Always Use Protection 307
| Always Use Protection: A Teen's Guide to Safe Computing | |
| author | Dan Appleman |
| pages | 288 |
| publisher | Apress |
| rating | 10/10 |
| reviewer | Raymond Lodato |
| ISBN | 159059326X |
| summary | An excellent and realistic reference for teens and their parents/guardians about the potential hazards of computing. |
Dan Appleman knows how to talk to teenagers. He's made the presentation very logical, he keeps the chapters a reasonable length so a teenager won't feel overwhelmed, and he had a crew of teenagers review this book before it was published so that he knew they would understand it. Those adults who aren't technically adept will find it an easy read, too.
Always Use Protection is broken up into three main parts: Protecting Your Machine, Protecting Your Privacy, and Protecting Yourself. There is a fourth part with useful appendixes, also.
Protecting Your Machine goes through all of the gremlins that can bother your computer, how to get rid of them and how to prevent them from coming back. Viruses, Trojan horse programs, and worms are covered clearly. Not too much depth involved, but not too little either. Dan covers the ins and outs of the three main preventive measures: anti-virus programs, firewalls, and system configuration and updates. He makes sure that his discussions relate to the types of programs that teenagers are likely to run: P2P software, online games, Instant Message clients, e-mail programs, and web browsers. He's careful to include other avenues of attack besides the Internet, such as infected floppies and CDs cut by well-meaning friends.
Always Use Protection explains how to determine which type of anti-virus programs are available and how to run them (using McAfee's VirusScan as an example), but puts the responsibility for deciding which one to use squarely in the reader's lap. Dan has made sure that he's not pushing any particular product over another. In fact, there were one or two places where I wished he'd just come right out and say I'd recommend blah-blah software, but he always said the reader should check the pros and cons of the possibilities and make their own decision.
Firewalls are discussed in detail, as well as their possibly unintended consequences (an online game refuses to run because a critical port is being blocked by the firewall, for example). He does state that if you're on a network behind a router, you may not need a firewall. This is my only disagreement with Dan. I believe a personal firewall should be on each and every machine, regardless of how it connects. It will protect not only the machine itself, but make it harder for the machine to attack others.
Software updates are probably one of the most under-utilized options in the home. News items in papers and on the web speak frequently about how such-and-such a virus got into machines mainly because security updates available from the manufacturer for months were simply not installed. Dan makes sure that the reader understands how shortsighted that approach really is. The updates are usually free, and just take a little time to download and install. Always Use Protection explains exactly how to do that and why it's a good thing.
The configuration chapter describes many little tweaks available to harden your browser and e-mail reader. Many people are not aware of the number of 'dials' they can play with (and if they were, they'd probably be overwhelmed), but this chapter zeroes in on the most important ones.
If this book was only chapter 9 - What to Do When You've Been Hit - it would still be worth the cover price. In this chapter, Dan gives a careful, step-by-step menu of what you can and should do to recover as much as you possibly can, eradicate the malware that is causing the problem, and get your system back to a usable state. It's the one chapter he says you shouldn't read front-to-back, but follow the links (if you see this, go to this section) like one of those make-your-own-ending books. I have this one bookmarked for future reference.
The next four chapters form Part II - Protecting Your Privacy. In here, Dan explains the various ways your personal information can be gleaned, mostly from a user innocently filling in a form supplied by a con artist. He talks about identity theft and what it means to a teenager. The need for good passwords is clearly discussed, but he acknowledges that most people won't use strong enough ones. Therefore, he promotes a simple plan with three passwords (high, medium, and low-security) that will work in most cases. He ends off this part with a good treatise on cookies of all forms, and how to turn off the worst ones.
Finally, he talks about protecting yourself in chat rooms and from common scams. While there is a lot of press about teenagers being lured by scoundrels in chat rooms, Dan notices that the actual statistics are very low. Regardless of the statistics, he gives extremely good advice about how to use a chat room safely (mostly involving lying about almost any bit of personal information you might be asked for).
The appendixes have good summary information for teens and adults, and have a special appendix just for the parents. It give good advice to make sure your teenager is willing to come to you for question without worrying about losing online privileges.
All in all, Always Use Protection should be read by every parent and, hopefully, by their kids. I'm going to try to get my 15- and 13-year old to read it (Good luck to me! You should have seen the arguments to get them to finish their summer reading!) I liked the approach, the content, and the presentation so well, I had to rate this a 10.
You can purchase Always use Protection: A Teen's Guide to Safe Computing from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.
