Computer Security

Many people think, “So what if I’m hacked? There’s nothing important on my computer.” That may be true, but if a hacker gets into your machine and steals your passwords and other personal information, he/she can hijack your identify to commit crimes.

Hackers – What can you do to protect yourself against hackers? Hang garlic braids on your computer. No, wait, wrong problem. Actually, unless you have a high profile or have posted a message on a hacker board saying, “Neener, neener, neener, you can’t catch me”, you probably won’t be attacked. However, there are plenty of script kiddies (kids who really don’t know much about programming but have downloaded hacking tools) out there. If you use a dial-up Internet connection, you run a slightly lower risk than people who have an “always on” broadband connection. However, better safe than sorry.

Computer Security SSL Lock IconHe can install a Trojan horse onto your system. Protect yourself by turning off File and Print Sharing. Unless your computer is on a network, you don’t need this. Remember, when you are on the Internet, you are connected to everyone else in the world who is online at that moment. In Windows 9x/ME, open the Network applet in Control Panel and you will see a button for File and Print Sharing. Click on it and make sure access boxes are unchecked. The Network Properties applet looks a little different in Windows XP, but the same options to turn off File and Print sharing are there. Use a firewall program. There are good free firewalls available, such as ZoneAlarm and Sygate Personal Firewall. Keep your operating system patched and only apply patches that you get from Windows Update. Microsoft never sends patches as attachments to emails. If you get an email purporting to be from Microsoft telling you to run the attached program, delete it. The attachment will be a virus. If you use XP, you should have Automatic Updates enabled and have installed Service Pack 2. Garlic is still a Good Thing.

Spyware – A good definition of spyware, taken from the excellent Wikipedia is:

“Also called adware, spyware is any software that covertly gathers user information through the user’s Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about email addresses and even passwords and credit card numbers.

Security Secret Agent Spy“Spyware is similar to a Trojan horse in that users unwittingly install the product when they install something else. A common way to become a victim of spyware is to download certain peer-to-peer file swapping products that are available today.

“Aside from the questions of ethics and privacy, spyware steals from the user by using the computer’s memory resources and also by eating bandwidth as it sends information back to the spyware’s home base via the user’s Internet connection. Because spyware is using memory and system resources, the applications running in the background can lead to system crashes or general system instability.

“Because spyware exists as independent executable programs, it may have the ability to monitor keystrokes, scan files on the hard drive, snoop other applications, such as chat programs or word processors, install other spyware programs, read cookies, change the default home page on the Web browser, consistently relaying this information back to the spyware author who will either use it for advertising/marketing purposes or sell the information to another party.

“Licensing agreements that accompany software downloads sometimes warn the user that a spyware program will be installed along with the requested software, but the licensing agreements may not always be read completely because the notice of a spyware installation is often couched in obtuse, hard-to-read legal disclaimers.”

To see what, if any, spyware you have on your system, install a program like Spybot Search & Destroy by Pepi MK Software and Ad-aware from Lavasoft. Both these programs are free, so run them both since they complement each other. Be sure to update them first, and it is most useful to run anti-spyware tools and antivirus scans in Safe Mode. Bear in mind that many ad-supported programs will not work if you disable the spyware components. The choice is yours.

File-Swapping – Another common security breach is the practice of peer-to-peer file-swapping. Most people have heard of Napster, which brought file-swapping into the mainstream consciousness. Basically, people could connect to a special network and swap files with each other. Although Napster no longer exists in its earlier form, there are many other popular file-swapping programs such as LimeWire, Bearshare, Grokster, KaZaA, and WinMX. Music files in the popular mp3 format are the most commonly traded, but any file can be swapped, such as movies and pirated commercial software. Peer-to-peer file-swapping is an extremely controversial issue.

Stop Paper IconI’m not going to address the morality of the practice, but you should know that if you are file-swapping, your computer’s security is breached. File-swapping programs create a “Shared Folder” on your hard drive where you put the files you wish to make available to others. Windows 9x and ME are inherently insecure operating systems. If you enable file sharing of one folder, your entire hard drive is open to the world. Windows XP can be made more secure, but I’m not convinced it would be without risk. If you use your computer for business or have important personal information on it, those files are potentially compromised, along with all your passwords. Additionally, you take the chance of downloading some sort of malware with your mp3’s. Trojan horses and viruses have already been found in the KaZaA and LimeWire programs. If you decide to participate in file-swapping, be aware of the risks. I tell clients that file-swapping is like being in bed with 50,000 teenage boys. You are basically bringing a file into your computer and you have no idea whether the computer it came from is clean (virus-free), whether the file-swapper you got it from is malicious or not. The best thing, aside from refraining from file-swapping, is to use a separate dedicated computer containing no important data. A separate hard drive is not a good solution, because it is vulnerable to infection from the main drive. There are now many legitimate places to download music, such as iTunes, Real’s Rhapsody, and even Napster which has reinvented itself as a legal download service.


No comments yet.

Add a comment

Pinwire @ tumblr