Why Updates are So Important: About Cars And Bombs
Install updates. Install updates of ALL installed programs. Please.
I cannot stress enough the importance of installing updates. But why is this concept so counter-intuitive? Because it's not related to the material world.
If we buy, let's say, a car; we drive, and sometimes, when there are strange noises or worse, the motor refuses to start, we bring it to the repairing garage. We actually see (or hear) the damage or its consequences. So if we take this concept to the computer, we would only call for help when the computer doesn't boot anymore, or our favorite program doesn't start. Virus warnings, who cares? And the even less intrusive little red or yellow icon notifying the availability of an update goes unnoticed. We can't "hear" the rattle of these signs unless we understand the connection between these signs and a working (computer) system. So let us see how a computer without any updates looks like.
You've bought you're Windows XP laptop years ago, for internet usage mainly, and the yellow exclamation sign in the task bar, the flesh at Open Office, the pop-up windows at Adobe Reader, you just ignored them. Why bother? Never change a working system, as long as my computer works, everything is ok. Suddenly a strange window appears: Virus warning, Conficker, what do you want to do? Repair? Delete? Ignore? Well, actually, you want to ignore it. And two months later, everything is still ok, but 6 months later, suddenly Windows doesn't reappear. Just a little blinking cursor is telling you that you actually pressed the power button. You cry out for help, your computer-savvy friend inserts a CD-ROM, does some strange, inintelligble things, and then diagnoses: "Your hard drive is completely empty. Have you formatted it? There are no files left at all." Gasp. What has happened?
In fact, the fault wasn't your's, it was Microsoft's. They didn't properly verify the commands coming from the network cable. Actually Windows thought, somebody wanted to access your Shared Files, but as he was decoding the command, the bomb exploded. But the "bomb" didn't devastate the computer. It just inserted a little program that can do one thing: call back to the owner. 5 Minutes later the little program, having called the owner of the program, has the instruction to send spam emails, viagra & co. And, of course, to produce other bombs for other computers. (Technical note: The Conficker-Worm actually did never load code to send spam or do other nasty stuff. But it was really good in producing copies of itself.)
Microsoft reacted rapidly: it corrected windows, effectively discarding the bomb before letting it in. This correction was sent as an update, and so every windows computer had a little shield: important update, please install me. Some users did. Some did not. The Conficker bomb continued to spread. And the users continued to work: their systems worked as usual. It's just that somebody from the internet could do on their computers what he wanted. And some day he decided to erase all prooves he existed, by erasing your hard disk (Note: This didn't happen at Conficker either. But it would have been possible.).
Happily, your friend was really computer-savvy. He inserted another CD-ROM and restored your data. But before saying: ok, everything's back to normal, he checked the disk for viruses. 12 found, 30 warnings. He sighed. He decided to reinstall your system. (Back to our car: if your car is running, why buy a new one? Well, if somebody has your keys of your car, you will have to replace your lock, don't you? And as it is really simple to build a new door into a computer, it is more easy to rebuild it from zero than finding all that tiny little doors.) After you showed him, which word files etc. you absolutely need, and two hours later, you had a fresh new Windows XP. But before your friend went home, he explained you how, why and when to install updates.
Let's go into practice. How can you avoid getting a prey of such a bomb? (My experience says, this whole procedure of your friend's visit takes about an entire day. You really want to avoid this. Other consequences of such a virus can be: giving away your passwords (phishing), giving away personal data / files, getting an accomplice in another's crime (spam, website attacks, extortion), ... well, just about anything a criminal can think of.)
- First, install an anti-virus and a firewall. (If possible, do it before connecting it the first time to the internet.)
- Second, whenever you can choose to, let the software install updates automatically. Windows itself has such an option. Install security updates immediately, and if you can't decide if it is security related or not, install it.
- Third, be careful with unknown sources or unknown files. If a stranger sends you a file (per Email, ICQ, whatever), delete it. If a friend sends you a file with a strange extension you never saw before (like .pif or .scr), do not open either. If you download open office, download it on the official site (http://openoffice.org), not just type "download openoffice" it into google and download it from a bad-designed (hacker) website, it may have been modified. If a stranger sends you a link, do not click on it - sometimes surfing to a site will be enough to infect your computer (when the respective update is not yet installed or does not yet exist.)
- Fifth, stay informed. Mailing-Lists such as https://forms.us-cert.gov/maillists/ (english) or https://www.buerger-cert.de/abonnieren.aspx (german) alert you when important updates appear.
If you are using a Mac or Linux machine, you are less likely to be attacked. But don't let you fool into a "I'm totally safe"-feeling, missing updates can be your pitfall, too. Mac/Linux do viruses exist, it's just harder for them to get in.
This article was from the user perspective. If you're responsible for the network of your base, there is even more ... responsibility. complexity.
- This was written at a time where XP was the current version of Windows. Today it is not only outdated, but unsupported. That means, there will be no new updates anymore. The situation, then, is actually even worse: You don't even realise that your computer might have a critical problem. Please use Win7 & Co., or if you can't, use Linux instead.
You say, you never connect your PC to the internet anymore, so you cannot be attacked? This is only true if you also don't plug USB sticks into it or load data from a CD-ROM. Basically, what you have then is a "digital type-writer" with no possibility of exchanging data. If that's fine to you ...