Blocking malware at the operating system level

In recent months I’ve been recommending that everyone run Adblock Plus with the malware domains subscription, to get extra protection beyond what your antivirus/antispyware suite can give. Given a choice between detecting and blocking bad stuff, or not downloading it at all, it’s much better to not download it at all.

There are some downsides to this. Adblock Plus uses a fair bit of memory. It’s tolerable on my desktop PC with 2 GB of RAM, but less so on my netbook with 1 GB of RAM. And if you have to use a browser that doesn’t have a compatible version of Adblock Plus available, you’re unprotected.

The solution is to block at the operating system level, using the hosts file.

Here’s a script that does it, with instructions.
http://www.ericphelps.com/scripting/samples/Hosts/index.htm

But I know of one malware site list that his script doesn’t use: http://www.malwaredomainlist.com/hostslist/hosts.txt.

Read more

Hey! I’m famous!

I got mentioned in a post about Adblock Plus on Lifehacker.

In a comment about something else, I mentioned that you should install Adblock Plus and turn on the Malware Domains subscription to give yourself protection beyond what your antivirus software does. If intercepting bad-guy software is good, not even downloading it in the first place is better.

I guess someone liked the advice.

Another site listing spyware-free software

Generally speaking, I tell people not to install free software on a computer anymore unless it’s licensed under the GNU GPL or another similar open-source license, because open-source software is the only type of software that has any high degree of likelihood of not containing adware or spyware or other malware.

The problem with that advice is that the people who know what it means probably already follow it, and if you follow this Farquhar’s Law (there are many) to the letter, you miss out on gems like Irfanview.I’ve recommended the Tinyapps.org web site for a long, long time, but some jewels like Mozilla are much too big to qualify for that list.

Enter Cleansoftware.org.

While neither list is likely to have every safe, free application available, checking those sites for software that does what you want gives a broader range of choice than simply making a blanket statement like “Don’t install anything that isn’t Free (as in speech) Software,” or “Don’t install anything that isn’t GPL.”

If you want software that you can copy and redistribute and, if you wish, modify, with little or no restriction, then of course your best bet is to check out Freshmeat.net and look for software with a license that’s OSL approved.

Contrary to what it may seem, strings-free freeware isn’t a totally lost art. You just have to look a little harder these days, that’s all.