Mean People Rule
Mean People Rule by Dave Michels
Most auto drivers think they are better than average – a statistical impossibility. I was reminded of this recently because my computer was compromised. Somehow, I got a virus. People that know me find this both humorous and surprising. I am somewhat careful about such matters – certainly “better than average.”
Evidently a fake JAVA upgrade got past my rigorous security processes. Recently, the Onion shared their challenges with phishing attacks. It’s amazing how effective phishing attacks are – these are fake messages with a link designed to get you to login or provide information voluntarily. I know they are common because several times a week I get a direct Tweet regarding a funny picture of me – this is a phishing scam that won’t die.
I understand the lure of stealing something. But I’ve never understood why people create viruses simply to cause pain to others – to strangers. Evidently my understanding isn’t required. Mean People Rule the Internet. They are everywhere. There are no safe neighborhoods where it’s ok to leave things unlocked.
I don’t get viruses on my computer very often. But what a mess it created. For me it was mostly time. I lost several days initially troubleshooting and fixing, then eventually rebuilding my computer. It’s a very time-intensive process.
The virus software programs got rid of the infections, but left the wounds. The computer ran slowly and required reboots. I eventually restored it to factory conditions. That just meant some 15 months of updates which involves hours of reboots, then came the applications and more reboots. Why does a computer take so long to reboot?
Setting up a PC is a very manual process. The cloud helps, but doesn’t solve the frustration. I had lots of plugins to add, and applets to download. Every day I discover a new thing I forgot to install: Dropbox, a printer, a driver for my headset, and so on.
I was able to do all this, but many home-based knowledge workers are not comfortable with these things. We often talk about the death of IT, but the function is safe for the near term. The logistics of home-based worker IT support is a mess.
I share this tale because security and encryption must be among the most boring of UC topics, yet something that must be prioritized and understood. VoIP attacks are common – do you have an SBC? Most attacks are not even detected. For example, a SIP attack may only collect passwords – without actually using them (for now). This is the modern version of thieves that used to steal calling card numbers. Most SIP systems won’t block or alert if there’s a brute force attack.
Security needs to be top of mind, and it isn’t something that can be delegated to an Anti-Virus program. Don’t assume the users are security savvy – basic IT/Telecom security street smarts are not taught in schools.
I am astonished how often I meet people that don’t have a lock password on their smartphone. If someone can get into your smartphone, they can get into mostly anything as the majority of password resets simply send a new password or reset link via email. Technical people should know better.
Tips:
-
Consider moving to a Mac. Not a failsafe measure, but certainly less risky than Windows. (This one is not for me, but I give it top billing because that’s a huge feature.)
-
Avoid automated upgrades. Today I got a popup saying I had to upgrade Adobe Flash. I killed it, went to Adobe and downloaded Flash. In was legitimate, but this method is more safe.
-
Use Incognito mode (in Chrome) on untrusted sites. I also use it on Facebook.
-
Be weary of Free Wi-Fi. It’s called Man in the Middle Attacks where a fake access point collects passwords.
-
Always have some form of anti-virus running on a PC.
-
Be careful with installing anything. Be sure it is legitimate, and question if you really need it. For example, You probably don’t always need the latest version of JAVA. This one is tricky -- I was intending to download some recommended Malware software, and on that page was an ad with a different solution with a much bigger download button. Easy to confuse.