Sunday, February 03, 2008

PC Magazine has The 72 PC Safety Steps -- and more

PC Magazine’s February 2008 issue has a feature story “72 Essential Security Tips: Everything You Need to Know to Protect Your PC,” on p. 71, by Eric Griffith. Most of it is pretty familiar, and I guess, yes, you should buy the mag. (I couldn’t find a link there yet to see the 72 points online, more below). Some are noteworthy. He recommends bidirectional firewalls, and using a router at home if you have broadband service even if you have only one computer for it. He feels that Firefox and Opera are safer than IE because they are not as tempting as targets – that idea can be debated. He gives the good advise on suspicious emails that are probably phishing scams: don’t click on their links, but run the mouse cursor over them and see if the URL displayed by the email program matches that shown (usually it doesn’t). Banks never tell customers to send them personal information in emails. He advises to supervise their kids’ use of computer games (Xbox, etc) carefully. (That may not be easy; one relative of mine thinks that two cats and two dogs -- real live sentient beings -- are much better companionship for a daughter than a computer, and he’s right.) He notes that biometric password access (retinal scans, fingerprints, etc) are likely to be developed quickly for common use in the future. It seems to me that retinal scans could actually have the unintended benefit of possibly detecting eye disease early.

On p 104, there is an article by Larry Setlzer, “Don’t Click That Ad … or Even Look at It: When you go to a Web site, you have to trust everyone it’s in bed with.” He wrote about a glitch in (the English language site for an Israeli newspaper) about unintended redirections, which he traced to bad iFrame coding in one of the embedded ads. A story like this sounds like it could undermine the whole business model for online advertising – the understructure for “free” web content, blogs (like this one), and search engines. Hopefully companies will develop stricter coding standards for the ads they accept (which would include companies that deliver automated ads by sense). “Coding standards” are something every programmer knows about, anyway, even from mainframe days. I haven’t had redirections recently myself, but once in a while, after certain ads (mostly on major newspaper sites or imdb) by cursor starts blinking and jumping until I close Mozilla and restart a new session with it. That sounds like the same thing – some bad code in an ad that is writing over memory or not releasing memory properly.

The online website for pcmag has an article by Oliver Rist, “Your PC’s been arrested – now what? If anyone misuses your network, guess who’s liable”. Yes, guess. The author recommends that employers publish their acceptable use policies and enforce them to the letter, and keep attorneys around. What’s worrisome is the downstream liability issue for home network users (what if it becomes a zombie for a DOS attack) even though we don’t hear a lot about actual cases. People have talked about “downstream liability” for the past ten years; I remember a long discussion about this one time with a technology lawyer and AOL consultant at the Libertarian Party of Minnesota booth at the Minneapolis Gay Pride festival in 2000 in Loring Park, that far back. The link is,2817,2250645,00.asp

Now, here’s the rub. I’m not giving the active hyperlinks on this post because – guess what – got a Yellow Rating (caution) from McAfee Site Advisor today (Feb. 3, during the Super Bowl Halftime show) on my machine, and this blog could get downgraded if I link directly to it. Hopefully, this is a false positive, and PC Magazine will get this fixed with McAfee in a day or two. Check back.

No comments: