Topic #2 -
Firewalls
According to the latest research, about 8% of
the people on the internet right now currently use a firewall. This compares to 52%
of people that actively use a virus scanner with up-to-date script files. Yet more
damage can occur from the lack of a firewall then 95% of the viruses currently in
existence ever could cause. Viruses erase files, and sometimes send information out
from your computer. A system without a firewall can be totally violated by a hacker.
So why don't more people use a firewall?
There are many reasons. Some feel they are invulnerable. Some feel a virus
scanner is enough. Some believe their actions on the internet are so inconspicuous,
they'd never be the target of a hacker. Most just don't know the risks. This
week's lesson is all about the risks, and how you can protect yourself.
The threat is...
So what are the risks in not protecting
yourself? Take this simple example. You go to a web site, which asks you to
sign up for a newsletter. The site seems pretty safe, and you go to the sign up
page. From there it asks you a few simple pieces of information; your full name,
your e-mail address, and your birthday (for security reasons). Seems pretty safe,
right?
99% of the time it probably is. Most
likely if it's a reputable site there's no real danger. But let's examine the 1% of
the time that it's not safe. How do hackers work? And what do they look for?
A good hacker only needs 2 pieces of
information to start the process of hacking you. With a full name including middle
initial, and your birth date, a hacker has his start. From that information, a
hacker can get a copy of your birth certificate. Cost is about $32. With your birth
certificate in hand, he can then file for a credit report, which costs about $25. On
your credit report will be your current address, and your SSI. (SIN in Canada)
Starting to get a little frightened?
After getting your credit report, which
includes your home address, your phone number, and other vital information, a hacker now
has all he needs to start his work. Total cost to him thus far is about $80.
Using an application commonly referred to as "netbussing", he can now use your
phone number to gain access to your computer while you're on-line. He now has access
to your whole computer. He also has the ability to take out loans and apply for
credit cards in your name. As far as anyone is concerned, that hacker is you.
What can you do?
There are several steps to protecting
yourself.
Make sure you have a good firewall
program. A firewall prevents your IP address from being seen by people outside of
your system, which prevents them from hacking into it. It can prevent many of the
information leaks that occur on your system that you never know about. Remember,
even piece of information on your computer is accessible if you're not protected.
Try not to give out personal
information on non-secure servers. How do you tell if a server is secure? Look
for the lock symbol in the lower-right hand corner of your browser. If that's there,
make sure that the server is an HTTPS server. (As opposed to an HTTP server). If you
don't see the S or the lock in the closed position, be careful what information you give
out and NEVER give out credit card information on a non-secure server.
The latest craze on the internet is
resume posting services. Be careful what information you post that is accessible to
the average user. Most of these services offer to keep your address and other
information hidden. Make sure you do this, as giving away that information for free
is making the hacker's job that much easier.
One of my most common pieces of advice
is also the one people laugh at the most. Lie. The easiest way to not have
people find out about you is to make up a fake name, address, and other information that
doesn't relate in any way back to you. For sites that you must be truthful to, do
so. But if it doesn't really matter, lie about everything you can.
Get a free-mail account. You can
sign up for one on our front page. They are web-based, free, and generally come with
a built-in form of spam and virus protection. That way you don't have to sign up
with an account that leads to your home server and give people clues as to where you're
from. You'd be surprised how much information you can get simply by looking at where
an e-mail comes from.
There are so many problems and pitfalls with
surfing the net that no one method of protection can ever save you. Even cash
registers at pharmacies keep information on you that can be accessed. But knowing
how to limit the chances of being exploited increases your chances of remaining safe on
the net. |