Scary New Dangers in Cyberspace
I sometimes watch TV, and I happened to catch a story on ABC World News Tonight called "Your Computer's Stealth Identity Thief." I listened carefully and learned about something scary called a "keylogger." I even saw some cool shots of Symantec's cyber ninjas tapping away on their uber-31337 keyboards. I really paid attention to the tips to help protect [my]self against key logging, spyware, and other computer viruses like "Do not click OK on pop-up windows without first reading them thoroughly." The next time I see a pop-up that says "It's ok, I won't 0wn j00," I'll feel better!
Obviously I am jaded by stories about old technology. For pete's sake, Bugbear from mid-2003 had a keylogger built in. I'm sure there are even older examples out there.
Worse, none of the "tips" mention the steps that would really make a difference, in order of least to most impact on change of user habits:
Instead we're told to " Use a firewall to help prevent any unauthorized computer activity." Good grief.
Obviously I am jaded by stories about old technology. For pete's sake, Bugbear from mid-2003 had a keylogger built in. I'm sure there are even older examples out there.
Worse, none of the "tips" mention the steps that would really make a difference, in order of least to most impact on change of user habits:
- Patch your system.
- Don't browse the Web or read email as administrator or root.
- Use an alternative Web browser and mail client.
- Don't run Windows.
Instead we're told to " Use a firewall to help prevent any unauthorized computer activity." Good grief.
Comments
Out of curiosity, what OS/desktop do you use on your working computer?
I am tied to Windows for Outlook (mainly calendar support) and Visio. Oh and Trillian, can't seem to find any good (as in good as) OSS IM.
There are admins out there who lump keyloggers in with viruses, worms, and rootkits...something they know about, but don't really understand the effect that it could have one them, personally or professionally.
The thing is, you and I can look at those shows and scoff, but they're really important for reaching the masses. I find that when I sit down w/ family and friends, and confirm/validate what they heard on those shows, it has an effect...one that wouldn't be there if it were just me saying it.
H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com
Love the review. You mean a firewall won't protect me from all those things mentioned on the show?? just kidding..
Chuck
I really meant "not as good as" Trillian.
When I boot FreeBSD and KDE on my laptop I use Gaim, but it is not yet smooth as it should (could) be.
I use a five year old Thinkpad a20p. My primary OS is FreeBSD 5.4. I dual-boot Windows 2000 Professional to use Microsoft Office and a few other Windows-only apps.
The masses don't care about security. They just want to turn the computer on and get online without any interruptions. When there are interruptions or sluggish performance, they call some poor sap like me to fix it. It's a vicious cycle.
For old computers I'm recommending: Ubuntu Linux
For new computers where no gaming is required, mainly Internet and "homework": get a Mac mini
The common computer user doesn't care about AV, firewall, popups, patches, etc. The system has to be ahead of the user, if the user doesn't know, don't allow it by default: like Richard said ditch Windows.