It’s not your fault– how the Tech Industry is failing you

Your computer was infected with pop-up pornography because you visited a popular travel Website to look at hotel room prices in Orlando. And you have a well-known Company’s Internet Security Suite.

Or maybe, because your ISP promised you they’d scan all your e-mails for you, before they got into your Inbox.. you thought they really did, and you also thought that made your e-mail safe. You clicked on a link in one of those e-mails… (it said it was from your Uncle Victor..) and, voilà! Someone’s using your credit card.
In Malaysia.
To buy big-screen TV’s.
Like, six of them.. so far.

Perhaps you did neither of those things. But.. your friends wanna know why you’re sending them all this junk e-mail, and your ISP is threatening to turn you off if you don’t stop sending mass-mailings. Huh?
Turns out, you happen to have CoolProgram 6.0* on your machine, and a cracker has “exploited” the code and turned your machine into a spambot. Your machine has been merrily sending out thousands of e-mail come-ons for generic drugs, male enhancements, and penny stocks… all while you were asleep in bed.

Or you brought home a new digital picture frame…

Does this sound like a bad sci-fi movie to you? It does to me. But, sadly, this is our current reality.

You haven’t done anything wrong (or, really stupid) and you’ve even tried to protect your machine, but you got hijacked anyway.

I, for one, think there’s something seriously wrong with this state of affairs. When I think about the state of the Internet, I start feeling like that guy in the movie.. you know the one..

Why is this happening? Many reasons. Some are:
* Software companies are, to this day, releasing programs which contain insecure code.
* Hardware manufactures don’t include any extra features– like hard-wired security.
* In their rush to bring us new and exciting technology (he who’s first to market, wins), nobody stops and ponders the consequences.. or the vulnerabilities.
* For a long time, nobody took the hackers seriously enough.
* Cost. (I put this last because this can be offset.)

Believe it or not, there are steps the IT Industry can take to remedy a lot of this, and counteract this unsecured Internet. They could be doing much more to combat spam, malware, and hackers. There’s also steps we (us “consumers”) can take as well.. which space restriction has run out of room for today, and I will discuss tomorrow.

To be continued…

Today’s free link: I have recommended other graphics manipulation/image editing tools in the past, and it is only fitting that I give space to another winner: Paint.NET is simply the closest thing to Photoshop I have seen. 5 Star-rated by C/Net.

* Pick a program, any program. “CP 6.0” is simply my generic example.

*** Folks, like my new look? Hate it? Let me know by answering this 1 Question survey Click Here to take survey. ***

To read part 2, click here.

Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix

Share this post :

May 9, 2008 Posted by techpaul | advice, computers, hardware, Internet, PC, security, software, tech | citizens, code, cracker, cyber criminals, exploit, failure, fault, hacker, industry, infections, insecure, Internet, malware, preventable, protect, tech, unsecured, weak, web, wide, world | 3 Comments

Some basic security pointers–#1

Is your computer a zombie? You can never be too secure, and neither can your PC. These few steps will go a long way in keeping your private information away from prying eyes, and prevent your machine from being used as a “zombie” by tech-savvy evil doers. (Most owners of zombie PCs are totally unaware that their computers are being used in this way.)

Tip of the day: The two basic steps I will discuss today–password protecting your User Accounts (and requiring logging in), and renaming your Administrator Account–should be prefaced with a quick description of what is, exactly, a strong password.

Strong passwords should be “complex”. That means that they should contain both upper and lower-case letters, special characters (!@#$%^&*(){}[]) and numbers, and be at least eight characters long, and–most definately–not be a word (or name) found in the dictionary. Your passwords (notice the plural. It is not wise to use the same password for everything.) will be easier to remember if you make them into a ‘passphrase’. A equestrian might use a passphrase of 1Lu^h0rsez, for example.

Now that you have a good password, it’s time to require authentication to use your machine. Start by clicking on Start>Control Panel>User Accounts (or Start>Settings>Control Panel>User Accounts. Depending on your version and preference setting). Then click on “Change an account,” and then click on “Create a password for your account.” Enter your password, twice, and if you’ld like, a password “hint” that will remind you (but not clue in the whole world) of your new password. Click “Create password.”

Now, since knowing your User Name is half the battle, click on “Change the way users log on or off.” Deselect (by unchecking the check in the checkbox) “Use the Welcome screen.”

Unbeknownst to most folks, Windows has a hidden Administrator account (this becomes vitally important when troubleshooting failing systems, or when User accounts get “locked out”) named “Administrator”. Hackers are well aware of this, and it is their favorite method of gaining access (and control over) your machine; since they know the User name, all they have to do is guess the password–which by default, and unless you set one, there isn’t one! Remedy this in XP Professional by going to Control Panel>Administrative Tools (you must use Classic View) and clicking on Local Security Policy. Then in the left column click on the plus sign next to Local Policies, and then click the Security Options folder (If you receive a warning about Group Policy, just ignore it) and a series of policies will appear in the right pane. The 4th or 5th one from the top should be “Accounts: Rename administrator account”. Double click on it and a dialogue box will open. Enter a new name, and click Apply, and OK.

In XP Home, the method is to click Start>Run. In the Run dialogue type in “Control userpasswords2” [no quotes] and click OK. From the User Accounts dialogue box, select the Administrator Account and click Properties. Enter the new name in the User Name text box, and click OK.

(For other versions of Windows the methodology is similar, but I recommend Searching Microsoft’s website for the specific steps.)

The last step is to congratulate yourself, because you have just made your computer much, much harder for a determined cracker to penetrate, and practically eliminated access to the casual browser.

Today’s free link: Steve Gibson’s ShieldsUp! This free scan, offered by a true giant in the computer field, analyzes your computer for vulnerabilities coming from the Internet, and tells you how your private data may be visible to outsiders. This link will appeal to the more tech-savvy, and be an eye openning experience for those of you who have not learned about firewalls yet.

Copyright © 2007 Tech Paul. All rights reserved.

Share this post :

June 9, 2007 Posted by techpaul | advice, anti-spyware, antivirus, computers, file system, how to, passwords, PC, privacy, rootkits, security, tech, User mode, Vista, Windows, XP | Accounts, Administrator, authentication, cracker, firewall, Gibson, Group Policy, hacker, hidden, infection, passphrase, password, prevent, rename, ShieldsUp!, spambot, Steve, strong, test, User, zombie | 13 Comments