My 2/10/08 Missoulian column
No one has ever given me a horse, so I’ve never had the chance to look a gift horse in the mouth. I’m told you can tell the age of a horse by its teeth, but I wouldn’t know. And, as the story goes, the army of Troy didn’t look their gift horse in the mouth and ended up losing the Trojan war.
Odysseus, the Greek hero of Homer’s epic poems built a giant hollow wooden horse, put 40 of his men inside and left the gift horse at the gates of the city of Troy. The Trojans, thinking that Odysseus had given up the fight, pulled the horse inside the city gates and partied to celebrate their war victory. After they fell asleep, Greek soldiers emerged from the horse, killed the Trojan guards and opened the gates to their own army.
(Of course, the real saying is you’re not supposed to look a gift horse – either real or wooden – in the mouth, meaning you’re not supposed to act ungrateful after receiving a gift.)
As happened in Homer’s poems, letting a Trojan horse into your personal computer would be like losing the battle. In the computer world, a Trojan is a program that looks like it will do one thing – play a movie or offer a free game – but in fact does another, like install malware. These programs include key loggers that record everything you type (including log-ins and passwords) and e-mail it to the bad guys, the Storm worm or something similar that turns your PC into part of a spam-spewing botnet, and on and on.
Trojans often arrive via e-mail, but they can also invisibly download from a Web site that you’ve been lured to – by one of those Valentine’s Day spam e-mails going around right now, for example – or even from a seemingly OK Web site that has been compromised and installs malware. Another easy way to get a Trojan on your computer is to use one of the free online anti-spyware programs that offers to check for bad stuff but instead steals your personal information; many of these programs are bogus and will actually install spyware.
Installation is the key for a Trojan to work – you have to let the horse in the gate. When you install a program in Windows, you give that program privileges to access the heart of your PC. Trojans get installed by fooling you into clicking through the install process, by hooking into security flaws that allow a program to burrow into your PC and by taking advantage of out-of-date anti-virus software. Once installed, the Trojan will start up each time your PC is turned on and run in the background.
Anti-virus and anti-spyware software will detect Trojans if the software is kept up to date with current virus definitions, which are kind of like DNA. If your anti-virus program has a listing of the latest DNA of a Trojan, it can be disabled or removed the majority of the time.
Be sure your anti-virus and anti-spyware programs are set to update automatically, and turn on the Windows automatic update feature, too. Microsoft regularly releases system updates that help disable Trojans, including, as I wrote a few weeks ago, significantly knocking back the Storm worm.
(Apple Macs can be susceptible to trojans, but right now, there are only a few rare ones running around.)
There is another way to prevent many Trojans from getting a foothold: running your computer with limited rights. Doing this keeps Trojans from being able to work their bad magic by limiting their privileges on your computer. It can be a slight inconvenience, but running with limited rights is very effective in stopping many kinds of malware. I’ll cover the topic next week.
The source of the phrase “never look a gift horse in the mouth” is St. Jerome. He first used it in the third century in reply to his literary critics. That’s sage advice from a saint and good etiquette for anyone who might receive a free horse, but not when it comes to computers – beware of anything you install so malware doesn’t take over your PC.