But... (Score:5, Funny)
oh yeah, first post.
Re:But... (Score:5, Funny)
Just wait till you actually have a partner!
Re:But... (Score:3, Funny)
Re:But... (Score:5, Funny)
Re:But... (Score:3, Funny)
Three words: (Score:3, Informative)
It still does the flash up thing if it detects an app it doesn't like, but I belive you can turn that off. In any case, it hasn't crashed a single full screen game for me--like ZA regularly did. It will either minimize the game, or pop a little window up infront of the game, and prompt you.
It will also alert you if a known good program has been replaced. In all, it's tons less intrusive than Zone Alarm, and MUCH less bloated, and you can create your own rulesets pretty intuitive
As the parent of two teens who do amazing things (Score:3, Interesting)
Do you remember being a teenager? (Score:3, Insightful)
I learned more about computer security by trial and error on a piece of crap 486SX than I think I could learn from a book. Why don't more of these parents spend $100 on a crappy old machine than $100 on the best in virus protection and let the kids go nuts? They'd probably learn a whole lot more...
Move back to DOS (Score:3, Interesting)
One of the BBSs that I used to use, would allow us to drop into an MPM shell, but you would have to answer a questions, "what is the name of the debugger?"
DOS? (Score:4, Insightful)
Re:Move back to DOS (Score:5, Insightful)
And while we're at it, lets force everyone to become an automobile mechanic before they are allowed to have a drivers license. That way they would know enought to take care of their own cars.
I agree that it would be nice if everyone were better at using computers so they could all do what we can do, but that is unrealistic. When I was in support, i made it my motto that it was not my job to teach everyone how to use their computer better, it was my job to make the computer do what they needed it to do. These people have more important jobs (from the perspective of the companies' needs) and should not have to spend their time learning and working the computers till they become Leet. They were their to run the company. I was there to make sure the computers ran smoothly enough so they could concentrate on doing their own jobs, not mine.
YMMV
Re:Move back to DOS (Score:2)
2) Using a computer securely is a lot closer to teaching someone not to leave the keys in the ignition. When worms get on a system, the system can be used as an accessory to crime, what's that got to do with a car mechanic?
My own 2) just cancels my own 1) though, there is no thing experts can do to prevent abuse of a trust
Re:Move back to DOS (Score:2)
"The problem with your analogy is that people are required to be basically competent at driving before they are legally allowed to drive."
Nope. The problem with your response is he never mentioned their being competent at driving, he mentioned their being competent at maintenance.
Learning how to tweak the grist
Re:Move back to DOS (Score:2)
Say what? Who said anything about vehicular manslaughter? Since when does a mechanic have the ability to control vehicular manslaughter (other than to stop the car from running completely)? That was not my analogy, and please don't put words into my mouth, thank you very much. And it is possible, though not common, for a person to be a mechanic but not have a drivers license.
The article is not about people who send spam and viruses, its about the people who's machines are the victom
Re:Move back to DOS (Score:2)
Re:Do you remember being a teenager? (Score:2, Interesting)
Re:Do you remember being a teenager? (Score:2, Insightful)
-Phixxr
yah right (Score:4, Insightful)
Re:yah right (Score:2, Insightful)
Re:yah right (Score:3, Insightful)
For me, at least, Appleman was a crap writer. He was patronizing in his attempts at not being patronizing - if you can't talk to us normally without it, then your attempts will almost certainly be pathetic.
The best way to educate them is to let them piss the thing up, get someone knowledge
Well... (Score:3, Funny)
Re:Well... (Score:2, Interesting)
Re:Well... (Score:3, Interesting)
Abstinence... (Score:5, Funny)
Just stay off the internet until you're 18, kids... (and you have your own damn computer/network to infect)
Re:Abstinence... (Score:4, Funny)
BTW this is intended as humor but all of the above is actually 100% true. I'm 19 now btw.
Re:Abstinence... (Score:2)
Is your son a computer hacker? (Score:5, Interesting)
That's not to say that it's a bad book or the review is flawed, though some of the comments would tend to tell me that the reviewer isn't as "computer savvy" as I might like in a person reviewing a book. A properly configured border firewall, for example, will protect systems behind it. That says nothing of the duties of many of those "personal firewall" applications that are actually much more than firewalls (spam filters, scumware/spyware/adware scanner/filters, etc).
I just found it amusing that the adequacy.org article was the first thing I thought of when reading this review...
