Internet Security

[Rolly Polly]

Hey, Sporatic does that mean the short answer is still 'no'?

[Jack Spratt III]

Always Lookin,

I've worked in the IT field for a long time and have experienced many of those "Duh!" moments when you suddenly realize there was a real simple solution to a problem.

Glad to provide a "Duh!" moment for you :-)

Please feel free to share this technique with any other vulnerable folks you know.

I always laugh at the dumshits who get raided by LE who find illegal pics (CP, etc.) on that person's computer. The reports usually say that LE also found some kind of Hard Disc Cleaner software (which, obviously, didn't work!)

I just need to keep the wife and the boss from finding out my WWW browsing habits (especially THIS site).

Happy Hunting.

[Always Lookin]

Jack, Excellant!
I used to use the same technique to build PC's. 20 pc's, all the same hardware all the same image. Any problems...one restore disc!
I never thought to use it for security.
I'm on it!

Thanks,

AL

[Jack Spratt III]

I posted this on the "Letters to the Editor" section, and at the suggestion of the Editor will repost it here.

Re: Safety on the Internet and cookies.

The Internet is a dangerous place and you never know who may be monitoring your activities. PC software, particularly WINDOWS, is pathetically insecure. Your hard drive may contain many things you would not like others to see, even if you think you deleted it!
I devised a cheap and foolproof method of getting rid of all traces of your Internet surfing from your PC. This also works if you pick up a virus you can't get rid of or when your hard drive crashes.

It is tedious to create but your PC can always be in a pristine state. (Hey! I'm a poet!).

You need to have software that will make a backup of your system to CDR (NERO Burning ROM is the one I use).

1. Take a backup of your hard drive before you start all this, so that if something gets hosed you can always restore to this backup.

2. Copy to a different CDR all of your preferred site addresses and Email address book. I set mine up using WORD so that I can cut and paste the addresses to the action bar and hit "GO". Find a good hiding place for this disk.

3. Perform a FULL reformat your hard drive to clean off everything. NOTE: this may take some time as it erases everything on every track of your HD.

4. Load your WINDOWS software - from scratch.

5. Reinstall all the other applications you use - from scratch (Virus scan, ISP, Word processor, CD player, NERO, etc.).

6. Fire up your Firewall software and set preferences.

7. Log In to your ISP (at this point you have NO cookies(and NO viruses), so you will have to go through the login procedure) and set up your preferences (Click on VIEW and then set up your Internet settings).

8. Open up your Email account (you should not have lost any of your Email or address book).

9. Logoff your ISP. (Your computer is now pristine with basic ISP cookies and NO viruses).

10. Take a backup to CD of your hard drive again. This will be your Start-up set.

11. Test this Start-up set by running it to restore your hard drive including accessing your ISP. If it works OK, destroy the backup you took at step 1 by melting the CDs with a blowtorch to get rid of all previous evidence.

12. You can now cruise the Internet with a modicum of confidence. Every time you think you have too much incriminating stuff on your hard drive, restore to the Start-up set. Remember, every photograph you download and every site you visit can be extracted from your computer by an expert (LE?) unless you periodically wipe it clean! (Most of the time you DELETE something from your hard drive, the software simply changes a flag to say the track that the data was on is free to reuse, but it doesn't physically overwrite the track to remove the data. Tools are available to reset this flag so that the original data can be read again).

13. P.S. A tip on downloading photographs and movies: Never go direct to your hard drive. I use a ZIP 100 mb drive and then copy to CD. After the copy to CD, I delete the files on the ZIP disk and then copy the huge "Program Files" folder to the ZIP disk. This ensures a complete overwrite of every track on the ZIP disk ensuring security.

[Freeler]

Y'all,

This has ABSOLUTELY nothing to do with WSG, but it looks so nice - here it is:

http://www.hamar.sk/sphere/

Go check dat shit out!

[Sporadic]

Uh, Jackson? Sorry, that should be a yes. Ever hear of carnivore?

The bottom line is yes, they can. The good news is that it would take the resources of a nation-state and, in the case of LE, a court approved tap.

Another bit of good news is that Jackson would probably not release any logs or IP address´without said court order. But even if he refused, the ISP and hosting service would.

The best news is, that "they" (whoever "they" is) would simply not bother.

[Daa Bone]

I use Spy Sweeper. It seems to work well and I get regular updates. I even caught a key-logger on a work computer.

QUESTION: How secure is WSG? Can a hacker or LE "hunt you down" from our posts or invading the site?

Da Bone

Short Answer: No.

[Lover Boy]

Attention all,

Senior Member HarryR
Posts: 318 Is the owner of Pic 0bj04.jpg. I got PM saying I did not give him credit. But discussion here is Internet Security anyway dosen't matter to me?

