the Canadian Science Writers' Association
They Really Are Out To Get You
When it comes to computer security and privacy these days, it pays
to be a little paranoid.
Computer viruses, hackers, and other threats to personal privacy
are not just hot topics for science and technology journalists to
report on. They're also problems that we ourselves have to face
daily, whether at home or at the office.
Case in point: as I was writing this very article, my computer
started flashing a bright red warning message on the screen VIRUS
DETECTED. The source of this unwelcome intruder was a fellow science
writer, whose computer had been infected with something called the
"VBS.LoveLetter.Variant" virus. This devilish script had
hijacked his Microsoft Outlook Express E-mail program and started
to send copies of itself to everyone in his electronic address book.
If you've never installed an antivirus program on your computer,
there's a good chance that a nasty little file like this one could
be E-mailing itself to everyone in your address book, too, or corrupting
years' worth of your word-processed documents, or even waiting until
one fateful pre-programmed date to start erasing your entire hard
Many of use have learned the hard way just how true these possibilities
are, taking the necessary precautions of vaccinating our computers
only after the inevitable computer virus attack has happened. Yet
despite such precautions, the same disasters can repeat themselves.
An antivirus program is only as good as its last update. Unless
you download and install the new virus definitions for your antivirus
program on at least a weekly basis, your computer is always vulnerable
to the next generation of crooked code.
Antivirus sleuths are constantly scouring the Internet for new
viruses to add to the list of thousands already discovered. The
names given to them by their malevolent authors range from the deceptively
innocuous (such as "Sunflower" and "New Hope")
to the outright threatening (such as "CyberHack" and "DeathKiss").
The best kind of antivirus program to use is one that automatically
updates its own virus definitions, to keep up with new strains that
have been unleashed on the public. Norton Antivirus and McAfee VirusScan
are among the most popular software packages. Some products can
scan every Microsoft Word document before you even open it and every
E-mail message before you read it, safely isolating and removing
the offending viruses (or "trojans" or malicious "macros"
or other types of potentially damaging files) before they wreak
havoc on your system.
However, don't let these programs lull you into a false sense of
security. Even a seemingly impenetrable line of cyber-defense can
let a virus slip through and strike your computer. The best strategy,
experts say, is to practice safe computing. If you share files with
others (either on disks or through the Internet), be sure to take
For example, if you receive an E-mail, even from a friend, with
an attachment you weren't expecting, think twice before opening
it. Attachments that are executables (those ending with the ".exe"
suffix, in PC parlance) or scripts (ending with the extension ".vbs"
for example) should be regarded with suspicion. If you really don't
know what it is, just ask your friend if he or she really meant
to send the file.
Another threat to computer users, one that is becoming increasingly
more common as more and more of us leave our computers online all
the time is the backdoor hacker. Once mainly the foes of large corporate
computer systems, hackers are now routinely breaking into home computers,
especially those with high-speed cable or DSL connections to the
Internet. Even dial-up modem users are vulnerable to hacking.
Anyone can now easily get a hold of hacking tools, such as "sniffers"
and other underground software, that effectively let hackers scan
thousands of computers to see which ones have an open "port"
or some other security hole in their systems. Once a vulnerable
computer is found, a hacker can gain control of it and others, using
them to launch other attacks on more important computers (such as
major Web sites).
Although large-scale companies are usually well-equipped to guard
against such attacks, the average home computer user has been virtually
helpless, until recently. The past year has seen an explosion in
the consumer computer security market, with the launching of products
such as BlackICE Defender and Norton Internet Security. These programs
act as scaled-down software versions of corporate "firewalls"
that prevent data from being transmitted to or from your computer
to the Internet through certain ports that might otherwise let hackers
Also available now are relatively inexpensive routers, devices
that let two or more computers share an Internet connection and
that also usually provide some built-in firewall protection. Examples
of these are the new cable/DSL routers offered by Linksys, D-Link,
SMC, and other manufacturers.
A potentially much bigger threat to personal privacy is not the
hacking underground, but rather Big Brother. Recent revelations
that United States law enforcement officials have developed methods
of eavesdropping on electronic conversations, such as the highly
publicized "Carnivore" program, have sent shivers through
many circles. Although proponents of high-tech investigative techniques
like this say they're needed to monitor criminal or even terrorist
activity in an ever more wired world, civil libertarians argue that
the same techniques could all-too-easily be turned on law-abiding
activists and other citizens whose views may be against those of
While these kind of Orwellian scenarios may seem far-fetched to
some, others have taken them seriously enough to pre-emptively protect
computer users from the prying eyes of the state. Services such
as Anonymizer.com and Freedom.net allow users to surf the Web and
send E-mail anonymously, by cloaking their Internet addresses and
But perhaps the most insidious invasion of computer privacy is
from advertisers. The ubiquitous banner ads that pop up on Web sites
these days routinely leave crumbs of computer code on your computer
called "cookies." Though harmless in themselves, cookies
can let advertisers track users from site to site and build sophisticated
profiles of consumer preferences, in order to target advertising
to those most likely to buy certain products.
Fortunately, counter-measures have been devised to help privacy-minded
users keep cookies out of their computers. Although there are ways
of disabling cookies in both Netscape and Internet Explorer, many
Web sites require that a user's browser have the cookie function
turned on in order to navigate the site properly or to make online
purchases, for example. If you really want to keep cookies out of
your system, you can install programs such as CleanSweep or WindowWasher,
which can let you selectively delete cookies while keeping those
that are useful (such as personalized settings for your browser's
default opening page).
If all of these options for protecting yourself online seem terribly
inconvenient and cumbersome, they are. Fighting against viruses,
hackers, and snoopers should not be left to under-equipped computer
users to take on by themselves. Internet service providers could
take a more proactive role in protecting their customers by offering
services to filter junk E-mail (which often harbor viruses) and
to thwart hackers, for example.
Paranoia may have become a necessary evil in the Digital Age. Yet
we shouldn't become paralyzed by our fears. Nor should we as journalists
unnecessarily worry readers in our coverage of computer security
and privacy issues. But whatever solutions we propose, we should
all lead by example and practice safe computing.
Dan Hogan is a longtime member of the Canadian
Science Writers' Association and a science writer with
the National Human Genome Research Institute, part of the National
Institutes of Health, in Bethesda, Maryland. He is also the founder
and editor of ScienceDaily Magazine www.sciencedaily.com) and a
regular contributor to the CSWA's ScienceLink.
Published in Sources,
Number 47, Winter 2001.
Sources, 489 College
Street, Suite 201, Toronto, ON M6G 1L9.
Phone: (416) 964-7799 FAX: (416) 964-8763
Include yourself in Sources
Mailing Lists and
Media Names & Numbers
Names & Numbers