Copyright Michael Karbo, Denmark, Europe.


  • Next chapter.
  • Previous chapter.


    Chapter 16. Security

    The Internet has revolutionized a great deal of community life. But it is puzzling that we accept the poor security our computers have. Imagine if other people could listen to and even interfere in our telephone conversations? We would never accept this. But it is, in fact, the same with our computers!

    In this and the following chapters we are going to see what we can do to secure a Windows based computer, which is to be used on the Internet.

    Threats

    The really big threat is the monoculture, our computer world has become. When 90 % of all computers work with the Microsoft products Windows, Outlook and Word, then we are inviting problems. And there a lots of areas, where we give an invitation to hacking and other kinds of thievery with malware:

    24/7net access. When a computer is connected to the net around the clock, there is free access and lots of time do damage. Cable modem and ADSL give fine Internet access around the clock but free access day and night is not necessarily a good idea. Not security-wise anyway.

    Chat-software, where a user is constantly logged on to a messenger server. The computer is constantly open to others here. A bad thing.

    Cookies and spyware. Cookies have always been bad idea. Why should certain companies put data in my computer? Thousands of evil cookies are to be found, which send data from ordinary computers to backers. All in order to fulfil the customers demands, the industries tell us. Basically it is just a bad system, which makes us vulnerable.

    ActiveX, Java and Word macros. These are smart inventions, which are to a great extent exploited by virus programs. But why should these sorts of programs be able to delete data on our hard disks? Who benefits from this?

    Good advice

    In the Spring of 2004 the official American Institution CERT (Computer Emergency Readiness Team, see www.cert.org) gave the following advice to worried computer users:

  • Use a different browser than Internet Explorer. You can lessen your vulnerability by using Netscape Navigator, Opera or Mozilla for your daily work on the web.

  • De-activate Active Scripting, ActiveX and JavaScript (see the browser's settings)

  • Set the browser's security updating to High.

  • Install all security updates for Windows, Internet Explorer and Outlook (what a lot of work).

  • Write and receive e-mails exclusively in text format (don't use HTML formats).

  • Keep your antivirus program updated daily.

  • Never click on links you haven't asked for, regardless on whether they are on websites, in e-mails, pop-ups, discussions groups or other places.

    Figure 88. Only use text formatted e-mails. Here is the setting in Microsoft Outlook.

    CERT's advice is, in fact, really good; if you keep to them then nothing can go wrong. We would add: install a firewall, it makes you even safer.

    Figure 89. The security settings in Internet Explorer are, unfortunately, both complicated and totally incalculable for ordinary users.

    Phishing is a sort of data crime, which is expanding quickly especially abroad. Sophisticated programs that can be saved on websites, in e-mails or in small popup windows are used to spy on usernames, passwords, account numbers and other personal information. This data can then be used improperly to, for example, teal money from bank accounts, etc.

    Neither Firewalls nor antivirus programs can protect you against this sort of criminality. It is up to users to be careful with their personal data.

    Figure 90. This e-mail encourages the receiver to type in his account number in a false bank homepage.

    More security tips

    Some people recommend that you install a password protected screen saver. Then your computer is blocked against any sort of activity when you leave it. You can also type Windows+L to log off when you leave your computer. A good password, they say, has at least 8 characters. Preferably with a combination of letters and numbers as well as special characters such as !?#? %.

    I recommend that you remove the Windows feature Messenger from your computer if you don't use it. A lot of malware uses Messenger; I have experienced that the program suddenly became active on my computer although I have never ever used it myself.

    Figure 91. Remove Messenger from your computer if you don't use it.

    Finally, here is the most effective advice of all for data security: Change the operative system. Drop Windows with all its errors and shortcomings and choose instead Macintosh or Linux. But not many are ready to do this yet.


  • Next chapter.
  • Previous chapter.


  • Book overview.