Computer Security FAQ
- What is malware?
- Malware is any kind of software that compromises security (or performs other bad actions) on a user's computer. Malware, as a general category, includes spyware, viruses, trojan horses, and a host of other sometimes whimsical names for security compromising software.
- What is phishing?
Phishing is a social engineering technique whereby hackers send authentic-looking emails to a user in order to persuade the user to share some sort of valuable information (e.g., for identity theft or other fraud).
One specialized technique is 'spear phishing'. In this scam, email apparently from a trusted organizational representative is sent to that person's organization in order to glean credentials for subsequent hacking attacks.
- What is spyware?
Spyware is computer software that is generally surreptitiously installed on a computer in order to collect information from the computer's user. Such information includes:
- Web sites visited
- Keys typed (including chat sessions and word processors)
- Other application data (including the other half of chat sessions and displayed email)
- File contents
- Search habits
- Camera images
- Sound received by the computer's microphone
Note that spyware is installed without a users' permission. Some programs (e.g., filtering software for juveniles) are installed by parents or institutions for the express purpose of 'spying'. Presumably the spied-upon users are informed (vs. the surreptitious paradigm used by spyware).
- What is a firewall?
A firewall is a piece of hardware (or sometimes software on a user's computer) that examines all network traffic destined to one or more computers. It applies filtering rules to try to remove malicious traffic before it can reach a user's computer.
Most security experts recommend using both a firewall and also antivirus software.
- What is antispyware software?
- Antispyware software tries to find and disable (and/or remove) spyware from your computer. Historically, spyware came as a sort of "add on" to other malware that inundated a computer's user with pop-up advertising.
- How do antivirus programs work?
Antivirus programs monitor a computer's file creation mechanism and use sophisticated pattern-matching mechanisms to see if new files have a 'signature' that matches any known malware.
The list of malware signatures must be updated regularly (an operation performed automatically by any reputable antivirus program).
- What is the weakest link in my computer's security?
- Generally, passwords are the weakest link in any security situation. The temptation to lend a workstation or account to someone is very high. Once the password is known, somehow others seem to learn it as if by telepathy. Keeping your passwords secret is the first step to keeping your system secure.