Hi there! You are currently browsing as a guest. Why not create an account? Then you get less ads, can thank creators, post feedback, keep a list of your favourites, and more!
Alchemist
Original Poster
#1 Old 19th Apr 2019 at 11:47 AM Last edited by Sunrader : 19th Apr 2019 at 12:14 PM.
Default Protecting Yourself in a Post-Windows 7 World
In another thread, we were talking about the end of support for Windows 7 and the pop-up notification that some users got from Microsoft, warning users that Windows 7 machines are insecure and Windows 10 on a newer machine is the best option. Many simmers, however, may want to keep using Windows 7. Some players are concerned about their computer's security, suggesting that Windows 7 machines need to be taken offline. Others say they haven't used Windows updates for a long time and use other methods to protect themselves.

I'm one who hasn't updated Windows 7 since 2015, who has traveled extensively and been forced to use insecure wifi and share risky files for work, but has still successfully protected my computer from malware and viruses. Yes, it's always possible that tomorrow some new threat will get through my well-thought out layers of security, but there's no evidence of greater risk to my system at this point with Windows 7 support ending. Still, I feel it's not helpful to people who might want more information to just say "my computer's fine" or "I'm happy with Windows 10." I'm proposing that in this thread we get more specific and informative.

If you are protecting yourself, what are you doing that others can benefit from? If you're worried about a security threat that you feel you need Windows 10 for, what threat is it and what does Windows 10 do about it? If you don't know how to protect yourself, but want to, what do you do now and what do you need to know?

We have a great community that depends on sharing. But, over and over, studies show that the user is the most significant security risk, not the OS or the specific method of attack. I'm suggesting we talk specifics about what we can do to be safer users.
Advertisement
Theorist
#2 Old 19th Apr 2019 at 3:23 PM
Well personally I run Windows 8, so I don't have that problem yet. However at some point I do plan on upgrading to a newer version, it is possible to get Sims 2 to run on Windows 10.
However that are just my personal plans and I agree nobody should be forced to upgrade or change their hard/software if they don't want to.

I agree that the highest risk factor in protecting a computer against malware is the user themselves. Now I'm not very knowledgeable on the whole matter of malware, I just know what I picked up over the years and I'm very sure there's probably a lot of stuff about it, the internet and the inner workings of a operating system that I'm blissfully unaware of.

Still, the most important thing, I'd say would be to stay safe on the internet, just like we stay safe in everyday life. It's, for example a good idea for a user to inform themselves about what malware is, how it spreads and so forth: https://www.uscybersecurity.net/malware/
Then there's the usual stuff; don't click on links were you are not sure where they might lead, don't click on ads/popups in your browser, use ad-blocks on sites you don't trust. Have a good firewall, anti-virus/malware program.
And if you download something, try to get it from the official source and know what files you should be expecting. That last one is also true for Sims stuff. If you download CC for Sims 2 you should expect to get package files, alongside maybe a few pictures and/or a readme and NOT, for example, an executable.

Also, even if you get malware. As seen in the link above not all of it automatically means your PC re-enacts the destruction of Pompeii. Some malware is just "annoying" or hampers your system and/or user experience in some way. A lot can be removed by anti-malware programs, a lot can be removed by the user themselves with the help of various online guides.

And, of course it's always a good idea to create, and regularly update, external backups. So even if your computer is lost (to malware or hardware failure) you still have your personal files.

Avatar by MasterRed
Taking an extended break from Sims stuff. Might be around, might not.
Forum Resident
#3 Old 19th Apr 2019 at 3:30 PM
The general risk for using Windows 7 after the support has ended is obviously that any newly disocvered exploits, backdoors etc won't be fixed, leaving the machine open to malware attacks. This sounds pretty bad, but the chances of it happening aren't that high. At this point, most security risks should have been discovered and fixed in the time since Windows 7 was released. Windows 10 provides a more interesting target for hackers, since it's newer and probably has a higher amount of users by this point than Windows 7.

There are a couple of general things you can use to protect yourself, which you should be doing anyways. Most people here will probably be familiar with them, but it's a good start. Remember, in almost every case, an unpatched exploit still requires the user to actively perform an action like downloading malware or giving away their passwords before anybody can make use of it.

