dacs.doc electric

Secure Computing Meeting Review

By Jamie Yates

In today’s Internet world, all is not rosy. There are many people and organizations out in the world that want to do-you-in digitally.

On Tuesday, July 6, DACS president, Jeff Setaro, gave a detailed presentation on Secure Computing. Jeff has given this program a number of times in the past, and has updated it to include the current security issues facing companies and users. As usual, his presentation and casual style were excellent. Not only did he describe what are currently the latest issues and security problems with being online, but also what the user can and should do to protect themselves.

He started with the current status of Internet threats and described what can be expected in the coming year. He showed a short history of the escalating number of viruses from 1986 thru 2004. It’s hard to believe there are over 100,000 viruses out there today.

Next he described viruses, Trojan horses, worms, spyware, phishing, pharming, rootkists and hoaxes so that they were understandable even to the novice of user. All these potential threats sure gained the audience’s attention.

He went though a list of the tools available to thwart or mitigate threats, and the practices and precautions that each of us should use to protect ourselves.

Unfortunately, the key point of his presentation was that users must protect themselves and above all use common sense when using their computer. Most of the threats described in his presentation end up compromising a computer system because of some action the user takes or some practice the user fails to follow. Or, to paraphrase what “Smokey the Bear” used to say, “Only you can prevent becoming a victim.”

Users need to run up-to-date software, including operating system and applications that have current antivirus programs and a software and/or hardware firewall, along with anti-spyware programs. In addition, they should be careful not to visit unknown, questionable sites, and not be taken in by the many spam e-mails offering things too good to be true or using false alarms or other scare tactics to gain user passwords and logins.

Jeff also provided his 10 immutable laws of security:

1) If a bad guy can alter the operating system on your computer, it's not your computer anymore
2) If a bad guy has unrestricted physical access to your computer, it's not your computer anymore
3) If you allow a bad guy to upload programs to your website, it's not your website any more
4) Weak passwords trump strong security
5) A computer is only as secure as the administrator is trustworthy
6) Encrypted data is only as secure as the decryption key
7) An out of date virus scanner is only marginally better than no virus scanner at all
8) Absolute anonymity isn't practical, in real life or on the Web
9) Technology is not a panacea
10) If a bad guy can persuade you to run his program on your computer, it's not your computer anymore

A great presentation, which makes the point that the user must be ever vigilant. It’s not so easy to protect yourself online but as in many other areas of life, people must be careful.

http://www.dacs.org/links/infosec2005.htm

 

Jamie Yates is a DACS director and a prolific tech volunteer in the area community.
BackHomeNext

© Copyright Danbury Area Computer Society, Inc. 1998-2005 All Rights Reserved
Web Site Terms & Conditions of Use