Basic security rules under Windows

• Run your session as a “user”, don’t ever run your session as “administrator” if you don’t need it
• Read your emails as plain text, HTML emails could contain bad code (and write as plain text as well, I cannot stress this more : emails were not designed for HTML !! Screw you with your incredimail and the like !!)
• Run a firewall and antivirus on your workstation
• Regularly try to download the test virus from eicar.org to see if your antivirus software is still running (viruses usually take over protections on your computer)
• Use Mozilla Firefox and Mozilla Thunderbird instead of Internet Explorer and Outlook Express
• Don’t forward emails with your 50+ recipients disclosed… dang, please use BCC (this rule also applies to a 10 recipient forward eh)

By just running your session as a user, you’ll stop 99 % of the viruses of spreading across your machine. Working as power user doesn’t help, 90 % of viruses will still get through.

Playing games as well as some programs may require administrator privileges to run properly.

Who is to blame ?

• Microsoft for not stressing the principles of administrator vs user privileges for the sake of ease of use
• Poorly designed software requiring administrative privileges while it could run without
• Script kiddies (e.g. : boyfriend spying on her girlfriend with a keylogger, this is so lame)