Get Your Virus Vaccination
I don’t want to alarm anyone, but if you download files from the Internet or exchange floppy disks with other people, your computer is at risk of catching a virus.
How big a risk is another matter.
Maybe I’ve been lucky, but in the many years that I’ve been using personal computers, I’ve downloaded thousands of files and have encountered a virus only three times--the last time about two years ago. None of them, as far as I could tell, actually did any damage to my computer or data and, in each case, an anti-virus program was able to detect and remove it. None of the viruses came from programs I downloaded from a variety of bulletin boards, online services or Web sites. One came from an infected floppy disk I inserted in my computer. The other two were Word macro viruses that came from Word files sent to me via e-mail.
Just because I’ve been lucky doesn’t mean that you won’t get a virus that does some harm to your PC, which is why I think it’s prudent to use an anti-virus program like Norton AntiVirus from Symantec (https://www.norton.com) or McAfee VirusScan from Network Associates (https://www.networkassociates.com).
It’s very hard to estimate the actual likelihood of catching a virus. A lot of users who think they have a virus actually have something else wrong with their computers, and those who do have viruses may have no idea that they’re infected. Using a virus program is like locking your door. If you leave it unlocked, chances are good that nothing bad will happen. And even if you lock it, it’s possible that someone might break in. But, like a lock, a virus program is a cheap insurance policy.
A study of 300 corporate sites conducted by the International Computer Security Assn. (https://www.icsa.net) concluded that there were “86.53 [virus] encounters per 1,000 machines per year over the survey period,” up from 62.5 in 1997. The study was funded, in part, by companies that develop anti-virus software, and the respondents were limited to companies that have in-house “computer virus experts,” who are clearly more sensitive to the issue than most computer users.
Rob Rosenberger, who operates an excellent site (https://kumite.com/myths) dedicated to dispelling computer virus myths and hoaxes, doesn’t fault the ICSA’s survey methods, but he does question the credentials of so-called virus experts. “You don’t know who they are other than that they claim to be a virus expert,” he said.
Though critical of the hype and paranoia that’s been spread, in part, by the anti-virus industry, Rosenberger acknowledges that viruses pose some risk, and he recommends using an anti-virus program.
The anti-virus industry has been guilty of scare tactics, greatly exaggerating the risk. In 1992, the media were filled with stories about the destructive “Michelangelo” virus that was destined to affect millions of computers on March 6 (Michelangelo’s birthday) of that year. But relatively few computers were affected, causing some people to discount the risk altogether. The leading anti-virus software makers have lately been more restrained.
Still, companies that make anti-virus software like to point out that thousands of new viruses are created every year. Carey Nachenberg, chief researcher at Symantec’s Anti-Virus Center, estimates that there are between 20,000 and 40,000 known viruses, but the overwhelming majority of them exist in labs and have never been confirmed to have infected anyone’s PC. In August of this year, only 225 viruses were known to be “in the wild” (verified as having infected PCs at at least two sites), according to a tally posted on the WildList site (https://www.wildlist.org).
Just because a virus infects a computer doesn’t necessarily mean it will do serious harm. While there are viruses that will totally erase your hard drive, some are designed to simply put up a message, such as “Your computer has been stoned.” Others may slow down your machine, eat up memory or waste hard-disk space. This isn’t to dismiss the more benign viruses as harmless pranks. All viruses are unwelcome trespassers, and even viruses that aren’t designed to do damage can have destructive side effects, according to Nachenberg.
Complicating the issue are the myths and hoaxes that lead people to believe they may be more vulnerable than they are. Every few months I get a batch of forwarded e-mail messages warning users to be on the lookout for a so-called e-mail virus. The messages typically contain warnings not to open certain messages with subject lines like “Good Times” or “Hacky Birthday,” lest you unleash a virus and wipe out your hard drive or “severely damage the processor.”
Such warnings are hoaxes. You can’t get a virus just by opening an e-mail message, although you can get one by opening an infected Word or Excel file or program attached to a message. Rosenberger’s site and Symantec’s AntiVirus Center Web site (https://www.sarc.com) have lists of known hoaxes.
One way to guard against Word or Excel viruses is to be sure the software’s built-in macro virus protection feature is on. This won’t confirm there is a virus, but it will tell you if the file has a macro that could contain a virus. In either program, go to the Tools menu, select Options, click the General tab and be sure that the box that says “Macro Virus Protection” is checked. Leading anti-virus programs scan all files and determine if they have a known macro virus.
Another myth is that you can get a virus just by surfing the Net. Though it is theoretically possible for a Web site with a Java or ActiveX application to damage your PC, the likelihood is extremely low, according to Nachenberg. “A Web site that spread such a virus would be quickly identified by users or security experts, and action could be taken against them.”
Both Netscape Navigator and Microsoft Internet Explorer are designed to warn you if they encounter a page with an application that could possibly do any damage. Java applications are designed to run in a “sandbox” where they can’t affect data on your hard drive. ActiveX applications are supposed to be digitally “signed” so you know who created them.
Yes, there are potential flaws in both systems that can be exploited by sophisticated hackers, but the odds of it happening to you are extremely low. For more information, Netscape users should click the Security icon on the tool bar. Explorer users should click on the “Using Security Features” link from the program’s help menu.
If your PC isn’t connected to a network, if you primarily use it to run commercial software or programs you download from reputable Web sites, and if you never exchange floppy disks, open other people’s files or use software from unknown sources, your odds of contracting a virus are low. But why take a chance?
*
Lawrence J. Magid can be reached at magid@latimes.com. His Web page is at https://www.larrysworld.com. On AOL, use keyword “LarryMagid.”
