.comment-link {margin-left:.6em;}

filling the void

Monday, October 11, 2010

Drive-by downloads

I consider myself a fairly computer savvy user. I block ads via my hosts-file, I don't click on untrusted links, i don't run flash except by whitelist, I don't click on punch the monkey. I've never had any viruses, never been infected with any trojans. Until today. Today, I got the "AntiVirus 2010" virus. It's a variation of the other similar viruses that circulated in 2009 and 2008. It basically shows fake virus alerts, prompting you to buy the full version to clean all the fake viruses off your system. Obviously, the only virus, is "AntiVirus 2010".

I was very surprised to get this virus, as I'm a firefox user. I always keep both my windows installation and my firefox installation up to date. I thought I was immune to this crap. I was wrong. I got it by means of a drive-by download. I was visiting fairly innocuous sites, looking at some pictures, and them BAM, out of nowhere, this thing is already downloaded and installed on my machine. There are .exe files everywhere, and it lives in my system tray. I never saw a dialog box or anything.

Perhaps it's my own fault, for not running any anti-virus, but quite frankly, most anti-virus solutions are total fucking resource hogs, and since they are only actually useful in extremely rare cases, they are a total waste of money and cpu cycles (hey, run-on sentence, what the hell, man?).

So I ask you now, what can I do to prevent this shit? Obviously the bad guys are getting smarter and the good guys have their hands full. Clearly being up-to-date is not sufficient anymore. I've installed no-script, but last time I did, I got so frustrated with how bad the internet worked, that I simply disabled it. I guess we'll see how long it lasts this time.

Labels: , , , , , , , ,