Safe Computing (Random thoughts)
These random thoughts are a place to start, not a definitive answer.
Always research your particular issues or seek professional help.
- CUTTING COSTS: If you want to use Open Source (free) programs like Libre Office/Open Office (instead of 'paid for' programmes like Microsoft Office), Thunderbird (instead of Outlook), AVG or Avast (virus checkers), Firefox or Google Chrome (instead of or as well as Internet Explorer - I have three loaded as sometimes a website behaves oddly in one browser so it is worth the flexibility), software for music playing, image manipulation, and a WHOLE LOT MORE! You can pick them and have them automatically installed (without any adware) by visiting www.ninite.com. Another site worth exploring if you feel more confident or want to compare paid-for versus free is http://download.cnet.com/
- MICROSOFT CALLING? WINDOWS CALLING? Rubbish! Friends in the Parish have got unsolicited calls from people claiming to be from a known software company. They claim that your PC is infected/faulty and try to persuade you to turn on your PC and then visit a web-page to allow them to "sort it out." This is a crock! Hang Up! They won't be offended, they will try the next number in their list.
- If anyone could detect a fault on your machine without you knowing, they could fix it without needing you to turn the PC on and opening a web-page.
- If you open that page, they will infect or lock your PC and then charge you for unlocking it or "cleaning" the PC. Basically, demanding money with menaces!
- Tell the caller you want their telephone number so you can contact them - they will refuse and give a poor excuse. Probably that will be the last you hear. Alternatively,just tell them not to waste your time and hang up.
- MAKE SURE YOU HAVE INSTALLED YOUR OWN VIRUS CHECKER SOFTWARE.
- WHICH? Article on the top PC security threats of 2009 (and 2010)
- Scare stories - what do you need to know?
Cons - how to spot them
Your kids downloading music - do you need to worry?
Tips for safer surfing - some more things to do to reduce risks from e-mails and visiting web-pages
- What is all this Broadband Stuff? Is it really for me? Some on-line help.
- Some websites that I have found interesting (e.g. The complete works of Charles Darwin or bunnies enacting famous films in 30 seconds) - this is an experiment
- A Government Web Site that walks you through how to remain safe on-line - extremely useful and you take each step at your pace. Videos and examples are good.
1) Let’s begin with scare stories and what you can do about them.
When you are connected to the Internet or World Wide Web (WWW), you run the risk of someone connecting to your computer or sending you things that will certainly annoy you and may even damage your computer (PC). But it doesn’t have to be like that.
Here is a very useful article from the Sunday Times, August 7 2005 that explains the terms and what you can do to take more control of your PC and how it is used.
Reproduced from Sunday Times, Doors, August 7 2005. Author: Nigel Powell
You would not leave your front door open overnight, but every day, people browse the internet's wild frontiers with virtually no locks on their computers. The recent electronic attempt to rob the Japanese bank Sumitomo Mitsui of £220m shows that even the experts are vulnerable to security attacks. What hope is there for the rest of us?
The bank-job hackers tried to break into the system using key-logging software to relay passwords from employees' computers to the perpetrators, who could then access accounts to transfer money overseas. Police foiled this online heist, but they won't be there to protect your • home computer.
In laboratory tests carried out on an unprotected machine, researchers recently found that it took, on average, only 17 minutes for a computer connected to the internet to become infected with viruses or spyware — in effect, wide open to a total stranger. So you have to act as your own security guard against the growing army of digital villains who want to grab your cash, because they wield an evergrowing arsenal of weapons.
"Virus writers used to be kids out to gain a bit of notoriety, almost like graffiti artists," says Graham Cluley, senior consultant with the antivirus specialist Sophos. "Nowadays, we're seeing many more professional gangs who are after money. They're working with spammers and criminals who steal credit cards and are involved in other forms of identity theft. The whole business is changing."
More than 100,000 viruses, worms and Trojan horses — generically known as" malware — are currently circulating on the internet, industry experts estimate, and the numbers are growing by about 1,000 per month. In July alone, Sophos identified 1,380 new threats, mostly aimed at Windows computers.
The good news is that the past two years have seen more than 20 arrests of suspected malware developers, based all over the globe, from Belgium to Taiwan, including a 53-member crime ring in Brazil, which had stolen £17m from unwitting online-banking customers. The war is on in earnest, boosted by big rewards being offered by companies such as Microsoft and the SCO Group.
What all the experts agree on, however, is that the consumer must become his own spycatcher, helping to win the fight by adopting prudent online tactics.
