F.C.U.K.

Week of September 5, 2005

Fraud control in the UK.

Britain is currently experiencing an explosion in broadband. Britain is also currently experiencing an explosion in online fraud. People connecting to the Internet there are getting hit like nowhere else. Britannia is currently the hacker's paradise of choice.

A Few Basics

Most people will be connecting with Microsoft Windows. This is not good. It is not good because Windows offers no fundamental protection against fraud attacks. All Microsoft and the cottage industries can do is 'chase' the hackers from one hole to another and try to plug it up before too many people get hurt. The Windows system itself offers no protection as it should.

Compensation for the weak Windows system is in order - unless you're prepared to abandon Windows today. But abandoning Windows today means you either have to scrap the computer hardware you just bought, scrap all the files you've put on your hard drive (or spend hours backing them up), or scrap the operating system itself and grapple with something more difficult such as a Linux distribution.

Linux is a branch of Unix by Linus Torvalds of Finland. It is very popular - and very secure. It's been on the moon. So it's good. The problem for the home surfer is that it can be difficult to set up to run. It's not 'turnkey' as the expression goes. You might have to hunt for 'drivers' for your 'peripherals' to get your sound and printing stuff working properly. It can be trying.

You could get a Mac. Macs aren't that expensive, and Apple's OS X is at least as secure as Linux. But getting a Mac means abandoning the computer hardware you have; with Linux you can use the same hardware.

It's your choice. If you stay with Windows, you have to be vigilant to avoid disaster - something you don't have to worry much about with Linux or a Mac.

1. Static IPs are no good.

An IP address is the way the Internet identifies you. Some providers give you a static IP - an IP that never changes. This is no good. It means hackers can scan the Internet for likely victims, find you, make a note of your IP, and come back to attack you at a later time - and you'll still be there like a duck in water. Talk to your provider and make sure you don't have a static IP. Find out how you determine what your own IP is and check it regularly to see it's changing.

2. You need a firewall.

The best kind is the hardware firewall. Several popular vendors such as Netgear offer excellent routers for broadband with a firewall built in. This is what you'll benefit most by.

Learn what 'ports' are and turn off all your ports. Have a friend who's adept at this conduct a 'port scan' of your computer to make sure nothing's open.

3. Ditch Internet Explorer today.

Do not surf another minute with that deathtrap. Internet Explorer is the single greatest cause of people losing their life savings, bank account balances, and identities on the Internet. It was completely condemned over a year ago by the United States Department of Homeland Security as dangerous for that nation's best interests. So get rid of it.

Your best alternative is the excellent free browser called Firefox. Firefox is available for free download from the following URL.

http://mozilla.org/

When you get rid of Internet Explorer, you also have to get rid of all applications that are dependent on its technology. The Microsoft electronic mail program Outlook is such a program, as is the mail program Eudora. Do not use any programs that use the same dangerous underbody of code as Internet Explorer. Many of the great worm outbreaks on the Internet relied on Outlook and similar programs.

The people who make Firefox also have an excellent mail program called Thunderbird. It is also available at the same site. Download it now and do not use Outlook ever again - not a single time.

http://mozilla.org/

4. Surfing security is everything.

So-called 'client-side' technologies are not only antiquated, they're directly dangerous. 'Client-side' means some kind of code will be running on your computer rather than the remote web server you're visiting. This is not good.

The most prevalent and dangerous client-side technologies are Java and JavaScript. Fiddle around with the settings in Firefox and figure out how you turn off these things.

There will be occasions when you will be forced to use Java and/or JavaScript (at least the latter). But you will know when it is safe to do so: the important thing is you don't leave them on all the time, as you can get infected before you know what's happening.

You don't want your computer accepting cookies either. Cookies are another client-side technology. They're replaced adequately today but a number of sites still use them. They're used for tracking: they're used by big multinationals to track what you surf to and record your online habits, and then all this information is sold to other companies.

Never partake in any online surveys or sweepstakes or anything such. These are all scams on one level or another. Worse: if there are cookies on your computer, these people can then correlate a cookie to a real individual with a real name, address, and telephone number. By which time you are truly toast.

Make sure you figure out how to delete all your cookies in your new browser. Never let cookies remain from one session to another, no matter the inconvenience, and always have cookies turned off by default. No exceptions.

Of course all the above holds doubly for electronic mail. Never Java and never JavaScript either - and check in the settings for Thunderbird how you turn these features permanently off.

