Saturday, November 13, 2004

Honey, did you neigh?

Published on 12-Apr-2001, at "" (a business and technology Israeli site). Translated from Hebrew by "".

Jet fighter pilots have a saying: It's the one you don't see that shoots you down. I think that maxim applies to many walks of life, including information technology.

My PC is my castle
People tend to take data security for granted, especially on their own PC. The average household isn't exactly Fort Knox, so who would try to hack them? What do they have of value that could be stolen from their home computer?

True enough. But before deciding whether and how much to invest in data security, you should know the facts.

On the one hand, installing security elements, physical or digital, makes operations more expensive and cumbersome, whether it's a lock on the door or a password that needs typing in. Everybody has to fine the right balance for himself.

Guess who's coming?
On the other hand, home users see only the interface, not the PC's operating procedures. The PC doesn't show them what it's doing under the surface. When a hacker decides to target your PC, the screen usually doesn't display a message saying "Your PC is now being controlled by Moshe. He is now deleting your resume from the hard disk." Unless the hacker is a raving egomaniac, of course.

At home, I use a 24-hour connection. I also use the personal firewall made by Zone Labs – Zone Alarm. This cute little freebie has a zone displaying all the connection attempts that the product prevented, whether from the outside to your computer, or from your computer to the outside -
such as by a Trojan horse.

A Trojan horse is a piece of software nefariously and secretly installed in your PC that can give a hacker remote control over your hapless machine.

Honey, who neighed?
During the average 24-hour period, there are about 50 attempts to connect to my PC. Most are attempts to connect to remote-control software ports or Trojan horses.

Ports are entrance or exit points associated with an Internet protocol address. To compare an IP address to a house, they're like doors into the house. But each IP address has about 65,000 doors.

So what, you shrug. In any case, in order to function, a PC needs software allowing external connections.

Sure. But do you know if you have a Trojan horse and what it's doing at night?

Say you don't have a Trojan horse. But think of your PC as your home on the Internet. Would you like it if people tried to break into your home 50 times a day? One maybe tampering with your door-handle, another prising at the mortar, a third taking a blowtorch to the bars protecting the kids' room? And what if one of these turkeys succeeds, are you counting on him turning moral and staying outside?

To delete, just follow 1,633 easy steps
Now how can a hacker install software on your PC, you ask.

Easy. Here are a few examples or benign, but annoying, commercial programs that install themselves on your PC, via your browser. (But they politely offer you a way to delete them after they've barged into your awareness without your permission).

The first is Hotbar, which decorates your browser interface. Hotbar is pretty aggressive. If you click on Click to Continue on its home page, the software will be installed immediately without your explicit request or even notification.

Another is Comet Cursor, sold to companies that want to garnish their websites. The moment you go into a site equipped with this software, it gets installed on your PC (again, no approval requested, or notice given). It creates graphic mouse cursors when using the browser.

But that's just aggressive marketing, not harm.

Have you visited any sex sites lately?
Who, me? You shudder.
Okay. I did you the favor of going there myself. Somebody has to do the dirty work.

Analysis of the divisions and links in sex sites reveals that many offer exe files. Only their makers and the sweet Lord know what these exe files do when you click on the link and set them off (sometimes it's a default file activated when you enter the site, you don't actually have to click on anything to run the file).

I haven't even gotten to the horror stories regarding Java and ActiveX scenarios, or viruses appended to emails.

Understand this: The moment you link up to Internet, your PC is part of the network. If you don't build a fence, your computer is the public domain.


Post a Comment

<< Home