Re:Is your son a computer hacker? (Score:2, Funny)
Re:Is your son a computer hacker? (Score:5, Interesting)
I'm impressed that anyone could truly be that ignorant (and I do in-home tech work!). Are you sure it isn't meant as a joke? Quake as a hacker program... *snickers*Okay, now I'm thoroughly convinced it's a joke...
Re:Is your son a computer hacker? (Score:4, Funny)
Okay, now I'm thoroughly convinced it's a joke...
Of course it's a joke. Now the only question is whether it is an intentional joke or not.
YHBT! (Score:2)
Re:Is your son a computer hacker? (Score:2, Insightful)
Re:Is your son a computer hacker? (Score:2)
"We got trouble! Trouble in River City! Trouble with a capital T and that rhymes with P and that stands for Pool!"
Maybe if you used protection (Score:5, Funny)
Re:Maybe if you used protection (Score:2)
Rubber (Score:3, Funny)
Teenagers? (Score:5, Insightful)
Re:Teenagers? (Score:5, Insightful)
I thought exactly the same thing.
In fact, I've got three machines in my office right now from adults that I've got to fix. They've all responded with variations of "You mean they update the software and I don't have to pay for it?" when I asked when the last time they ran Windows Update.
I guess I just don't understand how somebody can see all of the identity theft, worm, trojan horse, and phishing scam stories in the news and still think they're perfectly safe.
Re:Teenagers? (Score:2)
I have far too many friends and relatives that this applies too, and I can tell you why. They have absolutely no clue what any of the jargon means. A news story that says "Today a trojan spread across the internet attacking unpatched computers and causing a denial-of-service attack on Yahoo's DNS servers." to them reads "Today a
Re:Teenagers? (Score:2, Funny)
Because teenagers are fragile creatures with delicate minds still in formation. You can't expect them to, or their parents to allow them to, read a Dummies book. They need special, age appropriate, handling, or it will take herds of social workers decades to help them deal with the psychological damage of dealing with adult themes in adult language.
In phrasing your question you obviously weren't thinking of the children.
KFG
Re:Teenagers? (Score:2, Interesting)
How about households with both parents working and the teenage child(ren) unsupervised from 3:00 - 6:00 pm after school? You don't think there is a reason for them specifically to learn about AV protection etc.? And while this book is aimed at teenagers, I'm sure it would be good for less computer literate adults.
Re:Teenagers? (Score:2)
Because whenever I visit my dad I end up cleaning all kinds of crap off his computer, all of which I'm invariably able to trace back to my teenage brother, despite the fact that he is arguably the most computer savvy of the 4 regular users of the machine.
I suspect I'm not alone...
Re:Teenagers? (Score:2)
What worries me is the new, particularly nasty spam mail that's out there. Has anyone out there seen the ebay phisher spam? It sends you an email that is indistinguishable from something ebay would send you (though, of course, ebay would never send this,) which redirects you to a bare URL to 'update' your information--including your credit card. Easy enough to spot if you know what's going on o
Comment removed (Score:5, Funny)
Re:Time for "the talk" (Score:2)
Re:Time for "the talk" (Score:2)
Why Did (Score:2, Funny)
backups? (Score:5, Insightful)
People don't bother to backup data..
People forget to back up data.
People need to verify backups..
SyOps symlink backup data directories and cause $40,000 losses due to data not being backed up.
That is one of the best ways to "protect yourself"..
"jesus saves" and all that..
Re:backups? (Score:4, Funny)
But Moses migrates.
KFG
Re:backups? (Score:2)
Oh, that's right, backups aren't necessary for home installations, that's why Microsoft left it out!
Re:backups? (Score:2)
If you're smart, you keep hardcopies of the really-really-really serious stuff in a file cabinet.
Back up your bookmarks, your taxes, your email and your pet projects. The rest is just porn / music / video / games anyway, probably replaceable.
Just take the mindset of all these P2P whore kids. You know the best part about losing 200 GB of media that they spent the last 6 months leeching off of P2P? They now have something
Nope (Score:2, Insightful)
Ohh yeah. (Score:5, Funny)
Why, yes, it is a machine. Thank you.
The Best Protection (Score:5, Insightful)
IMHO, these things are better taught in person than with a book. The reviewer did not mention actually spending any time with your kids. I hope the book does, because too many people are using books and products like these as a substitute for teaching thier kids in person about computer safety.
Re:The Best Protection (Score:5, Funny)
Wait... what were we talking about again?
