Forgot your password?
typodupeerror
Books Media Security Book Reviews

Always Use Protection 307

Posted by timothy
from the no-that's-the-real-title dept.
Raymond Lodato writes "Where do I begin? Oh yes! If you are a teenager who uses computers, or the parent or guardian of a teenager who does, buy Always Use Protection, by Dan Appleman! Let me take a little time to explain why." Read on for the rest of Lodato's review.
Always Use Protection: A Teen's Guide to Safe Computing
author Dan Appleman
pages 288
publisher Apress
rating 10/10
reviewer Raymond Lodato
ISBN 159059326X
summary An excellent and realistic reference for teens and their parents/guardians about the potential hazards of computing.

Dan Appleman knows how to talk to teenagers. He's made the presentation very logical, he keeps the chapters a reasonable length so a teenager won't feel overwhelmed, and he had a crew of teenagers review this book before it was published so that he knew they would understand it. Those adults who aren't technically adept will find it an easy read, too.

Always Use Protection is broken up into three main parts: Protecting Your Machine, Protecting Your Privacy, and Protecting Yourself. There is a fourth part with useful appendixes, also.

Protecting Your Machine goes through all of the gremlins that can bother your computer, how to get rid of them and how to prevent them from coming back. Viruses, Trojan horse programs, and worms are covered clearly. Not too much depth involved, but not too little either. Dan covers the ins and outs of the three main preventive measures: anti-virus programs, firewalls, and system configuration and updates. He makes sure that his discussions relate to the types of programs that teenagers are likely to run: P2P software, online games, Instant Message clients, e-mail programs, and web browsers. He's careful to include other avenues of attack besides the Internet, such as infected floppies and CDs cut by well-meaning friends.

Always Use Protection explains how to determine which type of anti-virus programs are available and how to run them (using McAfee's VirusScan as an example), but puts the responsibility for deciding which one to use squarely in the reader's lap. Dan has made sure that he's not pushing any particular product over another. In fact, there were one or two places where I wished he'd just come right out and say I'd recommend blah-blah software, but he always said the reader should check the pros and cons of the possibilities and make their own decision.

Firewalls are discussed in detail, as well as their possibly unintended consequences (an online game refuses to run because a critical port is being blocked by the firewall, for example). He does state that if you're on a network behind a router, you may not need a firewall. This is my only disagreement with Dan. I believe a personal firewall should be on each and every machine, regardless of how it connects. It will protect not only the machine itself, but make it harder for the machine to attack others.

Software updates are probably one of the most under-utilized options in the home. News items in papers and on the web speak frequently about how such-and-such a virus got into machines mainly because security updates available from the manufacturer for months were simply not installed. Dan makes sure that the reader understands how shortsighted that approach really is. The updates are usually free, and just take a little time to download and install. Always Use Protection explains exactly how to do that and why it's a good thing.

The configuration chapter describes many little tweaks available to harden your browser and e-mail reader. Many people are not aware of the number of 'dials' they can play with (and if they were, they'd probably be overwhelmed), but this chapter zeroes in on the most important ones.

If this book was only chapter 9 - What to Do When You've Been Hit - it would still be worth the cover price. In this chapter, Dan gives a careful, step-by-step menu of what you can and should do to recover as much as you possibly can, eradicate the malware that is causing the problem, and get your system back to a usable state. It's the one chapter he says you shouldn't read front-to-back, but follow the links (if you see this, go to this section) like one of those make-your-own-ending books. I have this one bookmarked for future reference.

The next four chapters form Part II - Protecting Your Privacy. In here, Dan explains the various ways your personal information can be gleaned, mostly from a user innocently filling in a form supplied by a con artist. He talks about identity theft and what it means to a teenager. The need for good passwords is clearly discussed, but he acknowledges that most people won't use strong enough ones. Therefore, he promotes a simple plan with three passwords (high, medium, and low-security) that will work in most cases. He ends off this part with a good treatise on cookies of all forms, and how to turn off the worst ones.

Finally, he talks about protecting yourself in chat rooms and from common scams. While there is a lot of press about teenagers being lured by scoundrels in chat rooms, Dan notices that the actual statistics are very low. Regardless of the statistics, he gives extremely good advice about how to use a chat room safely (mostly involving lying about almost any bit of personal information you might be asked for).

The appendixes have good summary information for teens and adults, and have a special appendix just for the parents. It give good advice to make sure your teenager is willing to come to you for question without worrying about losing online privileges.

