Saturday, April 15, 2006

Nothing of Value in My Computer:

I'm still amazed. A middle-aged client I respected revealed that she did not protect her computer at home. She works for a government security organization and I know she "telecommutes." Needless to say, my jaw just about dropped to the the floor.

"I'm shocked. How can you work where you do and not bother to secure your computer in this day and age?"

"There's nothing of value on my computer."

I decided to ask her a few questions to illustrate for her if she "had anything valuable."

Do you have broadband?

What are your computer specs?
"Athlon 2 GHZ, 512mb RAM, 350gb hard disk."

What OS are you running?
"Windows XP Home"

And no security software at all? Not even "Zone Alarm" or some kind of virus checker?
"I haven't had a problem yet. I'll use that stuff when my computer gets to be slow enough that I'd actually benefit from installing it."

Well then, I'd say that's a pretty valuable zombie.

A "zombie" is an unprotected computer that can be infected with a virus that alters the computer so that it can be remotedly controlled.
"Well, there's nothing on it. I'm quite a boring person."

Well, if someone can remotely control your computer, they can pretty do anything with it, including commiting crimes from it. For instance they can:
  1. spam other people...from your computer
  2. use it to infect and create other "zombies"
  3. rent out access to your wonderful system and your delightfully fast connection
  4. use it as a distribution point for credit card information or child pornography
  5. blame it all on you
You may think you're a boring person but, to a "bot-net" broker you're an exciting woman! Just think about it, you have a very high-performance virgin computer with lots of storage tied to a high-bandwidth connection and it's not monitored.

Didn't you tell me that you did your taxes yourself?

Did you use that popular computer tax program to do it?

Is it still on your computer?
(suspiciously) "Yes."

Did you file jointly?

So...on your computer is a non-ecrypted, conveniently standardized formatted file containing, um... your full name, job-title, day-time telephone number, social security number, date of birth, home address, your salary, your spouse's name and social security number, job-title and salary, dependents and their social security numbers, your IRA accounts as well as amounts you contributed to those accounts this year, your mortgage account numbers and interest payments you made this year, a list of the bank accounts you have and the amounts of interest you earned from each one this year.
"Oh my god!"

I take it that you'll spend an hour or two this Easter and do something about this?
"I've got *so* much planned for Easter."



Post a Comment

Links to this post:

Create a Link

<< Home