I’ve recently been thinking about the concept that home computers make every end-user an administrator responsible for the building, maintenance, and security of their own system. It also pits the inexperienced home user against creators of spam, worms, viruses and other mal-ware – who are generally very intelligent and experienced. Does the average home computer really stand chance?
Most home computers may have an anti-virus software installed and possibly a firewall with all the default settings. Is this enough? Even a fresh from the manufacturer and right out of the box, the software is already out of date and needs to download updates. Computers can be high jacked within minutes of plugging into the internet. Attackers know the IP address ranges of ISPs and specifically target those IP addresses knowing it will be less protected home computers. The Conflictor worm infected an estimated 15 million computers in late 2008.
There is strong argument in favor of wiping the hard disk drives on home computers regularly and reinstalling all the software fresh. The advantage is that it will ensure that all viruses, worms, malware and other bad stuff have been removed, with the added side benefit of removing hidden software that slows machines down. The downside is that the effort to move the files off, wipe the HDD and reinstall all the software turns off all but the most diehard geeks. I try to do it about once year on my home machine but get some looks from my wife during that time when things are in transition and it isn’t setup the way she is used to seeing it.
I just took possession of new display screens at work. These large touch screens have a HDD built in running an embedded form of Windows XP and can plug directly to the network without separate computer. That is just plum picking for hacker. How many people will really think about upgrading the software in their display? Microsoft has software that runs in cars now too.
The only reason hackers continue to focus on home computers is because they are easy. As soon as we make home computers hard to hack, they’ll turn to other software based devices… our phones, PDAs, DVRs – any other device connected somehow to somewhere.