Every once in a while, I hear someone complaining about how their antivirus didn't block a virus that just wrecked their computer, or is slowing down their work unnecessarily, or needs to randomly restart the computer to complete updates.

Of course, I respond with the obligatory "Bah, antiviruses. I run Linux!"

But, as I have showed before, even I am not completely safe. Plus, most people don't run Linux, so viruses like that are more potent and harder to extract. The natural conclusion is: they must use an antivirus solution. But which one?

No, I'm not going to start comparing AVG, Avast, Norton, etc. Personally I keep Malwarebytes installed on my Windows machine as a "just in case" measure, but it's not an active antivirus; it doesn't update by itself, doesn't run automatic scans, and it doesn't sit between my browser and the internet to scan all traffic. And yet... I've never gotten a virus.

Ya rly.

But how? Well, let's make an analogy.

Say you're having a house party. You've got everything set up: snacks, drinks, music, and your favorite type of entertainment. Then, wanting to be a good host, you leave the door open with an invitation for anyone to freely join the party if they want. It goes well for a while, but then you notice that some people initialed themselves on your wall in permanent marker, and that the wallets of some of the guests have mysteriously gone missing. Pretty soon it all goes wrong and you have to kick everyone out in order to clean up.

So, next time you have a party, you first go to the local private security firm and hire a bouncer. He has been well-trained and has a whole series of things he looks for in people who come in. Do they have permanent markers? What is their BAC? Have they had trouble with the police in the last 6 months? Additionally, he also sometimes strolls through the partygoers and looks over their shoulders at what they do, and again puts it past a series of tests to see if they're being good.

But eventually, he lets in one guy claiming to be an old high school friend of yours. Your guard has never seen or heard of him before, so he lets him join. Before you know, your living room is inexplicably a ball pit, and there is a bobcat running loose.

He's here for the party! He even has the hat to prove it.

So now what? Tell the guard to not accept anyone wearing a mask? Tell him to not accept anyone who claims to be your high school friend? Or just fire him and hire a different guard? But does this new guard know to look for permanent markers?

How about a different approach? Say, closing your door. You can then invite your friends, and tell them to invite friends if they want. Whenever someone who you don't recognize arrives at the door, you can judge them for yourself. Do you know them? Who invited them? Call the friend who invited them and make sure they're telling the truth.

Now, if they misbehave, you can make that friend rub down your walls of permanent marker.

Unless this is your friend. Marker on your walls is better than holes in your wall.

Okay, crazy extended metaphor aside, what does this mean you need to do? Mostly, use judgment. Can't use judgment? Here's some simple guidelines:

1. Viruses are programs. Which means they are usually in an executable format... like .exe or .msi. You were expecting a music download and you instead get a "downloader", or some other executable? Do not run it.
2. Think twice before being an administrator. If a program requires you to run it as an administrator (or in Linux's case, as root), think twice. Was the program from a trusted source?
3. Keep your OS and other programs updated. No amount of caution on your part is going to protect you if Internet Explorer has a security flaw in displaying GIF files that allows arbitrary code execution. At least if such an issue appears, you can get it patched ASAP.
4. How many people actually use this program? If you must download and install a program, how popular is it? Is it an old piece of software with a myriad of users, like PuTTY, or a money-grinding bot for Runescape that was put on the internet a week ago? Is it recommended by a major site with credibility, like CNet, or something someone "just found"?
5. Don't download from questionable sites. If you download GIMP, it had better be from http://www.gimp.org, not from http://www.filedropper.com .
6. Make sure you have the right file. If you do get it from a questionable source, checksum it (with MD5 or something) and compare it against a publically available sum. For example, if you got these two slightly different files (one, two) and you know the correct one has a MD5 sum of 3561b61aeef58d30d8843ac6eae66012, you can deduce that the first, not the second, is the one you should be using. Use the md5sum UNIX command, or some sort of GUI on Windows.

And there you have it. You can probably come up with your own guidelines too, but remember: "better safe than sorry" is a heck of an antivirus solution.

So, go ahead. Turn off your computer now. You know, to be safe.