Ask Slashdot: What To Tell Non-Tech Savvy Family About Malware?

First time accepted submitter veganboyjosh writes "I got an instant message from an uncle the other day, asking me what was in the link I sent him. I hadn't sent him a link so I figured that his account had been hacked and he'd received a malicious link from some bot address with my name in the 'From' box. This was confirmed when he told me the address the link had come from. When I tried explaining what the link was, that his account had been hacked, and that he should change the password to his @aol.com email account, his response was 'No, I think your account was hacked, since the email came from you.' I went over it again, with a real-life analog of someone calling him on the phone and pretending to be me, but I'm not sure if that sunk in or not. This uncle is far from tech savvy. He's in his 60s, and uses Facebook several times a week. He knows I'm online much more and kind of know my way around. After his initial response, I didn't have it in me to get into the whole 'Never click a link from an unfamiliar email address' bit; to him, this wasn't an unfamiliar email address, it was mine. How do I explain this to him, and what else should I feel responsible for telling him?"

Re:Nothing

[Grishnakh]

This used to be good advice, because Macs were such a small share of the market that the malware authors didn't bother with them. This isn't quite so true any more.

If you want to get them a platform that won't be targeted by malware authors for quite some time, install Linux Mint on their PC. As a bonus, it won't cost anything extra (unless they have some shitty printer that has no Linux support, but a new Linux-compatible printer is much cheaper than a new Mac). As an extra bonus, you can install the KDE version of Linux Mint and assuming they're coming from XP or Win7, they won't even have to learn a whole new GUI paradigm.

Re:Nothing

[Austerity+Empowers]

What he's getting at is that any OS on any computer is vulnerable to this sort of attack. Any OS at all that has a web browser: Windows, OSX, Linux, Android, iOS, *BSD, Solaris, whatever.

Once you click that link and enter your credentials, you are hacked. No resident virus required that has to hook your system via known attack vectors. Of course once you are hacked, it is much easier to get to that next step, if that's important to the attacker. But usually it's not, they're perfectly happy with your accounts.

Re:Nothing

[hairyfeet]

Unless he is willing to be full time 24/7 tech support that would be a BAD idea. Just look at the serious guttings that have happened to Linux in just the last 5 years, ALSA for Pulse, Gnome 2 for GnomeShell then this funky ass hybrid of the 2, KDE 3 to KDE 4 (which was frankly shoved out in alpha quality at best by ALL the "user friendly" distros) and finally the changes in the wireless networking that has made USB wireless hit or miss, usually miss.

Frankly if you know what you are doing you can set up an "idiot proof" Windows that short of the old guy clicking "Why yes, I DO want to get infected, STFU and let me get infected!" then nothing is gonna happen. With this system I've had customers that picked up more bugs than a Bangkok whore on coupon day and they are squeaky clean. Everybody ready? Here we go..

You start by doing the most obvious thing, that is making sure all their software is up to date. Once that is finished you get their ass OFF IE onto something that doesn't have a giant bullseye on it, personally I prefer Comodo Dragon as not only does it have low rights mode like Chrome, but it also has Privalert, which will block all the tracking crap (you can of course whitelist any page with a single click, even grandma could do it) and you have the option of Comodo DNS which in this case i would say YES, use it, as it blocks many malware pages from loading. Once its installed go ahead and add ABP, in less he likes ads bugging the shit out of him, and I usually install ForecastFox as its nice to have the 5 day forecast and the radar right there.

Next you install Paragon Backup and Recovery Free as this will let you not only make a hidden backup capsule (think OEM restore partition, only custom made by you and up to date) but you can set it to any kind of schedule you like, including differential, daily, weekly, whatever. I used to use Comodo Time Machine as it allows you to restore even if they hosed the boot image but its not supported on Windows 8. if you are running 7 might want to check it out. Next you install FileHippo Update Checker and tell it to ignore beta releases. the reason you do this is to keep the old guy for falling for the "you need the latest flash, just download "Iz_Not_Bug_Iz_Flash.exe" right now!". you tell him if the little Hippo don't say there is an update there is NO update, period.

Finally you have the AV, here you can use either Avast free or Comodo IS, I prefer the latter as its not as "chatty" and has built in sandboxing by default but some folks like chatty, both are VERY good at stop malware pages before load and Comodo IS sandboxing means if the old guy does try to run something nasty it'll minimize the risk.

so there you have it, it looks more complex than it actually is, takes about an hour all told depending on how out of date the software on the system is. Once its done that's it, just leave them be, they'll be safe as houses. The browser is sandboxed and in low rights mode, you have the AV scanning every page before load, the browser is blocking ads (one of the biggest attack vectors) and tracking crap, and to top it all off the OS has a hidden encrypted partition with a backup image so if they by some miracle ever do figure out how to break something you can have it back up in under 30 minutes, no problem.