Protect yourself from malware and viruses

Regardless of your broader objectives, keeping your device healthy is a critical first step down the path toward better security. So, before you begin worrying too much about strong passwords, private communication and secure deletion, for example, you need to make sure that your computer is not vulnerable to hackers or plagued by malicious software, often called malware, such as viruses and spyware. Otherwise, it is impossible to guarantee the effectiveness of any other security precautions you might take. After all, there is no in point locking your door if the burglar is already downstairs, and it doesn’t do you much good to search downstairs if you leave the door wide open.

Accordingly, this chapter explains how to maintain your software and use tools like Avast, Malware Bytes and Comodo Firewall to protect your computer against the ever-present dangers of malware infection and hacker attacks. Although the tools recommended in this chapter are for Windows, which is the operating system most vulnerable to these threats, GNU/Linux and Apple OS X users are also at risk and should still adopt the tactics presented below.

VIRUSES
There are many different ways to classify viruses, and each comes with its own set of colorfully-named categories. Worms, macro viruses, trojans and backdoors are some of the more well-known examples. Many of these viruses spread over the Internet, using email, malicious webpages or other means to infect unprotected devices. Others spread through removable media, particularly devices like USB memory sticks and external hard drives that are frequently used to exchange data. Viruses can damage, destroy, or infect the information in your device, including data on external storage. They can also take control of your device and use it to attack others. Fortunately there are many anti-virus tools that you can use to protect yourself and those with whom you exchange digital information.

ANTI-VIRUS SOFTWARE
There is an excellent freeware anti-virus program for Windows called Avast, which is easy to use, regularly updated and well-respected by anti-virus experts. It requires that you register once every 14 months, but registration, updates and the program itself are all free-of-charge.

There are various other well-known commercial anti-virus programs as alternatives to Avast. Clam Win is a FOSS alternative to Avast. Although it lacks certain features that are important for a primary anti-virus program, Clam Win has the advantage that it can be run from a USB memory stick in order to scan a device on which you are not allowed to install software.

TIPS ON USING ANTI-VIRUS SOFTWARE EFFECTIVELY

  • Do not run two anti-virus programs at the same time, as this might cause your computer to run extremely slowly or to crash. Uninstall one before installing another.
  • Make sure that your anti-virus program allows you to receive updates. Many commercial tools that come pre-installed on new computers must be registered (and paid for) at some point or they will stop receiving updates. All of the software recommended here supports free updating.
  • Ensure that your anti-virus software updates itself regularly. New viruses are written and distributed every day, and your computer will quickly become vulnerable if you do not keep up with new virus definitions. Avast will automatically look for updates when you are connected to the Internet.
  • Enable your anti-virus software’s ‘always on’ virus-detection feature if it has one. Different tools have different names for it, but most of them offer a feature like this. It may be called ‘Realtime Protection,’ ‘Resident Protection,’ or something similar.
  • Scan all of the files on your computer regularly. You don’t have to do this every day (especially if your anti-virus software has an ‘always on’ feature, as described above) but you should do it from time to time. How often may depend on the circumstances. Have you connected your computer to unknown networks recently? With whom have you been sharing USB memory sticks? Do you frequently receive strange attachments by email? Has someone else in your home or office recently had virus problems? For more information on how best to scan files.

PREVENTING VIRUS INFECTION

  • Be extremely cautious when opening email attachments, any files received (e.g. over Instant Messaging like MSN, Skype, etc.) or downloaded from the Internet. It is best to avoid opening any files received from an unknown source. If you need to do so, you should first save the attachment to a folder on your computer, then open the appropriate application (such as Microsoft Word or Adobe Acrobat) yourself. If you use the program’s File menu to open the attachment manually, rather than double-clicking the file or allowing your email program to open it automatically, you are less likely to contract a virus.
  • Consider the possible risks before inserting removable media, such as CDs, DVDs and USB memory sticks, into your computer. You should first check that your anti-virus program has the latest updates and that its scanner is running. It is also a good idea to disable your operating system’s AutoPlay feature, which can be used by viruses to infect your computer. Under Windows XP, this can be done by going inside My Computer, right-clicking on your CD or DVD drive, selecting Properties and clicking on the AutoPlay tab. For each content type, select the Take no action or Prompt me each time to choose an action options then click OK.
  • You can also help prevent some virus infections by switching to free and open source software, which is often more secure, and which virus writers are less likely to target.

