|
BOOT CAMP 59
BACK TO BASICS SECURITY ON THE NET part 3
How secure is the Internet? The simple answer is that it
isn't and everything you read, write, see, hear or say via your PC can be monitored
and recorded by anyone with a mind to do so. The Internet is also the main distribution
channel for computer viruses and on-line fraud has the potential to become a
major problem.
But let's not get paranoid, the Internet is no more vulnerable
to snooping and chicanery than a telephone or what comes through your letterbox.
Here's another comforting thought. The size, complexity and sheer amount of
traffic on the Internet has made casual eavesdropping that much more difficult and
less likely that anyone would be interested in what you get up to, unless you are
handling sensitive material, or up to no good. Nevertheless, for anyone buying
products or services on-line or if you simply want your business to remain private
then security, or rather the lack of it, remains an issue.
The weakest link in the whole chain is your PC, though fears
that an Internet connection will make it possible for others to 'hack' into
your computer are largely groundless. Unless your stand-alone Windows PC is
specifically configured for networking or file sharing there is little or no chance
of anyone remotely accessing or interfering with your machine. If they can get
to your computer by other means, that's a different story. Your PC's hard disc holds a wealth of
information about what you have been up to on the Internet, as well as copies
of all of your incoming and outgoing E-mails.
Internet browsers have what are known as 'caches' and
History folders that store web site addresses plus copies of the pages, pictures
and documents you have viewed. There's nothing sinister in this; their job is to
help you find previously visited web sites and speed up downloads. Caches may also
contain small files called 'cookies' planted in your PC by web sites. They are
mostly harmless and contain information that the web site uses to tailor a page
to suit your browser software or personal preferences, nevertheless they provide
an easy to follow paper-trail of where you've been and what you've been looking
at. If that is a concern then you should take control of your browser's cache
and history files. History and the Internet Explorer cache can both be found inside
the Windows directory, Navigator's cache is in the Netscape directory.
You can safely delete any of the files in the cache manually
from Windows Explorer and as a bonus recover some hard disc space but be warned
that this is not a complete solution and 'ghost' files are left behind that can
be found relatively easily. Erasing browser cache files from within DOS is a
good first-level defence though the 'deltree' command should only be used by
those who know their way around MS DOS and again there are ways and means of
recovering deleted files that only specialised software can defeat.
Internet Explorer has a facility to limit the size of the cache
and clear the History folder; both can be found under Internet Options on the
View menu. On the General tab set 'Days to Keep History' to zero, and on the
Settings button under Temporary Internet Files set the slider to minimum. Here
are also a number of software utilities that will automatically clear browser cache
and history folders; the best known is the 'Paranoia' tool in Tweak UI. Tweak
UI is Freeware and is included on the Windows 98 CD-ROM or it can be downloaded
from the Microsoft web site (www.microsoft.com).
There is only one sure way to protect E-mails and text files
stored on your PC and that is to encrypt them so they cannot be read.
Encryption is also the only means to prevent others from reading your messages
when they are sent over the Internet, and remember your E-mail could pass
through dozens of other computers in many different countries during its
journey. Powerful encryption software is readily available in the Internet; one
of the best places to start is the Tucows web site (http://tucows.ukonline.co.uk), which
contains more than a score of freeware and shareware utilities. This includes the
'international' version PGP or Pretty Good Privacy, which is generally reckoned
to be one of the most powerful encryption programs available, so powerful in
fact that the American Government classify it as a munition and have gone to
considerable lengths to prevent its distribution outside the US. The Tucows
site also has some useful file hiding and deletion utilities and cookie zappers,
so it is well worth a visit.
On-line shopping and banking has generated a lot of scary
headlines but the truth is the risk of fraud need be no greater than buying
goods on the phone with your credit card, provided you take a few sensible
precautions. Rule number one is to keep your wits about you and avoid dealing
with shady-sounding companies in distant lands. If the products or services
they are selling seem too cheap to be true, they probably are! Web sites with well-signposted
security features, like passwords and secure/encrypted transmission systems inspire
a certain amount of confidence and always keep a printout of the order page or
form. Credit cards are the safest payment method and card companies provide
their customers with protection against fraud. Beware of hidden charges when buying
from overseas web-sites. In addition to carriage costs you will almost
certainly have to pay UK import duty and VAT on your purchases, and this may
well wipe out any savings you might have made.
Finally, a few words about downloading files from the
Internet. Destructive viruses lurking in E-mail attachments and programs are
not that common but it pays to be vigilant. Plain text E-mails are safe to open
and read but everything else should be treated as suspect and pass through your
virus checker, (you have got one, haven't you…? If not you are just asking for
trouble!). It's a good idea to create a 'quarantine' folder for all of your
downloads, where they can be inspected before opening or unzipping.
Next week, backup and mass storage
JARGON FILTER
E-MAIL ATTACHMENT
An attachment is a file -- other than plain text -- sent with
or as an E-mail message
ENCRYPTION
Encryption or scrambling renders files unreadable by any
conventional means without the correct decryption software and a unique 'key' code,
which is needed to unlock the data.
MS DOS
Microsoft Disc Operating System -- core control program that
functions alongside Windows, uses text-based 'command lines' to carry out
instructions
TOP TIP
The Start menu grows at an alarming rate, after a short
while it can become too big to fit comfortably on the screen and you have to
scroll around to find the application you're looking for. Here is a neat
solution and it will help you to organise your programs into categories. Right
click on the Start button and select Explore, now go to File and click New to
create one or as many folders as you require. Give them names according to program
category, such as Internet, Paintboxes, Games, Utilities, Reference, etc. Close
the Window and go back to the Start button, right click again and this time
select Open. Your new folders will be displayed in the main window; double-click
to open each one in turn and drag and drop the relevant program items into the
open folder. Close the windows and your new shorter, streamlined Start menu is
ready for business.
|