Advertising
Advertising

8 Keys to Internet Security

8 Keys to Internet Security

8 Keys to Internet Security

    In a recent post, I recommended Panda’s Cloud Antivirus as a decent free antivirus program. Others have recommended different programs, and that’s fine – in the end, I don’t think there’s much meaningful difference between the various antivirus programs, at least in terms of security.

    Much more important than which antivirus program you use (or anti-spyware, or firewall, or any security software), or even if you use one at all, are the practices that make up your online behavior. People who do risky stuff on the Internet will get a virus, sooner or later, regardless of how good their security software is. On the other hand, many security experts don’t use any antivirus software and still manage to avoid viruses.

    I don’t recommend that you follow in the footsteps of the security experts – the nature of their calling demands a kind of paranoia that few of us can maintain. I recommend a solid package of security software (I run Cloud Antivirus and Windows Defender) but only as a safety net – something to pick up the slack when we make mistakes, not a first line of defense.

    Advertising

    The thing with security, online or anywhere else, is that it’s always a trade-off between protection and convenience. I can tell you how to absolutely avoid any risk of computer virus, spyware, or trojan: stay offline and never install anything or use any removable storage media. That’s 100% perfect protection, but it would severely hinder your computer usage. It’s like securing a house: You could build a door-less, window-less titanium-sheathed reinforced-concrete bunker around your house and be absolutely sure burglars couldn’t get in, but you probably wouldn’t want to live there.

    The tips below are sufficient to account for all but the most determined attacks against your computer. No amount of software or behavioral change can protect you from every possible attack (if the NSA wants to get on your PC, they are probably going to do so) but you can protect yourself from virtually all of the attacks you’re likely to face online.

    I owe thanks for most of these tips to Leo Laporte and Steve Gibson, hosts of the TWiT netcast Security Now. If you’re interested in computer security at a very deep level, this weekly show is your ticket, and I heartily recommend it!

    1. Use a router.

    The very nature of the way routers works acts as an effective hardware firewall, preventing access to computers on your home network from outside the network. Put simply, when you request something from the Internet – say, you click a link, check your email, or enter a URL – the router notes which computer on its network the request came from so it can send the reply to the proper recipient. If a would be intruder attempts to enter your network, the router checks its list of outgoing requests and, if none is found correlating to the attackers’ IP address, it ignores it. It basically doesn’t know which computer to send it to, so it throws it out.

    Advertising

    If you simply cannot use a hardware router, make sure your operating system’s firewall is turned on. This is almost, but not entirely, as good.

    2. Do not open email attachments.

    I know, who doesn’t want to see pictures of Anna Kournikova naked, right? Email attachments are a major vector for infecting computers, because it’s so easy to fake the sender so the email looks like it came from someone you know, and everybody loves opening attachments from people they know. It could be a funny picture of penguins, after all. But bottom line, don’t open attachments. If your email client automatically opens or previews them, turn that feature off. Even if it’s from your mom, and even if your mom says she opened it and it’s fine, still don’t open it. (By the way, next time you’re at mom’s, reinstall Windows. She’s got tons of viruses now.)

    Now, I know that sometimes you have to open attachments, so here’s a simple test to know when it is most likely safe to open an attachment:

    1. You know that the email is from the person it says it’s from. That usually means that either they said they were sending it, or they’ve written a note that only they could have written.
    2. You are expecting an attachment from that person.
    3. You know the person who created the file.
    4. There is a compelling reason to open the attachment. I’m sorry, ma, but a good laugh isn’t enough to get me to risk my computer’s security.

    If you can’t be absolutely, 100% sure on all these counts, trash it. 

    Advertising

    3. Do not download bittorrent files.

    That sucks, I know, but since you’re never absolutely sure where the file comes from, where it’s been, or who might have altered it, bittorrent is risky. Downloading a Linux distribution from Ubuntu is probably ok; downloading it from Pirate’s Bay is a bit dodgy. Downloading Oscar screeners of movies that haven’t been released yet is super-duper dodgy. It’s a real shame to have to forego sticking it to The Man because of practical concerns, but you’re taking a big risk downloading an unknown file from an unknown person about whom the only thing you know is that they don’t feel any compunctions about breaking the law. 

    4. Do not download warez, porn, or other dubious files.

    First they came for my bittorrents, then they came for my porn! It just gets worse and worse, doesn’t it. But really, think about it – people who distribute illegal copies of illegally hacked software a) are demonstrated lawbreakers, b) are familiar with programming code, and c) had access to the code you’re expecting to install on your computer. As for porn, while I’m sure there are plenty of Good Samaritans out there who distribute free pornography simply out of a desire for greater happiness in the world, some small number of them do it for financial gain. If they’re giving you free porn, they must be making money off you another way, and one of the easiest is to install a bunch of malware on your computer, run whatever code they want on it, and then sell the use of your computer to spammers, phishers, and other unsavory sorts. You want to know how bad these guys are? They don’t even care if they give pornography a bad name!