Lets give
Senior Member HarryR 100 POINTS Credit

[Lover Boy]

11Bravo,
you need to click on forum logoff & it will log you off completely.
See the wsgforum.jpg

loverboy

[11Bravo]

Just a note about using a non-identifiable e-mail address when registering for wsg. SOMETIMES, not always, but 1 time out of 30-40, when you click on http://www.wsgforum.com/ You will be served up with ANOTHER member's header page (the very top part) as in:
Welcome back 11Bravo. You are currently a Senior Member
If you are a Regular Member, then you don't need to apply for an upgrade to Regular Member. Thanks
Your current membership email address is: xxxxxxxxx
Is your email address active? Have you checked your email recently for WSG Forum messages?

Maybe it has something to do with having the options set to yes for:
Automatically login when you return to the site? (uses cookies)
Browse board with cookies?

As an example, I was just served up with: Member2326's info. I know his e-mail address used to register for the forum, and I know he has 0 messages. Hitting the reload button will bring up YOUR correct page.

So, use an e-mail address that you don't mind others seeing.

[Lover Boy]

Lots of virus out this week for vindow so stay away from porno & gaming sites & hopefully you got a antivirus software. If not go get your your for free at

http://www.download.com/3120-20-0.html?qt=antivirus&tg=dl-2001&search.x=0&search.y=0&search=+Go%21+

[Lover Boy]

I found a better way for myself, I go thru proxy server. There's plenty of them. I proxy thru local cable or dsl or whatever I can find. But Since I use Unix I don't worry much.
You window people should watch out, look in this folder. I had to do a clean-up for my bud & the shit I found, he is really thankful.

In Win XP WATCH THIS FOLDER & THEN THANKS ME LATER

"C:\Documents and Settings\root\Local Settings\Temp"

Loverboy

[James D 2004]

Let me slip in my final moves. Ad-aware do NOT have an UNDO button. Calling it something else is a good philosophical move, otherwise you have to warn 100's of times, as in Spybot, that this UNDO is not the usual UNDO in word processors, a lot more dangerous.

In Ad-aware, remove = quarantee, remove NOT= delete. I don't blame them, it all started with DOS, who doesn't want to call unix remove remove, but delete instead. Most annoying is \ instead of /.

You want to remove adware that give away your privacy when you are not aware of it. If that's defined any differently either you don't get what you wanted, or you get more than you bargained for. In the latter case you might detect something like spy / monitoring software that is secretely installed on your computer. But much more likely you spend much more time to avoid deleting legit components.

There is big money here. People will pay a few dollars to buy adware removal programs when they are bombarded with pop-ups even when they are not surfing (though this is marginally counted as adware). Nowadays, it's better to have millions paying you a few dollars, rather than a few people paying you thousands. You don't even need to buy it. Yahoo probably brought up the best (or whatever) pop-up stopper and put it in their tool bar. People don't pay a few dollars and then consult the MS technical manual on registry entries.

[Blair]

To those who are really woried what tracks wife/gf/kids might find I recommend again Microsoft Virtual PC and VMWare.

You have your very own (virtual) PC for mongering, or whatever you are into. The virtual machine is a single file on your HDD, which can be password protected. The virtual machine can be securely deleted if required. By keeping a baseline copy of this file you can restore a complete machine configuration in seconds. Any internet usage tracks only exist within the VM. You can install whatever software you want without upsetting your host machine configuration.

You can get a 30 day trial copy of VMWare from

http://www.vmware.com/vmwarestore/newstore/wkst_eval_login.jsp

Remember you'll need some OS install disks for your new virtual PC.

In terms of peace of mind while the wife/gf/mother-in-law are using your PC, I really think this is the best solution there is.

[Joe Zop]

You are mistaken on Ad-Aware, TNH. It maintains "quarantined objects" which are basically archives of what's been removed, the same as most antivirus programs do, and these can be restored (or deleted) at any time.

Your statement that "Either you still have adware after removal or you are going to destroy something that isn't adware" is simply untrue. The difference in what the two programs detect is due to differing definitions of adware, and in both cases those definitions can be user-adjusted. And in both cases those definitions are very well documented. In addition, these programs do not "destroy" anything -- they place it in an archive where it can be deleted, restored, examined, etc. Both of these products, used correctly, are excellent and do the job they were designed to do.

Both of these programs, as is the case with countless utilities, are shareware/freeware, (no big money being made here) and, yes, users shouldn't use them unless they can actually read and follow directions. Of course, drunken people shouldn't drive, and casual users also shouldn't activate viruses, say yes to installing spyware in the first place, or create and use .bat files that delete things on their hard drives based on quasi-anonymous postings in non-technical forums unless they actually understand what such files really do, etc., but they still do all this stuff. You can't protect people from themselves merely by suggesting to the rest of the world that they avoid doing things they're perfectly cabable of doing. Unlike spyware and adware, both programs are quite explicit about exactly what they do. Anyone who can actually read and follow documentation will be fine using either of the mentioned products.