[an error occurred while processing this directive]
Home Donate Archives About Us Contests Links
Resources Subscriptions News, Sports, Weather and Lotteries Webfeeds
We had nine lucky prize winners in our first-anniversary giveaway who won nine different prizes. Check out the contests page for all the juicy details on what you missed.
We're running a slightly different format these days. Rather than publish a longer newsletter on a set weekly schedule, we're sending shorter newsletters on an irregular basis these days. Hope you enjoy!
You too can receive these newsletters in your e-mail. All you need to do is enter your e-mail address in the form in the top, right-hand corner of any page on the site and click the "GO!" button. So sign up now, eh!
If you have a suggestion for an article, factoid, joke, statistic or anything else for the newsletter, please send it to our researcher. Any comments about this Web site can be directed to the webmaster.
Covering Your Computing Assets.
December 1, 2000.
Craig sits in for Mike again this week. I think Mike's next article will be on discipline, and how to use it to get the newsletter out at a consistent time every week.
Covering your Computing Assets
By Craig Hartnett (firstname.lastname@example.org)
I love you. I was considering sending today's newsletter out with this subject line. How about, "Join the crew" or "Virus Alert!" or even "Get rich quick!"? Sound familiar? If you have an e-mail account, then these probably sound all too familiar. Today I'm going to address four areas surrounding electronic mail communications: hoaxes (virus and otherwise), chain letters, unsolicited commercial e-mail (more affectionately known as "spam"), and "netiquette".
First, let's define the scope of this article, as well as a few terms. It's not my goal to impart to you the total knowledge required to be the system administrator of a mail server (the computers that hum in the background of the Internet sending and receiving e-mail). All I would like to do is, hopefully, open your eyes to a bigger picture, and arm you with some knowledge so that you can make intelligent decisions when it comes to your e-mail (and covering your assets). Some terms you will need to know are as follows:
Virus: A program that, *when executed*, will carry out (usually undesirable) actions on your computer. Commonly feared consequences are formatted hard drives and loss of stored data by other means. There are many kinds of programs that can do nasty things -- a virus is just one particular type of "malicious code". Others you may have heard about are called vandals and Trojan horses. For computer geeks there are subtle, but important, differences between different types of "malicious code". For the rest of us, the term "virus" is what we usually use to describe them all.
Spam: Unsolicited commercial e-mail (UCE) or unsolicited bulk e-mail (UBE). Junk e-mail. The Internet equivalent of flyers, and letters from Ed McMahon in your mail box. Believe it or not, spam actually costs you money. Ask your ISP or server administrator.
Signature: A block of text created by a user, automatically appended to the end of every e-mail message sent by that user. This is usually identifying information such as name, company name, Web site address, e-mail address, phone number, fax number, postal address, and/or any other information the sender deems pertinent. Some e-mail programs allow you to select from a number of different, user-created signatures before sending your message. Services like Hotmail also allow you to create a signature.
Netiquette: A combination of the words "net" and "etiquette", this term is used to describe the etiquette to be followed when relating to others via electronic means. Much of humanity's etiquette has been around for hundreds of generations, and so is second nature to us. However, electronic communication has only been around for a very brief moment in our history, and so many people are unaware of the nuances of netiquette. Here's an example: did you know that WRITING EVERYTHING IN CAPITAL LETTERS LIKE THIS is considered very rude? Why? Because, according to the rules of netiquette, capital letters indicate that you are SHOUTING. This may be appropriate under some circumstances, but not usually.
Now that we have the formalities out of the way, let's launch into hoaxes. The most common hoaxes that I receive concern virii (according to my Latin schooling, that's the plural for "virus"). The problem with almost all virus alerts that I receive, is that they are hoaxes. If you ever heard the story of the boy who cried "Wolf!", you'll realise that forwarding all of these virus hoaxes causes the real warnings to go undetected or unheeded. Here's how to recognize a hoax, without the necessity to have any technical knowledge at all:
- They have wild, panicky language.
- They refer to someone (usually a big software or anti-virus company) having released news about a virus "yesterday" or "this morning". "'Yesterday' from when?" is the question you need to ask yourself -- there is no date referred to in the "warning" e-mail.
- They urge you to pass this on to *all* your friends as soon as possible.
- They don't provide any references or links to Web sites of recognized anti-virus authorities or software vendors where you can confirm the existence of the particular threat referred to in the message. If they do, the links are dead or, in one case, point to an unrelated press release on the Web site of a major company mentioned in the "warning" e-mail.
-They tell you that there is "no cure" for this particular virus. The truth is that most virii are discovered, reported to anti-virus software vendors, and "cures" written within days, usually before the virus has spread to any appreciable extent.