    5. Do not download *anything* from sites you’re unfamiliar with.

    Again, if you’re intending to install something you’ve downloaded onto your computer, you have to know that only people you trust have had access to it. Adobe, Microsoft, and other software manufacturers are generally trustworthy, as are sites like C|net’s Download.com. “Bob’s Free Software I Like a Whole Bunch” might not be quite as safe a bet.

    6. Turn off Flash, Javascript, and other browser plugins.

    Flash ads have been used to install viruses. So has Javascript code. You don’t have to do anything to get infected this way; you just visit a site with the malicious code on it and *bam*, you’re infected. Because of that, hardcore security folks turn off Javascript and either block or never install Flash. Personally, I think it limits the usefulness of the Internet too much; I’ve decided to risk running Javascript, and use the FlashBlock plugin in Firefox so I can select which Flash objects on a page I want to run (allowing me, for instance, to watch YouTube videos while preventing Flash ads on the same page from loading).

    Advertising

    7. Do not click links in email.

    It’s very easy to hide the real destination of links sent in email by using HTML where the text reads “www.perfectlysafesiteyouknowandtrust.com” but the actual URL is “www.reallybadsiterunbymeanpeoplewithnofriends.net”. This is how phishing scams work – you think you’re going to PayPal or your bank, but really you’re going to a page designed to look just like your bank’s login page but hosted on the mean people’s server. Also, bad guys often put unique tracking IDs into links, so that they know exactly who clicked on a link – which means that they know which email addresses out of the millions they sent spam to are valid, which makes them worth more money to other spammers. Um, yay?

    7a. Do not click shortened URLs.

    I don’t like this one, because I like Twitter and you lose a lot of functionality if you don’t use a service like bit.ly or is.gd to shorten URLs, but these links are scary. When you hover your mouse over a link, the URL appears in the email or browser’s status bar, meaning you can verify that the link heads to where it says it does. When you do the same with a shortened URL, it just says the shortened URL. There are Firefox extensions like UnTiny that will reveal the true destination of shortened URLs, and some Twitter clients do as well, but until a universal solution is standardized, these URLs remain a bit scary, security-wise.

    8. Install all security updates.

    Unless you’re a multi-national mega-corporation running oodles of mission-critical custom-designed software, you need to install security updates as quickly as possible upon release. If remembering to do this isn’t something you think you’d be likely to do, set your computer to automatically download and install updates. Increasingly, we’re seeing “0-day” exploits – viruses and trojans written to make use of security flaws before those flaws are corrected by – or, in some cases, even known to – manufacturers. Keeping up-to-date is essential to keep even marginally safe.

    I know that, the world being what it is, someone will be thinking right about now, “Hey, why don’t you just switch to Mac OS X or Linux?” It’s true, those operating systems get far fewer viruses and other problems than Windows PCs, but most experts seem to agree that this is at least in part because there are so many Windows PCs and so few Mac and Linux PCs. (There are plenty of Linux servers, but those are under professional supervision, which goes a long way towards making up for any security weaknesses Linux has.) Bad guys program for the system that allows the greatest spread of their malware, and right now, that’s Windows.

    But if you’re still not convinced, I’ve got an even better idea for you. Both Mac OS X and Linux have demonstrated security vulnerabilities, and as they become more common are likely to become targets for hackers. So they’re not really safe bets. Instead, try BeOS! It may be riddled with security holes and only run on Pentium 4 and earlier PCs, but I can guarantee you, nobody is writing viruses for it!

    For everyone else, whether you use Windows, Mac, or Linux, make sure to follow the rules above and, chances are, you’ll be just fine.

    More by this author

    Becoming Self-Taught (The How-To Guide) The Importance of Reminders (And How to Make a Reminder Work) How to Admit Your Mistakes How to Take Notes: 3 Effective Note-Taking Techniques How to Learn Something New Every Day and Stay Smart

    Trending in Featured

    1 Becoming Self-Taught (The How-To Guide) 2 5 Steps To Move Out Of Stagnancy In Life 3 The Importance of Reminders (And How to Make a Reminder Work) 4 How to Master the Art of Prioritization 5 40 Top Productivity Apps for iPhone (2020 Updated)

    Read Next

    Advertising
    Advertising
    Advertising

    Last Updated on January 21, 2020

    Becoming Self-Taught (The How-To Guide)

    Becoming Self-Taught (The How-To Guide)

    Most of the skills I use to make a living are skills I’ve learned on my own: Web design, desktop publishing, marketing, personal productivity skills, even teaching! And most of what I know about science, politics, computers, art, guitar-playing, world history, writing, and a dozen other topics, I’ve picked up outside of any formal education.

    This is not to toot my own horn at all; if you stop to think about it, much of what you know how to do you’ve picked up on your own. But we rarely think about the process of becoming self-taught. This is too bad, because often, we shy away from things we don’t know how to do without stopping to think about how we might learn it — in many cases, fairly easily.

    The way you approach the world around you dictates to a great degree whether you will find learning something new easy or hard.

    The Keys to Learning Anything Easily

    Learning comes easily to people who have developed:

    Curiosity

    Being curious means you look forward to learning new things and are troubled by gaps in your understanding of the world. New words and ideas are received as challenges and the work of understanding them is embraced.