"There are three main steps you can take to protect your computer," says Kevin Kean, director of the Microsoft Security Response Center in America.
- "Install an internet firewall.
- Keep your computer's operating system updated.
- Install up-to-date anti-virus software and keep it updated.
- The worst attacks have less to do with technology and more with tricking the public into doing something they shouldn't, which is why we're trying to educate people on how to cope."
Here is the Doors guide to keeping your computer secure and safe from these malevolent 21st-century crooks.
THE VIRUS WRITER
Viruses, worms and Trojan horses are all malicious programs designed to infect and affect your computer, but they differ in significant ways. A virus travels from computer to computer through human action, such as clicking on an e-mail attachment. A worm can travel without assistance (eg, by sending itself automatically to the people in your e-mail address book). A Trojan horse cannot replicate or travel, but is often installed surreptitiously in order to take over a computer and make it do the bidding of a remote operator.
SYMPTOMS Computers may behave erratically, rebooting, running slowly or displaying strange messages or pop-ups. Trojans tend to leave little or no trace, and the only clue is increased activity on your net connection for no good reason.
FIX It's vital to keep your operating system, firewall and antivirus software switched on and updated. Out-of-date antivirus programs are useless, but the better ones, such as the free AVG www.grisoft.com, have excellent auto-update features. Perform an online scan if you suspect mischief - try Panda's version at www.tinyurl.com/455j. And install a good anti-Trojan package, such as Trojan Hunter www.misec.net/trojanhunter .
THE ROGUE DIALLER
A virus that secretly connects your computer to the net to rack up huge phone bills by calling premium-rate or international numbers from a dial-up modem. It is often transmitted in e-mails. People may also be fooled into downloading one while browsing malicious gambling or adult websites. The telecoms ombudsman, Otelo, says that the onus is on consumers to protect themselves from rogue diallers, as they must pay any resulting bill. BT recently launched www.bt.com/premiumrates to provide advice.
SYMPTOMS The first most people know of these nasties is a phone bill for hundreds, or even thousands, of pounds. You may notice that your computer dials the internet unexpectedly, or frequently disconnects and reconnects, or that the dialling sounds last longer than usual (reflecting longer international numbers).
FIX Disconnect the modem from the phone line when not in use (this includes broadband subscribers who have a stand-by dial-up account) and install a software guard, such as the free Modem Protection program from BT www.btmodemprotection.com or Reconnect Warning (£6 from www.reconnectwarning.com ). Block premium-rate and international calls on your phone by contacting your phone company. From September 15, a new regulation provides 30 days from the date a rogue call is made for consumers to alert the regulator ICSTIS (0800 500212) and your phone company. Also ask for monthly bills.
Fraudsters send out millions of e-mails purporting to come from banks and other financial institutions. Typically, they ask you to click on a website link, go to the site and update your account details, in some cases cheekily claiming that it is "to protect against fraud". Once you're on the fake site, the crooks will ask you to input account details and passwords, at which point your account becomes toast. The latest figures from the security firm Symantec suggest that one in every 250 e-mails is a phishing attack. What's consoling is that, while the Association of Payment and Clearing Services reports that UK banks lost £12m through such online fraud in 2004, that total is small when compared with the £504m lost last year to credit-card fraud.
SYMPTOMS A lavishly designed e-mail message with bank letterhead and logo. One of the immediate giveaways may be bad English, poor grammar or misspelling, but the more sophisticated mails are perfect in every detail.
FIX No bank, building society or online service such as PayPal or eBay will ever send an e-mail asking you to supply account details, so even if it looks impressively official, neither click on it nor reply to it. If you believe that you have become a victim, contact the financial institution immediately.
Rich Kaplan, a corporate vice-president at Microsoft, says: "There are three main vulnerabilities in general — e-mail, web browsers and computer ports. Nobody is immune. Even my son got caught the other day, when he inadvertently allowed his eBay account details to be hijacked."
Pharming is a sophisticated form of attack that uses the net's complex addressing system, called DNS, to redirect people from legitimate sites to bogus addresses. So, for instance, you enter www.ebay.com in your address bar and are unaware that you have landed at a lookalike site. As yet, these attacks are rare, but they have the potential for serious mischief if perfected. Symantec claims that, along with phishing, pharming attacks have trebled in the past six months.
SYMPTOMS Examine your browser's address bar, where you may notice that the plausible website name is not exactly what you typed (www.eebay.com, for example) or has an @ sign in the middle.
