Editor’s
Note: This is the second in a
three-part series. You can read Part 1 here.
Look for the final installment on Monday, June 30.
JT Evans, as well as being a writer, is
a computer security expert who started programming at the age of seven and has
been a Certified Ethical Hacker since 2009. During his June Write Brain talk,
he covered three main topics: how writers should take care of their computers,
computer security basics for writers, and what the bad guys are doing with
computers.
Computer
Security Basics for Writers
JT encourages writers to think about
computer security as though it were an onion: the best security has lots of
layers, so that if one vulnerability is found, the bad guys can only get
through one layer.
Basic terminology:
Hardware. Physical
objects, such as a keyboard, a monitor, or a hard drive.
Software. Programs
that run on your computer; you can’t touch software (you can only touch the DVD
that it comes on, if applicable).
Malware. Malicious
software. Some current types:
Virus. Software that alters other software without permission in order to replicate itself as well as other functions. You have to take some action for a virus to act (like opening a file); it can’t spread itself automatically.
Worm. Software that alters other software without permission in order to replicate itself as well as other functions. Worms spread through system vulnerabilities; they can infect your computer and spread automatically.
Trojan. Software that looks harmless but really isn’t; it can deliver a virus onto your system. You have to run the software in order for it to do harm (as in playing a game).
Rootkit. Software that installs unauthorized access onto your computer, right down to the root level.
Botnet. A network of computers that secretly have been infected (often using a rootkit) and now take actions that their owners don’t know about, like sending spam. (JT noted that some spammers get $.03 per spam email they send...using your computer.)
Spyware. Software that breaks into your cookies and steals your personally identifiable information, like passwords, SSN, address, etc.
Adware. Popups these days are usually blocked by your Internet browser. So if you’re seeing popup ads on your computer, it’s likely a virus infection made to look like a browser popup.
Ransomware. Software that, once it gets control of your computer, encrypts all your data and demands money before they (hypothetically) give you the password.
Network. Multiple
computers linked together (can be linked in a number of different ways).
Intranet. An
isolated network of computers (as in “My company’s intranet”).
internet (small “i”). A network of networks, usually over a wide area. For
example, a college might have an intranet connecting their computers together,
but they might have internets that connect them regionally or nationally, too.
Internet (big “I”). The network of networks, that
spans the globe and includes the World Wide Web, email, Usenet, etc. Use
Internet as a proper noun--use it as you would a country’s name (e.g.,
“Internet security” talks about security on the Internet, much the same way
“American security” talks about security in America).
Intrusion Detection System (IDS). A burglar alarm for computers; it monitors unusual
activity that gets past the firewall. You must first start an IDS in learning
mode to teach the AI what is normal. If you’re attacked during the learning
period, then you have to reset the IDS and start over.
Intrusion Protection System (IPS). Like an IDS, it monitors your system for unusual
activity that gets past the firewall. However, it can stop the activity as well
as provide an alarm; it can send email updates and ban users from your system
either temporarily or permanently.
For the average user (e.g., not running
a server of some kind), you don’t need either an IDS or IPS; a good personal
firewall is just fine.
If you need more information, you can
go to JT’s website, jtevans.net.
If you’d like a copy of his handouts,
click here.
About the Writer:
DeAnna Knippling is a freelance writer, editor, and formatter married to
a Network Administrator, and she was still embarrassed about some of her
personal security practices after hearing JT's talk. Check out her
personal blog at www.DeAnnaKnippling.com
or her small press at www.WonderlandPress.com.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.