All in all, Always Use Protection should be read by every parent and, hopefully, by their kids. I'm going to try to get my 15- and 13-year old to read it (Good luck to me! You should have seen the arguments to get them to finish their summer reading!) I liked the approach, the content, and the presentation so well, I had to rate this a 10.


You can purchase Always use Protection: A Teen's Guide to Safe Computing from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

This discussion has been archived. No new comments can be posted.

Always Use Protection

Comments Filter:
  • But... (Score:5, Funny)

    by Anonymous Coward on Tuesday August 24, 2004 @03:32PM (#10059898)
    it feels so much better without!

    oh yeah, first post.
    • Re:But... (Score:5, Funny)

      by WwWonka (545303) on Tuesday August 24, 2004 @04:13PM (#10060387)
      But it feels so much better without!

      Just wait till you actually have a partner!
    • Re:But... (Score:3, Funny)

      by dokutake (587467)
      It doesn't feel better when your junk is covered in bumps and falling off. ... Not that I would know. My friend... yeah, my friend... my friend told me.
    • Re:But... (Score:5, Funny)

      by Rahga (13479) on Tuesday August 24, 2004 @04:36PM (#10060688) Homepage Journal
      To the 1st post, a word of warning: With or without protection, you'll go blind anyway.
    • Re:But... (Score:3, Funny)

      by altek (119814)
      It's like wearing a raincoat in the shower!
  • amazing in how they foul up thier computer, then go upstairs and foul up mine, and break the ibooks given them by the school, I will say this book is long overdue
    • The year was 1994 -- I had a 14.4 fax/modem, and was the only person in the house who knew how to use commands in MS-DOS, much less use the net, do some mild hacking, etc.

      I learned more about computer security by trial and error on a piece of crap 486SX than I think I could learn from a book. Why don't more of these parents spend $100 on a crappy old machine than $100 on the best in virus protection and let the kids go nuts? They'd probably learn a whole lot more...
      • Lets force everyone to know DOS commands before using a computer. That way, they would know enough to maintain their own system.

        One of the BBSs that I used to use, would allow us to drop into an MPM shell, but you would have to answer a questions, "what is the name of the debugger?"
        • DOS? (Score:4, Insightful)

          by Aldric (642394) on Tuesday August 24, 2004 @04:24PM (#10060533)
          Let's be a little more sensible and teach them BASH commands, far more useful.
        • by IPFreely (47576) <mark@mwiley.org> on Tuesday August 24, 2004 @04:50PM (#10060821) Homepage Journal
          Lets force everyone to know DOS commands before using a computer. That way, they would know enough to maintain their own system.

          And while we're at it, lets force everyone to become an automobile mechanic before they are allowed to have a drivers license. That way they would know enought to take care of their own cars.

          I agree that it would be nice if everyone were better at using computers so they could all do what we can do, but that is unrealistic. When I was in support, i made it my motto that it was not my job to teach everyone how to use their computer better, it was my job to make the computer do what they needed it to do. These people have more important jobs (from the perspective of the companies' needs) and should not have to spend their time learning and working the computers till they become Leet. They were their to run the company. I was there to make sure the computers ran smoothly enough so they could concentrate on doing their own jobs, not mine.

          YMMV

          • 1) the original article was about home computers, not corporate computers, for whom it's far more cost-effective to pay specialists, than to involve everyone in the security aspect of it
            2) Using a computer securely is a lot closer to teaching someone not to leave the keys in the ignition. When worms get on a system, the system can be used as an accessory to crime, what's that got to do with a car mechanic?

            My own 2) just cancels my own 1) though, there is no thing experts can do to prevent abuse of a trust
      • It was 1985 and I had a PCjr and a VIC20. Not a remote chance in hell I'd get bought a modem, let alone pay for the long distance charges. Security? Yeah, I was the only kid I knew with either kind of machine, my neighbour had a pair of Apple 2s.
      • Ditto! I learned the most when I wasn't afraid of breaking things.. I broke stuff, my parents understood it was part of learning, and we moved on. That's where the best learning happens, not in books...

