What kind of computer threats will you face in 2009? I started this article hoping to craft a table to display various credible sources and their predictions for computer security in 2009. What I found, however, was chaos, with widely varying predictions from pundits and posers.
How is one to judge whether each source is credible? News is no longer believable like it was back in the Walter Cronkite era. The only safe course is to believe everyone and to believe no one, because the truth is simple: nobody knows what will come next in terms of attacks against personal computers.
The complexity of this topic is such that Jane and Joe Computer User have no way to adequately protect themselves without becoming experts in the field of computer security. That’s an unreasonable demand, but
read on, because there is a solution that may just work for you.
Computers should be like toasters
Most of us just want our personal computers to be like toasters: reliable, simple, and automatic. I’m still waiting for the computer that meets these criteria.
Security solutions designed to protect average computers users have become terribly confusing and burdensome to install and maintain. This means some systems are certain become vulnerable, because maintaining these complex systems just doesn’t get done.
There is no common language among professionals
To complicate the life of Jane and Joe, vendors of security products are balkanized, developing and hawking their wares with little cross-talk between them. Even the names for various viruses differ between vendors. That is like having several doctors reviewing a medical issue but each speaks a slightly different language. Leveraging the collective wisdom of these experts becomes impossible because there is no lingua franca, and because normal business models effectively prevent cross-fertilization of key knowledge and ideas.
Computer and data security for home users and small businesses shouldn’t be like bowling, where the skill of the individual determines the outcome. That paradigm presents a world of plums ripe for the picking by those who wish to take advantage of vulnerable people and systems.
There is an obvious need for a solution that integrates the detection, blocking, and removal of viruses, malware, trojans, bots, and all the other labels we give to the stuff seeking to enter our computers and do us wrong.
What about security suites?
I’ve used current versions of several security suites promoted by major vendors, and I find them severely lacking in usability. Some pop up windows so often they are disruptive to the end user. Some simply block content silently, leaving Joe or Jane wondering why some content isn’t being displayed. They are resource hogs. Some are notorious for being difficult to remove from a system when the end user becomes so irritated the preferred solution is to simply uninstall the software.
We rarely talk about another Achilles heal: these software solutions reside on the very platforms they are trying to protect, so if the platform is compromised, it may be possible to silently compromise the security software, giving users a false sense of safety as they do their emailing, banking, investing, and shopping on the internet.
There are some solutions that do not rely solely on virus signature for detection. These products are not as mature as I’d like to see.
We need a security toaster
What Jane and Joe need is a separate hardware appliance dedicated to running the various firewall and virus/adware/malware/phishing detectors/blockers. That appliance needs to be read-only, requiring authorized intervention to update. The appliance should be manageable by an above average computer user, or optionally managed remotely through a subscription service. That’s the best scenario I can think of at this point in time.
A security appliance like this would provide some key benefits:
- Some processing load is shifted off Joe or Jane’s personal computer.
- An additional layer of security means penetration and compromise likely becomes more difficult to achieve.
- A read-only configuration provides some surety against remote attacks against the security system itself.
- A single appliance that consolidates these features can provide protection to multiple downstream computers.
- Remote management can allow average end users to enjoy their computers with far less exposure and worry.
- Offloading the security solutions can make protection less easily bypassed by other users on the same network.
And a security toaster exists!
Do such appliances exist? Yes. Probably the most reasonable one is the D-Link DSD-150 SecureSpot Internet Security Adapter. Described by the vendor as an “all-in-one, whole home, internet security adapter,” this inexpensive device may be a viable solution for folks looking for simplicity and protection combined.
Compare this device with the usual alternative for a home network: individually purchasing, installing, and maintaining the necessary software on each and every computer on the network.
WARNING: Such a device does not mean you should go without antivirus software on every computer, but free or low-cost solutions on each computer may be sufficient to provide the additional layer of protection, rather than buying expensive name-brand solutions. You should always protect every computer in case another layer of
What about open source?
Are there open source solutions? Sure. The one I like the best is DansGuardian. It is a robust, widely used solution that provides real protection. The downside is that DansGuardian must run on a separate computer, and it
doesn’t run on Microsoft Windows. Thus, while I am a proponent of open source software in general, running a separate server on a home network falls outside the context of this article, which is about simple solutions for Jane and Joe Computer User. For that, the D-Link appliance is a more likely solution.
Links to some reviews of the :