Protection for your system = learn

Our computer systems remain targets for various forms of attack. These range from phishing (using misrepresentation or fraud to obtain sensitive personal or financial information), trojans (programs that install, then download other programs), bots (where your computer becomes a zombie to do things at the whim of the bot “owner”)… there’re more. Lot’s more.

So, the pro’s recommend we protect our machines with technological fixes: antivirus, firewalls, spam filters, url- or ip-blocking, etc. etc. All good ideas. But they don’t fix everyting, and they cannot stop everything. The various vendors and ISPs that offer “free antivirus” and/or “free antispyware” are giving us a false sense of security. Literally. (Not that we shouldn’t take advantage of the freebies… I’m a firm believer in freeware and, especially, in open-source software.)

And the fixes ignore the primary causative agent in the majority of system infestations: the user. We casually visit unfamiliar websites, accept and read emails from unknown sources, sometimes follow a link in an email or, worse yet, take a look at that attachment.

The solution: we users have to educate ourselves. Yeah, it takes some effort, time, mental energy. But the alternative is equivalent to walking down a city street with our credit cards in one hand, our cash in the other, holding them up for all to see and grab if they want them. Unless you have a computer specifically reserved for Internet browsing, and you don’t do any online personal stuff (banking, purchasing, private emails) on that machine [in the city analogy, you left all your valuables locked at home], you are exposed.

From our education, we’ll start to establish habits that allow us to surf and email (and blog, and IM, and whatever) with some confidence that we’re not exposing ourselves. [heh heh]. And we’ll still be able to at least access our valuables when we need them.

First point to learn: you never get 100% protection from anything (unless you pull the plug to your network and/or ISP). There is an ongoing battle, driven by economic forces, between people who want to steal your stuff and people who want to help you keep your stuff. Some of those that want to help you offer their help for free; others charge; some charge a lot – for not much greater benefit.

Second: the more “protection” you install, the less convenient it becomes to do things. Like the difference between coming home to a locked or unlocked house: the more security you’ve got going, the longer it takes to get in [pull out your keys, unlock the door, etc.]; and be sure to give the door a tug to be sure it’s locked when you leave!

In my next post on this subject, I’ll start throwing in some links to decent (IMO) learning sites.

In the meantime, don’t believe everything your ISP or antivirus/antispyware vendor tells you. There’s safe, and there’s only safer [as in '...than nothing'].

Ice Out Begins!

Rivers are clearing in MA… ponds and lakes are melting around the edges…  you get anywhere from six to twenty feet of open water at the edge. Rest of the ice will be gone soon!

I heard report of a few bass and pickerel up and caught (and released).

It’s happenin’

Keep a tight line!

Needed: Computer Body Armor

Symantec has come out with their semi-annual Internet Security Threat Report . Disturbing findings.

Seems attacks on our computers are more targeted toward information theft. Also seems the attackers are getting more sophisticated – using multiple layers of downloading, multiple attack vectors, and hiding themselves both with encryption* and rootkits**.

There are also indications of more organized efforts, more money involved, and sale of kits and tools to take advantage of security holes. By the way, if I read it right, the majority of attacks come in through email.

This lame little summary doesn’t do it justice. At least read the Executive Summary.

Keep your antivirus up to date, use a properly configured firewall, and be sensitive to unusual behavior of your system(s). Business as usual.

* the wikipedia entry for encryption seems to give an accurate idea of what this information coding approach is.

** the wikipedia entry for rootkit seems to provide a fair definition and context in the first three sections of the entry.

Gotta’ be careful about citing wikipedia these days, especially in light of “recent” events. GrumpyTechGuy gives a good summary in his blog.

- I have no association with either Symantec or Wikipedia at all. But I found Symantec’s report interesting. -

Only the second one I’ve seen in my life

Falling star…

But not just any falling star. A brilliant green one; I mean brilliant.

Both times the object has been bright enough to catch the corner of my eye, and both times there was enough time to register something odd, focus on the object, and observe its flight path for a second or two.

Green – copper content? A little chunk of metal?

The one I saw tonight had a tiny, bright piece fall off in a sharper descent curve from the main piece.

The International Meteor Organization (http://www.imo.net/) seems to be the clearinghouse for amateur meteor observations. I’m not a member (yet).

Space.com has some simple but instructive animations that describe what meteors are.

And Spaceweather.com has some nice pictures, a video, and an animated photo (showing a fireball).

Finally, Stardate.org gives a good idea of when, where, and how to observe more “predictable” meteor showers (predictable in that the dates to expect them are predictable, generally not the intensity or frequency of the events on those dates).

Know any other good astronomy links?

Make a wish.

Portable app listing posted

Put up a page showing what I’ve got on my USB drive at the moment.

Basically, I want a portable office, that I can plug into practically any Win machine and have my own set of applications, tools, documents, etc.

Use of encryption is critical – and careful selection of what to encrypt is required. For example, I can encrypt everything in the “Documents” folder, but if I don’t also encrypt the stuff in the “PortableApps\Sylpheed” folder, all my emails will be readable by anybody.

BTW – anybody got a system for making sure you don’t leave your flashdrive plugged into somebody’s computer when you leave?? I’ve only done it once in the past month or so, but it was unpleasant all the same.

arbitraryVice

Spring in New England

Yeah, I know. Corny title.

Nevertheless, it was disappointing to see 14 inches of snow fall only a few days before the official start of Spring. Puts off lake and pond ice-out for a couple of weeks. Rivers and streams are starting to open up though – and those trout like cold water! (Maybe not quite as cold as it is right now…)

Fortunately, it gets warmer, and I just got my gear sorted, reel lubed and loaded; ready to go.

See you out there.

arbitraryVice

Interests

Since I’m a virgin blogger at this point, I’ll let things wander a bit, then determine how much organization it needs.

Generally, I’m inclined to comment on fishing, various computer stuff (security, malware, operating systems, portable applications, whatever else), and probably a few other things.

If you read something interesting, please comment.

Nice to meet  you.

arbitraryVice