Internet Privacy & Security
How To Reasonably Secure Your System In A Few Easy Steps
02.26.2002
A few things before we begin.
First off, while I am a computer professional, I am in no way a security expert. To come by the recommendations on Internet and computer security that you'll find in this article I have relied on the research I have done throughout the years (by reading information from people who ARE security experts) and then using their opinions and thereafter my best judgement.
Second, I am in NO WAY connected to any of the companies or products listed in this article. The only slight exception to this blanket statement is the fact that the company I currently work for recommends and installs the product "Norton Anti-Virus" in it's various incarnations - however, we make no money off the sale of the product, only on the service of installing it. That being said, however, if you personally purchase said product and install it yourself we gain nothing by it. Thus I have nothing to gain by recommending it and have no other reason to do so except that I think it is a superior product.
Lastly before we begin, I can not be held responsible for any damage to your computer systems, loss of productivity, loss of wages, loss of computer files or information, the light reflecting off the moons of Saturn getting into your eyes, or any other real or perceived damages caused by the installation or use of the products I recommend here. The companies who create, provide or sell these products are the sole responsible parties for any such damage. I can only state that these products have never damaged my own systems; they are listed here only for your convenience when deciding how to best secure your computer systems and retain your personal privacy.
-
Hard Drive & System Privacy
I recommend this nice privacy utility for cleaning up Windows and it's system directories (folders), and your hard drive(s) in general, of unwanted information that could compromise your privacy to snoops:
This utility, among other things, clears out various temp directories, recently viewed documents lists, browser cookies, browser caches, trash bins, etc. preventing any snoops from seeing what you've been up to on your system. Note that in addition to deleting all these types of items for you, this utility can also do what the software calls 'adding bleach' - which means that it over-writes all the files it has deleted seven or more times (you can custom set how many times it does the over-write). In short, what this does is obliterate the files so that even a file recovery utility can no longer view them!
This isn't a free product, but it's relatively cheap and has a 30 day trial.
-
Internet Access Control (Software and Hardware Firewalls)
There are two kinds of what are known as 'firewalls,' devices which control who and what can access the Internet from your computer system(s), and who and what can access your computer system(s) from the Internet. One or the other will generally do, but for added security I recommend using a combination of both kinds. The two kinds of firewalls are Software and Hardware.
I use this company's GREAT (and FREE) software firewall called Zone Alarm:
What it does is, after you first install it and it's running, it won't let any program access the Internet without you first giving it 'the okay.' At that time, you can either give it full permission (so that that particular program can ALWAYS access the Internet), you can tell it to prompt you each time that program wants to access the Internet, or you can flatly deny that program from being able to access the Internet (and you can, of course, modify these permissions at any time thereafter). In addition, like other firewalls, it prevents hacker attacks coming in from the Internet, and logs those attacks along with the originating server so that you could, theoretically, go after the attacker
Thus, you can keep any strange, unknown program from accessing the Internet, helping to prevent such programs like 'trojan horse' viruses or 'spy ware' from accessing the Internet (see below) from your computer and sending personal or confidential information to some hacker or marketing executive, respectively... though I'm not sure which one is worse :)
Note that this product protects you more so than most other firewalls, including 'hardware' firewalls. Since when Zone Alarm is running you must give permission to ANY Internet traffic, whether it be incoming or outgoing, not only does it help prevent hackers from hacking your system from 'outside,' but it ALSO generally prevents 'trojan horse' virus programs, if they get on your system, from accessing the Internet and contacting the originating hacker (or giving that hacker access to or control of your computer system). The only caveat to this protection is discussed in the 'spy ware' section below...
In conjunction with Zone Alarm I also use one of LinkSys company's excellent harware firewalls:
Note that these types of firewalls can really only be used by individuals or companies who have broadband Interent access, such as DLS, Cable Modem, T1, etc.
The LinkSys firewalls are easy to set up, and for typical home use you can, depending on the model, purchase one for $100 or less. For a few more dollars you can get one of their firewalls with a built in 4 or 5 port hub so that you can connect multiple computers (with network cards) to the same Internet connection - securely. In addition to security this is a great solution for small offices or home offices ("SOHO") that need or want to provide Internet access to a small number of multiple computers.
