Personal Computer Safety

GTRI_B-1filename - 1

Personal Computer Safety

Les Smee

Georgia Tech Research Institute


Quiz

http://www.alwaysuseprotection.com/quiz.aspx


Famous Hacking

Claim to fame: Figured out how to make free phone calls using a plastic prize whistle he found in a cereal box. Cap'n Crunch introduced generations of hackers to the glorious concept of phone "phreaking."

John DraperHandle: Cap'n Crunch


Famous Hacking

Robert MorrisHandle: rtm

Claim to fame:

The son of the chief scientist at the National Computer Security Center part of the National Security Agency (NSA) this Cornell University graduate student introduced the word "hacker" into the vernacular when he accidentally unleashed an Internet worm in 1988. Thousands of computers were infected and subsequently crashed.


Famous Hacking

Kevin MitnickHandle: Condor

Claim to fame:

The first hacker to have his face immortalized on an FBI "Most Wanted" poster. His status as a repeat offender, a teenage hacker who couldn't grow up, earned Mitnick the nickname "The Lost Boy of Cyberspace." Inspired the movie “War Games” by hacking NORAD.


Computer Updates

• Update Operating System

• Automatic

• Manual

• Update individual Applications

• Usually Notified

• Update Virus and Spyware Programs


Operating Systems

• Maintain updates

• The more common the OS the more vulnerable

• Windows

• Less common/vulnerable

• Linux, Mac OSX


Viruses

• Run without intention or permission

• Have the ability to "infect" or modify other files or disk structures

• Replicate so it can spread to other files or systems

• Does NOT have to be malicious


Virus Types

• Boot Sector Infectors – attaches to boot program, runs when computer is started

• File Infectors – attack file (.exe) and change code

• Macro Viruses – use programming language built into applications like Microsoft Word


Virus-like

• Worms – doesn’t infect other files/programs, completely self-contained

• Trojan Horses – software intentionally written to do something it is not intended to do

• Bugs – unintentional coding that cause a program to misbehave


Virus Hoaxes and Myths

• Often Spread via email

• Threaten grave consequences

• http://hoaxbusters.ciac.org/ (HoaxBusters)

• Cannot get a virus simply from reading an email


Virus Prevention

• More connections = more vulnerability

• Pirated Software more likely to contain viruses than legitimate software

• Control access to PCs

• Scan removable media

• Disable booting from removable media

• Can disable it’s use completely


Virus Detection

• Use Anti-Virus software

• Norton

• McAfee

• AVG (free)

• Keep AV program up to date (Virus Definitions)

• Auto updates

• Regular Checks

• Weekly Scans

• File Scanning


Firewall

• Definition: Hardware and/or software that limits access to your computer from the outside world

• Cannot stop you from download malicious software

• Virus, trojan, etc.

• Can be configured to allow or disallow specific types of traffic (ports)


Firewalls

• Hardware

• Can be combined with other product (switch, router)

• Dlink, Linksys, Netgear

• Software

• Many have free version for personal use

• Zonealarm, Norton, Windows

• Need to get updates


Testing Firewalls

• Port Probe

• DSLReports

• http://www.pcflank.com/scanner1.htm


Why not backup?

• Not important

• No Time

• Don’t know how

• No routine (forget)


Causes of Data Loss

• Hardware Failure

• Software Failure

• File System Corruption

• Accidental Deletion

• Virus

• Theft

• Sabotage

• Natural Disaster


Backup Methods

• Medium

• Tape

• CD/DVD

• Removable Drive

• Internal duplicate drive

• Backup Specific Files

• Windows Backup


Backups

• Make backing up routine (set reminder)

• Store backups in safe location

• One set on site and one set off

• Destroy old backups


Browsing

• Get browser updates

• Try alternative browsers (Firefox)

• Verify addresses in address bar

• Regularly delete stored data

• Cookies

• Block pop-ups


Online Shopping

• Look for padlock or https://

• Use credit cards

• Single use

• Research Company

• (www.bbb.org) or (www.naag.org)

• Know return policy

• Look at URL closely

• Print or save order confirmation


Email

• Generally not secure

• Beware of Phishing

• Don’t trust attachments

• Avoid Spam

• HTML email can be bad

• Some mail programs allow you to turn off html


Email Don’ts

• Use full name as sender

• Give out passwords

• Use primary email for posting in public forums

• Respond to spam unsubscribe address

• Buy from spammers

• Include name in address


Avoiding Spam

• How do spammer get your address?

