Place your bets against malware

The response to my recent Gearhead and Backspin columns on malware has been amazing! And the range of suggestions has ranged from admit defeat, wipe the system, and start again to fight the good fight and don't give in.

Reader Richard Dowdy was in the latter category: "Don't give in to malware or nuking! I hang my head in shame when fellow techs suggest malware is too tough to remove and a clean install is the answer." On the other hand, he admits that there is an argument for doing a clean install: Economics. "If you are paying the average tech to deal with a particularly nasty infection, a clean install can be cheaper, quicker and, usually, more assured."

Dowdy hit the nail on the head. Whether you are going to fix the problem yourself or have someone else do it, the whole thing comes down to economics: It will be your time (which is, in effect, money) or your money (which is real money).

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

The response to my recent Gearhead and Backspin columns on malware has been amazing! And the range of suggestions has ranged from admit defeat, wipe the system, and start again to fight the good fight and don't give in.

Reader Richard Dowdy was in the latter category: "Don't give in to malware or nuking! I hang my head in shame when fellow techs suggest malware is too tough to remove and a clean install is the answer." On the other hand, he admits that there is an argument for doing a clean install: Economics. "If you are paying the average tech to deal with a particularly nasty infection, a clean install can be cheaper, quicker and, usually, more assured."

Dowdy hit the nail on the head. Whether you are going to fix the problem yourself or have someone else do it, the whole thing comes down to economics: It will be your time (which is, in effect, money) or your money (which is real money).

The other issue, whether you can be assured that you've killed off the malware, is the other big factor. There's no doubt that stripping a machine to bare metal and starting again is the most reliable way to build a safe machine, which leads me back to where I was going at the end of last week's Backspin.

Allow me to repeat myself: We have a world full of PCs running an operating system (Windows) that can be compromised in relatively easy ways that are hard to detect, and there are no reliable ways to unwind changes made by malware if we do find out we've been PWN’ed. . . . And the obvious conclusion is that things are going to get a lot worse.

How could things get worse? People sharing quasi-active content, more compromised Web sites, more software that is badly engineered appearing as market opportunities grow . . . there will be endless opportunities as PCs and the Internet become evermore pervasive.

Now the malware my machine had was apparently not much more than a popup ad server (I hope), but there are countless rootkits designed to steal data such as account names and passwords and credit card numbers.

As the malware vectors increase and infections rise, we can expect identity theft to soar. Forget incidents such as Heartland Payment Systems' very recent loss of 100 million credit card transactions, fraudulent use of malware-acquired personal data will become far more important to the financial world and the government (which could become the same thing in the near future).

So what are we to do? Some kind of "freezing" of existing systems is an option. This ensures that when a system restarts it recreates a known, verifiable configuration that is thoroughly locked down (the kind of control that Faronics Deep Freeze used to provide until an "unfreezer" was created in 2005). I suspect that hardware support will be needed for this to work reliably.

A second option will be to switch to more easily secured systems. Linux is, of course, a prime candidate. As reader Brandon Sussman commented: ". . . Ubuntu 8.10 is scary easy. For grannies in New Zealand, children in Spain and maybe even power-users in Manhattan."