Once and Still a Techie Weblog

Choice Tech Tools Part II

Keeping a personal computer safe from malware and hackers should be a priority for any responsible netizen. It may come as a surprise to some of you but  having a firewall and updated anti-virus/spyware software isn’t necessarily enough to keep internet malcontents at bay.

Aside from having a firewall and installing anti-malware applications, you need to make sure your operating system is regularly updated with the latest security and stability patches. Everyday someone in the world, for either legitimate or illegal purposes, is trying to find a way to get into a computer system. And you can be sure there will always be a way. Quoting from a bulletin posted on the NIST.gov website:

“The more complicated a program is, the less secure it generally is.”

Vulnerabilities for computer applications are being discovered on a regular basis. In fact just last week a zero day vulnerability was discovered for Microsoft’s latest Operating Systems, Windows 7 and Windows Server 2008 R2. The vulnerability allows an attacker to remotely disable a computer by causing it to go into an infinite loop and basically hang causing a denial of service which would require a reboot.

So, going back to the part about being a responsible netizen. Let’s keep that OS updated and patched. But wait! The updating doesn’t stop at the operating system! Consider this, the typical computer has about 80 or so applications installed on it. I have 107 programs installed myself and I try to keep installed apps to a minimum (good luck with that, Rey.) Each one of those apps can potentially harbor a vulnerability that would allow malware to take control of your PC.

How do you keep track of  how secure those 80 applications are give or take a few? That’s what my next choice tech tool does best.

The Secunia Personal Software Inspector (Secunia PSI) can automatically take care of that for you. After installing PSI, it runs a scan of all your storage drives searching for all the applications, determines what version is installed, and compares it to Secunia’s online database of vulnerable applications. Once done it gives a report showing your system score, 100% being the ideal, and the number of insecure applications it has detected.

From the above screenshot (I changed the Interface Mode from Simple to Advanced, by the way), it looks like I have a System Score of 97% and some erring apps to straighten out. Clicking on the “Insecure” tab, here is what I see:

The “Insecure” Tab lists all the vulnerable apps. Looks like my love for gaming has gotten the better of me: Frozen Throne has a known vulnerability. But let’s take a look at what options I have available for Foxit Reader, my favorite alternative to Adobe Reader. By clicking on the plus sign before Foxit we see the following:

Under “Toolbox” I have numerous options but the most relevant option for getting this app off the list is clicking on “Download Solution” which automatically connects to Foxit’s server or a nearby mirror storage site and pulls the updated installer for me to download and install. For Google Chrome, I simply download the latest Beta version 4.0 and for Warcraft III, I installed the 1.24b patch as recommended by Secunia PSI.

Here’s how my system looks after a few minutes of downloading and installing updated apps and patches. Just the way I like it with a System Score of 100% and zero insecure applications

It’s all green across the board with just one issue. Looking a bit closer at the report, PSI is telling me I have one insecure browser:

Clicking on the “Secure Browsing” tab reveals that the offending browser is no other than Internet Explorer 8. It is Insecure with no available solution:

A quick check on the Secunia site reveals the main vulnerabilities in IE that remain unpatched have to do with System access (60%), spoofing (20%), and bypassing security (20%):

Being that there is no available solution to IE 8′s vulnerability, I have done all that I can to patch all my apps. I will just have to wait until Microsoft comes up with an update that eliminates that security hole. I only use IE to access sites for my work responsibilities, anyway.

Secunia, in 2008, became the company that found more vulnerabilities than any other company or so they say. So, they pretty much have the most comprehensive database on software vulnerabilities out there. Take note that it isn’t PSI’s job to inform you of newer versions of your applications if and when they become available.  It will only take notice if known vulnerabilities for your apps exist and point you in the right direction to rectify that either through a direct download to an application patch or to the manufacturer’s website for more information on a possible workaround.

So, if you’re in any way interested in maintaining a safe and secure personal computing experience, I highly recommend Secunia PSI. Secunia’s version for Corporate use is called CSI while an online scanner for those who’d rather not install the scanner locally is also available. The online scanner can only check up to a maximum of 70 applications, by the way.