[DM-MUG] Safe computing using Windows on your Mac...

Bryan Baker ka_klick at mac.com
Wed May 16 12:40:15 CDT 2007 

One big one that applies to all major platforms (and is ignored  
below, and would lessen the need for some of it) is:

Do NOT run day to day as any form of Administrative user!

Create a separate account for that and only use it to authenticate  
when you NEED to install or configure software.

YES it's less convenient, but it's an order of magnitude more secure.  
It's even more inconvenient at times in windows, becuase too many  
lazy developers haven't adapted to the current climate and insist on  
people running as admin - there's usually ways around it and you can  
always use "Run As..." I run a statewide organizations IT, which  
would be one of the largest law firms in Iowa if it were thought of  
that way, and all the workstations (except mine) run Windows, I make  
them all use LUA (Least User Authority) and it helps. We also use AV  
and anti spyware software, but it has less to do if you run w/ LUA.  
Yes it's a pain w/ some software, but it works.

If you can drop things into "Applications" it's time to think about  
re-working the way you use your mac too.

On a Mac it's much easier to run this way and it only really surfaces  
when I want to install or upgrade something, and then it simply asks  
for authentication to elevate the task I'm doing. Please, stop and  
have a hard think about this, since:

"If you can install software w/o nagging, so can a virus/spyware."

Here endeth the sermon.

On May 16, 2007, at 12:20 PM, Victoria L. Herring wrote:
> This guidance from the MacLaw list I am on seemed to be good advice  
> to share.
>
>>
>>
>> On May 31, 2007, at 12:42 PM, Carol Shepherd wrote:
>>
>> > So it sounds like I could avoid viruses completely by A. not
>> > getting any
>> > email via Windows and B. not browsing the Internet via Windows  
>> and C.
>> > not allowing untrusted CDs or other media to upload things to the
>> > Windows side--does that sound correct?
>>
>> That would make it very unlikely.
>>
>> But don't let the fear of Windows viruses freak you out. The reason
>> most people who get their PCs infected do so is because they practice
>> unsafe computing, notable failing to keep their antivirus software up
>> to date. In a nutshell:
>>
>> 1. Use antivirus software and keep it up to date.
>> 2. Don't copy files from media which hasn't been scanned, if it's
>> coming from another Windows user.
>> 3. Use an anti-spyware hosts file so that if you DO need to access
>> the Internet, the majority of malicious sites and ad-serving sites
>> are blocked. See <http://www.mvps.org/winhelp2002/hosts.htm>. Their
>> hosts file is free.
>> 4. If you need to access the Internet from your Windows VM or
>> partition, use Firefox if possible. I only use Internet Explorer if
>> I need to access a site which requires it to work.
>> 5. Keep up to date with the latest Windows security patches from
>> Microsoft. Set XP to fetch them automatically.
>>
>> Yes, doing the above is a PITA, but will make it very unlikely that
>> your system will get infected. It's less of a PITA than getting your
>> system infected.
>>
>> One GREAT thing about Parallels is that once you have a Windows
>> Virtual Machine setup, you can easily back it up by copying it to a
>> DVD or an external drive. This way you can maintain a known good
>> configuration, and if the working copy gets corrupted or infected,
>> you can wipe it and start over.
>>
>> ---
>> David S. Markowitz Attorney at Law & Network Consultant
>> davemarkowitz -at- mac.com http://www.davemarkowitz.net/
>> 120 Shasta Road http://keystonestatelaw.blogspot.com/
>> Plymouth Meeting, PA 19462 (Cell) 610-389-1724
>
> --
> Victoria L. Herring, Des Moines, Iowa -  Civil rights,   
> Discrimination and Employment Law Attorney;  Des Moines, Iowa:  
> http://www.herringlaw.com.  Ph. 515/255-4475;  iChat AV:   
> victoriaherring at mac.com.
> _______________________________________________
> DMMUG mailing list
> Use this Address to send mail to the list:
> DMMUG at dmmug.org
> Use this page to modify subscription options:
> http://cialug.org/mailman/listinfo/dmmug

--
Bryan "ka-klick" Baker
Singer/Songwriter
With 2 New CDs!!! See my website for details
kaklick_martin at mac.com
http://ka-klick.com

More information about the DMMUG mailing list