SPYWARE
Spyware is a class of malicious software that can track the work you do, both on your computer and on the Internet, and send information about it to someone who shouldn’t have access to it. These programs can record the words you type on your keyboard, the movements of your mouse, the pages you visit and the programs you run, among other things. As a result, they can undermine your computer’s security and reveal confidential information about you, your activities and your contacts. Computers become infected with spyware in much the same way that they contract viruses, so many of the suggestions above are also helpful when defending against this second class of malware. Because malicious webpages are a major source of spyware infection, you should pay extra attention to the websites you visit and make sure that your browser settings are secure.

ANTI-SPYWARE SOFTWARE
You can use anti-spyware tools to protect your computer from this type of threat. Malware Bytes is one such program, and it does a very good job of identifying and removing certain types of malware that anti-virus programs simply ignore. Just like with anti-virus software, though, it is extremely important that you update Malwarebytes’s malware definitions and run regular scans.

PREVENTING SPYWARE INFECTION

  • Stay alert when browsing websites. Watch for browser windows that appear automatically, and read them carefully instead of just clicking Yes or OK. When in doubt, you should close ‘pop up windows’ by clicking the X in the upper right-hand corner, rather than by clicking Cancel. This can help prevent webpages from tricking you into installing malware on your computer.
  • Improve the security of your Web browser by preventing it from automatically running the potentially dangerous programs that are sometimes contained within webpages you visit. If you are using Mozilla Firefox, you can install the NoScript add-on.
  • Never accept and run this sort of content if it comes from websites that you don’t know or trust.

FIREWALLS

A firewall is the first program on a computer that sees incoming data from the Internet. It is also the last program to handle outgoing information. Like a security guard, posted at the door of a building to decide who can enter and who can leave, a firewall receives, inspects and makes decisions about all incoming and outgoing data. Naturally, it is critical that you defend yourself against untrusted connections from the Internet and from local networks, either of which could give hackers and viruses a clear path to your computer. In fact, though, monitoring outgoing connections originating from your own computer is no less important.

A good firewall allows you to choose access permissions for each program on your computer. When one of these programs tries to contact the outside world, your firewall will block the attempt and give you a warning unless it recognizes the program and verifies that you have given it permission to make that sort of connection. This is largely to prevent existing malware from spreading viruses or inviting hackers into your computer. In this regard, a firewall provides both a second line of defense and an early-warning system that might help you recognize when your computer’s security is being threatened.

FIREWALL SOFTWARE
Recent versions of Microsoft Windows include a built-in firewall, which is now turned on automatically. Unfortunately, the Windows firewall is limited in many ways, for example, it does not examine outgoing connections. However, there is an excellent freeware program called Comodo Personal Firewall, which does a better job of keeping your computer secure.

PREVENTING UNTRUSTED NETWORK CONNECTIONS

  • Only install essential programs on the computer you use for sensitive work, and make sure you get them from a reputable source. Uninstall any software that you do not use.
  • Disconnect your computer from the Internet when you are not using it and shut it down completely overnight
  • Do not share your Windows password with anyone.
  • If you have enabled any ‘Windows services’ that you are no longer using, you should disable them.
  • Make sure that all of the computers on your office network have a firewall installed
  • If you do not already have one, you should consider installing an additional firewall to protect the entire local network at your office. Many commercial broadband gateways include an easy-to-use firewall, and turning it on can make your network much more secure. If you are not sure where to start with this, you might want to ask for assistance from whoever helped set up your network

KEEPING YOUR SOFTWARE UP-TO-DATE
Computer programs are often large and complex. It is inevitable that some of the software you use on a regular basis contains undiscovered errors, and it is likely that some of these errors could undermine your computer’s security. Software developers continue to find these errors, however, and release updates to fix them. It is therefore essential that you frequently update all of the software on your computer, including the operating system. If Windows is not updating itself automatically, you can configure it to do so by clicking the Start menu, selecting All Programs and clicking Windows Update. This will open Internet Explorer, and take you to the Microsoft Update page, where you can enable the Automatic Updates feature.
Similarly it is important to make sure that all of the other software installed on your computer is updated. In order to do it you first need to know what programs you have on your computer and perhaps uninstall those that are not essential (on Windows go to Control Panel and Programs or Add/Remove Programs). Then it is good to review for each program if it is the latest version, how can it be updated and will it update itself automatically in the future.

 

STAYING UP-TO-DATE WITH FREEWARE AND FOSS TOOLS
Proprietary software often requires proof that it was purchased legally before it will allow you to install updates. If you are using a pirated copy of Microsoft Windows, for example, it may be unable to update itself, which would leave you and your information extremely vulnerable. By not having a valid license, you put yourself and others at risk. Relying on illegal software can present non-technical risks, as well. The authorities in a growing number of countries have begun to verify that organizations possess a valid license for each piece of software that they use. Police have confiscated computers and closed down organizations on the basis of ‘software piracy.’ This justification can be abused quite easily in countries where the authorities have political reasons to interfere with a given organization’s work. Fortunately, you do not have to purchase expensive software to protect yourself from tactics like this.