Most important of all, Antivirus software. Get something with good reviews and support, avoid the free ones because, well, you usually get what you pay for. I've been using Norton 360 for over a decade now, and while it's not perfect, it does its job. May main complaint would actually be that it does its job too well and has sounded the alarm several times on files that I knew were safe.

There's also general safety precautions. Don't download things from weird sites. Especially if you're going to download some less legal stuff, make absolutely sure you don't end up with malware. Scan your files, trust your gut instinct if anything seems fishy.

You're definitely already familiar with spam mail. Never answer them, don't download any attachments, don't click on links. It even pays off to think twice before you click on a link from a familiar source. My mom's mail adress was used to send out spam with a link once. The reason I noticed it? She has never in her life sent out mails containing a link without adding the phrase "Looky here!".
Undead Molten Llama
#4 Old 19th Apr 2019 at 5:40 PM Last edited by iCad : 19th Apr 2019 at 6:02 PM.
VPN. Firewall. A good, reputable antivirus -- meaning probably NOT what came with your computer. Anti-malware software, again probably not something that came with your computer. All third-party so that you're not dependent on Microsoft. Keep it all updated -- usually you have to do updates/scans manually if you're using free software whereas if you pay it'll do stuff automatically; otherwise free is every bit as good as pay for the basic protective functions -- and don't do moronic things online like giving your bank account info to princes in Nigeria. If you download any software, pay attention to the install screens so that you don't install anything that you don't want along with what you DO want. Be wary of stuff that's behind (for instance) Adfly links. (Although if you've got all of the above, you're probably OK with that, so long as you don't click on any of the ads.) That's all you need to do. I use Win 7 that hasn't been (and won't be) updated since I bought this computer a couple years ago. Before that, I had similarly un-updated Vista long after MS stopped support for it. I've used unsupported operating systems on other machines, too -- including the one that I do business-related/banking stuff on -- and I've never had any problems. One is still running WinXP without problems. There is no Win10 in my household other than on my husband's gaming rig because although he doesn't like the OS at all -- way too resource-wasteful, among other things he mutters about, in his snobby-nerd opinion -- but his shiny graphics card likes Win10 and pretty much not anything else. Anyway, I've never gotten so much as a "Potentially Unwanted Program" on this machine or any other.

That said, if you're smart, you should do all of the above if you're online using ANY operating system, supported or not, on ANY computer, PC, Mac, or mobile. If you don't, you're vulnerable even if you're using the latest OSs. Mobile devices are especially vulnerable, from what I've read.

I'm mostly found on (and mostly upload to) Tumblr these days because, alas, there are only 24 hours in a day.
Muh Simblr! | An index of my downloads on Tumblr.
Alchemist
Original Poster
#5 Old 19th Apr 2019 at 6:36 PM
All the great advice here about not clicking willy nilly on things or answering the emails of Nigerian princes, plus I'd also add, for other types of issues, I also use a VPN, especially when banking or on a risky wifi connection. I used it extensively in a country where my connections were said to be monitored and, of course, it comes in handy for those country-specific sites you might want to use.

I've said before, I really trust Emsisoft for great protection against all sorts of viruses, malware, trojans, and worms. It was the only one that found a rootkit I picked up, also working abroad. I also had several years of sharing files via USB with people who had no protection. Every single time that USB drive came back, it carried something that needed to be cleaned/reformatted, but the computer was protected by Emsisoft.

I also use a password manager because I just had one too many times worrying that I'd lose, forget, or reveal an important password. Once I had to hand my damaged laptop over to a unknown repair shop in India, and I couldn't sleep knowing that some of my passwords were in my browser and even in a text file somewhere on my hard drive. That finally did it. I've loved having a password manager and no problems for years, now.

I don't let anything update, am careful when installing, and avoid any software that is too intrusive or tends to spy on us... It sounds a bit paranoid, like I'm always worrying or being super careful, but it's not like that. All this stuff has been carefully chosen and set up over the years and now pretty much runs itself and I have habits of use that are just second nature, so it's no trouble, really.

For the phone, I've lost them in foreign countries and such, so I don't ever put financial data on my phone, which is a tad inconvenient, but I feel better. I do have the same Emsisoft protection on it and it's set up to be wipe-able if I lose it.