        -Phixxr
  • yah right (Score:4, Insightful)

    by Anonymous Coward on Tuesday August 24, 2004 @03:33PM (#10059906)
    Most teenagers are more interested in a)how they are going to get laid, b)how they are going to get drunk. Those who care about computer security are almost certainly way above this book. It's trying to sell to a market that just isn't there. It looks like it's just another wannabe security book, offering very little in terms of actual understanding. This makes it to Slashdot???
    • Re:yah right (Score:2, Insightful)

      by Anonymous Coward
      Perhaps the target audience really is parents, who aren't themselves very technically savvy, with teenagers. Granted it doesn't seem to be marketed that way but it probably makes more sense. In slashdot fantasy world we want everybody to know every detail of the inner workings of the computer and the internet but in the real world most people just want to know as little as possible to make it work.
    • Re:yah right (Score:3, Insightful)

      by It'sYerMam (762418)
      Bingo. At 15, I have my own Linux box, and know more about security than almost anyone I know in real life. It's possible I know more Linux stuff than my Dad, who's a computer programmer and has years of UNIX experience.
      For me, at least, Appleman was a crap writer. He was patronizing in his attempts at not being patronizing - if you can't talk to us normally without it, then your attempts will almost certainly be pathetic.
      The best way to educate them is to let them piss the thing up, get someone knowledge
  • Well... (Score:3, Funny)

    by EulerX07 (314098) on Tuesday August 24, 2004 @03:35PM (#10059922)
    Unfortunately, this advice comes a few years too late for people like Libby Hoeler...
    • Re:Well... (Score:2, Interesting)

      Her real name is Elizabeth Heller, from U of Wisconson (Madison campus) She made those videos for her boyfriend but cheated on him at a party. He found out and had all the videos put up on P2P sites. She's a cute chick, but cheaters deserve what they get. Last I heard she was living in CT.
      • Re:Well... (Score:3, Interesting)

        by LanMan04 (790429)
        Incorrect...I remember when I first heard of these sometime in 2000, and I looked her up on the UW directory server (she still went there) and her last name was indeed Heoler or Hoeler or whatever the file was labeled, not Heller. I believe she lived in either Sellery or Ogg, maybe Witte (I used to go there). I also read an article that she was mobbed upon returning to school and had to move into a private dorm, and left school soon thereafter (I believe).
  • by MalaclypseTheYounger (726934) on Tuesday August 24, 2004 @03:35PM (#10059932) Journal
    Protection doesn't work.... we must preach abstinence to our children...

    Just stay off the internet until you're 18, kids... (and you have your own damn computer/network to infect) :)
    • by pHatidic (163975) on Tuesday August 24, 2004 @03:59PM (#10060235)
      You know my parents never gave me the facts of life, but I always wished they had. I remember I was 13 the first time I learned about / and backslash (\?) on AOL. I didn't really understand it, I just hoped sat there reading in horror hoping leia would suck off Tarkin so he wouldn't blow up Kashyyk with the grenade strapped to his 'rock hard cock.' Then I remember being 14 and see goatse. Oh god the pain. How many years I wasted using Lycos to look for porno before ninenine and later autopr0n came along, and I learned about the titty board on tfproject.org and boobdex.

      BTW this is intended as humor but all of the above is actually 100% true. I'm 19 now btw.

    • Eighteen!? I thought the traditional rule was until marriage.
  • by MonMotha (514624) on Tuesday August 24, 2004 @03:35PM (#10059939)
    I'm sorry, but I read this review and instantly thought of the imfamous "Is your son a computer hacker?" [adequacy.org] thing that we all know and love.

    That's not to say that it's a bad book or the review is flawed, though some of the comments would tend to tell me that the reviewer isn't as "computer savvy" as I might like in a person reviewing a book. A properly configured border firewall, for example, will protect systems behind it. That says nothing of the duties of many of those "personal firewall" applications that are actually much more than firewalls (spam filters, scumware/spyware/adware scanner/filters, etc).

    I just found it amusing that the adequacy.org article was the first thing I thought of when reading this review...
    • I realize this was written in 2001, but I found this parent's statement very amusing:

      If your son has requested a new "processor" from a company called "AMD", this is genuine cause for alarm. AMD is a third-world based company who make inferior, "knock-off" copies of American processor chips. They use child labor extensively in their third world sweatshops, and they deliberately disable the security features that American processor makers, such as Intel, use to prevent hacking. AMD chips are never sold in

    • by Tyrdium (670229) on Tuesday August 24, 2004 @03:58PM (#10060220) Homepage
      *reads over said site*
      I'm impressed that anyone could truly be that ignorant (and I do in-home tech work!). Are you sure it isn't meant as a joke? Quake as a hacker program... *snickers*

      BSD, Lunix, Debian and Mandrake are all versions of an illegal hacker operation system, invented by a Soviet computer hacker named Linyos Torovoltos, before the Russians lost the Cold War. It is based on a program called "xenix", which was written by Microsoft for the US government. These programs are used by hackers to break into other people's computer systems to steal credit card numbers. They may also be used to break into people's stereos to steal their music, using the "mp3" program. Torovoltos is a notorious hacker, responsible for writing many hacker programs, such as "telnet", which is used by hackers to connect to machines on the internet without using a telephone.
      Okay, now I'm thoroughly convinced it's a joke...
    • Thanx for pointing me there, I'd never seen it. I may be showing my age, but I kept expecting him to say that the way to combat this was to start a Boy's Band, with instruments, uniforms and music purhased from Professor Harold Hill. [imdb.com]

      "We got trouble! Trouble in River City! Trouble with a capital T and that rhymes with P and that stands for Pool!"