While you're in your mail program's settings, see if you can find a way to make sure no web references are resolved. Sometimes you get funky mail sent as HTML with a lot of sleazy images and such that actually come off the Internet. This construct is never to your advantage. What you want to see if someone sends you HTML mail is nothing but blank rectangles where images and such were supposed to be - you want to make sure your computer doesn't go out onto the Internet looking for them. That 'technology' is very similar to tracking with cookies and potentially even more dangerous. If you are being spammed, the people sending the spam can then know you are a 'live one' - that is, your mail address works - and they can sell the address for a higher price to other groups working with spam. And so forth. And of course as soon as your computer goes out onto the Internet in search of images, you are identified through your IP. And that isn't good either.

Finally, make sure you've turned off HTML. You neither want to send nor receive HTML mail. Sending HTML mail is extremely rude and 'lame' and receiving it can be dangerous. Have you ever seen 'raw' HTML code? That's what you want HTML mail you receive to look like: that means that any furtive commands in the message have not been activated. It means you're safe. If you get too much HTML mail, then send it back to your friends exactly as you see it and tell them to get with the plan too.

Never respond to a spam. A lot of times those messages are just 'probes' - they're trying to see if you 'exist'. A lot of times they don't actually have your address - they're just 'enumerating' possible addresses to see if they get lucky.

A lot of tricky characters try to make you think they're honest, having a so-called 'opt-out' address you can write to if you don't want anymore mail from them. But if they were honest, they wouldn't have sent you anything in the first place. Again, a reply to such an address is actually like saying 'please put me on your permanent spam list'. Do not reply - no matter what.

You might want a spam filter if your mail program doesn't have one, and the best - albeit a bit difficult to set up - is K9 [sic]. It is available at the following site.

http://keir.net/

5. Avoid suspect technologies.

There are many cool things on the Internet but not all of them are good for you. Chat programs, file sharing programs and the like can be dangerous.

Many file sharing programs come with their own trojans. That's how they make money off you. Trojans are stealth programs that sneak onto your system and try to hide their presence, even going so far as to overwrite important Windows system files. Naturally you want to avoid this ever happening.

The cold hard facts are that most file sharing systems today are laden with trojans and other subtle 'catches' so avoid them. Buy your music on the High Street instead - this is not about what is right and wrong but about what is safe.

Chat systems can also be dangerous because they give hackers an opportunity to hone in on you: determine your IP address and probe your computer for weaknesses. If you are running a system which needs you to maintain an Internet connection, then while you have that connection you will have the same IP. And while you're chatting away innocently with someone anonymously over the Internet, that someone can actually be inside your computer sealing your fate.

Recovery

What do you do if you've been had? If despite all you've been compromised? And how will you know for that matter that you've been compromised?

You might not. Millions of computers on the Internet today are used daily in spam attacks, so-called 'denial of service' attacks, and the like - and their owners are not at all aware of what's going on.

A company called Lavasoft have for years provided a free utility that scans your computer for compromises and quarantines any suspect code it finds. The program is called 'Ad-Aware' and it is available at the following site. You should run this program regularly - ideally once per day. As its output can be quite technical, do not take any chances: have it run the most complete scan and let it quarantine any suspect code it finds.

http://www.lavasoft.com/

This site has an excellent suite for cleansing systems as well. It's called the 'E3 Security Kit' and it's fairly advanced. It's perfect if you're an administrator who wants to set up cleansing routines for an entire company, and of course it's very thorough; but you might find it a bit challenging the first time through. The great advantage is that once you've configured it to run as you want, you basically just 'double-click' after that and it's all automatic.

http://radsoft.net/gallery/e3/

The one product is not a substitute for the other, however: the E3 Security Kit explicitly is after making a 'clean machine' rid of gunk and possibly hacker code; whilst Ad-Aware specifically targets 'adware' or spyware as it's called today, a form of trojan.

Anti-virus?

One might wonder why there's been no mention of anti-virus suites. The importance of 'AV' utilities is greatly overblown. With care you will never get a 'virus' per se.

This is not to say you shouldn't have adequate AV utilities on disk: you should. But you won't necessarily need to run them all the time as many of them want to do.

When these AV programs run all the time, they cause any number of problems, and at the very least slow down your computer considerably.

What you must remember instead is that anytime something is entering or exiting your computer, you need to perform an AV scan. Are you downloading something from the Internet? From a web mail account? Scan it. Are you sending something to a friend with your own mail program? Scan it first before sending. And so forth.

You'll most likely not need your AV program turned on all the time and your computer will run a lot smoother.

And do not do anything confidential on a Windows computer. Ever. Period. Do not ever do online banking, do not store sensitive information of any kind on the hard drive of a Windows computer, do not transact anything where your identity is out there. Not on a Windows computer. Yes, you are taking every precaution you can, but with Windows - as opposed to almost every alternative out there - you can never be safe.

So be safe - rather than sorry. So you can enjoy your broadband - and not be hurt by it.

See Also
Ad-Aware
E3 Security Kit
Firefox & Thunderbird