|
|
|
Compute SecurelyUse your computer in a secure manner
|
|
|
|
|
|
Using a computer creates a lot of security breaches in information processing. There are many ways to spy on someone who uses a computer: Tempest technology, hardware keyloggers, malicious software. There are not many ways for most people to protect themselves from Tempest spying, but for the other spying methods there are several ways.
PasswordsFor those passwords which you have to use over Internet, choose some random string of characters and store the password in an encrypted file, or use a program like this.
HardwareA very important thing is to keep the hardware away from the hands of anyone. Look for any new / strange device attached to any part of the computer: main unit, monitor, keyboard, mouse, Internet connection. If you know a thing or two about the inside of a computer, also look there. A big security breach is created by wireless devices (like wireless keyboards and mice). These devices are not connected by cables to the computer (or to each other), but use radio waves to transmit the information. Usually, the transmitted information is not encrypted and, thus, can be easily intercepted by a spy. This is why it is important not to use wireless devices which don't encrypt their transmission. The same goes for wireless Internet connections, though they may be required because there might be no other way to connect to the Internet. In such cases, it is essential to use a device which encrypts its transmission, otherwise a spy could gain full access to both your Internet connection and computer. Wireless devices can also be used by malicious software to transmit information out of a computer without its owner knowing it. Notebook computers are the best candidate for this kind of spying because many of them have integrated wireless communication. This kind of spying can also use your monitor and the Tempest method to transmit information, but the range of the transmission is limited to a local area.
SoftwareAnother important aspect of secure computing is to keep your software clean. Even though a spy may not be able to physically reach your computer, it may still be able to infiltrate a malicious program, through your Internet connection or through email.
EmailsTo protect yourself from malicious programs sent through email, all you need to do is always read your emails as plain-text. Most email manager programs have an option which allows you to do so, but usually you need to select this manually; look in the "Options" dialog, in the "Read" section. Many HTML formatted emails may contain external references and scripts which may attempt to infiltrate a malicious program on the computer where the email is being read. An external reference is a link to a module which is not contained in the email, but which is loaded from the Internet when the email is being read. This module may be malicious. Also, never open an email attachment which contains and executable file (= a program). In many cases such attachments try to fool people by using two extensions for files, like ".jpg.exe", trying to portray themselves as pictures, songs, text documents, or other harmless types of files. Because some email and file managers are set by default to hide extensions (or there are a lot of blank spaces between "jpg" and "exe"), the last extension (".exe") will not be visible, but the user will still see the ".jpg" extension and think the attachment is a harmless document, which he will open. Note that it is possible for such a malicious attachment to actually display the document they claim to be, in order to disguise the fact that it is something else. Also, some attachments are compressed into a Zip archive, and when you click on it you see a list of the files contained by the archive, which you may think are harmless and click on them. They are not (necessarily) harmless! You may receive emails which claim (see this) to be from various companies (like banks, police, security agencies) saying either "there was some unauthorized activity in your account", or "we lost our clients database", or "you are under police investigation", or "there are rumors about the company's bankruptcy", and ask you to login to your account or go to a specific website. NEVER DO SO! They are most probably scams. If you are in doubt, contact the company by typing their URL (= website address) in the address bar of the Internet browser. The links in HTML emails can hide the real target where they point, so, even though the link from the email may appear to point to the company, when you click on it the browser takes you to the scammer's website where you may see a copy of the website of the company from which the email claims to be, and so you may be fooled into giving private information (like account names, passwords, personal information). Some emails even claim you have a virus on your computer and they offer you the tool to remove it. Obviously, the tool is actually the virus. Never visit a website from an email which you receive without asking to receive it. Such websites may load malicious programs on your computer, by exploiting certain bugs in your operating system or browser. Never unsubscribe from newsletters which you didn't ask for. The website from the unsubscribe link may very well try to load a virus on your computer. Avoid going to websites which claim you received a greeting card. If you don't know the name of the sender of the card, don't click on any link from that email. Never respond to spam-arrest messages from people you know you never sent an email to. Spam-arrest messages actually come from specialized web-sites which are used by owners of email address boxes to identify real people who send them emails. This is done through a challenge-response system. Unfortunately, spammers now register one of their email addresses to a spam-arrest system and then also register this to various mailing lists. People who post on mailing lists will start receiving requests of confirmation in order for their email to be delivered to the email address protected by the spam-arrest system. Those people who make the confirmation will identify themselves as real people and thus will start receiving spam. Also avoid going to websites from which you receive emails which say you bought something. This "something" is usually expensive in order to make you fear that your credit / debit card will be charged. These emails may ask you to verify the status of your order. Don't!
