The Symantec Guide To Home Internet Security 139
r3lody writes "There are many households that have high-speed Internet connections, yet most people are simply not doing enough to protect themselves from the many exploits that exist. The Symantec Guide to Home Internet Security by Andrew Conry-Murray and Vincent Weafer was written to speak to those people. Symantec Press is the publisher, yet it remains reasonably vendor-neutral. This book is for non-technical people. Its ten chapters cover a relatively slim 240 pages, so it should not intimidate someone who is not a computer professional. Also, you do not really have to read the book front-to-back, but you can focus in on the chapter or chapters that interest you and have fairly complete information." Read on for the rest of Ray's review.
The first chapter gives the reader a basic overview of the risks of using the Internet without some steps to protect yourself. Fraudsters, those who ply you with get-rich-quick schemes and other spam-delivered scams, are distinguished from hijackers who compromise your machine for local data or to make it part of a “bot farm”. The remaining chapters discuss various aspects of security exposures, how to protect yourself from them, and conclude with a checklist of high points and “Helpful Resources” that contain web sites, phone numbers, and occasional additional side-bars with more in-depth examples.
The Symantec Guide to Home Internet Security | |
author | Andrew Conry-Murray and Vincent Weafer |
pages | 240 |
publisher | Symantec Press |
rating | 8/10 |
reviewer | Ray Lodato |
ISBN | 0321356411 |
summary | A slim volume packed with valuable information for non-technical Internet users. |
The next chapter is a very informative chapter on preventing identity theft. This part of the book is worthwhile, even if you don’t use the Internet for financial transactions. The authors mention how your personal data can be stolen from company databases, despite precautions you yourself have taken. There are discussions on social engineering and dumpster-diving, as well as phishing scams and keyloggers. The best part of the chapter is the “Recovering from Identify Theft” section. Hopefully you will never need the information there, but it’s very helpful to see it collected in a simple bulleted list. The second side-bar at the end discusses a personal account of a brush with identity theft.
Chapter 3 covers firewalls, which most people think is the only protection they need. It discusses the basics of Internet Protocol (IP), and what firewalls can and can’t do. Lists of both free and commercial firewall products are provided. It wraps up with a few sites that can test your firewall settings to see if you are really protected or not. There were a couple of minor errors (for example, 192.101.432.156 is offered as an IP address, but the third number can’t be more than 255), but most non-technical people need the product lists provided.
The following two chapters cover the various forms of “malware” (viruses, worms, adware, spyware, and Trojans). Conry-Murray and Weafer provide several preventative actions you can take to avoid infection — the most important involves using your common sense (e.g. “Use a firewall” and “Don’t Open Strange E-Mail”) They wrap up by describing how to remove malware via the available anti-spyware programs.
The final category of unwanted Internet debris is spam. The authors state that for most people “spam is an annoyance rather than a plague.” However, they go on to disclose figures that estimate anywhere from 50 to 90% of the 30 billion e-mails sent each day are spam. To explain why spam works, a side-bar talks about Jeremy Jaynes, who was convicted in November 2004 for spamming. He generated about 10,000 credit card sales per month. Two-thirds of those were returned, yet he still netted more that $100,000 a month.
Chapter 7 covers securing Windows XP. At the time of publishing, Microsoft had come out with XP Service Pack 2, with the Windows Security Center. A large section deals with installing SP2 and configuring the Security Center. It’s kept at a level that most users can comprehend and follow, making it another very worthwhile chapter. The following section describes securing Internet Explorer 6 in great detail. The authors do suggest, however, that you might want to use a different browser, such as Firefox or Opera. The thinking is that Firefox and Opera will be more secure because fewer exploits are targeted towards them.
Locking down Windows and IE is not enough to keep your family safe. That’s why they devote the next chapter to “Keeping Your Family Safe Online.” Pitched mostly to parents of younger kids, chapter 8 starts by talking about blocking objectionable content using IE’s Content Adviser. Sexual predators is the next topic, and the authors give the reader good information on how to monitor your children’s online activities, as well as how to report solicitations to the authorities. The final topic revolves around file-sharing software. While they mention the prospect of downloading viruses, the legal ramification of potentially housing illegal downloads is the most important lesson to take away from this section.
