[ suomeksi | English ]
Securing Your Computing EnvironmentBy Troy Korjuslommi
Porvoo GNU/Linux User Group (PLUG)
We have different types of users. Some users are so called expert users
who have studied computers, know how they work, and can find answers to their
computer related questions from the Internet and from books.
Expert users, generally speaking, fix their own problems and make their own decisions in regards to computer matters. If you know an expert user, or your company has such an expert, you should let them make computer related decisions for you, since they know the details of your situation.
If you don't have access to an expert, I will try to answer some of the most common questions here.
Buying a computer:Do you already know how to use a computer, and if so, what kind of computer is it? If you know how to use Windows, it will probably be easier to get a computer with Windows installed. Similarly, if you already know how to use a Mac, you are better off using a Mac. The same goes fo GNU/Linux.
If you don't know how to use a computer, you can probably learn how to use a GNU/Linux, Windows or Mac, but you need some help. Who will teach you? What system does that person know? It is probably best to have that person make the decision for you.
You should make backups of your personal data regularly. If you have a writable DVD player, that is a good solution. There is software for doing backups on Windows. On linux, there is also software, but if you place all your personal files in your home directory, you can just make a copy of that periodically. Same goes of course for Windows as well. If you keep your personal files under "My Documents," it is easy to just copy them all. On Windows, however, some applications store data in other locations as well, so if you use an application and don't know where the data you create is stored, either ask an expert or use backup software. Or both.
ID theft. Don't disclose passwords, and change them regularly. It is very common to receive emails from companies such as Amazon, Pay-Pal, and various other companies many of us do business with online. Some of these emails are from the companies, and are legitimate. The majority of these emails, however, are from con artists who try to convince you to visit specially designed addresses, so they can steal your passwords and personal information. You should never enter your password after clicking on a link, whether the link is in an email, even if sent by a known person, or an unknown web page. Forging email is easy. As an example, the email from your friend can also be sent by a virus on his machine. It is possible that the information goes to a scammer, even though the address on the browser seems to be for a legitimate company. The same goes of course for banks. In Finland, banks use one-time passwords, so users are not as easily vulnerable to con artists as they are in some other countries. You should still be careful, though. Fooling these systems isn't impossible. New techniques which are not in use now, could also expose you to risk. A good policy is to always visit your bank and other businesses by typing in the address yourself. This makes it less likely that you will be duped.
ID theft. Don't disclose your personal information in online chats and other forums where third parties and unknown people might see them. Crooks spend a lot of time and effort to steal your money. Don't give them the opportunity to steal yours.
ID theft. Don't trust people on the phone. Anyone can call you and pretend to be from a bank or from a company you deal with. Never give passwords or personal information on the phone. You wouldn't give them to strangers you met either, would you?
Don't install unknown software. Every time you install new software on your computer, you run the risk of installing a malicious program. This is why it is wise to only install software when you absolutely must do so. Some software such as Adobe's software, Real Player, and Skype are examples of known software. Even with them there is some risk, but it is probably worth the risk to install them.
Do you have very valuable data? Don't connect the machine to a network, make backups, and encrypt.
If you have sensitive information on your computer, don't connect it to the Internet, and don't install softare you don't need. For example, if you are working on a book of secret recipes and are betting your future on the royalties you will earn once the book is published, don't connect the machine to the Internet, and don't install software other than the text editor you need. Use another computer to access the Internet. An extra computer is the cheapest way to secure your invaluable data. Remember, your computer can also be stolen or destroyed in a fire or a flood. Make backups of your book and store the copies in another location where they are safe.
If you are really afraid someone might steal your book, encrypt the data. There are many softwares available for encrypting your data so that it cannot be read by third parties. For example Pretty Good Privacy (PGP) based products, with Windows and GNU/Linux versions available. Mac software for encrypting files exists too.
A common problem is that you have software which only runs on Windows. If you need
to use these softwares, but are concerned about viruses, two machines, can be a
good solution for you (*). Use one with Windows, with the software not available for GNU/Linux,
and install GNU/Linux on the other one. Disconect the Windows machine from the network (and
the Internet). Then use the GNU/Linux machine for your Internet needs. Reading emails, web browsing,
Skype and other online activities can often be accomplished with less risk using GNU/Linux.