We strongly recommend that you try out the freeware or FOSS (free and open source software) alternatives to any propriety software that you currently use, especially those programs that are unlicensed. Freeware and FOSS tools are often written by volunteers and non-profit organizations who release them, and even update them, free of charge. FOSS tools, in particular, are generally considered to be more secure than proprietary ones, because they are developed in a transparent way that allows their source code to be examined by a diverse group of experts, any one of whom can identify problems and contribute solutions.

Many FOSS applications look like, and work almost the same way as, the proprietary software that they were written to replace. At the same time, you can use these programs alongside proprietary software, including the Windows operating system, without any problems. Even if your colleagues continue to use the commercial version of a particular type of program, you can still exchange files and share information with them quite easily. In particular, you might consider replacing Internet Explorer, Outlook or Outlook Express and Microsoft Office with Firefox, Thunderbird and LibreOffice, respectively.

In fact, you could even move away from the Microsoft Windows operating system entirely, and try using a more secure FOSS alternative called GNU/Linux. The best way to find out if you’re ready to make the switch is simply to give it a try. You can download a LiveCD version of Ubuntu Linux, burn it to a CD or DVD, put it in your computer and restart. When it’s done loading, your computer will be running GNU/Linux, and you can decide what you think. Don’t worry, none of this is permanent. When you’re finished, simply shut down your computer and remove the Ubuntu LiveCD. The next time you start up, you’ll be back in Windows, and all of you applications, settings and data will be just as you left them. In addition to the general security advantages of open-source software, Ubuntu has a free, easy-to-use update tool that will keep your operating system and much of your other software from becoming outdated and insecure

Social Media – Staying Safe

dialog-questionOnline communities have existed since the invention of the internet. First there were bulletin boards and email lists, which gave people around the world opportunities to connect, to communicate and to share information about particular subjects. Today, social networking websites have greatly expanded the range of possible interactions, allowing you to share messages, pictures, files and even up-to-the-minute information about what you are doing and where you are. These functions are not new or unique – any of these actions can also be performed via the internet without joining a social networking site.

Although these networks can be very useful, and promote social interaction both online and offline, when using them you may be making information available to people who want to abuse it. Think of a social networking site as being like a huge party. There are people there that you know, as well as some that you don’t know at all. Imagine walking through the party with all your personal details, and up-to-the-minute accounts of what you are thinking, written on a big sign stuck on your back so that everyone can read it without you even knowing. Do you really want everyone to know all about you?

Remember that social networking sites are owned by private businesses, and that they make their money by collecting data about individuals and selling that data on, particularly to third party advertisers. When you enter a social networking site, you are leaving the freedoms of the internet behind and are entering a network that is governed and ruled by the owners of the site. Privacy settings are only meant to protect you from other members of the social network, but they do not shield your data from the owners of the service. Essentially you are giving all your data over to the owners and trusting them with it.

If you work with sensitive information and topics, and are interested in using social networking services, it is important to be very aware of the privacy and security issues that they raise. Human rights advocates are particularly vulnerable to the dangers of social networking sites and need to be extremely careful about the information they reveal about themselves AND about the people they work with.

Before you use any social networking site it is important to understand how they make you vulnerable, and then take steps to protect yourself and the people you work with. This guide will help you understand the security implications of using social networking sites.

Always ask the questions:

  • Who can access the information I am putting online?
  • Who controls and owns the information I put into a social networking site?
  • What information about me are my contacts passing on to other people?
  • Will my contacts mind if I share information about them with other people?
  • Do I trust everyone with whom I’m connected?

Always make sure you use secure passwords to access social networks. If anyone else does get into your account, they are gaining access to a lot of information about you and about anyone else you are connected to via that social network. Change your passwords regularly as a matter of routine. See our guide on How to create and maintain secure passwords for more information.

Make sure you understand the default privacy settings offered by the social networking site, and how to change them.
Consider using separate accounts/identities, or maybe different pseudonyms, for different campaigns and activities. Remember that the key to using a network safely is being able to trust its members. Separate accounts may be a good way to ensure that such trust is possible.

Be careful when accessing your social network account in public internet spaces. Delete your password and browsing history when using a browser on a public machine. See our guide How to destroy sensitive information.

