By Bonnie James
HOME computer users must install and use anti-virus software, firewall programmes for software and hardware, and keep their systems patched in order to be safe from intruders, Information Security specialist Lawrence R Rogers has urged.
A senior member of the technical staff of Computer Emergency Response Team (Cert) at Carnegie Mellon University’s Software Engineering Institute (SEI), Pittsburgh, US, the expert was recently in town as a guest of ictQatar and the Q-Cert programme.
“Home computer users should also use care when: reading e-mail with attachments, downloading and installing applications; use: strong passwords, access controls and encryption to limit access to files and folders; and make backups of important files and folders,” he told Gulf Times in an interview.
Home computers are popular targets for intruders as they look for credit card numbers, bank account information, and anything else they can find.
“By stealing that information, intruders can use the money of these home computer users to buy goods and services,” Rogers pointed out.
Intruders are also after the hard disk space of these computers, the fast processors, and the Internet connection.
They use these resources to attack other computers on the Internet. In fact, the more computers an intruder uses, the harder it is for law enforcement agencies to figure out where the attack is really coming from.
Intruders pay attention to home computers because they are typically not very secure and are easy to break into. When combined with high-speed Internet connections that are always turned on, intruders can quickly find and then attack home computers.
“No matter how a home computer is connected to the Internet, intruders’ attacks are often successful,” the expert reminded.
Many home computer owners do not realise that they need to pay attention to computer security.
“In the same way that you are responsible for having insurance when you drive a car, you need to also be responsible for your home computer,” Rogers stated.
In order to break into computers, intruders send e-mail with a virus, or take advantage of a flaw or weakness in one of the computers’ programmes to gain access.
If the attack comes in the form of an e-mail with a virus, reading that e-mail activates the virus, creating an opening that intruders use to enter or access the targeted computers.
“Once they are on your computer, intruders often install new programmes that let them continue to use your computer, even after you plug the holes they used to get onto your computer in the first place,” he observed.
These backdoors are usually cleverly disguised so that they blend in with the other programmes running on the computer.
Q-Cert’s acting deputy director Michael W Lewis, who was also present during the interview, pointed out that the tasks and practices that Rogers suggests are just like having good habits.
“Your system is better if you have good habits in maintaining it,” he said while observing that most people often don’t know the check list of these kinds of activities and it is here that the advices of experts like Rogers come in.
Substantiating the need to rely on anti-virus software, Rogers, who has a penchant for making things simple for the less technically inclined, uses a very simple example.
“Just as you walk around your living space to see if everything is OK, you also need to ‘walk’ around your home computer to see if there are any viruses lurking about,” he said.
Most anti-virus programmes allow scheduling of periodic exams of all files on the home computer on a regular basis, daily for example.
“If you leave your computer turned on overnight, think about scheduling a full system review during that time,” Rogers suggested.
Some anti-virus programmes have more advanced features that extend their recognition capabilities beyond virus signatures. Sometimes a file won’t match any of the known signatures, but it may have some of the characteristics of a virus.
“This is comparable to getting that ‘there’s something not quite right here, so I am not going to let them in’ feeling as you greet someone at your door,” he said.
These heuristic tests, as they are called, help one to keep up with new viruses that are not yet defined in your list of virus signatures.
An anti-virus programme is frequently an add-on to the home computer, though the newly purchased computer might include a trial version, which requires the buyer to purchase it after a stipulated period in order to continue using it.
Rogers recommends the DURCH (Demand, Update, Respond, Check, Heuristics) tests to evaluate anti-virus programmes. The ideal one should allow the user to: check a file on demand, update the virus signature automatically (daily is best), clean an infected file, check every file that comes in, and do heuristics tests.
“If you can, install an anti-virus programme before you connect your home computer system to the Internet for the first time,” he advises by pointing out that this can help to keep off unwanted and potentially harmful programmes.
