Sunday, 2 October 2011

SECURITY CONCERNS IN COMPUTERS



Now-a-days computers have become an inseparable part of our lives, enabling us all to work at a faster pace. But the question that is getting on our nerves is how safe is our computer? The fear of getting our computers threatened by various unwanted behaviors like the misuse of information, corruption of data or transmission of computer viruses can be exempted with an increase in security concerns. Thus here we are making an attempt to make you familiar with the various processes by which our valuable information and properties can be protected from untrustworthy individuals or unauthorized activities.

Security breach facts n history



To begin with, broadly our computers can be made secure in the following ways:
1. By Good  Engineering and Design Techniques
2. By Secure Desktop and Network.

Now let us go through each of these one by one.


1. By good engineering and design techniques


A computer can be secure by achieving the following:
a) Secure OS
b) Secure architecture
c) Secure by design
d) Secure coding

a) Secure OS:

Operating system kernel technology (special microprocessor hardware features coupled with a specially implemented operating system kernel), can be used to protect the data stored on the systems and provide a high level protection for network connections and routing services.

b) Secure Architecture:

This suggests the way the security controls are positioned and relate to the overall information technology architecture. This helps in maintaining the confidentiality, accountability and assurance of the system.

c) Secure by design:

The high technology design ensures security of system. Rigorously reviewing the code and testing the code also gives in to make module secure. Full audit trails should be kept of system activity, so that when a security breach occurs, the mechanism and extent of the breach can be determined.Effective strategies should also be made to enhance security after design.

d) Secure coding:

Common software defects like format string vulnerabilities, buffer overflows, code/command injection and integer overflow result in majority of software vulnerabilities.
Details of the above categories can be seen here.


2. By secure desktop and network

This includes:
a) Data and information security
b) System security
c) Network security

These factors are more of our concern since we can also implement the following ways to secure our computers.

A) Data and information security:



1) System Security

Security breach: Data and information loss in case of hard disk crashes.

Prevention: In case of a disk crash, the information can be restored onto the new disk from the back-up media like magnetic tapes, CD-ROM, etc. Thus the regular backups of database files, large documents and spreadsheets can prevent any loss of information.

A few data breach news can be read on this link.

2) Online Security

Security breach:Online data security is affected when information on public accessible computers is left without deleting the history, downloads, cookies or personal data.

Prevention: In order to secure and maintain the privacy of our data when using public accessible computers, one should disable stored history and password manager, delete all private data, downloads and the saved sessions and clear cache on exit and data in password manager. One should not disclose their passwords. And even leave their account carelessly logged-in while not accessing.



B) System security:


1) Hardware Security

Security breach: Hardware security is affected as a person can easily open the computer’s cabinet and gain access to the hard disk for data theft.

Prevention: The physical security of computers in order to make them more difficult to remove can be done by using metal case(for larger hard drives as used for office records etc.) and anchoring devices. Also the users must usea long and strong password consisting of a mix of upper- and lower-case letters, number, punctuation marks, and so forth making it difficult for the other person to crack it.



2) Software Security

Security breach: Software security gets affected when viruses enter computers via different routes, the common one being an attachment to an email. The “Love” virus was one such virus released in May 2000 which had infected millions of computers within hours of its release.

Data theft is also the reason of breaches. Hackers attack through networks, encrypting the data and making it difficult to decode it.

Prevention: Software security can be maintained by updating the anti- virus software programs that will destroy the viruses, by installing motion-sensing software which can trigger an alarm which can detect different range of motions, which are not similar as of the user.
The user should set a complex password.

The administrator should be trustworthy (since he has the authority to perform all tasks).

Apps with known security flaws shouldn’t be run. The security website Secunia provides a search tool for unknown flaws in popular products.

With the help of an installed encryption program the message can be reassembled to its original format.

The internet connected computers should be frequently updated with the FIREWALL software that checks the incoming transmissions and restrict the suspicious ones.

When FIREWALL not in use:



When FIREWALL in use:





C) Network Security:

Security breach: Network security breach occurs when worms and viruses enter (i.e. the computer program codes replicate and infect the files), when hackers disrupt connections between two machines by flooding the network with traffic and disable complete network, by interception of TCP/IP packets while they are being transferred (term commonly known as SNIFFING), and also when hackers send spam mails and advertisements which can infect our systems by inducing viruses or getting a pathway to access our information.

Trojan Horse is very popular amongst hackers, since it is a destructive software that appears harmless and allows them to access a computer system and manipulate it by performing certain operations.


Prevention:We can secure our network using complicated passwords, using updated versions of anti-virus software, securing the file transfers, monitoring the network use, replacing the non-secure internet protocol.


This is how Anti-virus works.



To know more about your computer security, you can search in your system’s HELP AND SUPPORT CENTER. e.g.




The above screenshots were taken considering WINDOWS users. Now let us have a look at the security issues in LINUX systems.

We can secure our LINUX OS by installing rssh in it.

Rssh is a restricted shell for use of with open ssh, which allows only scp and sftp. E.g., if you want to allow users to copy files via scp, without providing shell access, you can use rssh for that.

We can download rssh either through terminal or via software Centre.

1) Through terminal:





2)Through software Centre:





We can manage our email accounts by the following ways:

1. Using just one email account.
2. Not holding onto spammed out accounts for too long.
3. By closing the browser after logging out.
4. By deleting browser cache history and password.
5. By avoiding the use of insecure email accounts to send and receive sensitive corporate info.
6. If can, use the telephone option over emailing.
7. By not using the BCC option.
8. by avoiding forwarded mails since they can be a spam.
9. By backing up email record.
10. By enabling the email spam filter.
11. By scanning all email attachments.
12. By not sharing account info with others.
13. By using complex passwords.
14. By encrypting wireless connection.

Details on email management can be taken from here.

We hope you found this blog useful and helpful in securing your computer to an extent. We also organized a small survey amongst people to check the awareness of computer security.

The result of that survey can be seen here.

BY: Swati Gautam and Pratiti Sarkar

No comments:

Post a Comment