This website helps you to use your computer safely. There are highlighted resource links on each page.
You may find it easier to
print longer pages like this one and work through them before
returning here to explore the links in more detail.
The basic security threat: You can trigger or allow
a virus infection into your computer even if you don't open an email or
attachment - Join our Mailing List
now so that we can tell you when to take action in
response to a security issue. Our advice can help you to be safe. If your
machine is infected or compromised it will probably start
behaving strangely - working very slowly, frequently restarting,
launching unexpected web pages, or just not working at all - in such
a case, the only answer may be to clear down and rebuild the
system from scratch. With good 'Safe Computing' practices in
place, you ought to be able to avoid this.
New Computers: Before you connect a new computer to the Internet make sure
that it's properly protected using the advice contained in this
CERT TechTip article
Let's emphasise at the outset that the purpose of this website is not to alarm you,
but to help you feel confident and to provide resources and procedures to make you safe in your home and work computing environment.
This will insulate your computer from malicious access to
and from the Internet. The built-in Windows firewall is not adequate for
full protection as it only works against incoming threats.
Websites can inject malicious programs which slow your
system and can intrude on your privacy and even steal
passwords. Spyware checkers can monitor and
prevent incursions
Microsoft's built in Web Browser and email client are
integrated with the operating system - and browser and mail client
vulnerabilities can bring bad consequences. You can use an alternative
browser for most websites. Any Browser can introduce a vulnerability, so
having more than one installed lets you make a choice of
which to use in different circumstances.
Any software you have installed may be vulnerable to attack - if you have any of these
items, update to the latest version (Use [Help][About] to check the
current version of any program) The free of charge
Secunia Personal Software Inspector
will be able
to detect out of date third-party (non-Microsoft) software on your PC by checking
versions installed locally against a database of
vulnerabilities.
Avoid acting on malicious and 'Phishing' emails
and safeguard your on-line identity
Malicious emails can try and tempt you into opening a web
page designed to steal your personal details or install software that
will subvert or damage your machine.
Try taking a test now to see whether you can recognise a 'phishy'
email!
If you join Social Networking sites including those such as 'Facebook',
'MySpace' or 'BeBo', 'Friends Reunited', 'Plaxo',
'Linked-In' and others, be
careful how much information you reveal about yourself.
Malicious people can use this information to build up a
profile of you to use as part of an attempt to steal your
identity and use it to commit criminal acts in your name. (read
Sophos's advice on this and see also advice from the UK
Government's 'Get
Safe Online' advisory site.)
Join our
Mailing List
now so that we can tell you by email bulletin when to take action in
response to a security issue. Our advice can help you to be safe.
People can 'see you' on the Internet
When your computer is attached to the Internet, it is
always to some extent 'visible'. When you receive an email or look at website, your computer
is potentially exposed
to the risk of picking up a computer virus or an attempt to subvert it.
Contrary to popular belief, you
don't have to open an email or activate a file attached to an email to trigger an
"infection". Just being online is enough.
Modern 'Spyware' presents its own new and growing threat to your security.
Protect yourself
The good news is that you can protect yourself
effectively against all or many of these threats, but it requires pro-active work on your
part to make sure that your system stays secure.
Unfortunately, and as you will almost certainly have read in the press, there are
malign people in the computing world who are continually trying to compromise
and vandalise personal computers. Sometimes they succeed, and
the result is likely to be a computer that doesn't work and which has to be reinstalled
from scratch. In such a case, you may well lose all the work you had done on
the computer - which would seriously affect your ability to study with the Open
University. It might even adversely affect your business if you use your
computer to help you run it.
Whilst we don't want to alarm you unnecessarily, here are some
practical steps you can take now to safeguard your computer. Join our
Email notification service
now
and we'll do our best to keep you up to date as we are notified of situations
that arise.
Breaking News
We recommend that you keep a weather eye on our 'Breaking
News' section here.
Join our
Mailing List
now so that we can tell you when to take action in
response to a security issue. Our advice can help you to be safe.
When properly installed and configured, a personal firewall will keep many
potential Internet intruders at bay (though not all - you must also install an Anti-Virus
system and keep your Operating System updated as described below).
A number of Personal
Firewalls are very effective and easy to set up (even if you are not
technically-minded). The Open University supplies 'Zone Alarm'. You may
use a Broadband 'Router' with a built in firewall, but it is still worth
installing a software firewall on each machine you operate. If you have more
than one machine, an infected system can locate and infect another system
inside the firewalled area. Threats don't just come from the outside world,
they could be on your own local home network too.
Windows XP and Windows Vista do contain a built-in 'inbound-only' Personal
Firewall, but we recommend the use of a Third Party bi-directional firewall which can provide
more thorough protection. This is particularly important if you don't use a
'Router' to distribute your Broadband connection to other computers, but it
can also be useful in protecting a group of networked home computers from
each other.
There's an article and analysis
of the effectiveness of 'Leak Proof' Personal Firewalls and the XP built-in
firewall at:
NB - FirstClass and Lyceum - you may encounter problems using
FirstClass and
Lyceum if you have a personal firewall running - it may need
tuning and setting to ensure that these services are passed through correctly
to your PC.
The
University's recommendations for staff and students are described on the http://antivirus.open.ac.uk/ website.
Youmust
install Anti-virus software, and, ensure that it is updated regularly. New
virus threats arrive at a rate of between 1 and 3 a week , sometimes more
often, and each requires that you install an update. If you are not protected,
you run a serious risk of being affected, and passing the virus onto others
without realising it. The most recent virus threats are shown in our
Popup Window - there may well have been one or
two announced today.
