"Computer Security" was the timely topic of the May 11 meeting of the Kawartha Internet Users' Group. Our guest speaker, Andrew Bell, is a company network specialist responsible for the security of hundreds of computers - none of which, he assured us, were "hit" by the recent "Love Bug" virus.

What is a computer virus? Imagine turning on your computer and seeing, instead of the familiar Microsoft clouds, an empty black screen. This is the worst scenario: a virus that deletes everything on your hard drive - software, documents, email, everything. Not all viruses are that destructive. Some are actually rather imaginative. I remember one that caused letters to "drop" from the document to the bottom of the screen, like falling rain. Of course, the person trying to use that particular computer wasn't quite as entertained. Computer viruses, like their biological namesake, may range from mild to deadly, but never are welcome.

"Viruses" are programs written deliberately to sabotage computers. The name aptly describes their behaviour. Once introduced to a computer, they may do their particular damage immediately, or lie dormant until some event (such as the next Friday the 13th) triggers them. They often replicate themselves, and spread to other computers. And new ones are appearing daily.

The obvious question is: why do they exist? What would motivate someone to be so destructive? The reasons are probably as varied as the perpetrators, ranging from boredom to vengance. For instance, at one time a lot of viruses were found to originate in eastern Europe, perhaps the result of a system that trained lots of people to program, but couldn't provide jobs in which they could put their skills to better use. There has even been some suspicion of anti-virus companies planting new viruses to create a demand for their wares. That would be as unlikely as the police committing crimes just to show they are needed. There are enough hackers, and criminals, to keep them all employed.

When PC's were used just for Lotus spreadsheets and word processing, there was only one point of attack: the floppy drives. Each advance in computer communications has opened more doors to viruses. Networking computers in an office allowed people to share not just files, but viruses. If one person loaded an "infected" program, the virus could quickly be spread to all the other computers on the network. In fact, as a precaution against viruses, some companies used "diskless" PC's. Only authorized employees could add files to the network. Email, the Internet, and now cable access, by opening computers to the entire world, have added a much wider door through which viruses can enter.

Meanwhile, the viruses themselves have become more sophisticated. Virus programs need to be "run" in order to do their damage, meaning only program files (as opposed to data files) can carry viruses. At one time, that meant only about three types of files, but the list is now much longer. Advances in software have given the virus writers lots of new toys to play with. For instance, Word documents can be infected through their macro capabilities. The rule now is not to trust any file you add to your computer. And, remember that every time you get your email, you are adding files to your computer.

If you have a computer, you need a virus checker. (OK, maybe not for a palmtop - yet). It's about the first thing to load, and runs in the background all the time the computer is on, watching for the "signatures" of known viruses. If you bought your computer with software already loaded, a virus checker was probably included. If not, it is as essential an investment as insurance on your car. In fact, it need not even be an investment: at least one company (Computer Associates) is offering it's virus-checking software free to home users (see the address below for details).

Unfortunately, just loading a virus checker isn't sufficient, at least not until all the "hackers" have retired (about the same time that theft is abolished). Anti-virus programmes are constantly being updated to handle newly-appearing viruses. Just as the vaccine used for last year's variety of influenza will probably not work against this year's new strains, your current virus checker is useless against these new additions. You must keep it up-to-date with the latest "signature" files, available to registered users via the internet. This isn't a very onerous job; the files are small and download in seconds. Make yourself a reminder to do this at least once a month (Mr. Bell said he updates his weekly).

We were reminded that viruses aren't the only threat to security. When your computer is on-line, it is vulnerable. Many web sites, for instance, read and write "cookie" files to your hard drive (that's how they "remember" what you did last time you visited). The same technology makes it possible for anyone with the skills (and there really isn't a lot of skill required), to "hack" into your computer: read or delete files or load (and run) programs. Think of someone running your computer with a program like "PC Anywhere" - but without your knowledge. Mr. Bell showed us some of the ways to safeguard our computers from such intruders. One way is to change the configuration settings of Windows Networking (the default settings are an open invitaion to hackers). Another is to install a "personal firewall", such as "ZoneAlarm" (again, it's free), which will notify you if someone attempts to access your computer.

Even with a good virus checker and firewall, there are a few precautions he suggested. Use "strong" passwords: at least 6 characters, combining upper and lower case, letters, numbers and puctuation. Don't use the same password for multiple purposes. Don't leave your computer on all the time (especially if you have a cable connection). Only download programs from known safe sites (to be really safe, don't download programs, period.) Be very leery of email attachments. If you don't know what it is, don't open it. And to ensure that you DO know when you're opening a program, change your Windows settings to display all file types. (In Windows Explorer, click on View/Options, then "show all file types").

The notes that Mr. Bell distributed at the May 11 meeting are available at the User Group site. Go to www.bobcaygeon.com, then follow the links to the Internet User Group page (under Special Interest Groups). Or email me at apanter@kawartha.net.

The next User Group meeting will be Thursday, June 8, 7:00 pm, at the Lions' Hall, Main St., Bobcaygeon.

HR>