Re:The Best Protection (Score:2, Funny)
That is very good advice. It is important for parents to sit down with their kids and discuss computer security, lest they learn it on the "streets" or from their friends. Next thing you know, your kid will be sneaking out of the house late at night to go download spyware in some sleazy motel.
Re:The Best Protection (Score:5, Insightful)
Of course, this doesn't work if you only have one computer in your house, but I suppose that's a whole other kettle of fish...
Why do you think the parents know? (Score:2)
I think in some cases, a good answer is the parent reading the book, then discussing things with their teen. In others, just read the book, then have your teen read it. Maybe quiz them as part of their test before getting their "internet license" (giving them access).
Re:The best protection is DON'T USE WINDOWS (Score:3, Insightful)
when I got my first computer... (Score:5, Funny)
protection? (Score:2, Funny)
Or condoms?
El Presidente Bush will be muchly displeased!
As a teenager (14) who uses computers... (Score:5, Interesting)
As a teenager (17) who uses computers... (Score:2)
Unless a root exploit is discovered in mplayer, I figure I'm pretty safe.
Should I write a book about how to _really_ protect yourself?
Re:As a teenager (14) who uses computers... (Score:5, Insightful)
A good rule to follow is to treat all Unix systems like servers, regardless of what role they actually serve. If your machine is listening on a network-accessible port, then it's your responsibility to protect that port.
If you're 14 and administering your own Linux system, then you probably have the intellectual curiosity to do well working with computers. However, you don't have even half of the professional paranoia required to make the leap between "competent" and "great". Unfortunately, only time and mistakes will get you there. Just do what you can to make your learning experiences as painless as possible.
Talk to your parents... (Score:5, Insightful)
The problem with these sorts of books... (Score:4, Insightful)
A better audience for a similar book would be the average parent PC user who doesn't understand why their PC is giving him those stupid Messenger messages, why they should run Windows Update or the average 419 scam to make them better equipt for the world. In my admittedly limited travels, it's been a lot easier to explain technical stuff to the teenage generation, and I'm sure each teenager has a
I also assume the book includes a degree of uninformed scaremongering. Firewalls are not required - indeed, you can safely use the internet without a software firewall simply because they can be easily bypassed by anyone caring enough to bypass them - ie trojan writes. Viruschecking software is not essential if you are smart enough to know what you're running and don't run the average VBS file or P2P fraud (PHOTOSHOP 7.0.REAL.EXE). 4 years with yearly virus checks confirms this.
And I'm sure that parents treat children like idiots regarding the average "chatroom" use. No doubt the fools who previously gave their names and telephone numbers to random people on the 'net must have got the message by now, and that assumes that there are large amounts of people gullible to be taken in by it.
Re:The problem with these sorts of books... (Score:2)
I'm here to tell you that there's plenty of teenage lusers out there whose computer knowlege amounts to how to use Kazaa and play games.
Infected CDs? (Score:3, Interesting)
Has anybody ever gotten a virus from an infected CD?
Re:Infected CDs? (Score:3, Informative)
Re:Infected CDs? (Score:2)
I don't usually bash Microsoft, but a few years ago they shipped the Korean edition of VS.NET with the Nimda virus. [microsoft.com] ^_^
Personally though, no.
Re:Infected CDs? (Score:2)
Re:Infected CDs? (Score:2)
Re:Infected CDs? (Score:4, Informative)
Yes, and what's worse is some [ibm.com] manufacturers have actually shipped products containing viruses more than once!
In 1992, IBM accidentally shipped 500 PCs carrying the Michelangelo [vmyths.com] virus.
And in 1998, they spread the CIH Virus [wikipedia.org]:
I love having viruses pre-installed!!!!Re:Infected CDs? (Score:3, Interesting)
(Actually, it could be argued that AutoRun copy-protection software on an audio CD may be a virus.)
Re:Infected CDs? (Score:2)
Re:Infected CDs? (Score:2, Interesting)
(No, the other images weren't porn...)
stereotypes (Score:2, Interesting)
Are you kidding? (Score:5, Funny)
It should be the other way around. If my parents and sisters read such a book, maybe I'd get less tech support requests.
Re:Are you kidding? (Score:2)
Same here, except I am about to be laid off ... of sorts.
.... or phone me. Whatever.
Since my dad got a job in some hick town in Southern Ontario without a university, I am staying in Thunder Bay and continuing to attend university. This means that when my family has computer problems down south, they must *gasp* apply some problem solving skills!