  • by grunt107 (739510) on Tuesday August 24, 2004 @03:36PM (#10059941)
    Ya wouldn't have teenagers
  • Rubber (Score:3, Funny)

    by SourKAT (589785) on Tuesday August 24, 2004 @03:36PM (#10059954)
    Can I just cover my computer with a rubber sheet? I could even use cherry flavored.
  • Teenagers? (Score:5, Insightful)

    by jstave (734089) on Tuesday August 24, 2004 @03:37PM (#10059955)
    Is there a reason that this information is being aimed specifically at teenagers? I know an awful lot of adults that could use a good straighforward explaination of this material.
    • Re:Teenagers? (Score:5, Insightful)

      by Hank Reardon (534417) on Tuesday August 24, 2004 @03:42PM (#10060025) Homepage Journal

      I thought exactly the same thing.

      In fact, I've got three machines in my office right now from adults that I've got to fix. They've all responded with variations of "You mean they update the software and I don't have to pay for it?" when I asked when the last time they ran Windows Update.

      I guess I just don't understand how somebody can see all of the identity theft, worm, trojan horse, and phishing scam stories in the news and still think they're perfectly safe.

      • I guess I just don't understand how somebody can see all of the identity theft, worm, trojan horse, and phishing scam stories in the news and still think they're perfectly safe.

        I have far too many friends and relatives that this applies too, and I can tell you why. They have absolutely no clue what any of the jargon means. A news story that says "Today a trojan spread across the internet attacking unpatched computers and causing a denial-of-service attack on Yahoo's DNS servers." to them reads "Today a

    • by kfg (145172)
      Is there a reason that this information is being aimed specifically at teenagers?

      Because teenagers are fragile creatures with delicate minds still in formation. You can't expect them to, or their parents to allow them to, read a Dummies book. They need special, age appropriate, handling, or it will take herds of social workers decades to help them deal with the psychological damage of dealing with adult themes in adult language.

      In phrasing your question you obviously weren't thinking of the children.

      KFG
    • Re:Teenagers? (Score:2, Interesting)

      by Ignignot (782335)
      Is there a reason that this information is being aimed specifically at teenagers? I know an awful lot of adults that could use a good straighforward explaination of this material.

      How about households with both parents working and the teenage child(ren) unsupervised from 3:00 - 6:00 pm after school? You don't think there is a reason for them specifically to learn about AV protection etc.? And while this book is aimed at teenagers, I'm sure it would be good for less computer literate adults.
    • Is there a reason that this information is being aimed specifically at teenagers?

      Because whenever I visit my dad I end up cleaning all kinds of crap off his computer, all of which I'm invariably able to trace back to my teenage brother, despite the fact that he is arguably the most computer savvy of the 4 regular users of the machine.

      I suspect I'm not alone...

    • No kidding. My sister is 55 years old, and every time she asks me to fix her computer, I find a ton of crap on it.

      What worries me is the new, particularly nasty spam mail that's out there. Has anyone out there seen the ebay phisher spam? It sends you an email that is indistinguishable from something ebay would send you (though, of course, ebay would never send this,) which redirects you to a bare URL to 'update' your information--including your credit card. Easy enough to spot if you know what's going on o
  • by Alaren (682568) on Tuesday August 24, 2004 @03:37PM (#10059960)

    Wait, let me see if I've got this straight. I should teach my teenagers to always use protection.

    But also that Trojans are bad...?

    Help me get a free ipod [freeipods.com], and you can get one too!

