Triona's Tech Tips

There is a lot of discussion these days about kids and the Internet. Parents, myself included, are rightfully concerned about what our children can access, and who has access to them. Businesses are concerned about liability issues and the compromise of customer data, in the pervasively interpersonal world of instant communication.

The same techniques used to secure a corporate computer can, and should, be used to secure a personal home computer. The same policies used by corporations can be modified for a family environment. By including your kids in the process of creating a home Internet policy, you’ll be able to supervise their Internet access while allowing them the freedom to explore.

Corporations typically have an “acceptable use policy,” which governs what is allowed or prohibited on the company network. It’s part of the employee handbook, and looks like this:

This computer system is for authorized use only. By using this system, the user consents to such interception, monitoring, recording, copying, auditing, inspection, and disclosure at the discretion of authorized personnel. Unauthorized or improper use of this system may result in disciplinary action and civil and criminal penalties. By continuing to use this system you indicate your awareness of and consent to these terms and conditions of use.

Parents can create a home policy based on these ideas. This is not to say you should treat your children like little employees, but you can use the same concepts to start a family discussion about online safety. It’s up to you to keep up with the latest techno-fashions, so you know how to respond to things like MySpace accounts and multiplayer games. You’re reading this article, so you’ve already made a good start.

First things first, you have to properly protect your machine. It’s no use badgering your kids about downloading music when you don’t even have up-to-date antivirus software. We’ve been over the drill, but let’s review the “four-legged chair,” the four critical things you need to secure your computer:

• Antivirus software
• Anti-spyware software
• A firewall, hardware or software
• The latest updates

I presume you’ve taken care of this. If not, or you’re not sure, I can check for you on my next visit. You might also want to re-read “How To Protect From Cybercrime” and “You Could Be A Computer Criminal” from the August 2008 issue of Tech Tips, which include more detail on security protections.

Now, you need to decide what your home policies will be. Are your kids only allowed to use the Internet during certain hours, or after homework is done? What services can they use (such as email, web, and chat)? Will you use parental controls, and if so, what kind? Will you be recording their chat sessions, logging the sites they visit, counting the tunes they buy? Be open to negotiation. Nothing will alienate a kid faster than laying down the law, and they seem to view the Internet as their personal possession.

Once it’s been discussed, put your policy in writing and sign it with your kids, just like a corporate policy. Now that the rules are clear, and protections in place, you can let your kids surf. But remember, no technology can substitute for supervision. Consider locating the computer in a public area. You’ll also want to review with them the following safety tips. If they’re chatting with friends, suggest they set up a code phrase, so they can verify the human behind the screenname. Never give out personal information, such as full name, address, or school. And they should never, ever, make arrangements to meet an online friend in the real world unless they, and you, are positive of that person’s true identity.

What parental control options are available? Your Internet service may already include some; check with your provider. Otherwise you can use a software program. I’ll be reviewing your choices for “Parental Control Software” in the upcoming September 2008 issue of Tech Tips.

Finally, hand this column to your kids. This paragraph is for them:
Yes, I’m your parents’ age, but my generation came up with all that technology you’re enjoying, so take off the earbuds and listen. When you’re on the computer, use your common sense. The Internet is a public network, and anything you post can be viewed by perfect strangers, potential employers, or your parents. Be aware of how to protect yourself, and your computer. Then next time you want to go online, you won’t have to worry that your computer will crash, and your parents won’t have to worry about you.

[This article is reprinted from the March 2007 issue of Triona's Tech Tips. More advice on kids, computers and the Internet coming in September.]

If the cybercrime situation is so dire, what can an average person do about it? I present the four-legged chair of computer security. Without all four legs, your computer’s defenses could collapse.

• Antivirus software
  You know this; what you may not know is that antivirus alone does not catch every threat.
• Anti-spyware software
  Spyware is software you don’t want, similar to viruses but using different tactics. Adware, malware, keyloggers, Trojan horses, they all fit into the category of spyware.
• Firewall
  Just like a fire door in a hospital, a firewall keeps out Internet nasties that try to sneak under the radar of antivirus and anti-spyware software.
• Regular updates (“patches”)
  Every program has bugs, and these bugs can be used by viruses to manipulate your computer. Harden your security defenses by keeping your software up-to-date.

At home, you’re your own computer security czar. Run a full-fledged security suite, and install a firewall for extra protection. (See the sidebar, right, for suggestions.) Remember, you must purchase security software yearly, and update it every few days. And don’t forget those patches! For Windows I like a combination of Microsoft Update plus Secunia’s Personal Software Inspector. Mac users, be sure to check for new patches via Apple’s Software Updates, Adobe Updater and the other update features of your software.

If you have a company-owned computer, talk to your IT department about the protections that are installed. Find out if your corporate network prevents laptops from logging on unless the laptop has updated security. You can also explore one-time password systems, or biometric options like the fingerprint scanners now built in to most laptops.

Do you have questions about protecting yourself from cybercrime? Ask them here (click Comments below any article), and be sure to sign up for the email version of Tech Tips for bonus tips and product reviews.

Imagine there’s a knock at your door. “Police,” they say. “You’re under arrest for child pornography.”

Are you a computer criminal? You could be a thief, a spammer, a spyware sender… and you could get arrested for it, all without knowing.

