Fire! Fire!

A firewall is the most confusing aspect of computer security for the novice. Most of us know what an anti virus or anti spyware tool does. But the action of a firewall is not immediately apparent. For the truly ignorant – no a firewall doesn’t stop computer fires! We hope you never go that route.

Basically a firewall is either a software or hardware that blocks malicious attacks on your computer that come through the internet. All you need is to be connected to the internet for the attacks to begin. It doesn’t matter if your browser is closed and you are not really using the computer. There are millions of zombie like PCs on the internet constantly scanning the net to find a vulnerable computer. Its like a car thief walking down a road and trying every car door. Sooner or later he will find an open one. If your computer is connected to the internet they will find you and fast.

Without a firewall you will probably last five minutes before your machine has a malware on it. Anti virus wont protect you in this case.You need a firewall. The good news is if you are using Windows XP or Vista there is an inbuilt firewall to protect your machine. If you have a broad band router then by default it also should have its own firewall. But sometimes this is still not enough. Many anti virus programmes include their own firewall and these are very uptodate and effective. Check out your antivirus and see if it has complete internet protection. That should include a firewall.

If you just want to check if your windows firewall is on then go to the control panel and click on firewall to see if ON is checked.

If you want a free firewall then zone alarm is the way to go. I tried it out but uninstalled as obviously I wasn’t one happy customer. It started off well but then it started blocking just about every site I accessed and I didn’t want to always fiddle with the grant access controls. That got on my nerves so I uninstalled. Others swear by it. Let me know what you think.

Tip for the week

We all hate those advertising pop ups. Even with the pop up filter on they manage to get past it. Clicking on them to close might lead to downloading a trojan or worse. After all ,they know you will click to close, so why not make it interesting all round. One way to close the pop-up is to hit CTRL + W on the keyboard. Pop up gone!

Phishing and Spoofing!

We’ve all heard of it but what exactly is it?

Phishing (reminds us of fishing) is trying to get your personal information or bank/credit card passwords to commit a fraud. How does it happen?

First you receive an email from your bank or credit card company asking you to act immediately on the message. There is generally a sense of urgency – they are going to close your online access, they need re-confirmation of your personal data, your account is blocked till you reactivate it etc. There is also a link to take you to the company’s website. When you click on the link you are indeed taken to a website which is very similar to the genuine one. This fake website is called a SPOOF.

Once you fill in your personal information on the forms they so helpfully provide, a criminal now has access to your account.

Merely clicking on the link and going no further can also mean trouble, for the click could download a program to your computer to log your keyboard strokes. This is called a keyboard logger and the information is sent to a criminal ring who will analyse it and wait for the time when you login to your accounts. (Nobody wants to read your letter to Aunt Jo, but they all want your logins and passwords!)

So how do we protect ourselves from phishing and spoofing?

First, never click on links provided by emails. Preferably don’t even open such emails.

Banks never ask for this type of information through email. If in doubt contact your bank before taking any kind of action on the internet.

Its very easy to spot a fake email from the Bank of Sri Lanka if you have never had an account there. But when you get one from a bank where you do have an account is when to watch out and not trip up. Spoof websites have become very clever and the logos and padlock etc are all there to reassure you and draw you in.

Monitor your accounts regularly and when you sign in make sure you type out the URL each time. Boring but necessary.

Your bank will tell you on your account page when you last logged in.

Check to make sure you did indeed login at that time.

Never store passwords and other key information on a computer. The good old book and pen are the best bet.

Have a good antivirus and update regularly.

Change passwords every few months. Most of us are lazy and stay with a password forever.

Should the worst happen and you have been the victim of internet fraud contact the bank or your credit card company immediately. Most have insurance against this type of fraud and when you signed up for online banking they have agreed to refund the money to you in case of fraud, provided you notify them within a specific time and sign into your account at least once a month or once in two months, depending on their policy. Which means, don’t leave online accounts dormant but sign in at least once a month. Otherwise the fraud refund guarantee could be invalid.

Your laptop files open to inspection.

Travellers have increasingly found their cell phones, lap tops and even MP3 players seized by airport officials for full inspection. Not just stick them in the plastic tray for screening. But a thorough going over of the contents. If you have password protected them, you will be asked to give them your password as well. Dont bother protesting. Its been ruled legal. Some travellers have complained they have never got back their equipment. Others have been arrested on the spot for carrying prohibited porn pics. Business travellers will have a hard time as company information is often confidential. Some companies are sending travellers with all but blank laptops. All files they access through the internet at destination. This is the trend and its only going to get worse according to current forecasts.

Does delete mean gone forever?

What happens when you sell or give away your cranky old computer and get a new one? So you removed all your files and being somewhat paranoid even reformatted the hard disk. Is everything wiped forever? Sorry - the answer is not. Short of taking the hard disk out and breaking it in two, nothing is wiped forever and if somebody really wanted to retrieve your information they can do it despite the reformat. Bears thinking about before you donate or sell that old computer that had your bank records, the page where you saved all your passwords, love letters you regret or whatever is likely to haunt you from the past!

Bye Bye XP

XP is on its way out. As for now the June 30 deadline is valid. Which means Vista is here to stay. HP, Dell and Lenovo have all said they will downgrade operating systems on new machines from Vista to XP at customer request and will continue to do so until 2009. If you are buying a new computer and want XP ask for it. Of course all this is moot if Microsoft backs down and gives XP an extension.

Will you be forced to upgrade? Not really. But new software might work better with Vista. So in time it would be hard not to upgrade to Vista.

Can you run both Vista and XP on the same computer? Yes, if you are feeling brave you can partition and run both.

As for me I really dont see why anyone would want to stay with XP. At least try Vista. I have - and never looked back.

Hi from Nimmi

Hi Everybody,

Geek for Fun is my tech for non techies blog. There will be how to hints, latest geek news, and discussions on common computer problems. You are welcome to send in your comments and contribute. Y'all come back you hear!

Nimmi