    • If you're not protecting yourself against Trojans, for God's sake please watch out for backdoors....
    • Actually, trojan condoms are known to have a high breakage rate, and those "in the know" eschew them in favor of higher-quality brands. See also: Condomania [condomania.com]. One well-known brand which is of high quality is the ever-popular "gold coin" condom, but beware of the possibility of gouging the edge of the rubber with the metal foil wrapper. Japanese brands are generally quite good but they do tend to run to smaller sizes, this is not a joke. Of course, those smaller condoms will fit most Americans just fine.
  • Why Did (Score:2, Funny)

    by jstrain (648252)
    90% of slashdotters immediately think of firewalls?
  • backups? (Score:5, Insightful)

    by joeldg (518249) on Tuesday August 24, 2004 @03:38PM (#10059975) Homepage
    There should be a chapter in every computer book made all about backups.
    People don't bother to backup data..
    People forget to back up data.
    People need to verify backups..
    SyOps symlink backup data directories and cause $40,000 losses due to data not being backed up.

    That is one of the best ways to "protect yourself"..

    "jesus saves" and all that..

    • Re:backups? (Score:4, Funny)

      by kfg (145172) on Tuesday August 24, 2004 @03:56PM (#10060201)
      "jesus saves"

      But Moses migrates.

      KFG
    • I'm gueesing the easiest way is to just use the backup function in WinXP Home Edition.

      Oh, that's right, backups aren't necessary for home installations, that's why Microsoft left it out!

    • Yes, but really, how many people come to pieces these days if they lose their data?

      If you're smart, you keep hardcopies of the really-really-really serious stuff in a file cabinet.

      Back up your bookmarks, your taxes, your email and your pet projects. The rest is just porn / music / video / games anyway, probably replaceable.

      Just take the mindset of all these P2P whore kids. You know the best part about losing 200 GB of media that they spent the last 6 months leeching off of P2P? They now have something
  • Nope (Score:2, Insightful)

    I'm sorry but regardless of how good the book is and how relevant it is, it will never achieve its intended goal. A kid is never going to read anything like this. You wouldnt expect a kid to read a book about the perils of not eating their vegetables, so why this? Especially as stubborn as kids are nowadays, I think this author might have a case of bad timing. :-/
  • Ohh yeah. (Score:5, Funny)

    by Faust7 (314817) on Tuesday August 24, 2004 @03:39PM (#10059991) Homepage
    Protecting Your Machine

    Why, yes, it is a machine. Thank you.
  • by wackysootroom (243310) on Tuesday August 24, 2004 @03:40PM (#10060005)
    The best way to protect your children and your PC is to spend quality time with them, teaching them the basics of PC protection and chat room safety.

    IMHO, these things are better taught in person than with a book. The reviewer did not mention actually spending any time with your kids. I hope the book does, because too many people are using books and products like these as a substitute for teaching thier kids in person about computer safety.
    • by jstave (734089) on Tuesday August 24, 2004 @03:46PM (#10060092)
      No! Teaching them about it will just make them think that its OK and they'll do it more! The best thing to do is to explain to them that abstenance from computing is the only way to be really safe.
      Wait... what were we talking about again?
    • The best way to protect your children and your PC is to spend quality time with them, teaching them the basics of PC protection and chat room safety.

      That is very good advice. It is important for parents to sit down with their kids and discuss computer security, lest they learn it on the "streets" or from their friends. Next thing you know, your kid will be sneaking out of the house late at night to go download spyware in some sleazy motel.
    • by deepfreeze77 (469651) on Tuesday August 24, 2004 @04:03PM (#10060278)
      Actually, the best protection would be to let them completely break their computer and leave it broken. Give them the install CD, show them how to format the drive and tell them to have at it. After they spend 12 hours reformatting and reinstalling all their garbage once or twice, I'm sure they'll figure out how to stop breaking their systems.

      Of course, this doesn't work if you only have one computer in your house, but I suppose that's a whole other kettle of fish...
    • OK, I'll agree the average /.er knows. But the average parent is at least as clueless about these things as the neophyte teen.

      I think in some cases, a good answer is the parent reading the book, then discussing things with their teen. In others, just read the book, then have your teen read it. Maybe quiz them as part of their test before getting their "internet license" (giving them access).
  • by WormholeFiend (674934) on Tuesday August 24, 2004 @03:41PM (#10060016)
    my dad got me this product called "The Keyboard Condom" and said "son, always remember -- No Glove, No Love".
  • What no comments on abstinence?
    Or condoms?
    El Presidente Bush will be muchly displeased!
  • by Weirdofreak (769987) <weirdofreak@gmail.com> on Tuesday August 24, 2004 @03:43PM (#10060039)
    Is it really that useful given that I run Linux, don't use chatrooms, don't use P2P software, don't play games and have no friends who both run Linux and give me floppies or CDs (when it comes to it, none of my friends do either)?
    • I actually do use P2P software, play games, use chatrooms and IM -- but I do it all on Linux. Furthermore, all people ever send me are images, music, and such -- and all my friends have broadband, so I never get CDs from them. In fact, one has a mac, two use Firefox, and one isn't even allowed to install software.

