by [TC]²

 

A monthly column of technology rambling, rumination and reality

By: Jud Early, Corporate Vice President, Research, [TC]²

February 2005

Hello, faithful readers,

February already. Calendar pages seem to be flying, and with just a few more weeks of colder weather, spring will be around us. The notion of calendar pages seems so last century. Although stores devoted only to calendars are in malls everywhere, for those of us who live by our Outlook or Notes calendar may no longer relate to tearing off or turning a physical page each month. Technology brings subtle change. Electrons in circuits direct the bits and bytes of modern calendars, saving trees and making it possible to schedule events precisely on days for which a printed calendar don't yet exist, and to do so from almost any point in the world.

Warliss

Toward the end of last year, I needed some debris hauled away. A storm in 2003, and a construction project in 2004 had left four dump truck loads of tree limbs, roots, brush and logs. I contracted with an independent hauler, who came with tractor and truck. Returning after the second load, I noticed that the driver was sitting in the cab and didn't seem to be in a hurry to load the next pile of debris. After a few minutes I went to check on him, and found him to be OK, just typing into a notebook computer. My curiosity was piqued and I asked him if he used the computer for business. Yes, he said, A'm warliss. In this most unlikely spot, and with a less than likely user, I found a technology literate person, who uses both a cell phone and a computer to keep track of his prospective customers, fuel tickets, dump fees, weigh scale tickets and all the other jetsam that collects in such a business. He explained that when he arrives home, he doesn't have to plug in to another computer, but in a shed near his parking spot for the truck, is a wireless access point, and the laptop computer doesn't have to leave the truck at night. We talked about the convenience and wireless security, and I found myself impressed and pleasantly surprised. Are you warliss?

The old saw about a little knowledge being a dangerous thing certainly applies when Wi-Fi wireless is the subject. The manufacturers of hardware have made the creation of home and small office networks almost as easy as plugging in and beginning use. The down side of all this ease in set up is that many folks just don't understand the dangers of an improperly configured network, and especially one that has a wireless access point. Wireless routers are used to connect more than one device to a common internet service, while access points may be used on an existing connected network to provide wireless access to notebook computers, wireless printers, and other 802.11* devices. User manuals instruct how to change the password and SSID of a wireless router, but don't stress the importance. Whether to broadcast or not is the first consideration, and if you decide to broadcast the SSID of your wireless router, select a name for the network that will not be obvious to a passerby who might be seeking an open access point. Encryption of the signal from the remote device to the network is handled by WEP, with either 64 or 128 bit keys. No network in which personal data is present should operate without at least some level of encryption. Be aware that a determined hacker will use tools that can return keys in just a few minutes. Another way in which outsiders may be deterred is to only allow specific MAC addresses to connect to the network. This affords good protection, but makes it more difficult when a visitor wants to access the network, and configuration settings must be changed to allow even a short term connection. If you are operating a wireless network now, and do not know and understand the terms and concepts listed above, you are at risk of giving access to your most private information to parties unknown. If you doubt the scope of the problem of wardriving or rogue seekers of wi-fi access, just visit http://www.wardrive.net/wardriving/tools to see the number of applications that are available to those who want to access your network. It's frightening. A little knowledge can be a good thing, if it leads to learning more, and strengthening your defenses.

Identity Theft

An extensive study paid for by a number of financial institutions found that about one in twenty-three Americans had their identity stolen last year. Visa, Wells Fargo and Checkfree were sponsors of the study, finding that 9.3 million people were affected. Theft of wallets, checkbooks, and mail make up the majority of identity theft, but the Internet is also used by miscreants to mine for unprotected information, who then use that information to run up charge account bills, drain bank and brokerage accounts, and to wreak havoc on the personal finances of victims. It has been reported that from five to ten years is required to recover from such theft, so protection is always less costly that cleanup. The internet also was credited with reducing some of the losses. Those who regularly monitor accounts on line are better equipped to notice any unauthorized change, and report promptly. In so doing, those who noticed and acted were out an average of $500, while those who were first alerted by paper statements lost an average of $4500. It pays to monitor financial accounts on line. Many people fear to do so, feeling that there is a security problem. It is highly unlikely that a security problem will be caused by the bank or brokerage, but may in fact be caused unknowingly by the user. I visit my bank's web access daily. I do not, however, do so when traveling. The possibility of a snoop on the network, or a key logging wireless access point is just too risky.

