Security Issues

under construction

• Security and the Internet
• The Risks
  • Theft
  • Loss of Privacy
  • Harassment
  • Data Loss
  • Malfunction
• The Bad Guys
  • Crackers
  • Thieves
  • Stalkers
  • Marketing
• The Weapons
  • Trojans
  • Exploits
  • Virii
  • Macros
  • Denial of Service Attacks
  • Worms
• Defenses
  • Above All, Knowledge
  • Safe Computing Practices
  • Antivirus/Virus Scanners
  • Firewalls
  • Threat-Specific Countermeasures

Security and the Internet

The Risks

At first glance, to an inexperienced Internet user, it may seem there's little anyone can do to you or to your computer by way of the Internet.

What exactly can happen to you? What's at risk?

I am not in favor of spreading doom and gloom, and I certainly hope not to overstate the risks. But they are there. A great deal more is possible than many, perhaps even a majority, of ordinary people seem to realize.

The first thing to recognize is this:

Your dialup link works like any networking connection. It is a two way link.

Envision a business network. People in their cubicles throughout a building are using systems which are interconnected. For most networks, there is someone whose job it is to maintain the overall system and its software. This administrator has access to each and every computer on the network. The sysadmin can access and alter all the data on every computer, and may even routinely do so invisibly as the user does his job.

Windows is designed to work on such a network.

Your Internet connection, whatever its type, is a network linkup with all the same potential as any other. It can be used for comprehensive access and control of your computer.

If that realization is an eye-opener for you, you need to know more about security. You need to know it because no one else is looking out for your security. Windows 95/98 itself is certainly not designed for security. It is designed above all else for ease of use by nontechnical persons, and it intentionally does not tend to inform the user at the console of network activity.

All right, so what's at stake?

Theft

Most users keep some financial information on their PCs; it's one of the more common reasons for owning a computer; to record and calculate personal or business finances, investments, taxes. If someone with larceny in mind gains access to that information, it is sometimes possible for them to steal from you. Credit card information is exploitable of course, but there's more. Bank account numbers are the primary tool of check counterfeiting. Online banking provides a world of new possibilities, if someone can obtain your account number and PIN number. There are ways to accomplish such things.

Loss of Privacy

Marketing has become a powerful force on the Internet. A large part of its infrastructure is financed by commercial interests. Mechanisms exist by which statistics are gathered on the browsing habits of millions of Internet users; their preferences, their interests -- and sometimes, this information can be correlated with the user's identity: you in particular may be matched up with detailed information about your Internet use.

The possibilities for government snooping are considerable. It is a well known fact that some governments closely monitor the Internet in their own countries. Even the American government may very well engage in monitoring of Internet traffic in general. Certainly they sometimes use it for surveillance of individuals for law enforcement purposes. The US Government's interest in issues such as encryption seems to indicate that they desire to maintain the capability to monitor whatever traffic they please; to snoop into any and all Internet communications as they see fit. As a legislative and legal issue, this should be a matter of great concern to all Americans.

Political and legal issues aside, it is reasonable for anyone to regard his or her anonymity on the Internet as an asset worth protecting. You do well to understand the technical facts and to know what you can do to preserve your privacy as you may see fit.

Naturally, if you suffer direct intrusions into your computer, every personal fact which may be stored on your system -- your friends' names and email addresses, letters you've written on the computer, everything stored on that computer -- can be open to prying eyes. The possibilities for exploit of private information are numerous. At very least its exposure can be a rude and very personal affront. At worst, it can be a goldmine of opportunity for a stalker or abuser.

Harassment

T

Data Loss

T

Malfunction

T

The Bad Guys

T

Crackers

T

Thieves

T

Stalkers

T

Marketing

T

The Weapons

T

Trojans

T

Exploits

T

Virii

T

Macros

T

Denial of Service Attacks

T

Worms

T

Defenses

T

Above All, Knowledge

T

Safe Computing Practices

T

Antivirus/Virus Scanners

T

Firewalls

T

Threat-Specific Countermeasures

T