|I'm trying to understand what security I'll need for my new computer.|
I've read a handful of articles about security in general, plus firewalls
and virus/worm scanners. I still don't understand how malware could get
access to my computer. So far I have not had any problem with malware,
but I don't know whether that is primarily because I have set up my
computers in such a way that they just aren't open to attack, or
because they have been such low-value targets that no malware
bothers to attack them.
My e-mail provider filters out much spam, but some gets through
the simple filter, so I have seen lots of e-mails over the years which
appear to contain viruses or worms. I simply have never commanded
them to be executed, so they have never done anything.
Firewalls seem pointless. My understanding is that they can either be
set to reject all input from locations that have not been pre-approved
(whitelist), or they can be set to accept all connections that have
not been pre-disapproved (blacklist). For whitelisting, I need to know
before I visit a website that it is safe. I have no way of knowing
whether any particular website is safe before I visit it, and probably
still won't know after I visit it. So unless I want to restrict my web
surfing to sites that I'm already familiar with, whitelisting appears
to be pointless.
For blacklisting, I need to know which websites are dangerous.
I suppose I can get a list of 200,000 sites that have been reported
to be dangerous, but such a list will always be out of date and will
probably be wrong to begin with. If I want to visit a site on the
blacklist, do I just accept that it is bad so I should forget about
visiting it, or what? I don't see what good a blacklist is.
As for firewalls, I understand that they can close Internet ports.
I have read that you can block all incoming connections on all
ports if you are not acting as a server for anything. So, why aren't
all such ports closed by default, and only opened as needed?
Can you explain any of this or provide links to explanations that
make more sense than those I've read so far?
-- Jeff, in Minneapolis