I'd love to hear more suggestions from more knowledgeable simmers, as well as concerns from people who do like updates and support, and questions from anyone who might want to know what the heck a VPN is, anyway.
Undead Molten Llama
#6 Old 19th Apr 2019 at 9:20 PM
In order of decreasing importance, IMO, because I have all of these layers and nothing's ever gotten past the VPN + firewall:

VPN (It's pretty easy to find out what a VPN is by Googling. ) Mine is always on, has military-grade encryption, and I have about a dozen different proxies I can choose from, if I want to. (Like if I want to watch stuff on the BBC's site and need a UK IP to do so. ) It was set up by a local private company like 20 years ago, but there are many services out there online that can get you set up on one. They are not free, but they're usually not that expensive. $5-10 a month or so, and usually with that you get coverage for 5-10 devices. If you need just a single device, you could probably get one even cheaper, but most people seem to have a computer of some kind plus a mobile device...and I would especially use a VPN on mobile devices if you do anything remotely sensitive on one. A lot of security-sensitive people I know use NordVPN.

For firewall, I've used Comodo for many years and have always been happy with it. I haven't looked for others lately because, frankly, this one works on WinXP, and I do still have a machine running that. It has a paid version, but I use the free one. (The paid one just adds support and antivirus software, neither of which I need.) IMO, especially if you're not on a VPN, everyone should have a third-party firewall (meaning, separate from Windows's native one), as your firewall is your first line of defense if you don't use a VPN, and frankly I would never want to be reliant on MS (or Apple) for that. If you don't know what a firewall is, Comodo has a basic explanation on their site .

For antivirus, I used the free version of Avast for many years and never had any issues. Its more recent versions, though, became sort of intrusive, with taskbar popups nagging me to switch to their paid software that has a bunch of extra features that I don't want/need because it's covered by other software that I already use. So, now this machine has ESET NOD32 on it, a paid version from several years ago, before THEY added a bunch of stuff I don't want/need. It's kinda nice to not have to update/scan manually. That would be the only reason I'd recommend paying for an antivirus program rather than using a free one. ESET has a gaming mode that doesn't interfere with game files, as does Avast; not sure if all antivirus software has that. I suspect not since some people report issues with antivirus screwing up their game.

For anti-malware, I use Spybot (which prevents infection if anything manages to get through the VPN, firewall, and antivirus) and Malwarebytes, which scans for and removes malware when found. The free version of both is good enough for me because I have so many other layers of protection that nothing's ever filtered down to the antivirus level, much less anti-malware, and most of the additions that the pay versions have are already covered by other programs, but YMMV. I update these probably less frequently than I should but, like I said, it's unlikely that anything's going to make it through to this "level," so to speak.

I'm mostly found on (and mostly upload to) Tumblr these days because, alas, there are only 24 hours in a day.
Muh Simblr! | An index of my downloads on Tumblr.
Lab Assistant
#7 Old 19th Apr 2019 at 9:24 PM
When it comes to security I can be somewhat paranoid.
I would say my first line of defense is my web browser it's a fork of FireFox a bit outdated but there is a reason for that new versions do not have the cookie blocker I like (It asks me if I want to accept a cookie or not). Much like FireFox it also has about:config and add-ons like Adblocker and Noscript

COMODO to me is the best firewall because once again it asks me if I want to allow any connection to the the internet the best thing about this is if I see something suspicious I can block it then start trying to find out why it was trying to connect plus I can use it to block MS apps.

Online apps are the main reason I hate win10. Think about why do you need apps like Facebook and YouTube when a browser can load both? the only reason that I can think of is to bypass user security systems thus adding a direct link to all spam and tracking cookies anyone could ever want. Didn't they use to call that a trojan. The same goes for origin and steam if they won't let me use a browser then I will stick with CDs and GOG.

I also avoid online installers so offline installers can be tested in an isolated environment first.