Rogers, who conducted workshops on ‘Internet Security for the Home User,’ at Carnegie Mellon University in Qatar, Qatar University, and a big session for all of Education City, used a free anti-virus programme from Grisoft, named AVG Anti Virus Version 7.1.386 during his demonstrations.
“It is important to say that we don’t endorse this specific piece of technology as opposed to all others, but the free version is better than no version at all,” he clarified while observing that the branded anti-virus software makers may be quicker in updating the virus signature list.
Elaborating on the relevance of patches, which are issued to plug holes in software, an action done by most vendors through their web sites, Rogers stated that when one purchase programmes, it is a good idea to see if and how the vendor supplies patches.
“While the patching process is getting easier, even to the point where it can be completely automated, it is not yet foolproof,” the expert pointed out.
In some cases, installing a patch can cause another seemingly unrelated programme to break. “The challenge is to do as much homework as you can to learn what a patch is supposed to do and what problems it might cause once you have installed it,” he said.
Referring to the significance of a firewall programme, Rogers explains it is very important because it keeps the unwanted out and permits only appropriate traffic to enter and leave the computer.
“Some firewall products let you easily review every piece of information so that you can decide what to do with it,” he pointed out while recommending that when shopping for a firewall, look for this review feature because it can be quite helpful.
Rogers cautions that, practically speaking, it is not easy to decide which traffic is all right and which is not. “Any feature that makes this job easier, helps you achieve your goal of securing your home computer,” he maintained.
Firewalls come in two general types: hardware and software, with versions of the latter coming in free, and commercial types.
“At a minimum, you should use one of the free versions on your home computer. This is especially important if you have a laptop that you connect to your home network as well as a network at a hotel, conference, or your office,” Rogers said.
The expert, whose primary focus is analysing system and network vulnerabilities and helping to transition security technology into production use, suggests that home computer users should install a hardware firewall too, if they can afford.
“Together with a software firewall, a hardware firewall can stand between your home computer and the Internet, and the level of effort to install and maintain a hardware firewall is low,” he said.
Speaking about the vital nature of making backups of important files and folders, Rogers and Lewis called upon all home computer users to do it regularly on a CD, DVD, USB drive, or an external hard drive.
“These simple habits make recovery easier if there is a damage to your machine, and even if you cannot store the backup copies in a fireproof container or somewhere outside your home, make backups anyway,” they said while reminding that any backup is better than none.
Driving home the point that the loss of precious data due to computer problems is very common, Rogers recalled that he asked the audience, during one of his presentations in Qatar, how many of them had to reload their system for whatever reason. Almost every hand went up.
On the relevance of using strong passwords, Rogers suggests home computer users to have separate passwords for each computer and service they use, online purchasing for example.
“Each password should be unique and unrelated to any of your other passwords. You should not write them down nor should you share them with anyone, even your best friends,” the expert observed.
One of the phrases that Rogers uses often is that ‘when you are connected to the Internet, the Internet is connected to you.’
“It is a dialogue and not a monologue, and people need to realise that as soon as they are connected to the Internet, they are exposed,” he said.
For example, when one sends e-mail, browses a web site, or chats online with someone, the conversation does not go directly from the sender’s computer to that of the receiver’s.
Instead, it goes from the sender’s machine to another computer to still another computer and so on, eventually reaching the receiver’s computer.
“Think of all these computers as an Internet ‘room’, and anyone, or more accurately, any programme, in that ‘room’ can hear that conversation and also probably understand it,” the expert explained.
Most Internet conversations are in the clear, meaning that the information exchanged between computer systems is not concealed or hidden in any way.
“You need to know that the information sent across the Internet may be at risk of others listening in, capturing what you send, and using it for their own benefit, unless it is encrypted,” he said.
There are free and commercial encryption programmes, and in most cases, the free versions suffice, though commercial ones may provide more features and may keep up better with newer and, therefore, stronger encryption methods, Rogers added. |