And for those of us not running Windows?? (Score:3, Interesting)
10/10 ? (Score:3, Insightful)
Is this really a perfect technical book? or is the reviewer a close friend of the author? Nothing is dated, nothing is misunderstood?
I've never read a technical book I'd rate 10/10 ... 9/10 is reserved for the greats like Tannenbaum on networking, K&R on C - and books only get that rating in retrospect. (Usually when I buy the second copy, either because I wore one out or to have one at home and one at work.)
from my experience... (Score:2)
When I was teaching kids computers, aside from the occasional porn background image (like farts, it never seems to get old to teenage boys) they weren't the ones I had to worry about. It was the teachers and administrative staff that continually fucked up the system.
Max
Online games and firewalls - Halo (Score:3, Interesting)
This reminded me of a recent disturbing incidedent at a LAN party I was hosting. We were playing Halo, behind my router, configured with a firewall and NAT; DMZ was off, one of my guests was hosting the server so no unintentional rule in the firewall would've been forwarding him traffic from the outside (he was also DHCPed, further reducing the likelyhood, AND I checked the rules later), we had set up no additional firewall rules to allow people on the internet to connect to the Halo server, to our surprize and my chagrin, people outside my router were able to connect to the server apparently being run inside my LAN, somehow bypassing my firewall. Everyone at my LAN party has a good bit of network and computer experience, but this left us scratching our heads. We had always assumed Halo did the standard client-server thing and waited for clients to connect to it on some port. To this day I'm still not quite sure how it happens; my best guess is Halo connects to some master server which instructs to connect to the client machines, or (more likely) clients connect to the master server and data flows through it on its way to the game server. Anyone know for sure how Halo's doing this?
Re:Online games and firewalls - Halo (Score:2)
for sure -- no. But lots of things can be done with standard ports that are likely open, such as http, telnet, and smtp.
Re:Online games and firewalls - Halo (Score:2)
2. This is unique to Halo. There are worlds of network administration and computer knowledge apart from any game.
kids these days (Score:5, Funny)
Safety in Chatrooms (Score:3, Funny)
That's why I only chat with my new friends who want to give me $10,000,000, as long as I give them my banking information.
When you've been hit (Score:3, Interesting)
The only way to a secure system after being hit is recovering your data, formatting the drive and reinstalling. If your machine has been compromised, there can *always* be other malware installed through the backdoors it opened. If the chapter is only about the above, without the reinstall part, it's not doing the readers much good.
Re:When you've been hit (Score:2)
If you understand how you have been hit, then you can remove it.
Your suggest is right up ther with the 'lets change something and see if that fixes the bug' type of software development.
Subliminal messages (Score:5, Funny)
Teens don't care (Score:2, Interesting)
I'm 13. I know how these people work. I've seen cases that belong on Computer Stupidities [rinkworks.com], like attempting to reconnect a mouse+keyboard and electrocuting themselves (bent pins). They have no idea about keeping their computers free of spy/adware. ("viruses"...) They expect their computers to work perfectly, or assume everything included in Windows XP will keep them free of virii/spyw
Re:Teens don't care (Score:2)
Cheaper at buy.com (Score:2)
disclaimer: I have no fiancial incentive for pointing you to this link, etc. etc.
A few additional comments (Score:5, Interesting)
Teen's don't care... Many don't. But they, like home users in general are have huge problems with regards to security. So what do we do? Just give up? We (and this includes all the knowledgeable teens) have to do what we can to improve the situation. This book is my contribution to the effort.
Better taught in person than from a book... I agree, but many parents don't know enough to teach security - their kids know more than they do. In those cases I actually suggest flipping it around: teens, teach your parents! I've met a number of teens who have thier security act together - more who just think they do:-)
Parents and grandparents are a better audience for the book... I've gotten some very nice emails from adults and seniors who find it very readable.
The title is a gimmick... Sure, but you'll remember it, right? Actually, the title was the idea of a group of teens. I never would have come up with it on my own.
For more info including the book's introductions visit http://www.alwaysuseprotection.com/ [alwaysuseprotection.com]
Dan Appleman Radio Interview (Score:2)
Preemptive solution? (Score:2)
I have a better advice: Always Use Protection in order not to become a parent. So you need not to bother with teenagers later.
Users and firewalls don't mix (Score:4, Interesting)
Re:Scoundrel? (Score:2)
"I need to send this letter by autogyro to the Prussian consulate in Siam!"
Re:Walking on broken glass (Score:2)
Re:Great, Protection from protection? (Score:2)