<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
In the news lately, there have been two articles within a few days
which are very worrisome. Both articles describe a situation in which
someone is facing jail time or other punishment for having spyware,
adware, malware, or trojans on their computers.<br>
<br>
The first article can be found here:
<a class="moz-txt-link-freetext" href="http://www.norwichbulletin.com/apps/pbcs.dll/article?AID=/20070106/NEWS01/701060312/1002/NEWS17">http://www.norwichbulletin.com/apps/pbcs.dll/article?AID=/20070106/NEWS01/701060312/1002/NEWS17</a><br>
<br>
A substitute teacher apparently navigated to some dating sites outside
of class time on the classroom computer, which installed spyware on the
system. In class, the computer started serving popup advertisements
for porn sites. She was convicted of risking injury to a minor or
impairing the morals of a minor. She faces a sentence of up to 40
years in prison. Let me say that again, up to <b>40 years</b> in <b>prison</b>.
It's possible that if she gets the maximum sentence that she would have
served less time in the end if she had murdered the teacher she was
substituting for in a jealous rage.<br>
<br>
The second article: <a class="moz-txt-link-freetext" href="http://www.networkworld.com/community/?q=node/10460">http://www.networkworld.com/community/?q=node/10460</a><br>
An interview with the DA involved:
<a class="moz-txt-link-freetext" href="http://abcnews.go.com/2020/story?id=2791529&page=1">http://abcnews.go.com/2020/story?id=2791529&page=1</a><br>
<br>
In this one, a 16-year old young man very nearly got jailtime and an
entry on the sex-offenders list because he had child porn on his
computer that was very likely put there by spyware, adware, or
trojans. He has passed two lie-detector tests about the facts of this
case. It does look like he did go to some porn sites of the adult (not
child) variety. These sites have been known to be heavily infested
with spyware and trojans. In the end, he copped to a lesser charge of
solicitation, if you can believe it, because he bought a Playboy
magazine and showed it to some friends of his which were his own age.<br>
<br>
So, if the thought of going to jail because some bozo a world away has
made a zombie out of your machine scares the crap out of you, I
recommend the following to minimize the spyware threat:<br>
<br>
1) Get a hardware firewall/router. I use a Linksys brand, but I'm sure
the others are just fine. These devices stand between you and the
internet and block most port requests (incoming and outgoing). They
also have the added benefit of letting you connect more than one
computer to the same internet connection. They can usually be
purchased for around 50$.<br>
<br>
2) Stop using Internet Explorer, Outlook, and Outlook Express. These
products have a horrible history of being exploitable through security
holes. Microsoft, who makes these products, has a bad history
generally when it comes to computer security. They've been known to
not fix dangerous security holes for months at a time. They also are
bundled with the computer operating system and have higher-than-usual
permissions in that system, meaning that security flaws can have a
large impact. Supposedly, IE7 is better about security now, but I
haven't used that program and can't comment on it.<br>
<br>
3) Use a standards-compliant web browser (this ties into point 2). I
use Firefox, and won't go back. Firefox blocks most popups
automatically, and (better yet) doesn't allow ActiveX to run. ActiveX
is where most of the security problems lie. Firefox is both
free-as-in-beer and free-as-in-speech. If you do use Firefox, try out
the NoScript extension which blocks javascript initially unless you
whitelist the site. This means you will have to add the sites you use
regularly that you trust to the list, but it is much safer. Using this
extension stops the bad sites from launching another browser window
when you close them, and various other unsavory tricks. I also
recommend the Adblock extension, so that you can cut out most of the
annoying advertising that you see on the web. This may also help if
spyware does get on your system and serves you popups as it's possible
you will have already blocked those ad sites. Once you get used to
tabbed browsing and some of the more popular extensions like
ForecastFox and FasterFox, you won't go back. You can download Firefox
here: <a class="moz-txt-link-freetext" href="http://www.mozilla.com/en-US/">http://www.mozilla.com/en-US/</a><br>
<br>
4) Use a standards-compliant email application. I use Thunderbird,
which is made by the same people Firefox is (Mozilla). It is also
free, and is generally safer than Outlook or Outlook Express. Of
course, if your place of business uses a Microsoft Exchange Server for
your email, Thunderbird may not be able to connect. It's also saner
about when to allow programs to be run from it, and it's spam filtering
is really good too. You can download Thunderbird here:
<a class="moz-txt-link-freetext" href="http://www.mozilla.com/en-US/">http://www.mozilla.com/en-US/</a><br>
<br>
5) Use an anti-spyware program to search your system regularly for
spyware, adware, malware, and trojans. Two of my favorites are Spybot
Search and Destroy and Adaware. Here are the URLs:
<a class="moz-txt-link-freetext" href="http://www.spybot.info/en/index.html">http://www.spybot.info/en/index.html</a> for spybot and
<a class="moz-txt-link-freetext" href="http://www.spybot.info/en/index.html">http://www.spybot.info/en/index.html</a> for adaware. Buried on their
sites somewhere are links to the free versions of these programs. If
you like them and can afford it, I'd suggest buying a copy of their
premium products.<br>
<br>
6) Run an antivirus program regularly. AVG (found here:
<a class="moz-txt-link-freetext" href="http://free.grisoft.com/doc/1">http://free.grisoft.com/doc/1</a>) is a nice free program. There are many
commercial programs on the market as well.<br>
<br>
7) Change your internet habits. Don't run things on your system that
someone sends to you through email, even if it's sent by a friend.
Many of the programs that have cute cursors or show you a funny video
also put spyware on your system. Learn about your most basic software,
such as your web browser and your email client. Try to run them with
the most secure settings that you can stand.<br>
<br>
8) If you have children, get a program like NetNanny to help you keep
them from visiting sites you don't want them to visit. I don't have
kids, so I'm not an expert on any of these programs so I can't help
much here.<br>
<br>
9) Completely separate your computer habits at home from those at
work. Most workplaces of any size by now have a computer use policy.
Read it. You are generally safest if you don't access your home email,
don't shop for vacation packages or manufactured goods, and don't post
to listservs or forums from your work computer. This way, the only
spyware that will get on your work computer will have gotten there from
a work-related activity and you won't be to blame.<br>
<br>
10) Always keep your software up-to-date. Even following all the
previous pieces of advice won't save you from all spyware, adware, etc.
because much of it can be placed on your system remotely if you have
not downloaded the latest updates for your operating system and other
programs you use on a daily basis. Some products will automatically
download updates, but others have to be done manually. It's especially
important to keep up on your anti-virus signatures and anti-spyware
signatures.<br>
<br>
... and as an added bonus ...<br>
<br>
11) Run a different operating system. Try out a Mac, or download a
Linux distribution such as Ubuntu. Almost all of the spyware, if not
all of it, will not run on these systems. Of course, this is not
practical for most people, as Macs are more expensive and don't run
their favorite games and Linux requires a certain minimum level of
geekiness, but I'd feel remiss if I didn't add it as an option.<br>
<br>
I'm sure others on here have other advice that will help. One
by-product of doing these things is that your system (if it's currently
infested) should run much snappier than previously.<br>
<br>
Paul<br>
</body>
</html>