Take the case of substitute teacher Julie Amero. She was given a classroom computer that, according to reports, was completely unprotected, and when the machine displayed pornographic popups, she was arrested for child endangerment. Another article tells the story of a state employee arrested for having child porn on his work-provided laptop, which did not have functional antivirus software.

Most people have no idea whether their computers are truly protected from Internet threats. We pay token attention to antivirus, or trust that our company-owned computers are defended. Computer makers leave it up to the consumer to figure out how to install and maintain security software. What can you do to ensure you’re not the next victim?

You don’t have to be a tech expert, and it doesn’t take much time. See this month’s Tech Tip on How To Protect From Cybercrime.

And if you are ever in doubt, feel free to post your computer questions here (click Comments below any article) and I’ll do my best to answer them.

Last January we discussed Windows Vista, touted as the best thing for PCs since… well, since Windows XP. How good is this new version, and does it measure up to the marketing?

In short, no. I have not received a single call from someone saying, “Gee, Triona, I really want to upgrade to Vista today.” Those who have it are folks who found themselves with it when they bought new machines. I’ve seen some compatibility trouble with older hardware and software, and of course we’re all still getting used to Vista’s new look.

Low-cost computers may turn out to be less than a bargain. Microsoft says Vista will run on a PC with 512MB of memory and 20GB on the hard drive. But anyone in the IT world will tell you, there’s a big difference between Microsoft’s “minimum” system requirements and the real world. You’ll need at least 1GB of memory, preferably 2GB, and as much disk space as you can muster. And if you don’t have a 256MB graphics card, you can say goodbye to Aero, the fancy Vista interface. Budget computers don’t have enough graphics capability. Since it’s hard to upgrade graphics on laptops, mobile users in particular may be looking for new machines earlier than they thought.

Most people will find it more cost-effective to replace their computers instead of upgrading to handle Vista, a sad remark on our society’s throwaway attitude toward technology. Unless you have a good reason to move to this new Windows version, you might as well stick with XP. But if you’re not at XP yet, consider skipping straight to Vista. And do it sooner, not later. Older Windows versions cannot be adequately protected from Internet threats. You can still buy a new computer with Windows XP through June 30, 2008. That’s a good option for those of you with older programs that can’t yet be moved to Vista.

[This article is reprinted from the January 2008 issue of Triona's Tech Tips. See Green Computing in the right-hand sidebar for electronics recycling solutions, and don't forget to read about the problems folks are having with Windows XP downgrades now that the June 30 deadline has expired.]

[This article is reprinted from the May 2007 issue of Triona's Tech Tips. Software scams remain a nasty plague on consumers. Be wary of any programs that offers themselves to you via a popup window or flashy Web ad.]

I hate seeing my users scammed. And there are some nasty scams out there, including this tricky one involving the online upgrade of software.

Here’s what happens. The user receives a legitimate renewal reminder from his Windows antivirus software. He searches the web for the upgrade, and that’s where the scam begins. He clicks on what he thinks is the correct link, and is directed to a website that looks like the right place. He selects his upgrade, puts in his credit card number, and installs the provided program. He is left with a new icon that seems to be doing all the things antivirus software should do. Except it’s not antivirus software at all, and that card number just got swiped.

The culprit is “Win AntiVirus,” also known as the SmitFraud trojan. This pest mimics the styling of Norton AntiVirus, and it’s slick enough to fool almost anyone. The first time I encountered it, I had to do some careful checking to determine it didn’t belong.

Since it’s not a real antivirus program, “Win AntiVirus” leaves you vulnerable to real viruses. Usually when I find it, it’s because I’ve been called in to fix something seemingly unrelated, like being unable to print. That’s just a symptom of the real issue, which is that your computer is now minus its protections and susceptible to whatever comes along. The way search engines like Google work only adds to the problem. The scammers purchase advertising keywords so that when you do a search, their scam link comes up near the top of the list.

Upgrading your antivirus software is an important thing to do, but keep an eye out for tricks like this. When in doubt, type web addresses manually instead of clicking on a link. If you’re a Norton user, the place to go is Symantec. McAfee, Trend Micro, and the free AVG and ClamWin programs are all legitimate products as well. The links here on Triona’s Tech Tips (see below right, under “Windows Help”) will point you to the real deal.

Antivirus is not the only software spoofed. Spyware, the collective term for software you don’t want, often has the hubris to masquerade as anti-spyware software. Those free “PC cleaners” you see advertised in spam emails are just trying to get you to install their junk so they can zombie your computer like we discussed a few months ago. I have actually seen such scams advertised on television, no less! Avoid using software that is advertised via spam or pop-ups, and be sure you know whose product you are using. Of course, purchasing from a store is a workaround against online scams.

If you’ve been victimized, it’s time to pull out the big guns to protect your identity: FTC’s Identity Theft website. In Illinois, the Attorney General has also set up an Identity Theft hotline at 1-866-999-5630. I don’t know what happens to the credit card that was entered, but it can’t be good. You also need to clean off your machine, and sadly in the case of “Win AntiVirus,” usually the best choice is to reinstall from scratch. Otherwise you’ll never know if it’s really gone.

We talked before about how to create stronger passwords using my handy tipsheet (PDF). If you haven’t had a chance, give it a try. Remembering passwords is much easier than trying to recover a stolen identity!