http://tech.yahoo.com/news/ap/20091109/ap_on_hi_te/us_tec_a_virus_framed_meI have heard of such things and it is painfully easy to do (get someone else's computer to do things), if they are running Windows.
While the marketing people will just say it is because more people use Windows, they forget that servers and important computers (like, ones people have real motivations to crack) do not run Windows. The truth is that Windows is highly insecure and one must use hardware firewalls and strict control over accounts to have anything like security. This is impossible unless one controls the network and knows what to change; Windows comes with horrible default settings, such as the mandatory default Admin account.
This isn't a rant against Windows, but a real danger. Infected Windows boxen make up the most powerful network of computers in the world. The function of this zombie network is unknown. Someone is using the computing power of many computers to surpass the output of super computers for no known purpose. I have treated many Windows issues, most ran anti-virus. Running anti-whatever never makes a difference for those who get bad stuff.
In my experience, the following will protect Windows against the most common technical attacks, but remember: the weakest link is always the user. Social engineering cannot be prevented with computers. That is up to the user.
* Make an account with limited rights and NEVER use the admin account to do anything other than administration (with Windows Vista, and I imagine 7, one can selectively do administration work in a limited account if the password is known. In this case, never use the admin account at all).
* When using the admin account, make sure you know EXACTLY what you are doing.
* Do not use IE or Outlook.
* Use a hardware firewall (in your router, hopefully). Do not pay for security software; I haven't seen them account do anything useful except compensate for poor design.
* Get a virus scan program such as
ClamWin (well, that is the only one I have to suggest) to scan files when necessary. It won't eat your RAM, and it works for you.
* If you do get a problem with your computer, don't wait for it to become annoying. The best malware hides itself and users I've seen will tolerate weird things if it doesn't actually stop them from what they are doing at the moment. DO NOT TOLERATE ANY MALWARE! Once a computer is infected, isolated it. Do not share writable media with it. Do not use any unknown programs or sites used by that computer on others. And hopefully you can recover data you want, but scan that data with ClamWin first, and wipe the entire disk and reinstall everything from trusted sources. Do not use anti-virus programs on infected computers.
Hopefully, that will help someone. Just remember: if you are charged with looking at porn, and you deny it, and there is the slightest evidence to the contrary, no one will believe you.