      Unless a root exploit is discovered in mplayer, I figure I'm pretty safe.

      Should I write a book about how to _really_ protect yourself?
    • Absolutely, positively, yes . Linux exploits are comparatively less common than those for Windows, but they certainly exist. Do you leave your computer turned on when you're on vacation with your parents? If so, what happens if, say, SSH gets cracked and your system is 0wn3d before you get home?

      A good rule to follow is to treat all Unix systems like servers, regardless of what role they actually serve. If your machine is listening on a network-accessible port, then it's your responsibility to protect that port.

      If you're 14 and administering your own Linux system, then you probably have the intellectual curiosity to do well working with computers. However, you don't have even half of the professional paranoia required to make the leap between "competent" and "great". Unfortunately, only time and mistakes will get you there. Just do what you can to make your learning experiences as painless as possible.

  • by nearlygod (641860) on Tuesday August 24, 2004 @03:43PM (#10060047) Homepage
    I think that the net would be a lot better place if we all talked to our parents about safe computing.
  • by BluhDeBluh (805090) on Tuesday August 24, 2004 @03:46PM (#10060081)
    is that it uses the assumption that teenagers - a group that have grown with modern technology - do not understand the basic concepts of computing, privacy etc. I would argue this isn't actually true.

    A better audience for a similar book would be the average parent PC user who doesn't understand why their PC is giving him those stupid Messenger messages, why they should run Windows Update or the average 419 scam to make them better equipt for the world. In my admittedly limited travels, it's been a lot easier to explain technical stuff to the teenage generation, and I'm sure each teenager has a /.-reading PC geek in their class. And, we can assume, any responsible parent who knows about scams, clichéd chatroom use, P2P virii etc would educate their children about this stuff anyway. It's not exactly complicated to explain to people who have grown up with this stuff.

    I also assume the book includes a degree of uninformed scaremongering. Firewalls are not required - indeed, you can safely use the internet without a software firewall simply because they can be easily bypassed by anyone caring enough to bypass them - ie trojan writes. Viruschecking software is not essential if you are smart enough to know what you're running and don't run the average VBS file or P2P fraud (PHOTOSHOP 7.0.REAL.EXE). 4 years with yearly virus checks confirms this.

    And I'm sure that parents treat children like idiots regarding the average "chatroom" use. No doubt the fools who previously gave their names and telephone numbers to random people on the 'net must have got the message by now, and that assumes that there are large amounts of people gullible to be taken in by it.
    • is that it uses the assumption that teenagers - a group that have grown with modern technology - do not understand the basic concepts of computing, privacy etc. I would argue this isn't actually true.

      I'm here to tell you that there's plenty of teenage lusers out there whose computer knowlege amounts to how to use Kazaa and play games.

      I also assume the book includes a degree of uninformed scaremongering. Firewalls are not required - indeed, you can safely use the internet without a software firewall si

  • Infected CDs? (Score:3, Interesting)

    by 14erCleaner (745600) <FourteenerCleaner@yahoo.com> on Tuesday August 24, 2004 @03:46PM (#10060085) Homepage Journal
    He's careful to include other avenues of attack besides the Internet, such as infected floppies and CDs cut by well-meaning friends.

    Has anybody ever gotten a virus from an infected CD?

    • Re:Infected CDs? (Score:3, Informative)

      by White Roses (211207)
      Well, I did get an infected CD with a copy of MacAddict once. I don't recall the exact situation, or which virus it was, but MacAddict was very responsive to my concerns and posted information on avoiding it to their website, as well as sending an uninfected copy out to at least me, if not the entire subscription base (yes, yes, both of us, very funny). I think the circumstances were that they had sent the virus-checked master to replication in the very small window of time between a virus appearing in th
    • Has anybody ever gotten a virus from an infected CD?

      I don't usually bash Microsoft, but a few years ago they shipped the Korean edition of VS.NET with the Nimda virus. [microsoft.com] ^_^

      Personally though, no.
    • Yes. In fact, a worm that spread almost exclusively by CD, the AutoStart 9805 Worm [macintouch.com], was basically the only real worm threat on the Mac for that particular year, and IIRC even managed to get onto a couple of magazne CDs.
    • Re:Infected CDs? (Score:4, Informative)

      by pyrrhonist (701154) on Tuesday August 24, 2004 @04:11PM (#10060369)
      Has anybody ever gotten a virus from an infected CD?