FIX Install and run a specialised browser such as Deepnet Explorer ( www.deepnetexplorer.com ) or an antidote tool such as SpoofStick ( www.corestreet.com/spoofstick ). This software displays the real web address you are visiting outside the address box itself, so you know exactly where you are.
Hacking — or, more properly, cracking — is a generic term that means breaking into a computer, either remotely or on site. Cracks may include defacing web-sites or installing software to reveal passwords and sensitive personal details, or logging each keypress made on the keyboard. Last year saw a 36% increase in attacks on web servers — with nearly 400,000 attacks logged around the world by the security firm Zone-h.
SYMPTOMS Unfortunately, well-written cracks are almost invisible until it's too late, so always be conscious of security. Graeme Pinkney, head of European threat intelligence at Symantec, says: "Modern computer attackers have moved into stealth mode. They want to keep your computer running as if nothing is wrong, so they can use it to launch zombie attacks on selected targets."
FIX Never give out passwords and sensitive account details, or allow strangers to remain in your computer room for long periods without supervision. If you think you have been hacked, run antivirus programs or specialist tools such as Advanced And Keylogger Lite
( www.spydex.com/advanced-anti-keylogger.html ) or the free Ewido suite ( www.ewido.net/en/features ) and see if they detect intruders.
Software designed to surreptitiously collect and report information about your surfing habits is called spyware (explored in detail in Doors on April 10, at www.timesonline.co.uk/doorscampaign ). The security firm Computer Associates recently claimed that most computers have about 80 or 90 pieces of potentially malicious code on them, with an average of four pieces of serious spyware. These programs are installed on computers when people download certain software or visit dubious websites.
SYMPTOMS Most spyware, by definition, operates silently in the background, so is difficult to spot. However, be suspicious if you notice your browser running slowly or Internet Explorer crashing unusually frequently.
FIX Most ad-supported freeware and free toolbars or search bars are funded by trackers, so stay away from this type of software unless it comes from reputable companies such as Opera, Yahoo! or Google. To locate and remove, download Ad-Aware from www.lavasoftusa.com (note the correct web address, as there are similarly named fakes). Microsoft has released similar anti-spyware protection, described at www.tinyurl.com/47cus . Remember to set your virtual policeman to perform a scan automatically and regularly. The price of security is eternal vigilance.
“Cons” - how might you spot them?
Recently there have been some spoof e-mails going to people in our community. If you fall for them, they will know your email address is an “active” one and sell it on to spammers who will send you unwanted mail or, at worst, try to infect your PC. Make sure your virus checker and firewall are updated regularly. Some things to think about:
(a) An address with a misspelling in it (Barcllays instead of Barclays, etc);
(b) A large organisation suddenly turning charitable! (like Sainsbury apparently wanting to give money away if you passed on an e-mail to your friends. This had nothing to do with Sainsbury supermarkets. This trick also sends your addresses to the Spammer and probably left an address entry in your Contacts List. You should delete the e-mail and any e-mail address it leaves behind in your Contact List or Address Book). Very rarely are you going to get something for nothing.
Additional warning signs:
“click on [a trusted logo]” (you may download a virus or allow someone to take over control of your PC or search its contents) - see (d) below;
“warn your friends about this opportunity or threat” (you may give away your address book to spammers, or worse) - this is “pyramid selling” for want of a better phrase!;
“Follow this link to [a topical issue like the Olympics or natural disaster - yes, some people have no scruples] to donate money or learn about business opportunities” (if the approach is innocent, you can find out by using Google (see (d) below) - there is no reason to take the risk of clicking on the links offered by someone you don’t know!)
(c) If you are asked for personal or bank details (even by trusted organisations) - check for the padlock symbol at the bottom of the browser screen - click it to see the security certificate. If there is no padlock, move on because the website is not secure (no matter what the site owner says). Some smaller companies offer secure payment services such as PayPal that you first have to register with - but beware any hidden charges on transactions.
(d) If in doubt, go to the legitimate website [use Google or Yahoo search if in doubt] and look at “Contact Us” or any other warnings about current confidence tricks on the legitimate site. If the e-mail comes from an organisation you deal with regularly, use your trusted Favourites link to that website - not the one provided in the e-mail.
(e) The BBC reported a Which (Consumers Association) study that showed the top ten frauds or scams.
3. Your kids, their music and legal downloads - I recently wrote a note to a worried colleague of mine who has a daughter who openly says she is downloading music, but my friend doesn’t know enough to ask the right questions to be sure her kids are staying legal. Especially as parents will be liable for (a) fines; and (b) heavy telephone bills if the websites being used take over your PC and install a telehphone dialer that uses premium lines.
