SPSC Computer Club Meeting May 1, 2007 - Session on Computer Security
- by Bill Boyes

The topic is fairly broad, and the summary here is based on a Google search for "web child safety".
Overview & Scope

There's lot of attention being paid to the security problem and money spent to address the threat. Why? A security breach can cost a corporation money (valuable information falls into the wrong hands), Public confidence and trust (privacy breaches, client information). An individual can lose privacy of passwords and personal details leading to identity theft (Anecdote: Vacationing owners' house sold without their knowledge). Your computer cam be "infected" with unwanted software to take you web sites which earn money based on volume, or your computer can be "zombied" to perform actions desired by the virus creator such as infecting more computers via e-mail.

How about the people using the computer? Do they need protection? Yes, especially children. More about the problem of protecting children: http://www.foxnews.com/story/0,2933,251763,00.html

Physical security

What about your lap-top computer? Is it easy to steal from your home or car? Could you lock it away or hide it when away from home for extended periods?

If your computer were to be stolen could someone use it to find out too much about you? Do you have an access password? Do you have a list of Internet passwords etc. right on your computer? Is your bank-account information such as account numbers readily obtainable from your computer? Does your browser remember your bank account access password?

Internet security

Some web-sites are dangerous to you because they can download spy-ware.
Try to stay with sites belonging to well known major businesses and organizations. If in doubt check it out! Don’t assume any site is safe.
Don’t' visit porn sites. Don't ever download their software such as for getting "special images".
Be suspicious of possible spoofing and masquerading (example e-mail spoof from your bank or other financial institution), free greeting cards and other attractive web sites including jokes and amazing images).
Don’t automatically forward security warnings without investigation at a reputable site such as Snopes, Google or UrbanLegends.com. Otherwise you are just becoming part of the "friendly spam" problem.

Virus protection

Everyone should run Anti-Virus software - free software from AVG. Otherwise use commercial product from MacAfee, Norton, or software from you ISP (e.g. Sympatico or Rogers). A software firewall is a good idea (free version from Zone Alarm, or use the built-in Windows firewall).

E-mail

Outlook Express - don’t activate the Preview Pane. ("when in Outlook Express, click on "View", "Layout", and in that panel "Show Preview Pane" should not be checked.
When you open your e-mail inbox check the items listed and do not open email from anyone you do not know.

Safety restrictions for grandchildren.

See Internet Security - How do you make sure? Install filters and monitors?
You be there when kids are on your computer.
An excellent article - http://www.safekids.com/child_safety.htm - background info and safety rules.
Another article, www.bewebaware.ca, offers tips depending on the age of the child - excellent!
(list - products to restrict and monitor:
www.awarenesstech.com/Monitoring-Software/Parental/
www.bsafehome.com/
www.onlinelockout.com
www.fosi.org

Examples from industry:

From sophos.com - Best practice - Simple steps to defend against the latest threats

Our experts have compiled these simple best practice guides to adopting a multi-layered defense. With blended threats, spam and phishing attacks on the rise it has never been more important to educate end users about how best to protect themselves.

Simple steps to defend against viruses and spyware: Learn how to reduce the chances of infection from viruses, spyware, worms and potentially unwanted applications (PUAs) with our best practice guide.
Simple steps to avoid spam: Find out how you can minimise your chances of receiving spam.
Simple steps to avoid being phished: Phishing is an increasingly common type of spam that can lead to theft of your personal details such as credit card numbers or online banking passwords. Find out how you can reduce your chances of being a victim of a phishing attack.

*Note: They off a free "rootkit" scanner on their web site: www.sophos.com/

The "Simple steps ..." is over 50 pages - here's the "Tricks" section ….

Ongoing updates … http://www.sophos.com/security/topic/online-fraud.html