Computer Security Basics. Part 3
Rule 8: Privileges and Permissions
You can’t break what you can’t touch
The next way to protect your computer is to properly use privileges and permissions. That means every computer has an operating system with users having different permission levels built into them. So the main user at any computer is considered to be Administrator, or what is called a root account on Linux or other Unix-like operating system; and this user can do absolutely anything to the computer – create files, delete files, modify files, format hard drives – such users can do anything they want.
Further on, there are different levels of users underneath the Administrator or Root user. In Windows, there is a “user” user. The “user” user is able to use everything on the computer, but is not able to install software or to make major changes that might damage the computer. So if you want to try to protect your computer more, instead – as everybody always tries to log in as an Administrator user – create a “User” user account, and log in as that user. The reason why this is important is that when you go on the Internet and a virus comes into your computer, that virus starts up when it activates and will have the permission level of whoever the computer users on that computer.
So, if that virus activates in your Administrator, that virus has all the privileges that you have, so it can do whatever it wants on your computer; on the other hand, when the virus comes in and you are logged in as a user, you do not have any rights to add or remove programs or do major changes, so it also will not be able to do that. So, if a virus comes in and you are logged in as an administrator, it can cause all kind of harm to your computer. Where the virus comes in and you are logged in as a user – well, it may delete a few files, it can do some annoying stuff, but it will not be able to do completely all the harm that it could do if you were logged in as an Administrator.
So, the next thing you need to learn and to play with are the permissions and privileges for the different accounts within your OS and try to make sure to never log in as Administrator, for otherwise you make your entire OS vulnerable.
Rule 9: Site Advisor
Do you really want to go there???
There is something called site advisor that you may use to ensure you do not go to that bad evil websites hosting viruses and spyware. What a site advisor does is it has a database of all the bad websites out there, and it tries to prevent you from going to one of those bad websites by accident.
Basically, as you do searches with Yahoo or Google there will be marks indicating whether sites are good or bad by marking these with thumbs up or thumbs down. If there is a thumb down or a right sign, this means the website is bad, so if you click it you first need to go to the page that says “Do you really want to go there? We advise you not to go, for there are viruses or spyware or porn content, etc.”, so basically if you are randomly clicking through the Internet and get into a bad website, instead of getting a virus you can navigate away and not go there.
If you still want to go to that website in question, you may click “Yes, I know” and go there anyway, but then you may get viruses and spyware.
Site advisors are really nice little tools to prevent you from accidentally going to some stupid places. McAfee has a site advisor for free, and there also many free pieces of software out there, so if you do a Google search you will come up with 5 or 6 options.
Rule 10: Internet Explorer and Web Browsers
If to consider surfing the web you need to also talk about what web browser you use. A web browser is a program you use to go to whatever page you visit, whether it’s CNN.com, Yahoo.com, Google.com, etc. You go there using Internet Explorer, Google Chrome, Firefox, Apple Safari, and any browser out there, there are probably 50 different browsers.
The main browsers are Internet Explorer, Firefox, Chrome and Safari. Internet Explorer is not recommended to use when you do the majority of web browsing. The reason is that Internet Explorer does a lot more than simply browsing the web.
Way back when Microsoft was engaged in a lawsuit, and the courts were trying to tell Microsoft that they had to remove Internet Explorer as a main component of Windows, Microsoft said that Internet Explorer was a main component of Windows, thereby could not be removed without damaging the OS.
And now that is the case, Internet Explorer allows your PC to connect to other PCs in a way that other browsers do not allow. So using Internet Explorer you can use its ActiveX Controls to create little programs within Internet Explorer, you use Internet Explorer to remotely control other computers, or have your computer remotely controlled. This option offers a lot of functionality, but because it does so many things, it offers a lot of security holes.
So Firefox or Google Chrome, all they do is they browse the web, these go to websites and show you websites without giving you remote control to that website, do not allow to do weird FTP and other services with those websites. All you are allowed to do is go and view the website.
So there is not a lot of what hacker can attack with Chrome, Firefox or Safari, because the worst thing they can do is make you go to a different website or they can sort of play with you a little bit, but they cannot get into your computer; with Internet Explorer it is different, because it has all that functionality, hackers can go through Internet Explorer and get straight into your computer causing all kinds of havoc, they can install software, transfer files because functionality of Internet Explorer so provides.
So the suggestion is to use Firefox, but basically any browser but Internet Explorer. So if you are going to Yahoo or Google or you are looking for something in some third world country in the Middle Africa, use Firefox.
There are some websites that require using Internet Explorer, so if they do you need to use Internet Explorer; but generally do not use Internet Explorer as your web browser.
Rule 11: Keep Your Computer Safe
So, there are some thoughts on how to keep your computer safe:
- Make sure that all of your updates are done for your OS and all of your software;
- Make sure you have current AV subscription and you have correct antimalware software on your PC;
- Make sure you have functional firewall;
- Make sure you use permissions properly, so try not to log in as Administrator, try to log in as a normal user;
- If you are going to surf the Internet, make sure you have a site advisor that tries to protect you from websites you do not want to go to;
- Try not to use Internet Explorer – use Firefox or Chrome or Safari.
Perform those steps – and you should do pretty well!
Besides, make sure that if you are using one of those Internet security suites it does not totally kick you off the Internet, it does not protect you too much, because there is a real tendency inherent in all those security suites to keep your PC so secure that even you cannot do anything to it, so just be careful if you buy one of those suites.
So, if you follow all of these advices, your computer should be safe, you should have good time surfing the Internet, you do not need to worry about all those hackers.
Final Thoughts: Safe is Relative
Don’t Be Your Own Worst Enemy
One of the things to remember about Internet or computer security is that you can never be 100% secure. And you also need to realize all the pieces of software or hardware or procedures that you use to be secure also have downsides so that firewall can keep hackers from coming in, but they may end up keeping you from using software that you normally use.
So, something to think about when deciding how to protect your computer or your network is just to keep at the back of your mind that:
1. You are never 100% secure, and
2. If you install software or devices, make sure you do not make the use of the computer more difficult. So, if you install Internet security suite but it stops you from using the Internet, that’s no good, because you need to use the web – obviously.
If you are an IT Administrator for a small company and you try to secure the network, or you lock the things to that point that your users or you cannot use the software or services that you want to use, then those security procedures probably do not help you at all.
So, just one thing to think about – you can never be 100% secure, and the more security you put on the system, the more problems you also create. This is the consideration to be taken into account as you are deciding what to do.
Posted in: KnowledgeBaseLeave a Comment (0) ↓