Acceptable Use Policy

An acceptable use policy (AUP; also sometimes acceptable usage policy) is a set of applied by rulesnetwork and websit owners which restrict the ways in which the network or may be used. AUP documents are written for site corporations, businessess, universities, school, and website owners often to reduce the potential for legal actions that may be taken by a user, and often with little prospect of enforcement.

Acceptable use policies are also integral to the framework of information security policies; it is often common practice to ask new members of an organization to sign an AUP before they are given access to its information systems. For this reason, an AUP must be consise and clear, while at the same time covering the most important points about what users are, and are not, allowed to do with the IT systems of an organization. It should refer users to the more comprehensive security policy where relevant. It should also, and very notably, define what sanctions will be applied if a user breaks the AUP. compliance with this policy should, as usual, be measured by regular audits.

E-mail spam

E-mail spam, also known as "bulk e-mail" or "junk e-mail," is a subset of spam that involves nearly identical messages sent to numerous recipients by e-mail. A common synonym for spam is unsolicited bulk e-mail (UBE). Definitions of spam usually include the aspects that email is unsolicited and sent in bulk. "UCE" refers specifically to "unsolicited commercial e-mail."

E-mail spam slowly but exponentially grew for several decades to several billion messages a day. Spam has frustrated, confused, and annoyed e-mail users. Laws against spam have been sporadically implemented, with some being opt-out and others requiring opt in e-mail. The total volume of spam (over 100 billion emails per day as of aprill 2008has leveled off slightly in recent years, and is no longer growing exponentially. The amount received by most e-mail users has decreased, mostly because of better filtering. About 80% of all spam is sent by fewer than 200 spammers. Botnets networks of virus-infected computers, are used to send about 80% of spam. The cost of spam is borne mostly by the recipient, so it is a form of postage due advertising.

E-mail addresses are collected from chatrooms, websites, newsgroups, and viruses which harvest users' address books, and are sold to other spammers. Much of spam is sent to invalid e-mail addresses. ISPs have attempted to recover the cost of spam through lawsuits against spammers, although they have been mostly unsuccessful in collecting damages despite winning in court.

Anit Virus

There are many manufacturers of anti-virus software including BullGuard, BitDefender, Frisk, Grisoft, McAfee, Sophos, SymantecandTrend. Some, such as Grisoft, even supply a free version of their AVG anti-virus software, while others, such as Trend, offer a free online virus scan.


McAfee Plus offers proactive PC security to prevent malicious attacks, so you can protect what you value as well as surf, search, and download files online with confidence.

AVG offers All in one (Anti-Virus, Anti-Spyware, Anti-Rootkit, Anti-Spam, Firewal, Safe Downloads, Safe Instant Messaging, Safe Search, Safe Surf, System Tools, Technical Support)

with AVG antivirus, the signature updates are seamless and unobtrusive. The way security updates should be. But as a user - besides AVG offering a freebasic version of its software.
I like AVG Antivirus because it delivers on a simple promise, and not a fantasy of how information might be managed in the future

Be Careful when meeting people

Many people have gone on to from lasting friendships with people they have originally met online, but you must be very careful if you are asked to a real-life meeting with someone you have only met online. You should think about why they want to meet you for real.
If you do decide that you want to meet them, arrange the meeting in a public place and take along a parent or an older friend that you can trust. Anyone who won't agree to these arrangements probably has something to hide.
Go to the Netsafe web site and view the video entitled "Be cautious about meeting online friends".
You've now reached the end of this section of the course. You can return to any topic by using the menu at the left-hand side of the screen, or you can return to the home page for the course by clicking the NetSafe logo at the top left of the screen.