So what do you do if you really want to find out for sure whether or not a warning you just received is a hoax? Good question, and a responsible course of action before forwarding any virus alert. One good place to start is "HoaxBusters", a Web site run by the "Computer Incident Advisory Capability" of the United States Department of Energy. They document all of the hoaxes that come to their attention, which is probably all of them. You might also want to check any of the other resources that are available, links to which are found at the end of this article. They include sites where you can find information on real virii, and how you can protect yourself or recover from them. If the warning you've received doesn't check-out, please don't forward the warning. Just delete it and pass a copy of *this* message onto the person who, probably unwittingly, sent you the hoax.
Some notes on computer virii: It used to be axiomatic that simply reading an e-mail message could not do any harm to your computer. Older virii relied on human ignorance, needing the person receiving it to run an executable program or script that came attached to an e-mail message before any harm could be done to the data on the computer. Such programs cannot and will not run by themselves. However, although this style of transmission is "older", it is still widely used. If you get an attachment from a source that you do not know or do not completely trust, check it with a virus checking program. If you don't have such a program, get one, install it, and keep it updated. Otherwise delete the attachment *without* clicking on it or doing anything else to it.
A computer virus cannot cause your computer to melt-down, explode or kill you, all of which have been claimed possible by various hoaxers. Contrary to folklore, no computer virus can harm you. Unless, of course, it's your job to keep them at bay, and your boss smacks you for failing, or you happen to receive a virus capable of operating the robotic, miniature Canadarm attached to your computer, which then bops you on the head.
Please keep in mind too, that technology is constantly changing. Weaknesses have been discovered in some popular e-mail programs that can be exploited. However, the usual result seems to be a little inconvenience rather than massive amounts of lost data. The lessons to be learned in most cases are two-fold: stick to plain text e-mail, and consider buying (yes, *buying*) a good, supported e-mail program. I will elaborate on these two points near the end of this article in my "Ten Commandments of Safe Computing".
Fixes for the various attacks have been made available by the program vendors. Get them, keep the programs up-to-date, and back-up your data. Assume your friends and business associates do likewise. If you keep up-to-date with your anti-virus software and software patches from the vendors of the other software you use, then you have little to worry about. Only pass on virus alerts that are timely and which you have personally verified with a reliable source, usually a software vendor such as Microsoft, or a well known and respected virus lab (two of which are listed below).
There are other hoaxes, of course: ones that either tug at your wallet or your heart, or both. These need no technical explanations from me, just the use of a little of your common sense. If you find your common sense being tested (as I do on occasion), check the Canadian Consumer Information Gateway Web site for information on pyramids, ponzi schemes and the like.
Chain letters -- it seems people either love them or hate them. Put me down in the latter (and, I believe, much larger) group. I love to get jokes from friends, but I get very irritated by chain letters. Let's face it -- I don't have the e-mail addresses of ten people I want to annoy, so I guess I'm just a loser because I'm not going to forward this message within 90 seconds of receiving it. Some chain letters straddle the line between hoaxes and chain letters, offering you financial reward for following the "simple" directions. Don't bite -- hit the delete button instead of the forward button. Trust me -- there will be more good karma in the universe for you if you don't forward it, and the people you used to send them too will like you a whole lot more. By the way, messages that refer to "e-mail tracking programs", or dying children in hospital whose last wish is that you get sucked into their chain letter, are certain hoaxes, chain letters, or both.
Forwarding chain letters and hoaxes leads nicely into spam. Ever wonder how spammers get your e-mail address? One way is when a message that has been forwarded countless times reaches a spammer. Spammers love people who don't delete the header and signature information from the body of messages that they forward. These messages are a gold mine of e-mail addresses.
Here's a simple procedure that will hide all of the recipients with most, if not all e-mail programs and services (including programs like Eudora or Outlook, and services like Hotmail): put *all* recipients in the "Bcc" (blind carbon copy) field, not the "Cc" or "To" fields. If you have to put something in the "To" field, put your own e-mail address, or a fake address that you know does not work.
What do you do when you receive spam? The first thing you *do not* do is reply to it, or send a message to the supposed "removal requests" address. All this does is confirms for the spammer that he has a good e-mail address on his list. The second thing you do not do, is do business with the spammers. Don't reward them for sending you what amounts to postage-due messages. Beyond that it's a matter of personal preference, as well as philosophical debate, what you do next. For some time I used to diligently attempt to trace the origin of the spam and have various accounts used to send the spam shut down. However, the reality now is that the accounts used are throw-away accounts -- the spammer never plans to use them again, as he knows they will be shut down. You're not interrupting his or her personal or business e-mail by having an account shut down. These days I am more apt to take a quick look at the message to see if there is any obvious way I can strike back, before I just hit the delete key.
Finally, there's netiquette. Some of what I have already discussed with regard to what you should or shouldn't do in certain situations, is actually netiquette. It's good netiquette not to forward hoaxes and chain letters. It's good netiquette not to do business with spammers. It's good netiquette to put multiple recipients of a message in the "Bcc" field so that they are hidden from the other (and subsequent) recipients. It's good netiquette to clean up forwarded messages by removing header and signature information, as well as forwarding marks. It's good netiquette not to use all capital letters in your messages.
