There’s an impression among even savvy Internet users that avoiding the seedier side of the ‘net — porn and pirated software sites, for instance — will protect you from most viruses, Trojan horse programs, and other malware. But while most web-borne malware is from such sites, even sites that should be completely trustworthy, like the Miami Dolphins football team’s, or the Mercury music award site, can be (and have been) compromised.

That’s why smart geeks use Firefox with the NoScript extension, pay careful attention to what information they give out and who it’s really going to, always keep their systems up-to-date, and browse from a Linux system whenever possible.

Even though viruses, Trojan horse programs, and other malware for Linux is growing (though nowhere near as quickly as for Windows, as pointed out on that page), Linux isn’t nearly as vulnerable to it. Even a zero-day vulnerability in a critical Linux system is harder to exploit, and has far fewer security implications, than under Windows, due to the more secure basic design. Quoting Steve Gaines, technical director at Novell: “A Linux desktop fixes the majority of problems associated with Internet access by not giving root access to general end users. Without such access, malware has little or no chance to gain a toehold in the system.”

(I’m also checking out the Firekeeper extension; more on that in a future entry, if it seems to be worth mentioning.)

Be careful out there, friends.

A paranoid is someone who knows a little of what’s going on. William S. Burroughs