be via any number of means.
But the key point here is that while you were typing and working on your sensitive data the malware wasn't using the network at all; it was just collecting data. It's not until sometime later - after you've probably reconnected your network - that the malware finally sends off the fruits of its labor.
The keylogger's an easy to understand example, but it applies to almost any malware whose aim is to steal data. Many are in fact quite tolerant of network problems and if the network is disconnected when it tries to upload your date, they'll often just wait a while until you've reconnected.
Disconnect all you want; the malware will wait.
The common thread above is malware, and the possibility that your machine was indeed infected with malware sometime before you began working on your sensitive documents.
No malware, no problem.
Which makes the second question I'm asking all that much more important: are you protected?
The software you have installed seems reasonable.
But there's so much more to internet safety than just installing a couple of anti-malware packages; Are they keeping themselves up to date? Are they configured properly?
You have a firewall in that you're behind a router (I'm assuming it's a NAT router, since most are). That's great.
Are you keeping your machine up-to-date with the latest patches and updates?
Do you know how to recognize phishing scams? Bogus email? Do you regularly open attachments from people you don't know, or that you weren't expecting? Do you like to visit "questionable" websites? Download illegal music or videos?
Do you use free open WiFi hotspots and know you know how to keep your computer safe when you're doing so?
Do you use weak passwords, or even worse - the same lame password everywhere?
All of those things, and a few more, can compromise your computer and result in malware infections, account theft or other scenarios that you just don't want to have happen.
Are you protected?
I have no idea. The answer to that is about much more than what's installed on your machine.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.