Two Steps Toward Computer Security

So, you've heard enough horror stories about viruses, Trojan-horses, spyware and their cousins that can really make your Internet surfing a dismal experience. Confucius said: "A journey of a thousand miles begins with a single step," but the road to computer network security begins with two steps. Below are the two most important things you can do to keep from getting buried in this online garbage:

1) Keep Your Computer Up To Date

No matter if you use Windows, Mac or Linux, keeping software on your computer up-to-date is extremely important. Many viruses use known security bugs already discovered in software but not yet fixed or patched on individual computers. For example, the well-know "Blaster" virus (W32.Blaster.Worm), which attacked millïons of computers all around the world, exploits something called the "DCOM RPC vulnerability" in some versions of Microsoft Windows. The Blaster virus didn't even rely on your e-mail program to propagate; but rather, it scanned the Internet for vulnerable computers and copied itself to the unpatched machines where it set up shop repeating the process, causing a tremendous disruption in overall Internet usage and untold headaches for owners of infected machines.

This vulnerability was discovered and patched by Microsoft *4 weeks* before Blaster was created, but the virus was still able to wreak havoc because so many people failed, for whatever reason, to apply the necessary updates before its release. Not only did those people become victims, but the virus running wild on their commandeered computers went on to victimize countless others.

So, you know the importance of keeping your software up to date, the next question is how to do that. The answer is simple. In recent versions of Microsoft Windows there is an "Automatic Update" program which will handle the task for you. If you run Windows XP with Service Pack 2 on a computer with a connection that is "always on," you can set it to update your Windows automatically without even notifying you. You can set Automatic Update to do its work from the Control Panel.

Automatic Update takes care of security bugs like the one described above, which are the most important; but there are other updates for your Windows installatïon which you can apply by selecting the "Windows Update" option from the Start menu. This will launch Internet Explorer and take you directly to a Microsoft website from which you can install security updates and also optional recommended updates such as new versions of drivers for hardware devices such as your graphics card, for installed software like Windows Media Player and DirectX and to Office if you have that installed.

2) Trust No One

No, I am not advising you to be a paranoiac like Fox Mulder (X-files anyone?); but being a little paranoid while you're doing certain things via the Internet is a good habit to develop. Most viruses spread through e-mail. You might have heard about the so-called "Love Letter" worm, which was carried by a nice e-mail message with a Subject header like "I love you." There are many malicious e-mail attacks like this one. Some of them pretend to be your ISP sending you new "account information" or Microsoft sending you updates attached (something Microsoft never, ever does). Some of them pretend to be your friend sending you a "new screen saver" or something like that.

All of these are a type of what is called "social engineering," a technique that relies on the reality that the human user is almost always the weakest link in the chain of computer security. The famous hacker Kevin Mitnick wrote a fantastic book about the subject, "The Art of Deception: Controlling the Human Element of Security." This is my own "better safe than sorry" strategy. Do Not, under any circumstances, open any kind of attachment sent to your e-mail, even from a friend unless you expect something specific, and arrange that in advance.

Some viruses send fake header information, so even if e-mail "says" it is from someone you know and trust, that's not necessarily the case, so be very careful. I also highly recommend that you do business with a service provider such as cafeid.com, the one for whom I work, that offers server-side anti-virus protection on their e-mail servers, so that messages carrying virii will be detected and deleted even before they get to your computer. Another good measure is to use an e-mail provider that uses IMAP instead of POP3 for its e-mail servers. These enable you to view and delete messages on the server without ever downloading them to your local machine unless you want to.

If you are stuck with an ISP that doesn't have e-mail virus protection and/or use an IMAP-based mail server, there are third-party providers who provide these services at a low cost, or you can try using software like MagicMail which enables you to review message headers directly on your ISP's POP3 mail server and remove suspicious ones before you download them.

These simple steps will drastically improve your computer network's "immune system" against Internet nasties. You should also install at least one of the excellent free spyware removal tools and a good anti-virus system and keep them up to date similarly to the way you keep your OS updated. Internet virii and spyware depend upon the poor practices of computer users for their lives, and the easiest way to begin taking back the 'Net from the malicious is to make sure you have the latest fixes installed and remain vigilant against possible attempts to manipulate you into defeating computer security through human intervention.