(The quickest way to register)

Forum

Dear visitor! The webpage is only available in English. We're sorry for the inconvenience.
  1. User picture
    • Anonymous on Fri 12 Mar 2010
    • 11:00:47 AM UTC

    Basic Best Practices in Security

    From Quackwatch:

    http://www.quackwatch.org/04ConsumerEducation/Book...

    This is pretty basic stuff, but should definitely be read by those new to security issues.

Comments:

  2. User picture
    • Jazspeak on Fri 12 Mar 2010
    • 02:44:09 PM UTC

    Common Sense

    The link certainly provides a readable list of common-sense net-safety practices.
    • User picture
      • BobJam (not verified) on Fri 12 Mar 2010
      • 05:29:22 PM UTC

      Favorite sig

      Brings to mind one of my favorite sigs on some security forums:

      "Ultimately, the only protection against phishing, forged Web pages, downloading malware, and other threats is the technology located between the user's ears."

      Otherwise known as "Wetware".

      Certainly there is a need for security programs, but it always amazes me that the lack of common sense brings on so many of these infections. The malware tactic of "Social Engineering" would not be so prevalent if this were not so.
      • User picture
        • Jazspeak on Fri 12 Mar 2010
        • 11:34:22 PM UTC

        "between the user's ears"

        Oh, they would be the user's eyes between the user's ears. Joking apart, there seem to be a very large number of people who are blinded by ignorance of the consequences of any actions taken on a computer hooked up to the web, and it is inevitable that a few unscrupulous people will try to take advantage of such common ignorance.

        I wonder how many users could confidently point to and name the main internal components of their computer? I wonder how many users could have already put far too much personal information on the web via so-called social networking sites, thereby inviting spam and scams?

        Perhaps the main problem is that people tend to want to be trusting of others, and to not want to have to think about being scammed. It might even be suggested that being caught out by an Internet scam is as intrusive as a physical burglary insofar as the scam is committed in the victim's private space, such as office or home, through the computer that sits in that space. Just as physical property needs to be protected by fences, doors, et al, so computers need to be protected by firewalls, and such. However, no amount of protection can help if it not backed up by common-sense.
        • User picture
          • BobJam (not verified) on Sat 13 Mar 2010
          • 03:28:54 AM UTC

          Main problem IMO

          "Perhaps the main problem is that people tend to want to be trusting of others"
          I think the main problem is that most people just want to take these things out of the box and go right away to a social networking site, and not be bothered with what they think is geek stuff (nevermind that their definition of "geek stuff" is the basics of operation and security).

          This cockeyed view has been reinforced by the marketing these days. Marketers would have new people believe that you can just plug it in and be done with it. Automagic stuff enhances this belief . . . new people believe that these machines should do everything without them understanding the why's and wherefor's. That attitude gets a lot of people in trouble, they blame the vendor (which is actually true in some cases), the vendor makes more things automagic, and we get in a vicious cycle, with the new person being the loser at some point.

          And the "instant gratification" in our culture doesn't help either . . . we have instant coffee, microwaves, and fast food. So why shouldn't we have computers that can be just plugged in and work without understanding why?

          It wouldn't fly, but I think people should have licenses to drive these things. I help some people locally, and I often think to myself, "You shouldn't even be allowed to have a computer".

          For example, I've installed WOT for a few people and said simply, "green is likely OK to click on . . . don't click on red". And they still click on red donut links and then get infected. The answer I get most often is that "this is geek stuff and too difficult for me to remember". How much more basic then red means stop and green means go can WOT get?

          OK . . . enough . . . my blood pressure is rising and I feel a rant coming on. Preaching to the choir here.

          (Incidentally, I frequently have to bite my tongue when dealing with these people. But every now and then I blow up . . . usually after about the third time they get infected by doing the same thing. I end up saying something like "No, I'm not going to fix your machine because you repeatedly did what I told you not to do." Their response usually is "But geeezz, I had an antivirus program and you told me that should stop this stuff". Then I have to bite my tongue and keep from saying "They only work along with common sense. If you do something stupid, sooner or later it will get you". Not wanting to leave them out in the cold, I put them onto malware sites and run and post a HJT log for them . . . let somebody else deal with malware removal. And I always tell them "Don't let on to your helper that this is the third or fourth time you've gotten infected by doing the same thing.")