Security Online
by Fernando de la Cuadra - International Technical Editor, Panda Software
When a computer connects to a network in an office for example, a world of working possibilities opens up to employees: sharing documents, messaging, instant access to data in other systems... In an office, the issue of security is not very problematic, as we are talking about an enclosed, generally closely-monitored environment.

Similarly, when you connect a computer to the Internet, the working possibilities are the same: share documents, access to information in any kind of computer, send e-mails to anywhere in the world. However, the Internet is always looked upon without considering its dark side. Since an Internet connection can provide access to information in a myriad computers, so maybe these computers can also access the information you have.

Generally, the process is not that simple, although for many hackers it can just take a few minutes, nothing more. Some basic safety measures can prevent the Internet connection from becoming a problem instead of an advantage.

The first thing to consider is that the main danger of the Internet at this moment is the proliferation of too many viruses. Even seemingly innocuous actions can carry with them the risk of infection. Have you received an e-mail? Well, with the infamous virus " I love you" you couldn't even trust a love letter. You want to browse the Web? There are many Internet servers with viruses in their pages (and not always unintentionally). Thinking of installing the latest free game everyone is talking about? It might contain a lovely Trojan Horse that, like its namesake, opens the door to attackers.

Besides the virus issue, which will be dealt with in more detail in another article in this series, while you browse the Internet, you actually receive lots of information in the form of files that stay in your computer. Most of these files pose no threat (see the section on cookies), but it's not always the case. For example, a web page might need to install a component on your computer to be displayed correctly. This can be a Java Applet (a small file with a program that carries out a certain action on your PC, like displaying an animation, a special effect or some web page feature), or an ActiveX control. These elements must be 'signed', that is, they must incorporate an authentication system guaranteeing that the content is the same at source and at destination. You should always reject an item whose signature is no longer valid or comes from an unreliable site, as it could have disastrous effects.



The much-maligned cookie.

A cookie is just a little bit of information about you that Internet servers store on your PC in order to know you have visited a certain web page and make things easier for you. For example, if you visit a sport newspaper's web page to see the latest score from the Arsenal (or Real Madrid) match, the page will store that data in your PC in the form of a cookie, so that the next time you enter the page it will display information about your favorite team automatically.

However, these 'harmless' cookies could pose a threat. If somebody looks at the cookies in your PC, they will know which sites you have visited, learning, for example, the kind of music you like, your hobbies or even your sexual tendencies.



These files can reach your computer in several ways. As previously explained, one of them is almost unintentional and results just from browsing itself, whereas on other occasions it is users themselves that bring files into their computers. A file download, for example, of an updated driver for a video card, a list of the closest drugstores, a summary of an ornithology congress, a new game level, etc. In these cases, it is you that is requesting for information to enter your computer and exposing yourself to danger.

Spotlight

Behavioral analysis and information security

Posted on 22 September 2014.  |  In this interview, Kevin Watkins, Chief Architect at Appthority, talks about the benefits of using behavioral analysis in information security and how behavioral analysis can influence the evolution of security technologies.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //