I'm really not one to write Journals, but on this issue I feel compelled to.
I've been seeing all the devwatch notices in my Message Center about people ranting in their journals on how "hackers" are on the lose here on dA and how people can apparently harm your "CPU" by clicking on a link etc.
Just FYI, the CPU is your processor. A small one inch by one inch or so chip that sits on the motherboard inside your computer. It does all the calculations that make your computer work, nothing else. What usually gets affected by intrusions is your data and that is stored on your hard disk drive.
Since I work professionally in the IT support field, my toe nails are regularly pretty curled at those statements and quite frankly, considering that pretty much everything except your toaster is currently connected to the internet, I'd like to think people know a little better about how things work; after all with the entire internet at your fingertips, education has never been easier. The only things stopping you are laziness and ignorance. Granted, you need to know first what to learn, before you can do so, but then why not ask, instead of running around like a headless chicken screaming about hackers?
Whenever I use a pair of normal household scissors or my pocket knife to cut a bit of cable (instead of using a cable cutter), I'm technically hacking, because I am using a device in a different way than it was designed to be used. So, please, stop that.
While it's of course the fault of the creators of malware (and related items) that these things exist in the first place, it's your, the user's, responsibility to make sure that your computer is safe and you know enough about it to keep it that way. You wouldn't be able to argue in a court room that the police should have done a better job in catching a burglar, because you forgot to lock your front door. You are required to learn about certain things, before you are allowed to do them (like driving for instance). So, educate yourself about what is happening on your computer.
And no, it's not Microsoft's fault either. Windows isn't any more vulnerable than any other system, it just has much greater market exposure than Unix or Apple have, although MacOS appears to be catching up. Rootkits and other things are equally available for any operating system on any platform. I have been using Microsoft software for over 20 years and in that time had maybe five virus infections myself and those were at a time when I didn't know enough yet to protect myself. If you know what you're doing, your computer is safe. You don't need a degree or be a "computer geek". What you do need is common sense.
If you have a good anti-virus program (there are plenty good ones out there, free and commercial versions -- and no, Norton or McAfee are not among the ones I would recommend) and a couple of malware scanners, you should be fine, providing you use them and do actually scan your computer on a regular basis. Much like a car, your computer needs to be serviced. Running a couple of programs once or twice a week will take no more than 15-20 minutes and will make sure your computer is protected.
As for clicking links; use Adblock that will already take a lot of problems away. Chrome offers an "incognito mode" which does not save any content of the website you go to on your computer, which you could use to look at a website like those offered in those "spam attacks" without really worrying to much about what is happening. Also there is no way that anyone can do physical harm to your computer like that. Most malware will worst case scenario render Windows unusable or make your computer accessible from the outside, but no one can blow up your PC. The worst malware I have come across in recent weeks is one that displays a fake FBI warning on your screen and asks you to pay money to remove the problem. That's difficult to clean up, but by no means requires a Windows reinstall or similar which a lot of people seem to result to.
So, what to do to be safe?
1) When you get email/messages from people you don't know, don't click on any links.
2) If you get email from "Amazon" or other known online trading sites, make sure the link shown in the email is actually accurate.
3) Don't click on ad banners (Adblock once again would come in handy here).
4) Don't install endless add-ons and apps on your devices without reading reviews or knowing where they came from.
5) Free offers are NEVER free. No one will give you anything without wanting something in return. It's business, not "fluffy-bunny-everyone-is-happy-wonderland."
Just use common sense. You wouldn't cross the street either without looking, would you?
As for which programs I would recommend (anti-virus aside):
1) Malwarebytes Antimalware
4) Kaspersky's TDSKiller
7) Malwarebytes Antirootkit
Those are all free to download and use and can be manually updated. My personal choice for anti-virus at home is ESET NOD32/64 which works very well and even blocks website access to known, blacklisted sites. At work we use AVG 2012 at present, integrated into a monitoring and management system, combined with the Malwarebytes software.
Other anti-virus systems I have had good experience with are the Comodo range of softwares (they provide an excellent web browser, too, Comodo Dragon, which is Chrome based), Trend Micro and Kaspersky. Symantec/Norton and McAfee programs are far too intrusive for my taste and are what I would call a "system hog."
As for intrusion prevention. If you have a router at home, that will already provide you with a pretty good firewall and the software firewall included in Windows 7+ is decent as well; no need for anything else. Believe me, Windows is secure enough. I have been running intrusion tests and even on the same local network I have not been able to do much with a fully patched Windows 7 as my target.
Another software I can recommend is PeerBlock which stops access from the outside by using blocklists. Those are free to find on the internet as well.
Like I said, it will take some work if you don't know much about this, but stop running around claiming people will hack you. What will allow people to hack you are weak passwords, ignorance and not applying common sense when using the internet. It's also a good idea to change your passwords regularly. Stuff like "abc123" won't do. What will work are passwords with 12-20 characters, including special characters. So, something like: ADvb!_542Dfrr@
Bank ATMs let you change the PIN on your debit card now to up to 12 numbers. I suggest you make use of such features!
You can make passwords a little bit easier, of course - compared to the one I gave above, but make sure it is not something you would find in a dictionary. It really won't take that long to brute force yourself past a password with sufficiently comprehensive password lists and with the increasing computing power of home computers, it will become easier and easier for anyone. Don't use the same password for several websites and if you must, use variations at least. Don't use anything that can be related to you (e.g. the name of your pet/child). That is the reason why your deviantART and Facebook and whatever accounts get hacked. Clever people are good at guessing passwords. I've done it before myself. If you know a person just a little, you can do that. It's called "social engineering." That is precisely what people like Kevin Mitnick used to do back in the day. Pretend to be someone else and make themselves appear trustworthy to then obtain the information they wanted.
So, hopefully my ramblings have made a little sense to some, but there is no reason to be overly paranoid. The effort to hack into a computer just to look at some random and, in the grand scheme of things, unimportant data, is way out of proportion to the gain. Companies are a different story, but they are properly protected by business grade firewall systems.