ops 201 reading 14 - ElodieReb/reading-notes GitHub Wiki

Reading Notes for Class 14, Self-Paced Ops 201

Objective

Today's reading is relevant to what we are studying in lecture as it gives an overview of how to detect malware on a Windows computer and how to go about trying to remove/recover files once the system has been infected.

Reading Comprehension

Title = How to remove malware from your Windows PC

  1. What are the main differences between anti-virus and anti-malware software? Antivirus programs protect against more established threats, like the traditional worms, viruses, and Trojans. Anti-malware specializes in newer exploits, like polymorphic malware and zero-day malware. Antivirus programs are good at protecting against more predictable, dangerous malware. (Source: Anti-Malware vs. Antivirus: What You Need to Know)

  2. What are some signs or symptoms that may indicate a malware infection on your PC? Slower-than-usual performance, a sudden spate of pop-ups, and other anomalous issues are usually indicators of a malware infection on your PC.

  3. Explain the difference between a full system scan and a quick scan when using antimalware software. A full system scan takes a broad look at your whole system, presumably looking for more common signs of a malware infection, whereas a custom scan takes a more in-depth look at specific applications/programs. The custom scan can take much longer than the quick scan.

  4. What should you do if your computer is infected with ransomware? If you can't remove the malware or if Windows isn't working properly, you may have to reinstall Windows. Before wiping the hard drive, however, make sure to copy all of your files to an external USB or flash drive. You should also back up your device drivers.

  5. Compare and contrast malware removal techniques in Windows PCs with those in other operating systems like macOS or Linux. How might these different approaches reflect the cultural values and priorities of the technology users? The biggest differences between OSs when it comes to key security features are their anti-malware tools, sandboxing, system protection, and codesigning. Windows ranks best for Anti-Malware. Windows and MacOS both sandbox (isolate) apps installed from their own app stores, and Linux has the capability to do so, so long as the user takes to setting it up themselves. Windows, Linux, and macOS all make use of codesigning (authenticating that an application or process has come from the source it says it has come from), however, Linux misses on the extra security that the other two have of codesigning not just on installation but also on the first run of the application. MacOS has the greatest advantage in terms of system protection as it has built-in protection from rootkits and malware that try to modify/replace the core system utilities. There are, of course, tradeoffs with the varying levels of security provided by these OSs, namely in how the user is able to customize their environment to their liking. (Source: Which is More Secure: Windows, Linux, or macOS?)

Things I'd like to know more about

  • I'd be interested to know more about how malware attacks are changing in recent years. It also makes me wonder how Microsoft and Apple are trying to protect against it.