-
'Spyware' Protection & Prevention
Now we come to what is known as "spy ware." Spy ware gets onto your system in an insidious way. When you install some software, unbeknownst to you along with that software is also installed 'piggy back' or 'trojan horse' style software that, once installed, sends various peices of information back to either the spy ware author's server or the server of the company that made the software you thought you installed. What information it sends back can vary depending on the specific spy ware, but could include what web sites you visit with your web browser, for example. It would also be technically possible for such programs to dig in your computer for any type of information, including financial info, passwords, etc. And since many of these spy ware programs connect themselves to your web browser as "browser helpers," even if you are using Zone Alarm (see above) and you've given your browser permission to access the Internet, you have also inadvertently given the spyware permission to access the Internet as well... Pretty neat, huh? Well, you can protect yourself from known spyware products by using this FREE, highly regarded removal tool called Ad-aware:
Install it and run it. It acts similar to a virus removal tool. It basically scans your entire system for known spyware, then gives you the option to remove them. I remove everything it finds; one nice thing is that you can 'back up' these files into a harmless proprietary file; then in the case that removing the spyware breaks some peice of software you care about, you can restore the files; however, in my opinion any peice of software that employs spy ware isn't worth keeping anyway. If you run this, you'll probably be surprised at how much it finds; I found 5 or 6 spyware files, including program files and imbedded browser cookies (and I'm REALLY careful with what I install), and a friend found like 20-50 different files, if I remember correctly...
The kinds of software that typically incorporate 'spy ware' are what are known as adware, which are software programs that are free to install but are paid for by pushing advertisements at you while you're using their product. I say typically, because this is not a hard and fast rule; other types of programs employ spyware, and not all 'adware' uses spyware. For example, the excellent Yahoo! Messenger, while being adware, does NOT employ spyware... to anyone's knowledge at least.
Update 5/20/2003: Another nice spy ware removal tool I've come across is called SpyBot Search & Destroy. I recommend using both Ad-aware AND SpyBot, as they each seem to catch spy ware that the other misses.
-
Virus Protection & Prevention
Get a good virus protection program. For the prevention of lost productivity or costly computer repairs and re-installs, this is probably the single most important security step you can take. In short, if you do nothing else, do this! This is especially important for companies; the typical down time for a company with a nasty virus is one entire day - can you afford to be without your computer systems for a day?
I personally recommend Norton AntiVirus:
While there are other fairly decent ones out there, I find Norton to be the easiest to configure, use and support, it can be easily set to automatically download virus definition and product updates (so that you always have up to date protection), and Symantec always seem on top of the latest viruses in the shortest amount of time.
Side note: If you have, own or are in charge of a company with a network and an Internet connection, I'd recommend Norton Anti-Virus Corporate Edition, but would DEFINITELY recommend that you have a computer professional do the install to make sure it is set up properly.
-
Anonymous Web Browsing
Many web sites employ techniques that track a user as they navigate through the site. Most of the time this tracking is done in a way in which the site managers or administrators can do reports of how people use their site but don't identify you as a specific person by name. However, some sites not only track people's navigation of their site but use insidious means to get their web browser to identify those persons by name, email address, etc.
To prevent this, you can use one of the various Internet browsing privacy services available that 'anonymize' or 'proxy' your web browsing. The way this works is that instead of going directly to the site you want to visit, you go to the site of the privacy service and enter the address of the site you want to visit into a form. When you hit the submit button, their server goes and gets the page and then forwards it to your browser. Thus when the administrator of the web site you visited looks at her logs, all she sees is a visitor from the privacy service provider!
Most privacy service providers have both free and paid service options; the free service is usually slower and paid for by banner advertisements and is not as fully featured as the paid service. The free services are still, most cases, better than nothing.
The browsing privacy service I use is Anonymizer, which I think was the first such service. I'm not sure about that, but it has been around for quite awhile and is nicely featured.
You won't always want or need to browse anonymously. It is up to each person to decide what kinds of browsing they'd like to keep private, and what information they don't care if anybody knows. For example, how would you like it if a web site that provides medical information to you turned around and sold information on your browsing habits on their site to your insurance company... or your employer (or, worse yet, a prospective employer)?
One caveat to browsing anonymously is that, to fully protect your privacy they must 'turn off' a browser technology called "JavaScript." What this technology does is allow web site developers to create automated, easy to navigate and dynamic websites, but unfortunately it can also be used as a tool to invade your privacy. Thus, if you visit a site with a browsing privacy service and it is broken (i.e. you can't see or use the site properly because it uses JavaScript), you'll then have to decide if visiting the site is worth the risk to your privacy.
Agree? Disagree? Think I'm full of it?
Email Me