Access social networking sites using https:// to safeguard your username, password and other information you post. Using https:// rather than http:// adds another layer of security by encrypting the traffic from your browser to your social networking site. See our guide How to remain anonymous and bypass censorship on the internet.

Be careful about putting too much information into your status updates – even if you trust the people in your networks. It is easy for someone to copy your information.

Most social networks allow you to integrate information with other social networks. For example you can post an update on your Twitter account and have it automatically posted on your Facebook account as well. Be particularly careful when integrating your social network accounts! You may be anonymous on one site, but exposed when using another.

Be cautious about how safe your content is on a social networking site. Never rely on a social networking site as a primary host for your content or information. It is very easy for governments to block access to a social networking site within their boundaries if they suddenly find its content objectionable. The administrators of a social networking site may also decide to remove objectionable content themselves, rather than face censorship within a particular country.

POSTING PERSONAL DETAILS
Social networking sites ask you for a good deal of data about yourself to make it easier for other users to find and connect to you. Perhaps the biggest vulnerability this creates for users of these sites is the possibility of identity fraud, which is increasingly common. In addition, the more information about yourself you reveal online, the easier it becomes for the authorities to identify you and monitor your activities. The online activities of diaspora activists from some countries have led to the targeting of their family members by the authorities in their homelands.

Ask yourself: is it necessary to post the following information online?

  • birth dates
  • contact phone numbers
  • addresses
  • details of family members
  • sexual orientation
  • education and employment history

FRIENDS, FOLLOWERS AND CONTACTS
The first thing you will do after filling in your personal details with any social networking application is establish connections to other people. Presumably these contacts are people you know and trust – but you may also be connecting to an online community of like-minded individuals that you have never met. The most important thing to understand is what information you are allowing this online community to have.

When using a social network account such as Facebook, where a lot of information about yourself is held, consider only connecting to people you know and trust not to misuse the information you post.

SHARING ONLINE CONTENT
It’s easy to share a link to a website and get your friend’s attention. But who else will be paying attention, and what kind of reaction will they have? If you share (or “like”) a site that opposes some position taken by your government, for example, agents of that government might very well take an interest and target you for additional surveillance or direct persecution.

If you want your contacts (and of course the administrators of the social networking platform you use) to be the only ones who can see the things you share or mark as interesting, be sure to check your privacy settings.

REVEALING YOUR LOCATION
Most social networking sites will display your location if that data is available. This function is generally provided when you use a GPS-enabled phone to interact with a social network, but don’t assume that it’s not possible if you aren’t connecting from a mobile. The network your computer is connected to may also provide location data. The way to be safest about it is to double-check your settings.

Be particularly mindful of location settings on photo and video sharing sites. Don’t just assume that they’re not sharing your location: double-check your settings to be sure.

See also On Locational Privacy, and How to Avoid Losing it Forever from the Electronic Frontier Foundation website.

SHARING VIDEOS AND PHOTOS
Photos and videos can reveal people’s identities very easily. It’s important that you have the consent of the subject/s of any photo or video that you post. If you are posting an image of someone else, be aware of how you may be compromising their privacy. Never post a video or photo of anyone without getting their consent first.

Photos and videos can also reveal a lot of information unintentionally. Many cameras will embed hidden data (metadata tags), that reveal the date, time and location of the photo, camera type, etc. Photo and video sharing sites may publish this information when you upload content to their sites.

INSTANT CHATS
Many social networking sites have tools that allow you to have discussions with your friends in real time. These operate like Instant Messaging and are one of the most insecure ways to communicate on the internet, both because they may reveal who you are communicating with, and what you are communicating about.

Connecting to the site via https is a minimum requirement for secure chatting, but even this is not always a guarantee that your chat is using a secure connection. For example, Facebook chat uses a different channel to HTTPS (and is more prone to exposure).

It is more secure to use a specific application for your chats, such as Pidgin with an Off-the-record plugin, which uses encryption. Read the ‘Pidgin – secure instant messaging’ hands-on guide.

JOINING AND CREATING GROUPS, EVENTS AND COMMUNITIES
What information are you giving to people if you join a group or community? What does it say about you? Alternatively, what are people announcing to the world if they join a group or community that you have created? How are you putting people at risk?

When you join a community or group online it is revealing something about you to others. On the whole, people may assume that you support or agree with what the group is saying or doing, which could make you vulnerable if you are seen to align yourself with particular political groups, for example. Also if you join a group with a large number of members that you don’t know, then this can compromise any privacy or security settings that you have applied to your account, so think about what information you are giving away before joining. Are you using your photo and real name so strangers can identify you?