Many homes are now using wireless access points. Unfortunately, poor configurations open them up for eavesdroppers and bandwidth hijackers. The simple precautions of changing and hiding the network name (SSID) and changing the password will do a lot, but encryption using WEP, WPA, or WPA2 will help a lot more. They also go into the security issues of public hotspots, including the prospect of “Evil Twins” (user computers that offer a look-alike access point just to steal your personal information).
The book wraps up with a chapter on “Privacy and the Internet.” Anyone who conducts any transactions over the Internet has their personal data stored on a computer that might be accessed online. The key precaution is to not divulge any information you don’t absolutely have to. Data Brokers collect amazing amounts of information on each of us. Three major companies, Acxiom, ChoicePoint and LexisNexis are individually described, with information on how to get reports on what information they’ve recorded, and possibly how to opt-out of having it stored.
Andrew Conry-Murray and Vincent Weafer conclude the book by giving the reader five basic steps to protect themselves online. However, I prefer their final, single simple rule: Use Your Common Sense.
The Symantec Guide to Home Internet Security, though a slim book, is packed with a lot of valuable information pitched to the non-technical user. I believe that anyone with a computer connected to the Internet would benefit from reading this book.
You can purchase The Symantec Guide to Home Internet Security from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Re:Hmm... (Score:5, Insightful)
They expect Joe SixPack to read this? Yeah right (Score:1, Insightful)
Just like driving a car, they don't care how it works, just how to use it and that they need to take it in for maintenance at regular intervals. Joe SixPack or my grandmother should take their computer in for maintenance or have someone competent set it up and that competent person create a "dummy guide" of make sure your subscriptions to anti-virus, anti-spyware (or setting them up on Ubuntu), etc are up to date and click here for help and do this if this happens. If anything else happens call someone for help.
Dell and others are helping nobody by including trial versions of "anti-virus" programs. I can't even count the number of times those trials have expired and the people haven't gotten virus definition updates for 6+ months.
They won't read it (Score:4, Insightful)
Hmmmm.... how about: DON'T USE WINDOWS (Score:0, Insightful)
If so, just buy a mac or better yet use Linux.
That is all.
That's the whole trouble (Score:4, Insightful)
That's the whole problem. If we need that much space to explain people how to be online without being owned, 90% of 'em won't read it, and will get owned.
Until we've solved that problem - and it's not a technological one, there is no geeky solution here - there is no real security for the average computer user.
Re:WTF (Score:5, Insightful)
Nice review. No idea why you posted it here though.
My guide (Score:2, Insightful)
Re:WTF (Score:3, Insightful)
That may be true for values of "we" that are Windows power users, but what about those of us whose solution to avoiding Windows viruses is "open all files in a different OS"? We've got clueless relatives to support too, you know, and that's hard when we're equally clueless. My dad's job requires him to open Office documents from "high virus risk" senders (so a book that educated him alone would be insufficient), yet the Norton virus scan on those documents is so slow that he's looking at upgrading the (otherwise still speedy) computer. Surely "we" know more than "Symantec is crap" - could that perhaps be elaborated to "Symantec is crap; Office hasn't been susceptible to macroviruses since 200X" or "Symantec is crap; Antivirus software Y won't bog down your computer"?
Re:Hmm... (Score:2, Insightful)
The threats on the Internet and the responses available have changed significantly since then.
Re:That's the whole trouble (Score:3, Insightful)
And still, cars are a lot less dangerous than they used to be, while simultaneously easier to use.
Computers? Hardly.
The point is still that as long as it is difficult to set up some basic security, few people will do it. And it isn't that terribly difficult, really.
One example: I have sudo or the equivalent on any system available now, even something similar on windos. And yet, there is absolutely no feedback whatsoever if the current window or app is running with elevated privileges or not. And while we're at it, why is there no "sandbox" mode built-in where I can test something I downloaded from the Internet? Nothing fancy, I could probably script it, but why isn't it there by default, not in windos, not in OS X, not in Linux?
That's the kind of stuff I'm talking about. Yes, many people are stupid idiots. But still, if you make it hard to do the right thing, don't be surprised if nobody does. On the contrary, make it easy to do the right thing and you'll find that lots of people do.