How You Can Help Protect
Yourself and Your Children
The following is not intended to be legal advice and should also not be considered expert security advice. Threats to your family's computer are ever-evolving. To protect yourself and your children against the illegal activities of spammers, pornographers, cyber-stalkers, botnet operators, and other criminals, you must keep yourself informed and stay constantly on the alert. Do not assume that your Internet service provider (ISP), computer software maker, or even your virus-detection software is looking out for your best interests. Only you can do that by being alert and taking needed steps.
A computer forensics expert once estimated that 90 percent of all computers may contain illegal material up to and including child pornography.
How could that be? The fact is that there are many ways that child porn or other illegal materials can end up on your computer without your knowledge or intent.
A few examples:
- You or someone in your family visits a legal adult pornography site. Suddenly, pop-up windows start opening so fast you hardly have time to shut one down before another opens. Dozens, even hundreds, of windows might open and some of those might contain child porn. Even after you close the windows, that child porn remains in your browser's cache.
- You or another user of your computer click on a link in an email. A tiny, almost undetectable program installs itself on your machine. Your computer is now a "zombie" or a "bot" that can be controlled remotely by a stranger any time it's online. You might be sending spam, participating in illegal denial of service attacks or storing and transmitting porn without realizing it.
- Do you have a roommate or a relative who uses your computer? How do you know that they aren't visiting child porn sites? How do you know that they didn't visit adult porn sites where malicious code infected your computer or those terrible pop-ups left remnants of child porn? How do you know they aren't participating in peer-to-peer file sharing that is involving your computer in illegal transfers of child porn?
Those are just a few of the ways an innocent person can end up in trouble. There are many more.
A related problem, called "sidejacking," has become so easy that virtually anybody can do it. While a sidejacker may not plant pornography on your computer, he can do many bad things to you including making it look as if you downloaded illegal materials. The sidejacker looks for an unsecured wireless network in an airport, an Internet cafe, or even a neighborhood. Using a simple browser add-on that anybody can download, he watches the activity of everyone on that network. If you input a username and password, he's got you. He can now use your login information for his own purposes. And you can bet those purposes won't be good. He could steal from you. He could download porn using your identity. He could harass or stalk people while pretending to be you.
A thorough computer forensic examination by an impartial examiner might show that show that you weren't the guilty party. But an exam like that costs thousands of dollars. Since police and prosecutors rarely do those exams, you'll be the one bearing the cost. And by then you or your child! might already have been arrested, lost a job, and had your good name dragged through the media.
To prevent a disaster like that from befalling you or someone you love, you need to take steps to prevent criminals from gaining access to you computer.
Most people probably think that only an expert can ensure computer security. To a certain extent, that's true.
Even "experts" can't secure their computers against the most determined hackers, as the case of security firm HBGary, which was targeted by "hactivists," showed. But your greatest danger most likely isn't from a dedicated hacker targeting you. Your greatest danger is from some creep using automated tools to search the Internet, looking for millions of people who haven't protected their systems or who aren't practicing "safe surfing."
You are likely to be a random target a target of opportunity. Your innocent mistakes or acts of carelessness can, and very likely will, be used against you.
Computer crime is not a minor problem! In late 2010, Microsoft reported that more than two million computers in the United States alone had been taken over by botnets. Two million "zombies." Two million "bots." Two million innocent families who could potentially become victims and be accused of crimes for things their computers are doing that they don't even know about.
And "zombie" computers are only one part of the problem of computer crime.
So how do you protect yourself against such big threats?
The first mistake ordinary computer owners make is to assume that "experts" are already protecting them. We like to imagine when we buy a computer, add anti-virus software, or update to the latest browser, that other people people who know more than we have already closed all the security holes, detected all the viruses that are possible to detect, and pre-set all our browser settings to guarantee our security.
Not so! Far from it!
That's exactly how the Bandy family fell victim.
The fact is that we must be our own and our children's first line of defense against criminals in cyberspace.
The good news is that, while it does take some effort on our part, and requires constant watchfulness, it doesn't have to be painfully difficult.
Some simple self-protection steps include:
- Talk to your children about the potential problems. Make sure they understand.
- Set up a username and password to control access to your computer so that no one but you can use it.
- Set up a separate user account, with a different username and password for each member of your family. That insulates each user from the mistakes of the others.
- Never, ever use the main Administrator account for your day-to-day surfing, instant messaging, or email. The admin account has powers you don't want a criminal to control. An attack on your non-admin accounts is less likely to succeed and any damage will be limited.
- Never click on links in emails.
- Never input personal data, including usernames and passwords, on an unprotected wireless network. If you must, make sure that the address line in the browser starts with https instead of just http. The "s" means your connection to that particular site is secure. (Not all sites support https, but banks and other security-conscious sites do.)
- Set up a firewall on your computer to guard against intruders who search via the Internet for vulnerabilities. Your operating system probably already came with firewall capability; you just need to find it and set it up. Or Google "free firewall" to download third-party firewall software. Make sure that the firewall you choose has a good reputation. Check for user reviews. And "when in doubt, block it."
- Buy and install reputable anti-virus software and subscribe to updates. Keep in mind that viruses and malicious trojans can evolve faster than the software can catch them. So don't just install anti-virus software then get lazy. You should still practice "safe computing" and make sure that all the other users of your computer do the same. Set your anti-virus software to pull in updates daily.
- Set your browser ("preferences" or "tools") to block pop-up windows. Or add a pop-up blocker to your browser. (Again, Google "free pop-up blocker" for more information and choose a blocker that's been well-reviewed by others.) Some pop-up windows are harmless and useful; the main thing is that you should control who can open pop-ups on your machine.
- Make sure that "safe search" is selected on Google or any other search engine you use. Most search engines choose "safe search" by default but doublecheck. Safe search will keep most "adult" sites from showing up in search results.
- Consider installing filtering software to prevent children from accessing sexual material. These programs are not perfect. They may also end up blocking excellent, but controversial, sites that you may want your older children to be able to access, and they may miss some dangerous sites. But they can be reassuring for parents of little ones and can prevent many problems.
- Maintain reasonable alertness and caution any time you're online. Look for obvious danger signs an email that claims to be from a major U.S. company but it loaded with spelling errors, a sudden system slowdown or spikes in hard-drive activity that could indicate unauthorized activity on your computer. Avoid "adult" sites and be extremely cautious if you use peer-to-peer networks. Learn to trust your own instincts. If something feels or looks wrong, it probably is.
- Download the latest security updates offered by the maker of your operating system, your browser, or you anti-virus software.
- Periodically monitor the use of your computer by others in your household especially teenagers. It may not seem nice. (And it's probably better to do it openly than to appear to secretly "snoop.") But perfectly normal teen curiosity was what got Matt Bandy in trouble.
The above list is not intended to be comprehensive. These are just a few of the basics that apply as this article is written. Computer self-protection may in fact, will change rapidly as both criminal tools and protective tools develop.
A threat that plagues cyberspace today may be neutralized by better software, better awareness, and better habits tomorrow. But five new criminal threats will take its place more sophisticated, harder to detect, and harder to combat.
No, you don't have to become an "expert" to protect yourself. But you will always have to take a few basic steps before you or your children go online. You will always need to practice safe computing. And it is your responsibility to make yourself aware of the safest settings for your software and the latest security upgrades available to you.
Remember, only you can defend yourself and your family. There's no expert to look over your shoulder. But you can bet that some criminal is watching and will exploit you through the Internet if you leave an opening for him to get in.
Don't let the criminals win.