Our April General Meeting fell on April Fools Day, and while Jeff Setaros style was seasonally light, the subject matter was quite serious. In the first part of the program, our resident Virus and Security expert described the four main threats to computer security: viruses, Trojan horses, worms, and hoaxes. A virus is a program that copies itself and infects other programs by modifying them or their environment. He noted that any patch which comes by email purportedly from Microsoft is in fact a virus (MS never distributes patches by email). Trojan horses are programs that do something intended by the creator but not documented for, and usually not wanted by, the user. They can, for example, steal passwords, provide a backdoor to a computer, or trash some, or even all, files on a hard drive. Worms are self-contained programs (or sets of programs) which copy themselves to other computersusually through network connections. In recent years these have become a particularly common form of malware. The final type, hoaxes, are not codes but simply false warnings designed to trick you into wasting your and your friends time and often into deleting some obscure (but occasionally necessary) file. They usually use a news release format quoting IBM, MS, or some other authority and ask you to pass it on to everyone. The four main defenses
are Anti-Virus software, Personal
Firewalls, Firewall Appliances, and Safe
Hex. Anti-Virus programs are reactive, they can only respond
to threats they know about so must be updated frequently, and
still leave the chance that you will get a new virus before they
know about it. Personal firewalls are software programs which
filter communications between your PC and the internet. Firewall
appliances and routers are hardware devices, especially for use
with broadband connections, to monitor connections between your
PC or local network and the internet. Safe Hex is Jeffs
term for your personal protective actions. His major recommendations
were to install and use anti-virus software and personal firewalls;
use the Windows and Office update sites to keep your system patched;
never open attachments from strangers or when unsolicited or
unexpected until the sender confirms that they were intended;
back up important files and folders frequently; use strong passwords;
and download and install programs with care. Other recommendations included disabling file and printer sharing when using broadband, not storing user names and passwords in the web browser, deleting spam and chain emails (without either forwarding or unsubscribing), and turning off the computer when not in use. The concluding section
of Jeffs presentation dealt with security in the enterprise,
and could be summarized simply as be very paranoid.
Do not, for example, permit personal software or email, and disable
access to online chat rooms and web-based mail services.
|
|
|