Reading One

How to Avoid Catching a Virus

Types of computer virus From worms to macros, there's a whole host of viruses out there to catch... 1.

Worms These viruses spread via computer networks. The ILOVEYOU virus above was a classic example of a worm. These viruses are becoming an increasing threat as a growing number of computers are permanently connected to networks. Worms can spread over corporate networks or via emails sent over the Internet.

2.

Trojans A Trojan virus takes its name from a story in Homer's Iliad where Greek soldiers pretended to make peace with their enemies, the Trojans. The Greeks made a grand peace-keeping gesture - the gift of a large wooden horse. When the Trojans hauled it inside their city gates, a small band of Greek warriors leapt out. They opened the gates and let the rest of the Greek army storm in to capture the city. A Trojan virus is one that opens your computer up to malicious intruders, allowing them to read your files.

3.

File viruses A file virus is one that replaces a key system file on your computer. These viruses can reload themselves every time you start your computer up. Once they're in the memory, they can spread by writing themselves to any disk you insert into your disk drive.

4.

Boot sector viruses This is an early type of computer virus that spreads by hiding itself in an invisible location on your hard drive or floppy disk. When your computer reads an infected floppy disk, the virus is copied from the disk to your computer's memory. From there, it writes itself to the 'boot sector' on your hard drive. The boot sector is read each time you turn your computer on. So the virus is constantly reloaded and can copy itself on to other floppy disks. These viruses are fairly rare nowadays, as they are easy to catch.

5.

Macroviruses A macrovirus infects word processor files, such as Microsoft Word documents. Although not as dangerous as other viruses, they can spread quickly if a Word file is sent via email. After an initial scare, Microsoft added protection into later versions of Word, so you receive a warning about infected documents.

How to Avoid Catching a Virus

Do: Stay calm. A computer virus isn't dangerous until the infected email is opened. Delete any mail you think is infected and empty your deleted items folder

Read the email. Check that the contents of the message makes sense before you open any attachments

1/7

Look out for hoaxes. There are many emails warning of "the most destructive virus ever", but often these viruses don't exist

Send any email you think is infected to an anti-virus company (you may have to own a copy of their virus software). They can tell you if it is a virus or not

Make sure you have a recent backup of your most important work

If you get a computer virus you'll need to use a virus scanner to get rid of it

Don’t: Don't open any attachment you are not sure about, even if you have a virus scanner

Don't forward any attachment to a friend without being sure it is safe

Don't send an email about a "new virus" without checking it out. Visit sites like vmyths.com to check for hoaxes

Don't send mail that may contain a virus to anyone other than official virus companies. Mail filtering systems will probably delete it anyway

Don't place backup floppy disks in your computer if you think you have a virus, as the virus could spread to your backups

Don't be blasé just because you have a virus scanner. You will still need to keep your eyes open in case a new virus emerges

Source: BBC Website, http://www.bbc.co.uk/science/hottopics/computerviruses/types.shtml Date retrieved:

July 25, 2006

2/7

Reading Two

A Hazard Named Winny

It seems not a day passes without news on leakage of confidential information from governmental and other entities onto the Internet. The types of information leaked are vast and the content is critical -- Self-Defense 1

Forces-related documents, quake-resistance data for nuclear-power plants, access codes for restricted areas at airports, police investigation records, the names of sex-crime victims, personal information on as many as 10,000 convicts, data on hospital patients, information on customers of private firms, and so forth.

The main culprit is the peer-to-peer file-sharing software Winny. To be exact, the real culprits are a virus that 2

infects Winny and people who are careless when using their Winny-enabled privately owned computer for official work.

The leaks have been occurring for a long time but the government became serious about the Winny problem only after it was found in late February that the Maritime-Self Defense Force-related data had leaked from a 3

private-use computer of a non-com communication officer aboard the destroyer Asayuki, deployed at Sasebo base in Nagasaki Prefecture. The leak included the telephone and fax numbers of more than 100 MSDF ships, a table of random numbers to read special reports on combat exercises and a roster of MSDF members.

To prevent virus infections, Chief Cabinet Secretary Shinzo Abe has issued a call on the public not to use Winny. But it is not certain if all the Winny users, said to number more than 300,000, will heed his call. And there may be viruses that attack other software. Winny, which was made public on the Internet in 2002, makes it possible to exchange documents, music, images and other files among an unspecified large number 4

of computer users. Users designate files that can be copied by other users. The latter search for such files on the Internet and can download them free of charge. Files are exchanged not through a server but through a computer network. But if a virus-infected file is downloaded into a computer, files inside the computer not designated for copying are instantly leaked onto the Internet. An estimated 1.27 million people were using Winny and other file-sharing software as of January 2005. Copyright violations are suspected in a majority of computer files obtained this way.

The spate of leaks has shed light on the lack of awareness about the danger involved in the use of Winny and general slackness in the use of computers -- not only on the part of home computer users but also on the part 5

of organizations like the SDF and police. Leaks occur because some people copy data from master files at their work places and put them into their privately-owned computers. The non-com officer aboard the destroyer Asayuki, for example, copied data inside the ship and fed them into his Winny-enabled home computer. This was a clear violation of work rules. That non-com officer's home computer had already been 3/7

infected by a virus from a downloaded file, which caused Winny to leak the ship's information.