I would like to say something about what I call OS skipping When a computer is designed it is built for the latest OS at that time now if it is a good system it might can handle one upgrade but not two.
Example: a computer built for winXP might be okay with Vista but win7 will probably never work right
So a win7 computer could be okay with win8 but probably not 10
The worst case I ever saw was a computer built for DOS and someone crammed win98 on it. This put to much stress on the aged hardware and within two months the mother board burned out.
Mad Poster
#8 Old 19th Apr 2019 at 11:13 PM
I've used AVG for years. I upgraded and bought multiple programs from them for some redundancy. I got a good VPN and a good fire wall. I think those are the most important, along with a good virus program.

"Fear not little flock, for it hath pleased your Father to give you a kingdom". Luke 12:32 Chris Hatch's family friendly files archived on SFS: http://www.modthesims.info/showthread.php?t=603534 . Bulbizarre's website: https://archiveofourown.org/users/C...CoveredPortals/
Meet Me In My Next Life
#9 Old 20th Apr 2019 at 4:32 AM Last edited by Simonut : 20th Apr 2019 at 4:59 AM.
@Sunrader I do thank you for this topic, but don't you think it could have been added to my "original topic" about window 7 which could have "all" been in one thread post here https://modthesims.info/showthread.php?t=626312
Some of the members in that original post did speak on how to protect themselves. You also mention yourself that you use Emsisoft for protection in my post or thread. Maybe I am wrong but I just think with your post it would have save a lot of back and forward of reading members views instead two similar post talking about Window 7 all I see is the different in title about this subject, but basely it's about window 7 ending and what next.
( But it's ok carry on ) I still enjoy reading what here and there.

"Nothing in life is a Surprise it just happen to come your way at the time".
Mad Poster
#10 Old 20th Apr 2019 at 6:20 AM
I use a different browser, Pale Moon, which eliminates any browser exploits on Explorer/Chrome. It runs off the same base as Firefox, but it isn't Firefox. It has most of the same plugins, and I think those browser plugins are probably the most important thing I do for safety that hasn't been mentioned above.

Simply, if I don't know why I want to allow any particular script to run on a given site, I don't run it. No Facebook scripts, no Twitter scripts, no Tumblr scripts, unless I'm on that site, and I close my browser between clusters of sites--so I might look at simblrs all while letting the tumblr and the cedarexis scripts run (I think that's what it is) but then close that window and open a new window before I check livejournal blogs. My credit union is the only site I let run everything it wants to. I figure if they have bad judgement their butts are in the hot seat, not mine.

My adblock is always doing its thing.

Pics from my game: Sunbee's Simblr Sunbee's Livejournal
"English is a marvelous edged weapon if you know how to wield it." C.J. Cherryh
Scholar
#11 Old 20th Apr 2019 at 10:35 AM
While I endorse only using operating systems that are currently supported with the internet, I also advocate other security methods that are more or less operating-system agnostic. Most of these have already been mentioned in plenty of detail by previous posters - thank you, everyone, for contributing.

- My travelling computer has only limited interaction with the other computers I own (basically, it gets checked over with independent anti-virus once it arrives home, and I never leave the room while it is doing this).

-

- I have multiple anti-virus programs. At the moment, that means AVG and Avast! on different computers as my "active" option, and a portable suite of on-demand tools that live on a USB stick and my desktop computer, ready to be deployed if there's an issue. That way, I can triangulate weird stuff happening on my computer. This was handy in 2001. My entire family's computers got infected with a new worm that none of our default anti-virus software had spotted. However, I spotted it from the strange behaviour of my computer and got enough of a clue from my secondary anti-virus program about what was going on so that Dad could research the solution from a non-networked machine. The secondary anti-virus was able to quarantine the (at that point 10) files that carried the virus. Because I'd been assidious in blocking and reversing all odd activity on my computer and refused to put the computer onto the internet again until it was fixed, I lost only those 10 files, which I was able to restore from an earlier backup. Unfortunately Dad and my brother had to reinstall their machines completely because they'd been dependent on their active anti-virus (that didn't recognise the new worm's signature) and didn't think enough of.oddities such as sudden slow loading of their computers and files suddenly acting strangely. (We never established who caught the worm first; there was reason to suspect all three of us).

- If I'm *really* unsure about a program, I sandbox it. Dosbox is a type of sandbox and so are virtual machines. As well as Dosbox, I have a sandbox for Android programs, though it's been a while since I've needed it for anything.