You must
update your anti-virus system regularly - every day if you can as soon as
you logon. If you pay for your anti-virus
service, it won't work if the license has expired - make sure that your
subscription is up-to-date.
Some viruses and worms attempt to disable your
anti-virus system - make sure that the activity indicator in the taskbar
shows that it is working properly.
There are many suppliers of Anti-virus systems. You cannot assume
that a free service will find and fix all the most recent viruses. Your
supplier will explain how to keep it up to date. If you pay for a service like
Norton Anti-Virus, you must remember to renew your subscription each year,
otherwise it will stop protecting you when it runs out.
(Please note that we cannot offer any warranty that a third
party supplier can offer the services you need -and we cannot take
responsibility for or advise on any act or omission of a third party supplier)
If your computer is affected by a virus infection, it can be difficult to
remove it. There are no hard and fast rules, but the site below gives some
practical advice:
You might sometimes get a scary email message from a
friend or member of your family warning you about a virus in circulation. In
many cases this will be a hoax message or 'Urban Legend'. These usually
circulate in a 'Chain Letter' format. They are designed to create fear and
uncertainty and to waste your time.
The
Symantec Virus Hoaxes web page and the
Hoaxbusters site
contains some good examples. Searching on
Google for some text copied from the body of the suspect email will
quickly reveal whether an unnerving email about an apparently alarming virus
threat is really a hoax.
The 'Operating System' (OS) in your computer is what makes it work.
Microsoft's 'Windows' is an 'Operating System'. (Here's a link to a useful
article which
describes what an OS does in more detail). No OS is perfect, and from time
time vulnerabilities are found - which have to be patched with system updates.
Some of them are very serious and if would provide a path into your computer
for a malicious program.
Microsoft provides a System Update website. You can
visit this now to check whether your computer's OS is up to date and free from
known vulnerabilities. It is located at:
If you are an advanced user - or looking after a small business computer
system you might also like to know about the
Windows Security Analyser tool
When you visit the System Update website
(using Internet Explorer), a small
program will be installed which checks your computer against all the latest
updates and patches for that system. It will work out what OS updates are missing
and offer them to you. Some updates may be quite big and
will take a long time to download - but it is better to do this now and get
your computer updated properly, than to spend even more time later repairing the system
if it becomes damaged.
We use this site to update our own computers and it is the
procedure recommended by Microsoft. However if an update causes a problem for
your computer, it's a matter to take up with Microsoft rather than us. Windows
ME and Windows XP contains an excellent 'rollback' feature which allows you to
undo system update changes through either the Control Panel 'Add Remove
Programs' dialogue or [Start][Programs][Accessories][System Tools][System
Restore].
You also need to make sure that your
other software is up-to-date. If you use Microsoft software such as
Microsoft Office (Word, Excel, Powerpoint), you can check that it
is up to date and safe to use at:
This works in the same way as the OS Updates - special
software on the website scans your
computer's hard disk and proposes appropriate software updates. It doesn't
cost anything beyond the cost of the connection phone call to the internet.
If you use other software like Real Player, Acrobat,
QuickTime, Zone
Alarm and others, you may want to visit the website
operated by the software maker which will let you know about what updates are
available. The free of charge
Secunia Personal Software Inspector
will be able
to detect out of date third-party (non-Microsoft) software on your PC by checking
versions installed locally against a database of
vulnerabilities.
Your computer can go wrong - a Hard Disk may
fail or 'crash'. You
may delete a file or folder by accident.
To safeguard yourself,
you can copy
the files that you are working on to floppy disks, a
ZIP
or similar drive, a
Pen drive or a CD (if you have one) from
time to time. All versions of Microsoft Windows XP also contain a built-in
backup program
which will work through nominated folders on your hard disk and make copies to another medium. It's
worth looking at this.
Windows XP Home doesn't have a Backup option installed by default
- but you can get advice on how to do this
from
Microsoft's website.
You can find out more about the backup system on your
own PC by using the command [Start][Help] and then searching for the word
'backup' in the index.
Phishing and malicious email We all accept email as being a valid form of communication - but it's very
easy for someone malicious to send an email pretending to be from someone
you know - when it's not from them at all. A false or 'phishing' email may contain some
kind of payload which can damage your machine or try and tempt you to reveal
personal banking account details.
Try taking a test now to see whether you can recognise a 'phishy' email!
Digital signatures Much of the SPAM that's on
the internet works like this. Although it's not used universally. you can
obtain a 'digital Signature' for your email - you apply this to your email
program, and from then on, emails from you are marked as valid - and your
own colleagues and friends can then rely on them. This is done using a
'Digital Certificate'. One of our staff here
has prepared a
briefing page which explains how these work and how to set one up for
yourself.
Finally - Being secure means being aware - and being proactive about
security at all times. If you don't, there's a very real danger that a malign
program from the internet will damage your work and your computer. Taking the
precautions set out above will reduce the risk to a minimum, and ensure that
your use of the computer is trouble-free. Join our
Mailing List now so that you can be told
automatically when you need to take some action in response to a newly
announced security issue. If you want to alert others to these issues,
you can also download our PDF 'Flyer' on Safe
Computing
Copyright c 2005-2011
The Open University
Faculty of Mathematics, Computing and Technology
Last modified:
Thursday December 08, 2011.
N.B. This website contains links to other
websites which are not operated by the Open University. The links are made in
good faith, but the University cannot accept any liability for the content of
external sites. The fact that an external site is linked to this one does not
imply any endorsement of products or services offered from those sites.
(Recent
bulletins available as an RSS/XML feed. Use this string in your