Forged email addressesNo matter where I am on this planet I could send you an email which you would see it's coming from "martians@earthbase.hiddeninvasion.now". It is very easy to do this (but I am not going to explain how to do it)! It is not even necessary for this email address to actually exist. It is possible to check if the email actually comes from the apparent address. You have to check the header of the email. Look for all texts that look like an email address (they contain "@"). However, sometimes it's not easy to find the real source of the email because some tricks can be used to hide it. In such cases you have to look for the IP address from where the email was sent, in the lines of the header of the email which look like "ClientAddr: XXX.XXX.XXX.XXX" or like "Received from YYY (XXX.XXX.XXX.XXX)". Even if you can find the real address from where the email has been sent, it doesn't mean that the owner of that email address has actually sent the email. It is possible for someone to send emails using that email address, without the owner knowing it (either knowing the password to access the email account, or remotely using the computer of the owner of the email address).
FirewallsTo protect your Internet connection it is essential to use a firewall. Firewalls can be both hardware and software. Though hardware firewalls can be more secure than software firewalls, a software is much cheaper to buy and maintain, and is perfect for home users. When you use a program which tries to access the Internet, the firewall becomes aware of that fact and notifies you. At that point you can choose whether to allow or deny to that program access to the Internet. But it is very important to select the proper options within the firewall. Most firewalls are installed with some default options that are not good for everybody, which allow the most common programs to access the Internet without notifying the user. This is not a problem since those programs are well known and don't contain malicious code, but if you want maximum security then you would delete these default options and deny all programs access to the Internet, and then allow access only to the programs you choose. Some programs, like Internet browsers, have various plugins, like a toolbar, which may be a separate cause of security concern. Such programs may even be installed without the computer owner knowing it. Since plugins use the main program to access the Internet, and you allow the browser to access the Internet, the firewall can't know when a malicious plugin is loaded. To protect from this kind of problems, firewalls have an option (which you need to select manually) which allows them to notify the user whenever a new plugin is loaded by a program which is already allowed to access the Internet. One disadvantage of this option is that the firewall may notify the user about many normal plugins being loaded, and if the user is not familiar with them, this option could prove to be nothing else than a source of confusion. Firewalls also track the programs which are allowed to access the Internet by creating a signature of each of them, and each time a program tries to access the Internet is verified against its previous signature. If this signature is not the same, the firewall notifies to user about the problem. In some case this may not be the cause of a malicious software, but it could mean a program was updated, and hence, it is different.
AntivirusesAnother way to infiltrate a malicious program on a computer is through another program. Some malicious code can be attached to a well known program, and when the program is run, the malicious code is also activated. If you download programs from the Internet or you use a program given to you by a friend, it is important to scan them with an antivirus. The antivirus scans files (particularly programs) for malicious code. The main disadvantage of an antivirus is that they use a database of malicious codes, and this database needs to be updated regularly to contain the newest malicious programs which surfaced.
ConclusionAlthough the data stored in a computer can never be absolutely safe, the main reason for loss of data is the fact that computers are connected to some sort of network (usually the Internet). If you have very important data on your computer, NEVER connect that computer to a network (either cable or wireless) and always store the data in encrypted forms. Also make sure the computer has no dedicated wireless communication devices (regardless of whether the devices are active or not). |
|
|
|
|
|
|
|
|