      Yes, and what's worse is some [ibm.com] manufacturers have actually shipped products containing viruses more than once!

      In 1992, IBM accidentally shipped 500 PCs carrying the Michelangelo [vmyths.com] virus.

      And in 1998, they spread the CIH Virus [wikipedia.org]:

      On September 1998, Yamaha shipped a firmware update to their CD-R400 Drives that was infected with the virus. On October 1998, a demo version of the Activision game SiN that was propagated by users got infected due to contact with an infected file on a certain user's machine. That company's infection came from a group of Aptiva PC's shipped by IBM during March 1999 with the CIH virus pre-installed.
      I love having viruses pre-installed!!!!
    • Re:Infected CDs? (Score:3, Interesting)

      Hey, interesting idea....huh? You didn't hear that.

      (Actually, it could be argued that AutoRun copy-protection software on an audio CD may be a virus.)
  • stereotypes (Score:2, Interesting)

    by Anonymous Coward
    As a 15 year old, I resent the implication that teenagers aren't knowlegable. Even as I sit here, dist-upgrading my server farm through a dancer's shell, I can feel the network shuddering as spam is relayed through my parents two computers, out onto the internet. It would take me less than 30 seconds to find a windows box at school that is thoroughly compromised, and spamming / DDoS'ing something. It's not like we write the code that gets exploited..
  • by xYoni69x (652510) <yoni.vl@gmail.com> on Tuesday August 24, 2004 @03:57PM (#10060211) Journal
    I am a teenager, and it's *my* job to secure the network, install Firefox and an anti-virus on computers used by my family, and basically be the IT department around here, because nobody else knows how.

    It should be the other way around. If my parents and sisters read such a book, maybe I'd get less tech support requests.
    • Same here, except I am about to be laid off ... of sorts.

      Since my dad got a job in some hick town in Southern Ontario without a university, I am staying in Thunder Bay and continuing to attend university. This means that when my family has computer problems down south, they must *gasp* apply some problem solving skills! .... or phone me. Whatever.

  • by talexb (223672) on Tuesday August 24, 2004 @03:57PM (#10060217) Homepage Journal
    Funny, my 16 year-old stepson is using the Mandrake Linux installation I set up for him -- he can boot to Windows 98 to play games, but that's a vanilla installation, and not configured for networking. My LAN is protected by a dynamite router by NetGear -- the only port that responds is 22, and that goes to my Linux box. So really the only part of this book that's relevant is the part about identity theft.

  • 10/10 ? (Score:3, Insightful)

    by ab762 (138582) on Tuesday August 24, 2004 @04:01PM (#10060264) Homepage

    Is this really a perfect technical book? or is the reviewer a close friend of the author? Nothing is dated, nothing is misunderstood?

    I've never read a technical book I'd rate 10/10 ... 9/10 is reserved for the greats like Tannenbaum on networking, K&R on C - and books only get that rating in retrospect. (Usually when I buy the second copy, either because I wore one out or to have one at home and one at work.)

  • ...it's the parents who need this book, not the kids. The older the user, the more likely that user is to be completely and utterly clueless.

    When I was teaching kids computers, aside from the occasional porn background image (like farts, it never seems to get old to teenage boys) they weren't the ones I had to worry about. It was the teachers and administrative staff that continually fucked up the system.

    Max
  • by sheetsda (230887) <doug.sheets@gmai l . c om> on Tuesday August 24, 2004 @04:03PM (#10060289)
    Firewalls are discussed in detail, as well as their possibly unintended consequences (an online game refuses to run because a critical port is being blocked by the firewall, for example)

    This reminded me of a recent disturbing incidedent at a LAN party I was hosting. We were playing Halo, behind my router, configured with a firewall and NAT; DMZ was off, one of my guests was hosting the server so no unintentional rule in the firewall would've been forwarding him traffic from the outside (he was also DHCPed, further reducing the likelyhood, AND I checked the rules later), we had set up no additional firewall rules to allow people on the internet to connect to the Halo server, to our surprize and my chagrin, people outside my router were able to connect to the server apparently being run inside my LAN, somehow bypassing my firewall. Everyone at my LAN party has a good bit of network and computer experience, but this left us scratching our heads. We had always assumed Halo did the standard client-server thing and waited for clients to connect to it on some port. To this day I'm still not quite sure how it happens; my best guess is Halo connects to some master server which instructs to connect to the client machines, or (more likely) clients connect to the master server and data flows through it on its way to the game server. Anyone know for sure how Halo's doing this?
  • by ch-chuck (9622) on Tuesday August 24, 2004 @04:05PM (#10060314) Homepage
    Gheez, Back in my day, the only hazard of using computers was getting your tie caught in the chain printer.
  • by canfirman (697952) <pdavi25@@@yahoo...ca> on Tuesday August 24, 2004 @04:06PM (#10060325)
    Regardless of the statistics, he gives extremely good advice about how to use a chat room safely

    That's why I only chat with my new friends who want to give me $10,000,000, as long as I give them my banking information.

