Alan E.
Mann, AG
alan.familyhistory@gmail.com Accredited
Genealogist
Salt Lake Institute of Genealogy January
2006
Power
Tools for Internet Genealogy
Spyware,
Viruses, Firewalls, & Other Scary Stuff
This
session deals only with Windows computers and the bad stuff that can happen to
you or your computer. First, some definitions courtesy of wikipedia.org:
Virus: a self-replicating program that
spreads by inserting copies of itself into other programs or documents. While
viruses can be intentionally destructive (for example, by destroying data),
many other viruses are fairly benign or merely annoying. However, the
predominant negative effect of viruses is their uncontrolled self-reproduction,
which wastes or overwhelms computer resources. Anti-Virus software was originally
designed to protect computers from viruses, has in turn expanded to cover worms
and other threats.
Phishing (also known as spoofing) is the
act of attempting to fraudulently acquire sensitive information, such as passwords and credit
card details, by masquerading as a trustworthy person or business with a
real need for such information in a seemingly official electronic notification
or message (most often an email, or an instant message). (See an example.) The term
phishing comes from the fact that Internet scammers
are using increasingly sophisticated lures as they "fish" for users'
financial information and password data.
Pharming: an attack in which a
user can be fooled into entering sensitive data such as a password or credit
card number into a malicious web site that impersonates a legitimate web site.
It is different than phishing in that the
attacker does not have to rely on having the user click a link in an email to
deceive the user-- even if the user correctly enters a URL (web address) into a
browser's address bar, the attacker can still redirect the user to a malicious
web site.
Hacker: one who subverts
computer security without authorization or indeed, anyone who has been accused
of using technology (a computer or the Internet) for terrorism, vandalism,
credit card fraud, identity theft, intellectual property theft, and many other
forms of crime. This can mean taking control of a remote computer through a
network, or software cracking. This is
the pejorative sense of hacker, also called cracker or black-hat
hacker or simply "criminal" in order to preserve unambiguity.
Adware: any computer
program or software package in which advertisements or other marketing material
are included with or automatically loaded by the software and displayed or
played back after installation or in which information about the computer or
its users is uploaded automatically when the user has not requested it.
Spyware: a
program that includes code that tracks a user's personal information and passes
it on to third parties, without the user's knowledge or consent. The line
between adware and spyware is fuzzy when the adware behaves as spyware, but the “user consent” is buried
in a user license agreement which most users never read.
How do I protect
myself from this “Bad Stuff”?
You get protection in the form of
software and you “practice safe computing”
Protection software
includes, Antivirus software, spyware protection (usually covers adware), and firewall protection. A package which tries to
do all of these things may be called a protection suite of programs.
Virus protection software: our computers need to be protected from malware infection. Potential sources for infection include
diskettes (from clients, fellow researchers, potential relatives…), CD-ROMs,
flash drives, the Internet, and networks (particularly
wireless). McAfee and Norton are the leaders in virus protection, but a new,
free alternative is AVG AntiVirus (free.grisoft.com). A
useful lists of links:
Symantec Antivirus Research Center www.symantec.com/avcenter/
F-Secure Virus
Information Center www.f-secure.com/v-descs/
Stiller
Research Virus Information www.stiller.com/
Virus
Bulletin Home Page www.virusbtn.com/
NIST Virus
Information Page http://csrc.nist.gov/virus/
McAfee Virus
Pages www.mcafee.com/
Sophos Virus
Information www.sophos.com/virusinfo/
Unfortunately, your virus education isn’t complete
until you know about hoaxes. Many good intentioned emailers forward messages
about a terrible threat on to their acquaintances. In a short time, millions of
messages are being forwarded around about a virus that never existed. Check out virus reports at www.vmyths.com/
or at http://hoaxbusters.ciac.org/
before passing on warnings.
Spyware protection software. There are
many, but the most popular is Spybot Search and Destroy, available free at www.majorgeeks.com/download2471.html.
However, Spybot can miss some types of spyware. I suggest you use the free scan
available at www.pestpatrol.com/prescan.htm to see if
Spybot has missed anything. This scan is free, but you have to buy the product
to have it remove any “pests” that it finds. Be aware that what one program
considers to be a pest may be essential to your needs.