One of the things that you need to remember is that the intended recipient of a message (whether it be via e-mail, on a message board, or in some form of a chat or instant messaging situation) cannot see your facial expressions and body language. This can lead to misinterpretation of your remarks, causing offence, embarrassment, discomfort or any number of other unintended reactions. It's true that the same can be said for other forms of communication, such as a written letter. However, as I said earlier, since the written letter has been a form of communication for thousands of years, rules have evolved that have become almost second nature to many people, whether they be writing a formal business letter or a personal letter to a grandmother. Because a written letter takes more time and effort to prepare and send, the writer often spends a little extra time choosing the right words to ensure that what is understood by the reader is what is meant by the writer. Nowadays, in a society where instant gratification has come to be expected, people spend all of 30 seconds writing an e-mail message, which will be transmitted around the globe in milliseconds, and cause offence in record time.
What can you do to prevent this? Take a little extra time out of your busy life to put yourself in the reader's shoes, read your message, and see if it says what you mean. Adopt a consistent style in your writing, so that your correspondents know what to expect from you. This style need not be something formal set out by a rule book (although that's not a bad place to start) but can simply be something that you have developed through conscious effort that reflects your personality. In more personal communication, where you are more likely to do something like crack a joke and, unfortunately, where people are often more likely to take offence, you can use "smileys" -- a combination of punctuation marks that, when used together, resemble a face turned on its side. Here are some examples: :) -- a smile, :-) -- a smile (nose included), ;) -- a wink, :( -- a sad face, :> -- a grin. The possibilities are endless. There are also some abbreviations that you can use that symbolize actions. For example, if you tell a joke, you can follow it with "lol", which stands for "laughing out loud", so that the reader can almost picture you in his presence, telling the joke, and then laughing. While these can liven up personal e-mail and on-line chat, however, they are generally not used in more business-like communication, even by e-mail.
As promised, here are my "Ten Commandments of Safe Computing". The points here are to remind people about some simple steps they can take to reduce the risk of exposure to threats from "malicious code" and the potential for a resulting loss of valuable data and profits, and how they can react to situations encountered in the on-line world. Here they are:
1) Know your software: Read the documentation for your software, especially concerning security. Set you security settings on Web browsers to at least "medium", and on e-mail programs to "high".
2) Update your software: Check the vendors' Web sites regularly for updates, especially security related updates and patches.
3) Install anti-virus software: As with all other software, check the vendor's Web site regularly and update it as frequently as the vendor suggests.
4) Educate yourself: There are several good Web sites that are devoted to virus control and elimination, some of which offer timely e-mail updates and virus alerts. If they do provide such alerts, subscribe to them.
5) Use plain text e-mail: E-mail was only ever intended to communicate in words something concise and to the point. HTML formatted e-mail may look pretty, but hidden behind the HTML coding in more and more recent cases can be a threat to your computer and your valuable data.
6) Pay for e-mail software: Spend the few extra dollars to buy a good, supported e-mail program. Unfortunately, many of the recent attacks we have seen via e-mail have all targeted a particular (or a very few particular) free e-mail programs. Because they are ubiquitous, and because this particular software vendor is an easy target, they invite the attention of hackers seeking to cause widespread damage and garner maximum publicity.
7) Back-up your data: If all else fails, a recent back-up of your data can replace data corrupted or destroyed by a virus.
8) Don't forward hoaxes and chain letters: By not forwarding these types of messages, you are contributing to the solution, not contributing to the problem.
9) Don't encourage or do business with spammers: As you have seen, there are ways to prevent the e-mail addresses of your family, friends and colleagues falling into the hands of spammers. Don't reward spammers by buying their products or services.
10) Obey the rules of "netiquette": Take a little time to ensure that what you have written is what you want your intended recipient to read.
A computer virus is a serious matter, and hoaxes and chain letters that ask for money are no better. It seems to make sense to pass along warning messages, and some chain letters are just fun, aren't they? As I have described, and I'm sure you'll now agree, neither of these statements are true.
== PREVIEW ==
On Sunday I take a look at the life of Edna Mae Durbin, profile Shakespeare, Ontario, and review some Canadian geographical statistics, interspersed among other usual Sunday items. There is still time to enter the contest. Don't make me beg.
From Craig -- My apologies for the record lateness of this issue. It seems that my ability to pull all-nighters, and write intelligibly at the same time, has waned over the years since college.
== LINKS AND RESOURCES ==
FactsCanada.ca -- http://www.factscanada.ca
Free email is no longer available.
Search currently unavailable. Sorry.
Writer and Researcher:
Technical and Editor:
Web Site Hosting and Design:
Home Donate Archives About Us Contests Links
Resources Subscriptions News, Sports, Weather and Lotteries Webfeeds
This page (/friday/friday-2000-15-12-01.shtml) last updated 2005-02-21 01:03:35 UTC.
Web site hosting and design by NinerNet Communications.