    People who lack curiosity see learning new things as a chore — or worse, as beyond their capacities.

    Patience

    Depending on the complexity of a topic, learning something new can take a long time. And it’s bound to be frustrating as you grapple with new terminologies, new models, and apparently irrelevant information.

    When you are learning something by yourself, there is nobody to control the flow of information, to make sure you move from basic knowledge to intermediate and finally advanced concepts.

    Advertising

    Patience with your topic, and more importantly with yourself is crucial — there’s no field of knowledge that someone in the world hasn’t managed to learn, starting from exactly where you are.

    A Feeling for Connectedness

    This is the hardest talent to cultivate, and is where most people flounder when approaching a new topic.

    A new body of knowledge is always easiest to learn if you can figure out the way it connects to what you already know. For years, I struggled with calculus in college until one day, my chemistry professor demonstrated how to do half-life calculations using integrals. From then on, calculus came much easier, because I had made a connection between a concept I understood well (the chemistry of half-lifes) and a field I had always struggled in (higher maths).

    The more you look for and pay attention to the connections between different fields, the more readily your mind will be able to latch onto new concepts.

    How to Self-Taught Effectively

    With a learning attitude in place, working your way into a new topic is simply a matter of research, practice, networking, and scheduling:

    1. Research

    Of course, the most important step in learning something new is actually finding out stuff about it. I tend to go through three distinct phases when I’m teaching myself a new topic:

    Learning the Basics

    Start as all things start today: Google it! Somehow people managed to learn before Google ( I learned HTML when Altavista was the best we got!) but nowadays a well-formed search on Google will get you a wealth of information on any topic in seconds.

    Advertising

    Surfing Wikipedia articles is a great way to get a basic grounding in a new field, too — and usually the Wikipedia entry for your search term will be on the first page of your Google search.

    What I look for is basic information and then the work of experts — blogs by researchers in a field, forums about a topic, organizational websites, magazines. I subscribe to a bunch of RSS feeds to keep up with new material as it’s posted, I print out articles to read in-depth later, and I look for the names of top authors or top books in the field.

    Hitting the Books

    Once I have a good outline of a field of knowledge, I hit the library. I look up the key names and titles I came across online, and then scan the shelves around those titles for other books that look interesting.

    Then, I go to the children’s section of the library and look up the same call numbers — a good overview for teens is probably going to be clearer, more concise, and more geared towards learning than many adult books.

    Long-Term Reference

    While I’m reading my stack of books from the library, I start keeping my eyes out for books I will want to give a permanent place on my shelves. I check online and brick-and-mortar bookstores, but also search thrift stores, used bookstores, library book sales, garage sales, wherever I happen to find myself in the presence of books.

    My goal is a collection of reference manuals and top books that I will come back to either to answer thorny questions or to refresh my knowledge as I put new skills into practice. And to do this cheaply and quickly.

    Advertising

    2. Practice

    Putting new knowledges into practice helps us develop better understandings now and remember more later. Although a lot of books offer exercises and self-tests, I prefer to jump right in and build something: a website, an essay, a desk, whatever.

    A great way to put any new body of knowledge into action is to start a blog on it — put it out there for the world to see and comment on.

    Just don’t lock your learning up in your head where nobody ever sees how much you know about something, and you never see how much you still don’t know.

    Check out this guide for useful techniques to help you practice efficiently: The Beginner’s Guide to Deliberate Practice

    3. Network

    One of the most powerful sources of knowledge and understanding in my life have been the social networks I have become embedded in over the years — the websites I write on, the LISTSERV I belong to, the people I talk with and present alongside at conferences, my colleagues in the department where I studied and the department where I now teach, and so on.

    These networks are crucial to extending my knowledge in areas I am already involved, and for referring me to contacts in areas where I have no prior experience. Joining an email list, emailing someone working in the field, asking colleagues for recommendations, all are useful ways of getting a foothold in a new field.

    Networking also allows you to test your newly-acquired knowledge against others’ understandings, giving you a chance to grow and further develop.

    Here find out How to Network So You’ll Get Way Ahead in Your Professional Life.

    Advertising

    4. Schedule

    For anything more complex than a simple overview, it pays to schedule time to commit to learning. Having the books on the shelf, the top websites bookmarked, and a string of contacts does no good if you don’t give yourself time to focus on reading, digesting, and implementing your knowledge.

    Give yourself a deadline, even if there is no externally imposed time limit, and work out a schedule to reach that deadline.

    Final Thoughts

    In a sense, even formal education is a form of self-guided learning — in the end, a teacher can only suggest and encourage a path to learning, at best cutting out some of the work of finding reliable sources to learn from.

    If you’re already working, or have a range of interests beside the purely academic, formal instruction may be too inconvenient or too expensive to undertake. That doesn’t mean you have to set aside the possibility of learning, though; history is full of self-taught successes.

    At its best, even a formal education is meant to prepare you for a life of self-guided learning; with the power of the Internet and the mass media at our disposal, there’s really no reason not to follow your muse wherever it may lead.

    More About Self-Learning

    Featured photo credit: Priscilla Du Preez via unsplash.com

    Read Next