Be Cautious with E-mail

The best way of dealing with e-mails from an address you don't recognise is to discard them completely. That way, they can't cause any harm to you or your machine.
You should never open an e-mail attachment from anyone you don't know. The attachment could easily be a virus or some kind of objectionable material - this is one of the commonest ways in which viruses are spread.
Many e-mail programs prevent users from opening attachments with any kind of "active" content, ie: anything which runs a program or script which could damage your computer.
You should also avoid following hyperlinks in e-mail messages from anyone you don't know, as they can lead to web sites which will infect your system with a virus or spyware, or display objectionable material.
Finally, never reply to unwanted emails. That simply lets the sender know that your e-mail address is genuine and is likely to lead to more unwanted emails in future.

Reporting Abuse

A moment ago, we mentioned that you can report abuse online to CEOP, the Child Exploitation and Online Protection Centre by clicking on the Report Abuse button:

If you click on this button you'll be taken to a page where you'll be warned that you must agree to the content of your report being shared with international law enforcement agencies and that you will be required to enter your name, age and at least one means of contact. If you are not willing to accept these conditions, you can click another link to be taken to a page where you can make an anonymous report.
If you agree to these conditions, you will be directed to another page where you will be asked whether you want to report online content or online abuse. Once you have made your choice you will be asked to enter your personal details, then directed to the appropriate reporting site.

Be Careful in Chatrooms

Chatrooms are generally designed to allow groups of people to chat, and allow anyone to contribute their comments. However, many chatrooms allow the facility to move away from the public area to a private chat, where only those invited can take part.
This is fine if you want to have a private chat amongst a few friends, but be wary if anyone you don't know asks you to take part in a private chat. Why do they want to talk to you alone? What do they want to say that they don't want anyone else to know about? If anyone in a chatroom says anything that makes you feel uncomfortable, tell someone you trust, such as a parent or teacher.
You can also report abuse online to CEOP, the Child Exploitation and Online Protection Centre. Many social networking web sites now display CEOP's Report Abuse button which you can click to report abuse instantly:

Guard Your Personal Information

You wouldn't give out your e-mail address or telephone number to a stranger you met in the street or at a concert, so why give it out to someone you have met via the Internet? Remember that if you give out information in a chatroom, everyone in that chatroom can see it - not just those you want to see it.
If the wrong people get hold of your mobile number you could find yourself receiving unpleasant or threatening text messages, or even being attacked by a mobile phone viruses. In the worst cases, you may be forced to change your mobile number, which can be a major nuisance for both you and your real friends.
Similarly, giving out your email address too freely can lead to unwanted spam or other undesirable e-mail. If you feel you have to give out your e-mail address online, it's a good idea to use a disposable e-mail address, such as a Hotmail or Yahoo address, and keep your real e-mail address secret. That way, if anything unpleasant happens, you can simply stop using the affected address and sign up for another one.
If you do start to receive abusive texts or emails, let your parents or a teacher know. Telephone companies can often trace the source of text messages and Internet Service Providers (ISPs) may be able to trace the senders of e-mails. Your e-mail program may also allow you to block e-mail messages from specified addresses, or even restrict the messages you can receive to messages from friends already in your address book.

Know Who You're Chatting To

Unfortunately, the Internet makes it easy for people to give out false information about who they are, for example their age, gender, location, hobbies or interests.
There's a famous cartoon showing that On the Internet, nobody knows you're a dog, but the ability to hide behind a false identity can have more sinister implications. In particular, people trying to take advantage of children or teenagers will often lie about their age and pretend that they share interests with those they are talking to, so that they can gain their trust.
You may come across things that make you feel uncomfortable when you are chatting to someone, for instance, they may push you for personal information, such as your address or mobile number, or they may be reluctant to answer your questions. You should be particularly suspicious of anyone who asks you to keep your chats secret.
If anything makes you feel uncomfortable, you should tell a responsible adult, such as a parent or teacher. If the situation is innocent, no harm will be done, but if it is not, you may protect yourself or someone else from danger.
Go to the Netsafe web site and view the video entitled "Online friends may not be who they say they are"