The National Police Agency has banned police officers' use of Winny, unauthorized connections to the Internet and the unauthorized removal of office computers, and also decided to encode police information. The Defense Agency has announced purchase of about 56,000 computers to prevent leakage. But surveys show that they were not well-guarded. As of April 2005, the police were allowing about 104,000 6

privately-owned computers to be used for official duties, against some 92,000 office-issue computers. SDF members and Defense Agency officials were using about 120,000 privately-owned computers to compile data either at home or at the office, with 80 of them containing Winny.

The leak incidents suggest the necessity to consider banning, in principle, use of private computers for work and laying down strict rules concerning handling of computer data, including use of data-storage mediums such as flash drives and portable hard drives. At the individual level, it has become all the more important to 7

install and update anti-virus software, not only to protect their own computers but also to prevent damage to other users' computers since viruses can spread from computer to computer through the Internet. One simple rule is that one should not open an e-mail whose origin is unknown or download files from unfamiliar sources.

One irony about Winny is that police officers used computers incorporating the software, causing information leakage, even after the Kyoto prefectural police arrested the Winny designer in April 2004 on suspicion of aiding copyright violations through his invention of the software and his subsequent 8

improvements of it. He says he can redesign Winny to prevent virus-related leakages or to erase leaked files but he will not do so because the act would constitute an improvement of the software, for which he has already been arrested. This episode shows that the revision of present laws or enactment of new laws can contribute to making the Internet safer. The bottom line is everyone should be aware that the Net is full of dangers.

Source: The Japan Times Date:

April 12th, 2006

4/7

Reading Three

There for the taking: Unprotected data make laptops a growing hazard Brian Bergstein

BOSTON: Every month seems to bring another episode of sensitive personal information escaping into the wild because a corporate or government laptop computer is lost or stolen. A common response is a lot of 1

hand-wringing over how the data should have been encrypted.

But some important questions usually go unanswered. Why is so much private data allowed to be on laptops to begin with? What do people do all day that compels them to tote around records on, say, 26 million 2

Americans, the staggering number seen in the recent U.S. Department of Veterans Affairs case?

“It’s pure laziness,” said Avivah Litan, a security analyst for Gartner. 'There's actually no excuse for it." She 3

added "There's no good business reason for it."

Litan advocates a few simple steps: Organizations should keep sensitive information only on secure centralized servers. Workers can gain access to the data from PCs in the office or over private Internet 4

connections, but cannot store the records on their own machines to fiddle with them offline.

If they absolutely need to analyze data out of the office, the employees should run programs that replace live credit card or identification numbers, with random “dummy" figures whenever possible, since the actual 5

numbers are not always relevant.

Following such rules would have prevented the scare that resulted when a laptop with data on U.S. veterans was burgled from an analyst's home May 3. It was later recovered with the information apparently 6

unaccessed. The Veterans Affairs inspector general told Congress that the employee had been bringing data home for policy analysis since 2003.

Encrypting data - scrambling them with private codes - can make whatever is found on a laptop almost 7

impossible to read. But encryption is often not turned on by users who think it degrades computer performance. 5/7

Consider the case of the ING Financial Services adviser who had Social Security numbers and other personal data for 13,000 Washington municipal employees on his laptop -until the computer was stolen from his home 8

last month. ING administers pensions.

The adviser had broken ING rules by not having the data encrypted. ING responded by recalling all employees' laptops to ensure that encryption software was turned on and could not be switched off. But the 9

fact that the information was out of the office was not itself a violation.

ING officials said that the adviser had the records because they corresponded to older pension plan participants who were more likely to call him for assistance. The adviser also wanted the data on hand for 10

potential marketing efforts, like deciding' whom to invite to a finance seminar.

Now, in light of the laptop episode, ING is rethinking whether sensitive data should leave the nest at all, 11

even if encrypted.

Steve Van Wyk, ING's chief information officer, said that the emergence of ubiquitous broadband connections and secure Web-based business software had made it unnecessary for employees to store private data on portable devices. Not only is that data dispersion a security risk but it also can be costlier for the 12

company to make sure back-office files and mobile data are in sync, he said. "The ability to control it and protect it may be best if it's centralized," he said. "Why even go through the vulnerability?"

To a large degree, the problem of personal data floating away with laptops stems from companies' tardiness in accepting just how valuable the information is. Otherwise such records would have long been treated like 13

product designs, market intelligence and other business secrets that are not allowed to leave secure central computers.

But it is not clear whether this problem will ever go away. 14

15

Many mobile workers want to keep information "locally" on their laptops so they can work efficiently while traveling, meeting with clients or pounding away in other settings where they cannot connect to a network. 6/7

That is why they are often allowed - even encouraged - to take laptops home. That was the case for an employee of the investment adviser Ameriprise Financial, who had 158,000 clients' account information on a laptop stolen in January.

An Ameriprise spokesman, Steven Connolly, said that the worker was one of "very few people" in the company allowed to keep that kind of personal data on his own machine. Connolly wouId not explain what 16

the man - a corporate-level employee who did not interact with clients - did that required such intimate access.

Even if employees technically are not supposed to walk out the door with computers, many will quietly transfer business files to iPods, "thumb" drives and other capacious storage devices, said Sunil Jain, a senior 17

consultant for Sprint Enterprise Mobility, the services arm of Sprint Nextel.

18

"It's much faster to download the data and then do the reports offline," Jain said. It’s just human nature."

Source: International Herald Tribune Date: July 12, 2006

7/7