• Spambot or Scraper to crawl the web looking for addresses

• Trick people into submitting their addresses

• Pick and domain and send thousands of emails


Avoiding Spam

• Use disposable addresses

• Watch for “Yes I want to receive …” checkboxes

• Disguise email address on blogs, chatrooms, etc

• Joeblow@YAdelete_thisHOO.COM

• joeblow@ yahoo.com

• Use unguessable email address

• Don’t respond to spam, even to unsubscribe


Wireless Security

• Easy to intercept wireless packets

• Airsnort, Aircrack

• http://www.wi-foo.com/index-3.html

• Change defaults

• SSID (Broadcast)

• Encryption

• Mac Filtering


Wireless Security

• OK to use unencrypted wireless on encrypted sites

• Banking

• Shopping


Passwords

• Use different for secure and non-secure sites

• Ideally use different for each site dealing with money

• Change regularly

• Use combination of letters, numbers, symbols

• Don’t allow programs to “remember” critical passwords


Spyware

• Virtually all internet connected computers get spyware

• Symptoms of spyware

• Endless pop-ups

• Redirected to websites you didn’t enter

• New icons in tasktray

• New toolbars in browser

• Computer is suddenly slow when accessing/saving files


Spyware Detection/Removal

• Run checks weekly

• Some antivirus programs check

• Free stand alone programs

• Spybot

• Adaware


Chatting Safely

• Don’t give out identifying info

• Name

• Phone

• Location/School

• Email

• Remember people do lie

• Choose non-identifiable screen name

• Don’t meet people offline (if you do make it very public)

• Know how to save conversations and report problems

• Don’t open/except files sent to you


Chatting for Kids

• Only use monitored rooms

• Don’t allow private chats

• Observe who kids talk with

• Choose rooms appropriate for age level

• Parents check out sites first

• Limit or don’t allow webcam use


Child safety

• Keep computer in family area

• Spend time with child online

• Tell child how to end/report situations where he/she feels uncomfortable

• Give feedback to ISPs about what you like/dislike/expect

• Use time limits

• Ask child to sign online agreement



Communal Sites

• Examples

• FaceBook

• MySpace

• Default security is low

• Assumes you want everyone to know everything

• What happens here stays here … FOREVER

• Friends may not have same privacy concerns

• Upload pictures

• Pictures/sites used in court


Communal Sites

• Sites portray themselves as safe

• Based on the assumption that everyone is honest

• Some create profiles “for” other people

• People often alter themselves positively in an online profile

• Third parties using information

• Police

• School administrators

• Spouses


Mobiles (phone)

• FaceBook and Myspace plan to extend to mobiles

• Will be able to post to web pages directly

• Can search for other users emails and numbers

• Chat already on mobiles

• Yahoo, AOL, MSN

• Ability to send/receive photos and video


Health Concerns

• Heat From laptop

• Carpal Tunnel Syndrome

• Proper Desk Setup

• Monitor height

• Chair height (feet flat)

• Get up every hour


Keeping Kids Safe Onlinehttp://www.ou.edu/oupd/kidtool.htm

SafeKids Websitehttp://www.safekids.com/

Safekids Quizhttp://www.safekids.com/quiz/

Another Internet Safety Quizhttp://iol.ie/~dromore/safety/quiz/quiz.htm

MySpace Safetyhttp://www.wiredsafety.org/internet101/myspaceguide.html

Safety on Communal Siteshttp://www.twu.edu/o-sl/Counseling/SelfHelp066.html

Software Downloadshttp://www.download.com/

Documents

Personal Computer Safety