  • When you've been hit (Score:3, Interesting)

    by Doctor O (549663) on Tuesday August 24, 2004 @04:08PM (#10060337) Homepage Journal
    "Dan gives a careful, step-by-step menu of what you can and should do to recover as much as you possibly can, eradicate the malware that is causing the problem, and get your system back to a usable state"

    The only way to a secure system after being hit is recovering your data, formatting the drive and reinstalling. If your machine has been compromised, there can *always* be other malware installed through the backdoors it opened. If the chapter is only about the above, without the reinstall part, it's not doing the readers much good.
    • thats crap.
      If you understand how you have been hit, then you can remove it.
      Your suggest is right up ther with the 'lets change something and see if that fixes the bug' type of software development.
  • by Wild Bill TX (787533) on Tuesday August 24, 2004 @04:10PM (#10060357) Homepage
    Virtual Girlfriend
    Posted by CmdrTaco on Tuesday August 24, @11:40AM
    Always Use Protection
    Posted by timothy on Tuesday August 24, @02:30PM
    Is it just me, or is Slashdot messing with us?
  • Teens don't care (Score:2, Interesting)

    by niteice (793961)
    They don't. No person the age of 11-18 cares about computer security...yet they come to me when their PCs "don't work right".
    I'm 13. I know how these people work. I've seen cases that belong on Computer Stupidities [rinkworks.com], like attempting to reconnect a mouse+keyboard and electrocuting themselves (bent pins). They have no idea about keeping their computers free of spy/adware. ("viruses"...) They expect their computers to work perfectly, or assume everything included in Windows XP will keep them free of virii/spyw
    • I think you're referring to not-so-savvy teenagers (and extending that indefinitely), which doesn't say much at all. I've dealt with a million adult dunces and maybe one or two teenaged ones.
  • The book is cheaper at buy.com, it is under 12 as opposed to BN where is is $17. click here [buy.com]

    disclaimer: I have no fiancial incentive for pointing you to this link, etc. etc.

  • by DanAppleman (674995) on Tuesday August 24, 2004 @04:53PM (#10060848)
    Just in response to some of the comments I've read so far:

    Teen's don't care... Many don't. But they, like home users in general are have huge problems with regards to security. So what do we do? Just give up? We (and this includes all the knowledgeable teens) have to do what we can to improve the situation. This book is my contribution to the effort.

    Better taught in person than from a book... I agree, but many parents don't know enough to teach security - their kids know more than they do. In those cases I actually suggest flipping it around: teens, teach your parents! I've met a number of teens who have thier security act together - more who just think they do:-)

    Parents and grandparents are a better audience for the book... I've gotten some very nice emails from adults and seniors who find it very readable.

    The title is a gimmick... Sure, but you'll remember it, right? Actually, the title was the idea of a group of teens. I never would have come up with it on my own.

    For more info including the book's introductions visit http://www.alwaysuseprotection.com/ [alwaysuseprotection.com]

  • Dan Appleman is on the second half of this show, and talks about his book, among other things. http://www.franklins.net/fnetdotnetrocks/dotnetroc ks.aspx?showid=49
  • Always Use Protection should be read by every parent

    I have a better advice: Always Use Protection in order not to become a parent. So you need not to bother with teenagers later.
  • by theblacksun (523754) on Tuesday August 24, 2004 @05:41PM (#10061260) Journal
    The standard user can't use a firewall. They will end up screwing things up; I've seen it many times. They inevitably create a bad policy that breaks something, and I've seen instances where this bluescreened the machine. The firewall needs to be at central node and run by someone qualified, not on workstations. Unfortunately for the instances in which there is no central node (i.e. plugging a workstation right into a broadband connection) then I still say screw the firewall: Just stay on top of updates, and hope for the best. It's how we run our department and the hacks are few, far between, very rarely on a workstation, and always because the system is out of date. Well that's my $.02 anyway.

"Don't discount flying pigs before you have good air defense." -- jvh@clinet.FI

Working...