Security/Firewall protection
software. A computer
firewall refers to a piece of hardware or software which prevents undesired
transfers of information or other communications forbidden by your policy. It
has the basic task of preventing intrusion from a connected network device into
other networked devices. It is needed if you connect your computer to any type
of network, including wireless networks (business, home, school, library, or ?) and the Internet. When you connect to a network, other
computers on that network may be able to steal information from your computer,
put viruses on your computer, or use your computer to commit an illegal act
which could be traced back to your computer. A firewall is an attempt to block
these attempts. Connecting to the Internet or any network without firewall
protection is asking for serious trouble! Windows XP comes with a basic
firewall, but a more robust firewall is advisable. To check your computer for
security vulnerabilities, use NeWT, available free at
www.tenablesecurity.com/newt.html.
Practice safe computing
Use common sense. Don’t open
an email attachment if you don’t know the sender. Don’t click on links that say
“click here to verify your bank account.” Don’t respond to email messages that
ask you to give a password or verify your Social Security number. If you
receive a message that claims to be from your bank asking you to verify
something, CALL them.
Operating System (OS) updates – occasionally, Microsoft releases updates that correct problems with
their OS. More frequently, Microsoft releases “patches” that close loopholes (vulnerabilities)
that hackers use to cause problems. No matter what OS you use, you should
download updates! When patches and updates since the original release of the OS
are numerous, Microsoft will release a Service Pack. A service pack is just the
combination of all the patches and updates since the OS was first released. A
second service pack will only contain the patches and updates since the
previous service pack.
Use Firefox or Opera – use a
less security-flawed web browser. Firefox is a smash hit. In the fourth quarter
of 2004 alone, 5% of Internet Explorer users switched to Firefox. Maximum PC says using Firefox is a
primary strategy for protecting your PC.
Make regular backups and store one backup offsite (on the Internet or at work?). Update the
offsite backup frequently—the question is how much data can you afford to lose?
Learn more about your system--how to configure, improve, and troubleshoot. Use:
§
www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/app_taskman.mspx
§ Google and wikipedia.
Getting more from what we have
Right now, most of us use Windows. There will be a shift to Linux or
other “open source” software soon. There are several Windows concepts that are
important:
· 
Windows Explorer – ( - E) Use it; folder options & file
associations.
· Windows Task Manager varies according to which OS you’re using. I recommend using XP. The
task manager has four tabs—applications, processes, performance, and
networking. There is a lot of information available in these four panels.
Watching the data on the performance panel can help diagnose or prevent
problems.
· System tray and startup. The task bar at the bottom of the screen has a notification area
(formerly called system tray). Every icon in that area represents a process
that is using your computer’s resources. Know what each icon is. Close
unnecessary processes to conserve resources and make your system run faster. When
you reboot, they may come back. To permanently remove them, use www.windowsstartup.com, a utility
that tells you what each process does and whether it is safe to remove it, then
will remove it at your request. For processes that are running but not listed
at WindowsStartup, see www.answersthatwork.com/Tasklist_pages/tasklist.htm.
· Be careful using flash drives (pen drives, key drives, jump drives or a
variety of other names) for sending/receiving/carrying data. Use the “unplug” icon in the
notification area to stop flash drives before removing them. Failure to do so
may result in loss of all data on the drive. A rule of thumb is to only remove
a flash drive when the light on it is not lit.
· If you want to use wireless networking, be aware that anyone with a
wireless computer near your home may be able to see the files on your computer. Launch the startup instructions for your
wireless in your web browser and set a WEP key (Wireless Equivalent
Privacy). For complete information on what all this
means and how wireless works, see http://computer.howstuffworks.com/wireless-network.htm.
· A recent trend in security is the movement of fingerprint readers. See www.digitalpersona.com
|
|
©Copyright 2004-2006 by Alan E. Mann, AG. All rights reserved. Written permission to reproduce all or part
of this syllabus material
in any format, including photocopying, data retrieval or the
Internet, must be secured in advance from the copyright holder.