Wi-Phishing

Those of us that carry notebook computers for travel are occasionally blessed with a free access spot in a hotel lobby, cyber hot spot, or other public location. The public has caught on to the scams of e-mails and phishing sites that are set up just to monitor keystrokes or to install back doors for later access to unprotected machines, but a new danger has been introduced. Before connecting to any open Wi-Fi access point, be sure to turn off sharing on all drives that may contain information that you don't want others to have. Recently, Phishing access points have been discovered near hotel lobbies or coffee shops with free access that use authentic sounding SSID names. The truth is these rogue networks are for the purpose of capturing information and stealing identities. This is also known as “snarfing”. In a reverse of the way that virus-fighting developers set out “honey-pots” to attract virus writers by providing unprotected computers to infect, these wireless access points are open to be joined by all comers, who may be unknowingly giving up private information, and risking not only money, but the cost in time to reverse the damage done by identity theft. Don't fall victim to one of these criminals.

Trojan Horses

Last week a computer worm was discovered, and named Wurmark-F. An e-mail arrives with the promise of a funny picture. When opened, a picture of an old man making funny faces appears. Seeming innocuous, but delivering a nasty payload, the worm installs a Trojan that opens a back door, allowing the hackers to take control of the machine, and log keystrokes. Sophos discovered the worm, and as stated by Graham Cluley, senior technology consultant for Sophos, "If you attach a new, unpatched computer to the Internet, unprotected by proper firewalls and up-to-date antivirus software, then it can easily be under the control of hackers within 10 minutes." Don't risk your private data to some malevolent hacker who may turn your machine into a zombie, spewing spam and other undesired e-mail to the public, while tracking your keystrokes and gathering passwords for sites that you visit. Although I feel my personal network is well protected, I do not allow any applications or web sites to maintain passwords. An ounce of prevention, as they say. To learn more, do a Google search on the worm's name. Don't open attachments that are sent by strangers. Use caution when considering whether to open attachments from known senders. If you must take risks, be sure to keep virus definitions up to date, and hope that you are not the first to discover a new virus or worm.

Spyware and Adware

The first half of 2004 saw a huge growth in the number of spyware infections. The second half showed signs of slowing, but the problem still is rampant. “What's the harm?” you may ask, “It only pops up ads, and I can easily close them”. That's not entirely true. While some adware does only that, other, more malicious code can be installed simply by visiting a web site, or accepting a “free offer”. Once loaded, the spyware can log your keystrokes, and send sensitive information back to its author. If you are not running a personal firewall, your system is at risk from these slimy characters. In our office network we had a couple of users who complained about the slow performance of their computers and the frequent pop-ups that they had to endure. First attempts to clean up the problem used the free adware removal tool AdAware SE. It may be downloaded and used to find machines with spy and ad ware. The initial cleanup found numerous instances of undesirable code, and each was removed. The problem still was not completely cleared, but no further indication of spyware was present. The machines seemed to become re-infected within days, and we questioned the Internet sites that each user was visiting. No improper access was found. In an attempt to stop the re-infection, a copy of AdAware Pro was purchased. After running the free copy and deleting all the undesirable code, the licensed “Pro” version was then run on the same machine, and an entirely new list of offending applications and registry entries was found. After removing these, the machine ran well, and the user was happy. The purchase of another license to use the Pro version on the second machine turned up similar results. After the removal of spy and ad ware from these two machines, no further complaints have been made, although one user makes it a practice to run AdAware Pro daily before beginning work. The bottom line here is that free tools will go only so far. To really get to the bottom of a problem, you must purchase the tools to do the job, and not be concerned with the nominal cost. The time spent in using a slow machine, not to mention the risk of other machines becoming infected, makes the cost pale in comparison to the potential risks. All of our office machines are behind a firewall, and have two levels of anti-virus protection, as well as a spam appliance that traps most of the spam before it can get into our network. This may be overkill for the home user, but personal firewall software is not expensive, (some is free), and it can stop outgoing transmission of information that these malware applications attempt. The use of a hardware firewall for always-on computers is strongly recommended.

And, in closing,

I'm sorry that almost the entire column is devoted to bad news and cautionary words. It is a constant daily battle to keep out the bad guys, and keep in the corporate and personal information that is not to be shared. I've tried to acquaint you with some of the risks, and encourage each of our readers to do their own research, and seek supplemental information to what you have learned here.

Until next time, be safe, compute wisely.

Jud

Library Index | Home

We Value Your Opinion! Please Rate This Article.
How helpful was this article?


Name (optional)

 Comments / Suggestions
E-Mail (optional)