This series of write-ups celebrates the Lenovo Forum's family of volunteer advocates - moderators, gurus and outstanding members of the Forum, who consistently go out of their way to help out in this community through sharing what they know, dissecting, delving and diving into various issues to educate other users and solve one another's problems. We salute and honor your dedication and hard work!
“As a tech enthusiast and student currently learning about IT security, I was really glad to see the recent malware and security special event held in the Lenovo Forums. I had the opportunity to ask and learn from security experts who work at top tier AV / Security companies, professionals involved in supporting others in battling malware, and from other community members. I learned a lot and even got a few things cleared up that weren’t addressed in my classes,” says community member PeterTWJ, in a message posted during our Security and Malware special event Nov 28-30.
The event’s panel of experts featured members from leading AV companies like Symantec, security firm Trend Micro, anti-spyware website SpywareHammer, and several Microsoft MVPs who work in the security field. The group fielded questions about system bugs and all things nasty, discussed common and emerging security threats.
Given the broad range of industry experience and perspectives represented by the panel, it was interesting to explore the contrasts in view. Pieter Viljoen, a Senior Technical Director at Symantec, agreed that, “…running two real-time protection products at the same time is a recipe for trouble”, while offering contrasting views on the direction of cloud based scanning.
A sign of the times, malware concerns on mobile devices surfaced as a hot discussion topic and Aryeh Goretsky, a Microsoft MVP, was first to weigh in on the issue… “as more people use smartphones for payment services, I would expect criminals to look for vulnerabilities in those processes and find ways to exploit them for financial gain as well.” Microsoft MVP Corrine Chorney, who also specializes in Consumer Security, also shared an article she wrote in her blog on Tablet Security and reminded users to ‘only use your clean, secure home computer for online banking, shopping or other financial transactions.” Trend Micro’s Rose Gabillette likewise contributed an articlefrom Trend Labs, noting that smartphones are the next target of one-click billing fraud.
Another hot topic that saw both collaboration and corroboration amongst the panelists was a question raised about the safety of programs that clean a user’s systems. Linda Layton, another Microsoft MVP, shared a checklist for users who wish to use such services, and offered a cautionary tale when using registry cleaners. Likewise, co-founder and administrator of SpywareHammer Allen Weil chipped in and reminded users that “as a general rule, users should never try to edit their registry except under the personal direction of an acknowledged expert. It is horrendously complex, and interconnected. One significant misstep and you may be forced to reinstall your entire system.” Dave Kliros, another Microsoft MVP, reflected on the topic of exploits, saying “there are programs written with the intention to defraud. Some of these have bundled with them, a rootkit which allows its designer to take control of your system… (and that) there are very real possibilities of downloading and installing malicious software under any name, much less disk or registry cleaning programs...or antivirus programs”.
Rounding up the discussion, Trend Micro’s Cyrus Ramos provided an interesting compilation of many tricks hackers use to break into accounts.
At the end of it all, what users have to remember, says co-owner and administrator of SpywareHammer Jim Stables, is “there are going to be times when a PC cannot be rescued from infection no matter what you do. However malware writers gain nothing by destroying a PC. They infect the PC to either use to their advantage (bot nets), to hold your PC hostage and demand a monetary ransom, or to steal your personal information. So they will leave the PC usable. By doing so they leave the user the opportunity to rescue the PC.”