410 likes | 517 Vues
Personal Computer Safety. Les Smee Georgia Tech Research Institute. Quiz. http://www.alwaysuseprotection.com/quiz.aspx. Famous Hacking. John Draper Handle: Cap'n Crunch. Claim to fame:
E N D
Personal Computer Safety Les Smee Georgia Tech Research Institute
Quiz http://www.alwaysuseprotection.com/quiz.aspx
Famous Hacking John DraperHandle:Cap'n Crunch Claim to fame: Figured out how to make free phone calls using a plastic prize whistle he found in a cereal box. Cap'n Crunch introduced generations of hackers to the glorious concept of phone "phreaking."
Famous Hacking Robert MorrisHandle:rtm Claim to fame: The son of the chief scientist at the National Computer Security Center part of the National Security Agency (NSA) this Cornell University graduate student introduced the word "hacker" into the vernacular when he accidentally unleashed an Internet worm in 1988. Thousands of computers were infected and subsequently crashed.
Famous Hacking Kevin MitnickHandle:Condor Claim to fame: The first hacker to have his face immortalized on an FBI "Most Wanted" poster. His status as a repeat offender, a teenage hacker who couldn't grow up, earned Mitnick the nickname "The Lost Boy of Cyberspace." Inspired the movie “War Games” by hacking NORAD.
Computer Updates • Update Operating System • Automatic • Manual • Update individual Applications • Usually Notified • Update Virus and Spyware Programs
Operating Systems • Maintain updates • The more common the OS the more vulnerable • Windows • Less common/vulnerable • Linux, Mac OSX
Viruses • Run without intention or permission • Have the ability to "infect" or modify other files or disk structures • Replicate so it can spread to other files or systems • Does NOT have to be malicious
Virus Types • Boot Sector Infectors – attaches to boot program, runs when computer is started • File Infectors – attack file (.exe) and change code • Macro Viruses – use programming language built into applications like Microsoft Word
Virus-like • Worms – doesn’t infect other files/programs, completely self-contained • Trojan Horses – software intentionally written to do something it is not intended to do • Bugs – unintentional coding that cause a program to misbehave
Virus Hoaxes and Myths • Often Spread via email • Threaten grave consequences • http://hoaxbusters.ciac.org/ (HoaxBusters) • Cannot get a virus simply from reading an email
Virus Prevention • More connections = more vulnerability • Pirated Software more likely to contain viruses than legitimate software • Control access to PCs • Scan removable media • Disable booting from removable media • Can disable it’s use completely
Virus Detection • Use Anti-Virus software • Norton • McAfee • AVG (free) • Keep AV program up to date (Virus Definitions) • Auto updates • Regular Checks • Weekly Scans • File Scanning
Firewall • Definition: Hardware and/or software that limits access to your computer from the outside world • Cannot stop you from download malicious software • Virus, trojan, etc. • Can be configured to allow or disallow specific types of traffic (ports)
Firewalls • Hardware • Can be combined with other product (switch, router) • Dlink, Linksys, Netgear • Software • Many have free version for personal use • Zonealarm, Norton, Windows • Need to get updates
Testing Firewalls • Port Probe • DSLReports • http://www.pcflank.com/scanner1.htm
Why not backup? • Not important • No Time • Don’t know how • No routine (forget)
Causes of Data Loss • Hardware Failure • Software Failure • File System Corruption • Accidental Deletion • Virus • Theft • Sabotage • Natural Disaster
Backup Methods • Medium • Tape • CD/DVD • Removable Drive • Internal duplicate drive • Backup Specific Files • Windows Backup
Backups • Make backing up routine (set reminder) • Store backups in safe location • One set on site and one set off • Destroy old backups
Browsing • Get browser updates • Try alternative browsers (Firefox) • Verify addresses in address bar • Regularly delete stored data • Cookies • Block pop-ups
Online Shopping • Look for padlock or https:// • Use credit cards • Single use • Research Company • (www.bbb.org) or (www.naag.org) • Know return policy • Look at URL closely • Print or save order confirmation
Email • Generally not secure • Beware of Phishing • Don’t trust attachments • Avoid Spam • HTML email can be bad • Some mail programs allow you to turn off html
Email Don’ts • Use full name as sender • Give out passwords • Use primary email for posting in public forums • Respond to spam unsubscribe address • Buy from spammers • Include name in address
Avoiding Spam • How do spammer get your address? • Spambot or Scraper to crawl the web looking for addresses • Trick people into submitting their addresses • Pick and domain and send thousands of emails
Avoiding Spam • Use disposable addresses • Watch for “Yes I want to receive …” checkboxes • Disguise email address on blogs, chatrooms, etc • Joeblow@YAdelete_thisHOO.COM • joeblow@ yahoo.com • Use unguessable email address • Don’t respond to spam, even to unsubscribe
Wireless Security • Easy to intercept wireless packets • Airsnort, Aircrack • http://www.wi-foo.com/index-3.html • Change defaults • SSID (Broadcast) • Encryption • Mac Filtering
Wireless Security • OK to use unencrypted wireless on encrypted sites • Banking • Shopping
Passwords • Use different for secure and non-secure sites • Ideally use different for each site dealing with money • Change regularly • Use combination of letters, numbers, symbols • Don’t allow programs to “remember” critical passwords
Spyware • Virtually all internet connected computers get spyware • Symptoms of spyware • Endless pop-ups • Redirected to websites you didn’t enter • New icons in tasktray • New toolbars in browser • Computer is suddenly slow when accessing/saving files
Spyware Detection/Removal • Run checks weekly • Some antivirus programs check • Free stand alone programs • Spybot • Adaware
Chatting Safely • Don’t give out identifying info • Name • Phone • Location/School • Email • Remember people do lie • Choose non-identifiable screen name • Don’t meet people offline (if you do make it very public) • Know how to save conversations and report problems • Don’t open/except files sent to you
Chatting for Kids • Only use monitored rooms • Don’t allow private chats • Observe who kids talk with • Choose rooms appropriate for age level • Parents check out sites first • Limit or don’t allow webcam use
Child safety • Keep computer in family area • Spend time with child online • Tell child how to end/report situations where he/she feels uncomfortable • Give feedback to ISPs about what you like/dislike/expect • Use time limits • Ask child to sign online agreement
Communal Sites • Examples • FaceBook • MySpace • Default security is low • Assumes you want everyone to know everything • What happens here stays here … FOREVER • Friends may not have same privacy concerns • Upload pictures • Pictures/sites used in court
Communal Sites • Sites portray themselves as safe • Based on the assumption that everyone is honest • Some create profiles “for” other people • People often alter themselves positively in an online profile • Third parties using information • Police • School administrators • Spouses
Mobiles (phone) • FaceBook and Myspace plan to extend to mobiles • Will be able to post to web pages directly • Can search for other users emails and numbers • Chat already on mobiles • Yahoo, AOL, MSN • Ability to send/receive photos and video
Health Concerns • Heat From laptop • Carpal Tunnel Syndrome • Proper Desk Setup • Monitor height • Chair height (feet flat) • Get up every hour
Keeping Kids Safe Online http://www.ou.edu/oupd/kidtool.htm SafeKids Website http://www.safekids.com/ Safekids Quiz http://www.safekids.com/quiz/ Another Internet Safety Quiz http://iol.ie/~dromore/safety/quiz/quiz.htm MySpace Safety http://www.wiredsafety.org/internet101/myspaceguide.html Safety on Communal Sites http://www.twu.edu/o-sl/Counseling/SelfHelp066.html Software Downloads http://www.download.com/