Chat Rooms and Social Networking

Chat rooms are virtual social spaces on the Internet, where users can communicate with each other. Chat rooms are extremely popular because of their unedited and instantaneous nature. Some chat rooms are used simply for entertainment purposes, perhaps based around a topic such as discussing a daily television soap opera. Others may be used for more serious discussions.
There has been increasing concern about the use of chat rooms for "grooming". "Grooming" is the term given to interaction between an adult and a child with an end view of sexualising that relationship. "Grooming" is illegal. You should always keep yourself safe by keeping personal information to yourself and never agreeing to meet alone in person anyone you meet in a chat room.
Many of the considerations which apply to chat rooms apply equally to instant messaging services and other social networking sites, such as MySpace, Bebo and YouTube. You can make sure that you are safe by following some simple guidelines, as outlined in the next few pages.

Data Protection Act

If you post any personal data about individuals on a web site (or even store it on your computer) you may have to take account of the provisions of the Data Protection Act. This act applies across the UK and gives legal rights to individuals in respect of their personal data held by others. The Act seeks to strike a balance between the rights of individuals and the sometimes competing interests of those with legitimate reasons for using personal information.
Further information on the following topics can be downloaded from the Information Commissioner's website
The eight principles of good practice
The six conditions for fair data processing
Sensitive data
Rights under the Act
Criminal offences created by the Act
Unsolicited electronic communications
The role of the Information Commissioner's Office

Data Protection Act

If you post any personal data about individuals on a web site (or even store it on your computer) you may have to take account of the provisions of the Data Protection Act. This act applies across the UK and gives legal rights to individuals in respect of their personal data held by others. The Act seeks to strike a balance between the rights of individuals and the sometimes competing interests of those with legitimate reasons for using personal information.
Further information on the following topics can be downloaded from the Information Commissioner's website
The eight principles of good practice
The six conditions for fair data processing
Sensitive data
Rights under the Act
Criminal offences created by the Act
Unsolicited electronic communications
The role of the Information Commissioner's Office

Disability Discrimination Legislation

The Disability Discrimination Act, which came into force in 1999, makes it illegal for a service provider to discriminate against a disabled person by refusing to provide them any service which it provides to members of the public. The Code of Practice for the act, published in 2002, makes it clear that this includes websites, so if you are creating a website, you must ensure that it is accessible to disabled users, including those with visual or hearing impairments.
Many visually-impaired users make use of screen readers to view web sites. The screen reader reads the text of the web site aloud, but unfortunately it does not cope well with graphics. This can be overcome by creating an alternate tag for each graphic image, giving a brief text description of the image. When the screen reader encounters this, it reads the text of the tag, letting the user know the content of the image.
Hearing-impaired users are unable to hear sounds on a web site, but once again, an alternate tag can be attached. If the mouse is moved over the link to a sound file, a brief text description is displayed.
The RNIB (Royal National Institute for the Blind) have considered taking legal action with about inaccessible websites, but companies have generally been prepared to make the necessary changes, rather than face legal action. In 2000 a blind user successfully sued the organisers of the Sydney Olympics over their inaccessible web site and several American companies were successfully sued over the accessibility of their websites in 2004.

Digital Rights Management (DRM)

A number of defensive methods have been created to counter copyright infringement in the digital domain. This is a large area but the greatest and most visible use is the prevention of copying of movies from DVDs. This requires mechanisms to be active in one or both of the DVD disk itself and the DVD player or computer used. Examples are:
the need to keep a Satellite Television receiver box connected to the public telephone network
certain high definition film disks can only be played back on a computer which is connected to the internet
the latest large screen television displays need a special module to display high definition DVD movies. If this module is not present, the output from the DVD player is disabled. The presence of the module guarantees that the incoming digital signal is not being copied.
regional coding of DVDs prevents a DVD disk purchased in the USA from being played on a European region DVD player.
Click this link to find additional information on Digital rights management
Digital watermarking involves inserting and encrypted digital code into an image. It is of particular use with images which are placed on websites and thus easily copied. It is invisible to the casual user but provides a tracking mechanism for owners. It is a digital code, which can be unique to the image or used for all the owner's images. Click this link to find additional information on watermarks.
You can obtain a selection of freeware or shareware digital watermarking tools from Tucows. Why not download one or two of these and try them out for yourself?
Digital fingerprints are unique labels inserted into different copies of the same content (eg: an e-book, video or music file) prior to distribution. Each digital fingerprint is assigned to a specific recipient, and thus provides the capability to trace those who use their content for unintended purposes. Fingerprints are closely associated with the content and difficult to remove.

