Mon 28 Feb, 2011
Security 101: Very Basic Safety, because what the internet needs is yet another article about common senseComments (3) Filed under: Aetheric Research Ltd, Security
Tags: cybercrime prevention, hazard, safety, security
For the sake of completeness, I tender for the consideration of the masses the following “tips”–though that’s hardly the right word–on the basic rules of staying safe online. It’s worth noting that simply providing ‘tips’ as though safety was merely something to ‘keep in mind’ is really not enough; if you want to be safe, you have to make a comittment to safety and security. Avoiding hazards is not a result of anything other than close and careful attention to everything that you do online. Accordingly:
- Think before you click. Especially on windows or error messages that pop up, think about what you’re doing before you click any part of it–especially before clicking a “yes” button. Especially for Windows users, Microsoft has done a great disservice by spawning endless annoyance windows that have ingrained auto-agree behaviors into people’s minds–and hence allowed more than a few trojans into people’s computers. Hovering the pointer over hyperlinks in webpages will display the URL that it leads to at the bottom of the browser; pay attention to this, to make sure you want to go where the link leads you. Actually read error messages that show up, and if you’re going to be placing a support call about them, write down the exact wording; error messages exist for a reason–to tell people exactly what is wrong.
- Turn off automatic running and previewing ‘features’ on everything. Yes, it’s a great convenience for the user to be able to pop a CD in a drive and have it automatically run a program. It’s a great convenience for you to have your email show up without having to open it up. It’s also an incredible convenience for anyone wanting to install some breed of malware onto your system–especially if you should happen to not pay attention to the previous bullet point and automatically click the ‘authorize’ button on any warnings that may appear. True, turning off these features is a hassle, and results in more work; however, it’s less of a hassle to open emails and CDs by hand than to try to take back a stolen identity–especially if your identity is worth stealing, you may still be fighting that for decades.
- Use different passwords for different things. A plurality of people, even after several highly-pubicized compromises of password information, remain lazy in their password discipline. If you use different passwords on different sites, the only account that will be compromised in the event of a break-in on that site will be the one associated with that site. Simply adding a letter or a number is not good enough, either; there are numerous tutorials online about how to choose secure passwords, and there are numerous tools available to help manage them.
- Turn on automatic updates for your operating system and for your antivirus program. The only people who should not automatically run those updates are administrators of large corporate networks; they have to test patches before the patches are applied to production systems, and as such have means in place to control the updating of the systems under their charge. Unless you are a systems and networks administrator for a large business or enterprise network, there is little to no reason not to keep the updates on automatic update. The vast majority of malware is filtered out by simply keeping your system up to date and by paying attention to what you allow to run; the first filters out the majority of hostile software that relies on exploiting weaknesses in the operating system; the second filters out trojans masquerading as something else.
- Do not forward chain emails. Yes, that means that the cute bunnies that someone sent you will not be sent to your Aunt Martha from your email address–however, it’s more than likely that those cute bunny pictures exist somewhere online. The folks at Tineye have built a search engine for figuring that sort of thing out; find out where the pictures originally came from there, and send the link to your Aunt Martha. This keeps her inbox from filling up; this gives credit to the original content creators; and this gives less opportunity for hostile software to spread.
- Turn off HTML emails. Yes, plain text emails are boring, but they’re also safe. If your email requires pictures and animations and other flashy things, then what you require is a website or a blog, not an email. Viruses cannot spread through plain text. Besides–if what you say doesn’t work without a cute font and a bunny picture, it probably wasn’t worth saying to begin with.
- There Ain’t No Such Thing As A Free Lunch. Anyone offering you an “amazing deal” is probably trying to scam you. If the price for a product or service that you’re seeing is more than a few percent away from the price elsewhere, then it’s probably not legitimate.
- Never–never–NEVER–buy anything at all from an email that you did not specifically solicit. Especially not ‘discount pharmaceuticals’ or whatnot. There are more than enough legitimate sources for anything that is sent out in spam emails–and any email that shows up from any source that you did not make first contact with is spam. Not only will buying these goods likely result in identity theft, but you are financing organized criminal operations, and you are putting yourself in danger of being clubbed to death by an irate mail administrator. Do not click, do not open, do not reply that you want to be ‘taken off the mailing list’–if your mail provider offers a ‘mark as spam’ button, use that, or delete it. The only reason spam continues is because it is profitable, and it only takes one or two people to buy something forit to remain profitable.
- Think before you click. Again. If you have to think about whether you should click something for more than a few seconds, then the answer is likely that you should leave it alone or deny it permission. If you still aren’t sure, then find someone who does this manner of thing for a living and ask their advice–you’ll get a much better answer if you compensate them in some fashion for their time.
The internet is a massive convenience, and is rapidly becoming entirely necessary for societal function. Like any other place where people gather, there is danger of crime; just like walking through a bad part of town, keep your eyes open and your wallet hidden, and you’ll likely avoid any hazards.