Security+First

Security First


When you buy a computer, it is not secure. You should never pull a computer out of the box and connect it to the Internet unless you take steps to protect it. Think of your PC as a world traveler who needs vaccinations to avoid diseases in its travels.

In fact, your new computer most likely is plagued with numerous security holes, which are flaws in the way your computer’s programs have been written that would make your computer vulnerable to attack. Just how serious the flaws in the code are determines how much access an attacker or that attacker’s malware can gain.

If you’re wondering why your computer has holes before you use it, the answer is that computer systems run on programs—literally tens of millions of lines of code that tell the computer how to interpret what you, the user, want to do. All those lines of code are written by human programmers. Those programmers can make mistakes that can be leveraged by hackers to gain unauthorized access to your computer. This probably sounds strange, but most programmers were never taught how to write secure code. To take it one step further, programmers don’t think like criminals. We don’t use that term very often, but that’s what someone who deliberately steals or damages someone else’s data is—a criminal. Your average pro- grammer hasn’t always thought, “Gee, I could use these lines of code to break into someone’s computer,” because the programmer doesn’t actually WANT to break into anyone’s computer.

===1. How do programmers unknowingly help hackers gain access to the computers of others? ===

The lack of focus on security as part of the design process is starting to change. More programmers are beginning to audit (double-check) their code with special tools that look for programming errors that can lead to unauthorized access to the system or data. It will take a long time for the programming community to catch up, however. Think of the millions of lines of code already out there that have been developed by programmers with good intent, but poor security-programming skills. Since all computer systems have security holes, you must protect yourself and patch those holes before you start surfing the Internet, downloading music, or gaming.

Why so fast? Once you’re online, it can take as little as 15 seconds for someone to attack your machine. If you don’t install security first, that first attacker may gain access to your computer without you even knowing about it! At worst, the attacker could make off with enough personal data to steal your identity. If you use financial software to track the bank account you opened for college savings when you picked up that after school job, keep in mind that your data isn’t just information. It could be cash as well. And just to add another twist, a hacker could even use your computer to launch an attack on other computers! For these reasons (and many more we’ll get to later), don’t ever surf the Internet without security patches, antivirus software, and a firewall installed.

2. Why do you need to make sure your computer is secure so quickly after getting it?
When you bought your computer, you probably started with a list of requirements: how much memory, how much disk space, what kind of graphics you’d need for your favorite games, whether you want to burn DVDs as well as view them. Before you go online, you also need a Computer Security shopping list. This list is a basic list. You should not leave any one of these items off your list. Virus protection must be on that list. You have to install it and configure it to update your computer automatically. You also need to install any security patches that have been issued for the operating system and the software you plan to use.

===Security Hole-Any flaw in the way a computer program is written or used that makes your computer vulnerable to attack. Security experts also call this a security vulnerability. ===

===Security Patch-A fix to a program to close a known security hole. Patches are routinely issued for operating systems (like Windows 7) and Internet browsers (like Internet Explorer and Firefox) as well as other software applications. You get these when you update your computer’s software. ===

===3. Have you ever had a security issue with your computer that you know of? Describe what happened. ===