Do-It-Yourself Cyber Safety

Car manufacturers are not only required to provide seat belts but to also install airbags that provide passengers with passive protection. These devices haven't completely eliminated deaths and serious injuries, but they have made cars a lot safer.

There are no such laws when it comes to safe computing and, based on the Bush administration's recently released cyber safety plan, it appears as if that's the way it will remain.

On September 18, White House cyber security czar Richard Clarke unveiled the administration's "National Strategy to Secure Cyberspace." Flanked by the directors of the FBI and Secret Service along with executives of technology and security companies, Clarke and other officials hailed the plan as an important first step.

It is indeed a first step, but it's a baby step. The plan doesn't propose any new government regulations or even any mandates to industry but serves as a primer on how to protect your PC from hackers, viruses and malicious code. It's been widely criticized for being too weak.

Some have suggested that the government ought to require Internet service providers to offer free anti-hacker and anti-virus tools, while others have suggested that Microsoft should have been singled out for criticism, because of the large number of security flaws that have been associated with its products.

Rather than add my voice to the chorus of critics, I'd like to focus on the plan's suggestions. Regardless of whether it makes sense from a policy standpoint, the actual advice is worth heeding, especially if your PC is connected to a cable modem, DSL line or corporate or campus network. PCs with such "always on" connections are especially vulnerable to hack attacks because of their persistent connection to the Internet.

Although it may seem a bit far-fetched, the document makes the case that individual PC owners have a social responsibility to protect their PCs against hackers and viruses. That's because it's possible for a hacker to essentially commandeer someone's personal computer and use it as a staging ground to spread viruses or hack into other people's computers.

One of the most common hacker tactics is the denial-of-service attack, where the hacker bombards a server (often run by a prominent company, government agency or organization) with millions of extraneous messages. The best way to do this is to enlist the aid of other computers so that the attacks are coming from many places at once.

You can protect yourself against hackers with firewall software. Some Internet routers and gateways have firewall protection built in, though it's rarely very strong. A very effective and free tool for Windows users is ZoneAlarm from ZoneLabs (www.zonelabs.com). Mac users should visit www.firewallguide.com/macintosh.htm for advice on a variety of Mac firewall products.

Protecting your computer from viruses also contributes to the greater good as many viruses, such as Nimda and "I love you," automatically send themselves to people in your address book. So, if you're infected, you wind up infecting other people's computers.

If you don't have an anti-virus program, you should get one right away, and if you have one, you should make sure that it's up to date. All anti-virus programs have a way to update themselves via the Internet.

Another suggestion in the White House plan is that you get the latest patches or updates from your software vendors. This is especially important with operating systems and Web browsers, which are most vulnerable. Windows XP users should visit www.windowsupdate.com, which will automatically scan their machine to see if anything is out of date.

A free option for all Windows users is catchup.com, which will also look for expired software, hardware drivers and security updates. Macintosh, Windows and even Palm users can learn about updates at versiontracker.com.

It's also a good idea to use a spam filter to limit the amount of unsolicited e-mail you have to deal with. Microsoft Outlook users can download a free copy of Spamnet from Cloudmark (www.cloudmark.com). Other PC users should consider SpamKiller from McAfee. Apple's latest operating system (code-named "Jaguar") has built-in anti-spam software.

The White House plan suggests that "parents may want to consider managing their children's Internet use with software that allows them access to age-appropriate sites and materials," which is a round-about way of not taking much of a position on this controversial type of software. Yet, I agree. Such software is worth considering, but each family needs to make up its own mind on whether it's appropriate. You'll find plenty of information about filtering software at www.getnetwise.org as well as my own child safety site, www.safekids.com.

Finally, it's important that you keep a backup of your data. There is always the possibility of some type of failure -- whether it's hardware, software or human. The only way to protect yourself is to have your data stored safely on tape or disk, preferably somewhere other than where you use your computer. Iomega, which pioneered the original 100 megabyte Zip drive, now has a 750 megabyte version, which is better suited for today's larger data files. The drive itself costs $179 and the disks are $14.99 each or $12 when bought in an eight-pack.

The White House plan also has plenty of good advice for corporations, educational institutions and even government agencies, though one would hope that such organizations -- that usually have information technology departments -- would already be taking precautions.

You can read the plan yourself at www.securecyberspace.gov. It's worth a look.

A syndicated technology columnist for nearly two decades, Larry Magid serves as on air Technology Analyst for CBS Radio News. His technology reports can be heard several times a week on the CBS Radio Network. Magid is the author of several books including "The Little PC Book."