- Don't give out unnecessary information on the internet - and if the site is untrustworthy, consider that all information might be "unnecessary".

- Separate email aliases for companies and regular internet use, and a separate end-to-end encrypted email for trusted friends.

- If I notice my anti-virus icon has appeared in the system tray, I give it my immediate attention - either it's started a major scan and I should expect slowness, or it needs my attention (for a caught virus/malware or because something's tried to turn it off).

- Ensure there is a firewall and anti-virus at all times that the internet is connected. If I wish to turn off either for any reason, I disconnect the internet first (if nobody else is using the internet, by physically turning off the router!), and only reconnect it after I've confirmed both are on again. Similarly, I refuse to open any browser until I've seen the little icon that indicates my anti-virus and firewall are active without errors.

- I have a privacy filter extension installed in addition to ad blocking (browser and third-party) and a separate script defence plugin, because ads sometimes get injected with malware. One site need to use on a semi-regular basis cannot run on an adblocked system (it's also the only one requiring Flash), so that is loaded with a different browser that has much more restrictive settings (for example, downloading is completely blocked except for those cookies placed with my permission on the other browser, whereas on my usual one it asks for permission except for automatically allowing first-party cookies).

- To explain, a first-party cookie comes from the site. A third-party cookie is from someone else, that the site gives anyway (most often due to advertising but occasionally for other purposes like site analytics).

- I take warnings about certificates and the like seriously (but also consider the nature of the site). If I am unsure, I ask for an update from the site administrator (some of the sites I use are tiny).

(Paranthetically, I am more surprised the OS skipper Darkwolf Jr who went from DOS to Windows 98 without upgrades managed to run it at all, than the part where the motherboard burned out).
Alchemist
Original Poster
#12 Old 20th Apr 2019 at 12:46 PM Last edited by Sunrader : 20th Apr 2019 at 1:02 PM.
Quote: Originally posted by Simonut
@Sunrader I do thank you for this topic, but don't you think it could have been added to my "original topic" about window 7 which could have "all" been in one thread post here https://modthesims.info/showthread.php?t=626312
Some of the members in that original post did speak on how to protect themselves. You also mention yourself that you use Emsisoft for protection in my post or thread.


I didn't want to hijack your thread, Simonut. I was hoping people would go off into specifics about how to protect themselves and that might stray into VPNs, password managers, how cookies work, and Nigerian princes.... If we're lucky people will debate the merits of the different malware protection programs... the disadvantages of automatic updates... search engine bubbles.... If people who really believe in Microsoft come in or people who really don't know how their computer works start asking questions, it could range pretty far afield. I thought it should be a different topic from one that has a lot of posts saying I'm sticking with 7 and I like 10.
Instructor
#13 Old 20th Apr 2019 at 1:02 PM
For me, I haven't had a problem running on Windows 10. Having a solid state hard drive and a ok graphic card (AMD Radeon 5450) I'm doing ok. I have more problems with the game itself than the OS System, but nothing that I haven't been able to fix with the 4GB patch, Stand-By Memory fixer and Graphic Rules Maker. Windows Defender does run scans in the background, but it never seems to slow down my game. Before when I used to run the game on Windows Vista long time ago, I had one problem after another. I had virus protection first from Norton's then switched to AVG. But found out that software took precious resources to run the game and my game would crash a lot. So learning to live with the Microsoft Anti-Virus and keeping it up to date is not a bad thing.
Mad Poster
#14 Old 22nd Apr 2019 at 12:53 AM
Oh, I never install updates automatically. I always review them every time Windows informs me (or Adobe, or Pale Moon, etc) and consider whether or not that's an update I want. Thus I didn't get hit by the update auto-installing Windows 10 on Windows 7 computers.

AVG has been pushing Chrome as a default browser the last few updates. I uncheck those every time.

Another thing to keep in mind is where you go on the internet. A lot of people would avoid a lot of trouble if they didn't click the enticing link. Remember if it's free on the internet, you're the product not the customer, and conduct yourself accordingly. The customer is whoever's paying to show you those advertisements, and do you really trust them?

Pics from my game: Sunbee's Simblr Sunbee's Livejournal
"English is a marvelous edged weapon if you know how to wield it." C.J. Cherryh
Back to top