Tuesday, March 08, 2005
The Year of Surfing Dangerously
You see that tagline about being a low-tech guy? I'm really not kidding. Here's some proof: for the past four years I haven't had high-speed Internet at home. True story.
Now, there are reasons, of course. First off, I have two kids under the age of four, so home time generally means home time. Parking my butt in front of a computer after dinner would be a one-way ticket to Divorceville. Second, I live 4 minutes from work. If I really need to do something, I'll go and do it. Third, I'm generally pretty cheap. :)
So, things change (ie. my new company will pay for it) and I ordered a new 'Ultra' high-speed service at the house. It's great, almost 5Mbps downloads...sweet. What really hit home after the install was how much things have changed since the last time I had highspeed (2001).
This particular flavour of highspeed came with a free installation. I figured it would be pretty simple, but it's included, so what the hey. Our installer was a nice guy from a local cable puller. He seemed quite competent in installing cables and wall-jacks, but I had the distinct impression he didn't know a hub from a switch from a router. No bother, everything went well, and within no time I had scanned the instructions and started surfing. It took me at least a full minute before that nagging voice hit me - 'hey - you're surfing unprotected on a public IP!'. Woah! Caught up in the euphoria, I forgot the most basic of security basics. After all, this PC had been living a quiet and isolated life...he wasn't ready for the big city!
So - what tools does a cheap guy like myself use for safe surfing? Well, I made a few stops. First, ZoneLabs for a copy of the Zone Alarm personal firewall. Next, Windows Update for the newest patches. Third, Grisoft for the AVG free virus scanner. Google for the pop-up blocker, and lastly back to Micrsoft for the Anti-Spyware beta.
I felt considerably safer now, but it didn't take long to see what a hassle this is for home users. Unfortunately, most of these tools are still not at the right level of user-friendliness for most home users. The Anti-Spyware tool pops up with a warning: services.exe is trying to access the Internet...hmmm...guess I'd better allow that just in case. And so on. Despite my best intentions, I still think our computer is quite vulnerable, simply because most people using it are just going to 'allow' on any warning that happens to pop up. It's human nature...you're not sure what the message means, you don't want to break anything, you assume that there's no problems, and presto you're whacked with Spyware or a virus, or whatever.
It also really stuns me what little responsibilty the ISP takes in all this. They're unleashing thousands of unprotected surfers at 5Mbps without so much as a 'be careful'. It's like handing the school bus keys to the town drunk and not even checking if he has a license. Accident Waiting to Happen (tm)
I'd really like to see some stats on the infection rates and malware propagation rates of corporate users vs. home users. As IT professionals we put complex and well-crafted means in place to keep our users safe, while home users are spreading email worms and launching DDoS attacks willy-nilly. It boggles my mind that a worm like MyDoom can cause so much damage, and yet the prevention was completely 'computers 101' - "Don't launch the attachment".
It seems to me that two things have to happen - ISPs need to take more responsibility. I don't think that they should begin restricting their customers actions, but they should at the very least provide some guidance, some training, and some suggested free software to use. They should also all offer optional malware scanning, at no extra cost.
On the flipside, I think that software vendors need to work to make their tools as easy as possible, and as self-exaplanatory as possible. I'm hopefull that in future my personal firewall won't tell me that services.exe is accessing 123.4.56.7:DNS, but rather will explain that my PC is making an outbound DNS request to my configured DNS server.
I remember helping my first company setup it's Internet connection. We had a whole Class C to oursleves, and we all surfed on public IPs with no firewall. A simpler time perhaps...but unfortunately long gone and not likely to return. In the meantime, we all need to step up and be vigilent.
Now, there are reasons, of course. First off, I have two kids under the age of four, so home time generally means home time. Parking my butt in front of a computer after dinner would be a one-way ticket to Divorceville. Second, I live 4 minutes from work. If I really need to do something, I'll go and do it. Third, I'm generally pretty cheap. :)
So, things change (ie. my new company will pay for it) and I ordered a new 'Ultra' high-speed service at the house. It's great, almost 5Mbps downloads...sweet. What really hit home after the install was how much things have changed since the last time I had highspeed (2001).
This particular flavour of highspeed came with a free installation. I figured it would be pretty simple, but it's included, so what the hey. Our installer was a nice guy from a local cable puller. He seemed quite competent in installing cables and wall-jacks, but I had the distinct impression he didn't know a hub from a switch from a router. No bother, everything went well, and within no time I had scanned the instructions and started surfing. It took me at least a full minute before that nagging voice hit me - 'hey - you're surfing unprotected on a public IP!'. Woah! Caught up in the euphoria, I forgot the most basic of security basics. After all, this PC had been living a quiet and isolated life...he wasn't ready for the big city!
So - what tools does a cheap guy like myself use for safe surfing? Well, I made a few stops. First, ZoneLabs for a copy of the Zone Alarm personal firewall. Next, Windows Update for the newest patches. Third, Grisoft for the AVG free virus scanner. Google for the pop-up blocker, and lastly back to Micrsoft for the Anti-Spyware beta.
I felt considerably safer now, but it didn't take long to see what a hassle this is for home users. Unfortunately, most of these tools are still not at the right level of user-friendliness for most home users. The Anti-Spyware tool pops up with a warning: services.exe is trying to access the Internet...hmmm...guess I'd better allow that just in case. And so on. Despite my best intentions, I still think our computer is quite vulnerable, simply because most people using it are just going to 'allow' on any warning that happens to pop up. It's human nature...you're not sure what the message means, you don't want to break anything, you assume that there's no problems, and presto you're whacked with Spyware or a virus, or whatever.
It also really stuns me what little responsibilty the ISP takes in all this. They're unleashing thousands of unprotected surfers at 5Mbps without so much as a 'be careful'. It's like handing the school bus keys to the town drunk and not even checking if he has a license. Accident Waiting to Happen (tm)
I'd really like to see some stats on the infection rates and malware propagation rates of corporate users vs. home users. As IT professionals we put complex and well-crafted means in place to keep our users safe, while home users are spreading email worms and launching DDoS attacks willy-nilly. It boggles my mind that a worm like MyDoom can cause so much damage, and yet the prevention was completely 'computers 101' - "Don't launch the attachment".
It seems to me that two things have to happen - ISPs need to take more responsibility. I don't think that they should begin restricting their customers actions, but they should at the very least provide some guidance, some training, and some suggested free software to use. They should also all offer optional malware scanning, at no extra cost.
On the flipside, I think that software vendors need to work to make their tools as easy as possible, and as self-exaplanatory as possible. I'm hopefull that in future my personal firewall won't tell me that services.exe is accessing 123.4.56.7:DNS, but rather will explain that my PC is making an outbound DNS request to my configured DNS server.
I remember helping my first company setup it's Internet connection. We had a whole Class C to oursleves, and we all surfed on public IPs with no firewall. A simpler time perhaps...but unfortunately long gone and not likely to return. In the meantime, we all need to step up and be vigilent.
// posted by danring @ 10:31 AM 