4. Tips for safer surfing - some further hints for Internet Explorer and Mozilla Firefox browser users. Although one hint applies to Outlook Express or Outlook 2003 onwards. The same principles apply to other e-mail clients.
Today, there is almost certainly a good broadband deal that will suit your pocket. Well, at the very least it is worth looking into. So here are some thoughts to help you make sense of it all.
What has changed?
- Prices have come down sharply for the same broadband services. However, before making choices you will be bamboozled by the sheer number of variations in ‘fair usage’ limits, caps on traffic, and so on. In recent years it has become much more worthwhile to consider all-in-one packages that bundle your phone with broadband services - BT’s O2, or PlusNet come up frequently as good value but you should look at comparison web sites before making decisions - but this takes time because (of course) every provider offers different levels of service and special offers that disguise the true cost once the ‘grace period’ is over. Price Comparison Web Sites are beginning to be accredited by OFCOM (see below).
- Choice: Increased competition means that each supplier offers more packages that they tell you will ‘suit your needs’. Things you should keep in mind:
Cheaper deals tend to offer a usage limit (or “cap”) on how much you download. If you only want to use the internet to keep in touch with friends and family, perhaps including a few family photographs, then a capped service is going to be good enough. To see what you get with a cap of 1Mb in plain English, press!
- Contract lengths: some run on “one month”, others run on “24 month contracts”. Check for penalties too.
- Think about changing your telephone provider so that you can get a “telephone with broadband” package. Again, comparison web sites help make sense of this - I find Simplyswitch (see link below) quite good but others exist and may be just as good if not better - but it is a start!
- New Companies: The arrival of broadband added to the list of established brands. Good deals don’t always come with a household name attached! Check comparison web sites to learn which names offer the best balance between cost and use.
- More services, goods and entertainment are available on-line - but how do you know which broadband service to sign up to - some comparisons might help. Modern digital Televisions increasingly include "internet features" that allow some level of access to on-line providers - e.g.iPlayer and other 'catch-up' services and downloading sites.
Some places to start - Broadband and other Comparison Websites worth exploring
In the bewildering world of price comparison web sites, OFCOM have begun an Accreditation Certification to help you find some reliable web sites for a wide range of communication and other services (telephone, broadband, etc).
Begin by visiting OFCOM’s page, which showed (November 2011) seven accredited web sites. The site also has a video clip to help you along the way
Two websites that help you say what you want from the internet, compare suppliers and then print off a comparison of best value options. You will be asked to fill in your Postcode and telephone number so they know how fast your telephone exchange is. These sites also compare suppliers of energy, credit cards, telephone, mortgages and so on.
There are more sites than you can shake a stick at that profess to have "just the answer for you". The fact is you are probably better off talking to friends and family or other trusted individuals when trying to get to grips with broadband issues. The Which Consumers Association has some very sensible things to start with. They also produce free brochures and guides from time to time.
Perhaps you have a short-list of service suppliers and want to know more about them? Then ISP Review may help (I find them a bit patchy). There are many reviews that you can find by searching on-line. The Which Magazine (visit Teynham Library!) has useful reports for this and many other services.
What broadband equipment to think about? Routers? Firewalls? Wireless Networks? The lists are endless! Magazines (search on-line) often run features on equipment.
OK, you have all the Broadband you want! Now you can choose several browsers to help you search the web for interesting content to suit your interests. My favourites are Firefox, Google Chrome and Internet Explorer (currently version 10 and counting!). A good place to find these downloads and a host of other free software packages without nasty surprises (!) is by visiting www.ninite.com
From time to time I come across websites that are entertaining or otherwise eye-opening. There is no rhyme nor reason to their choice - if you have others of similar interest that you think others might enjoy, let me know.
DO YOU FEEL THE NEED TO SMILE BY THE END OF THE WEEK? If you have a broadband connection, you might like to spend four or five minutes watching extracts from the wierder news items during the week, courtesy of the BBC on this link - Odd News. Click on “ODD BOX” at the top right of the page. You will find several other interesting stories from that page too
The complete works of Charles Darwin - really! You can listen to all his works or read them from the original publication.
You have heard about building on ‘brownfield sites’ - so how does your local authority compare? Swale is 275th out of 354, for example - CPRE website
Hilarious website in which “bunnies” summarise famous films in 30 seconds. War of the Worlds, Casablanca, Its a Wonderful Life, Alien....etc
Learn about your energy-saving alternatives at home and at work from the Energy Saving Trust.