But what can I do to protect myself, the "small office, home office" user, from the evil hacker that will attack XP computers, like a maniac, from now on?
First, you need to relax and to understand that you have never been completely protected anyway, unless your computer is not connected to the internet and you don't bring any files from the outside world, which is quite unlikely these days.
At most, you have been as protected as possible in a particular moment of time (and few minutes later you could have been exposed again by a new threat that no antivirus could catch for few days, before the next update).
So, we can continue to do our "best effort" in protecting our XP computer, as follows:
- Install an antivirus and keep it updated.
(In fact, if you had no Windows antivirus installed until now, please ignore this whole writing and Micro$oft's urge to switch to a newer operating system. It either means that you're an incredibly careful user, or that your don't care if you computer is already infected and you find "normal" the way it behaves.)
When choosing an antivirus, ignore the marketing crap they throw at you and pre-installed trial versions that came with Windows, and ask yourself relevant questions like: what antivirus has the best detection rate? (i.e. which one finds the most of the viruses in the wild)
You can search the net for this and you'll find out there are some independent testing bodies that test periodically the detection rate of all antiviruses on the market. Here is one but do your own homework. Then choose an antivirus that is in top 3 each month.
- Sometimes, antiviruses cannot detect annoying malware (like that one that hijacks your home page in your browser). For this, there is a different category of programs, named anti-malware.
Malwarebites anti-malware has (also) a free version for home use, that had great results for disinfecting already infected Windows, but I'm sure there are some others with good results out there. Beware though that some anti-malware programs are in fact malware themselves... so research a bit to see if it is legit or not, before installing.
- Backup your files now and then (or even regularly)
Don't overwrite the last backup with the current one, better keep 2-3 backups on your backup disk or usb stick; if the last backup is compromised by viruses, at least you'll have the one before that's clean.
Simply copying the files onto a stick from time to time is the basic form of backup but you can also use free tools like Micro$oft's SyncToy. Also, keep in mind to backup your emails and your browser history, bookmarks and saved passwords. Do a bit of research to learn out how for your specific set of programs.
- Have a firewall installed.
If you're at home and using a router given by your ISP, then probably you already have a firewall on that router and you're protected, since they come preconfigured this way.
- If on the road and connecting to various hotel/airport/public networks, then you should install your own firewall product or, at least, activate the one that comes with Windows.
Test your firewall by searching for "online firewall test" on the web. My choice is the one at Gibson Research Corporation (choose "Shields Up!" service, then click "Proceed" button and test your "Common ports" or "All service ports") but you can use others too.
- Use anything but Internet Explorer, use anything but Outlook.
Firefox and Thunderbird to name two, are as intuitive to use as their Micro$oft counterparts (if not more), and inherently more secure.
Maybe even use OpenOffice (or LibreOffice) instead of Microsoft Office? I'll write more about this and Linux in another post.
- Finally, educate yourself NOT to:
- enter websites that are not well known (unless your XP installation is not so important for you and you keep it mainly for these purposes)
- click "yes" or "OK" or "Download" buttons in any popup window offering to install search bars, emoticons etc. You can surely live without any of those.
- double click any files received by email or any messenger, if you don't expect them, even if they come from a known friend. If your friend's computer is virused, it might be that the virus sent himself to you by email, without the human suspecting anything.
So, save the attachment somewhere first and then right click on it and scan it with your antivirus. If ok, you can open it.
- double click any executable file received by email or any messenger. I'd suggest you simply delete that email; almost nobody should send you executable files these days.
So, my proposal to all of you having Windows XP is: respect the above and resist the emotional pressure induced by the media to upgrade XP. Just out of curiosity (and for the sake of "science"), let's see how much time can we resist spending additional money if we're happy with what we have now.
Think about it this way: If you switch now to Windows 8, it means you have to reinstall your computer and change your habits. Postpone this operation until something starts to go wrong indeed, if ever.
Need more incentives? For those more frugal, like me (and I know there are some out there), here are some direct costs for switching to newer Windows:
- An upgrade from XP to Windows 8 costs 120$ but your computer might not support it or can become be very slow after, that means they push you implicitly to buy a new computer.
- A new laptop that has the hardware for windows 8 (and windows 8 pre-installed) starts at of 446$ on Amazon.
- A full Windows 8 license (no upgrade) costs around 120$.
- Office 2013 Home and Business costs 279 $ whilst professional (with Access) is an incredible 500$ !!!
Depending on community response, I intend to build a small website where XP users can record their achieved XP afterlife duration, i.e. how many days/weeks/month/years their XP computers worked ok even if updates were no more provided by Micro$oft.