Security Basics

Rory Bowman of MacRory.com.

Security is important for all computer users, but for new computer users (and new computers) especially. With so many new computers being installed this time of year, a little bit of time now can save a lot of time (and hassle, and lost data) later.

The simplest way to keep your computer secure is to never turn it on or connect it to anything. The second best way is to understand how your computer connects to things and can be affected, and this varies widely depending on which operating system (OS) and kind of Internet connection you have. To get inside your computer there must be open “services” (doors and windows) and paths leading to those services. An Internet connection or floppy disk is the usual path, with Windows computers on high-speed connections (such as cable modems or DSL) the most vulnerable.

For the most part Macintosh and Linux-based systems are safe and secure out of the box. Both operating systems assume that if the user has any business connecting to a network, they should be smart enough to go in and turn on network services one at a time as needed. The designers of these systems have always built in powerful networking tools, but turned them off by default for the safety of the user and the security of the entire system. In Mac OS X, most services are enabled from the System Preferences “Sharing” pane, and the short rule is to never turn on a service you don’t understand. The most common error is for a novice to enable all services “just because,” which is precisely why Linux and the Mac OS ship with most services (potential security holes) turned off.

Microsoft Windows, on the other hand, makes exactly the opposite assumption. Developed for the convenience of adminstrators within a trusted network (such as a small office network) Windows has always tended to ship with lots of services enabled or turned on, the equivalent of a house with lots of open doors and secret hatches. When connected to the Internet the default installation of Windows is approximately the equivalent of walking through a Chicago stockyard with several open wounds.

Most “computer viruses” or “Internet attacks” are really attacks on Microsoft Windows, exploiting the many services (doors and windows) which either ship on or can easily be turned on from the outside. Malware (malicious software such as viruses, spyware, trojan horses or worms) can come into a Windows system in a variety of ways, but almost always exploits a few key weaknesses in Microsoft software, weaknesses programmed into the system for the convenience of administrators. Fortunately, even the novice user can do a few key things to protect even Microsoft Windows.

Microsoft has built tools such as ActiveX and scripting into key programs such as Internet Explorer (IE), Outlook and Outlook Express. Not using any of these programs will protect Windows users from the most common Internet attacks. Among the alternatives are the free Netscape program and programs from the Mozilla Organization such as Firefox, Thunderbird and the Mozilla suite.

Some web sites may require ActiveX, but I don’t trust very many which do. Among those one can trust might be banking sites you have chosen, and ActiveX is required for Microsoft users to use the Windows Update feature in Microsoft Windows 98 through XP. As much as possible I encourage my Windows clients to ONLY use Internet Explorer to access the Windows Update site (and nothing else), even setting that site as the home page for Internet Explorer.

Microsoft Outlook (and its step-sibling Outlook Express) are another program I recommend that people only use within a secured corporate network. Because it was designed to be used in such a network, Outlook has the same sort of scripting holes that IE has, and almost all email-harvesting viruses and worms use these features to do their mischief.

Getting an anti-virus program (and keeping it updated) is the second most important thing for Windows users. The vast majority of viruses have always been written for Windows, and not just because of market share. It is technically much easier to write a virus for Windows than any other computer platform I know of, and people enjoy seeing the mighty (and the stupid) brought low. With literally dozens (if not hundreds) of new Windows viruses created each month, buying an anti-virus program is not enough: you must keep it updated. Similarly for spyware. Spyware and viruses can come from the Internet or may be introduced through embedded scripts in “trojan horse” programs (which claim to be one thing but are more) or Microsoft Office documents.

If at all possible, avoid sending or receiving email attachments, as these are frequently viruses or trojan horse programs. The same scripting that makes Outlook vulnerable to attacks can be embedded in Microsoft Word and Excel files. If one must use such programs, I suggest enabling macro-virus protection from within the programs and saving in a script-free document format such as rich text format (RTF) rather than Word’s script-friendly “.doc” default.

The data you save may be your own.

This entry was posted in Uncategorized. Bookmark the permalink.