What can we trust as a user? One of the biggest problems in security is that the user seems to place a lower threshold on computing trust than they would in everyday life.
For example, who would you trust to look after your wallet? A few close friends, relatives, banks and officials (perhaps a policeman).
Would you trust someone you just met, or a stranger walking along the street? Certainly not!
What about your door keys? Would you give these to a stranger to look after?
What about something less valuable? Say a bag containing some shopping or even just your coat or umbrella?
My point here, is we are normally very suspicious about people we do not know and will not trust them to look after our possessions.
Ok, now what about computing. Will you open an attachment from an unknown source? Usually not, unless it looks interesting enough (e.g. Britney Spears naked).
Will you visit a website purely based on a link given to you in an email? Probably, if it looks interesting.
Will you click yes to the dialog that tells you to install an ActiveX control to view the webpage? Again, you might if the website was interesting to you (more Britney...)
But in all these computing examples, you are dealing with someone you do not know and therefore cannot trust. It's ok if the 3rd party is someone reputable, like Microsoft etc. But to actually visit the website of an unsolicited email is potentially risky - an analogy might be to walk down a dark alleyway if a stranger says they have a nice surprise for you there - who knows if you will be mugged!
Most security breaches occur due to the user not using the same levels of trust in a computing environment to that they apply in their day to day lives.
Next time your firewall tells you explorer.exe needs to access port blah blah, actually take the time to read the message and make a thoughtful decision as to whether this is ok. If this message has not occured before, then be suspicious.
If you use your computer for internet banking, then treat it with the same level of care that you give to your wallet. Your banking login details are worth much more than your wallet - typically you keep much more money in your account!!!
A sad reality is that even if you have used a virus scanner on a executable file, provided by an untrusted party, you cannot be confident it is safe to run. The fact is that virus scanners only detect known viruses, and it takes very little effort to disguise a known virus to be undetected to the scanners - this is why we suffer the problems of "botnets" inflicting massive financial damage through distributed denial of service attacks (DDOS). Executables should only be trusted if you have purchased them from a trustworthy company, received them from someone you can explicitly trust with computing or you have examined the binary through a disassembler.
The anti-virus companies are not doing their job properly at the moment, and the world is suffering an increased level of DDOS and spamming as a result.
I will be explaining what the deficiancies of virus scanners are in my next few blogs and will demonstrate how they are being defeated by hackers.
Right now, it's time for bed.