Everyone who uses an Internet connection is downloading files from there. It can be automatic file transfers like downloading new emails or filling the browser cache when opening new websites but also manual downloads of pictures, videos or programs. The most dangerous type of downloads are program executables as they can infect a computer system easily if the user has no precautions in place. The following article will give users of every experience level some guidelines at hand on how to download and handle files that are downloaded from the Internet.
It all begins at a website or server. This is the starting point and it might be a good idea to start validating that server before even thinking about downloading files from there. This can be done manually by performing some searches in search engines but also automatically with browser add-ons or plugins like Web of Trust, McAfee's Site Advisor and a plethora of other respected programs including local security software that can also check websites and servers.
The second step involves downloading the file to the local computer system. There is not a lot that can be done here in this step. The only defense are security software programs that are installed on the computer system that should scan the file and report back to the user if they believe it to be malicious. Cautious users can also use one of the many online virus scanners to upload the file and scan it online. Services like Virus Total scan the files with more than a dozen different up to date antivirus engines resulting in a more precise analysis of the file.
Another option is to check the hash values of the downloaded files to make sure that they have not been tampered with. This only makes sense if the developer is displaying the values on a trusted website.
It is pretty safe to assume that the file is safe and can be executed on the computer system if it did pass the tests. There is however a last step that can be done to add the extra mile of security: Virtualization. Programs like Sandboxie or VMWare Player make it possible to execute programs in a closed environment for testing purposes. The benefit of this approach is that they cannot harm the rest of the computer system if they should be malicious.
Did we leave something out? Let us know in the comments.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.