After last week’s attacks, it’s clear that if the garrisons of places like Yahoo can be breached, newbies don’t stand much of a chance. You can take solace in the fact that individuals are less attractive targets, but everybody who is jumping on the big-bandwidth bandwagon needs to think about security. Upgrading from dial-up service to either cable or DSL hookups is basically like tunneling a passage that connects your apartment to the local penitentiary, or for the truly paranoid, the offices of the National Security Agency.
We asked two security whizzes for advice. “The best security,” says John Young of Cryptome.org fame, “is not to connect to the Internet at all.” He’s right. “Computer equipment—the box, your keyboard, monitor, cables, printer, etcetera—all emit signals which can be acquired with detection devices, and the number of people empowered to intercept and utilize these signals is growing exponentially,” he says. Just face it: You’re doomed.
Accept that, and work backwards. Here are the baby steps:
1. Lock the Door
Log off as soon as you’re done surfing and retrieving your e-mail. “It sounds so simple, but people with DSL and cable connections tend to stay connected even when they’re not using the connection,” says Ira Winkler, president of an Annapolis-based computer security firm and the author of Corporate Espionage.
2. Don’t Share Files
Reboot your kindergarten manners: Sharing is only good when you know with whom you’re sharing. On either Mac or PC platforms, make sure you’ve turned “file sharing” off. It’s a simple operation; check the manual for procedures.
3. Use Passwords
Hackers capitalize on the fact that most people configure their computers poorly. Few users, for instance, use the password option on their PCs. Checking this elementary option on either your Mac or Windows machine is an elementary step in keeping the snoops at bay.
4. Eat Your Cookies
Cookies are digital files that Web sites store on your hard drive. In the best of worlds, these treats perform useful tasks, saving you time as you negotiate your way through the Web. In the real world, cookies violate your privacy by sending your surfing history back to Web sites. The best solution is to occassionally flush the cookies from your hard drive. Search for “cookies” in either Windows or Mac platforms, and delete whatever you don’t recognize as a friend. Hint: The one from Sex Tracker ought to go right away.
5. Encrypt Yourself
The three most important things in computer security are encryption, encryption, and encryption. Thanks to the heroic (no kidding) and prescient efforts of cryptographer and computer programmer Phil Zimmerman, one of the best encryption programs on the market, PGP (Pretty Good Privacy), is available free to the public. A commercial version with tech-support retails for $30. If you’re dealing with important data, it’s advisable to encrypt everything, from the files on your hard drives to the most pedestrian of e-mails you trade with your friends.
6. Put Up a Firewall
No longer strictly the domain of webmasters, firewalls now come in consumer-friendly versions. “Hackers randomly scan the Internet all the time, and most users are probably hit at least once a day,” Winkler says. “A firewall will tell you if someone is trying to scan you or download data, and it will keep them out.” Winkler recommends Guard Dog ($60) or Black Ice Defender ($40).
7. Update Virus Software Regularly
If a site looks like it might host a malicious bug, it probably does. But you can’t avoid all the creepy crawlers. The smartest policy is to regularly update your antivirus programs, to take advantage of advances in security technology.
There. You now know the 7 Habits of Safe Geeks. Remember them.