Copyright and the Internet

The Internet has created massive opportunities for the infringement of copyright. The Internet provides text and illustrations in electronic format, making it easy for the unscrupulous user to cut and paste material into their own documents. Trying to pass someone else's work of as you own is known as plagiarism.
The same rules generally apply to materials published on the Internet as to those published on other media. Almost everything on the Internet is copyright, so when you download material you should ensure that you are not breaking copyright law.
The greatest areas of commercial concern have been copyright infringements involving music files and still and moving images, particularly movies and TV programmes. A digital file can be cheaply and easily copied and distributed anywhere in the World via the Internet. The creator of the original work is excluded from the process and thus receives no financial reward.

Copyright

Copyright is about ownership, eg: of a literary, dramatic, musical or artistic work, such as a book, play, song or painting. In theory, some things cannot be copyrighted, such as a surgical operation or a way of doing business. However, there are exceptions to every rule: a surgeon in the USA has copyrighted a particular eye operation and Amazon has copyrighted its 'one click' method of doing business.
Initially, the author of a work is the copyright owner, but ownership can be sold or transferred to someone else. Copyright on books etc. normally lasts for seventy years after the death of the author. Sound recordings are usually protected for fifty years. However, this is not always the case. You can obtain more information at:
Is4Profit
The Patent Office
Copyright Licensing Agency
Copyright, Designs and Patents Act 1988

Alternatives to P2P

There are now a number of legal music download services available, including Apple's Itunes service and mp3.com. These allow you to buy single tracks or complete albums at a reasonable price. Some sites cater for more specialist tastes, such as the cleverly-titled ayepod.net which sells downloads of Scottish traditional music. There are also a number of sites offering free music downloads, such as music.download.com.
Free software is available from a number of sites including shareware.com and tucows.com. Some of this software is freeware, meaning that it is totally free to users. Other programs are shareware, meaning that users are permitted to download and try an evaluation copy before deciding whether or not to buy the software, often for a nominal fee. Some evaluation copies have restrictions, such as only working fro a certain number of days, or limits on the size of files that can be handled.
Many freeware programs are small utilities, but there are major items available, including Linux, an operating system which many believe to be superior to Windows, and Open Office, an application suite which is compatible with Microsoft Office and provides similar features.

Why You Should Avoid P2P

There are other good reasons for avoiding using P2P file sharing software. The software itself is often riddled with spyware and adware, eg: see news.com
Downloaded files often turn out to contain viruses or spyware. In many cases, downloaded files are faulty and do not operate as they are meant to. There has been some speculation that copyright holders have deliberately uploaded "poisoned" copies of files, to discourage users.
Users of downloaded software (and other users of pirate software) may not be able to obtain support from the software vendor when they require it, eg: Microsoft will not provide certain upgrades to Windows XP users unless they can demonstrate that their copy of XP is genuine. This includes updates to its anti-spyware software, so users of illegal copies of Windows can find themselves exposed to a real risk from new spyware.

Downloading Files

One of the most controversial aspects of the Internet has been the growth of peer-to-peer (P2P) file sharing systems, which allow users to share files, including songs, movies and software with others. The first company to offer this service was Napster, which has since been shut down and reopened as a paid music download service. It was soon followed by others, including Kazaa, LimeWire, BitTorrent and eMule.
Record companies, movie producers and software vendors claim that file sharing deprives both companies and artists of income and jeopardises future production, but many users claim that it gives them access to materials they would otherwise be unable to afford.
Many of the files found on file-sharing services are copyright and should not be uploaded or downloaded without the consent of the author or copyright holders. To date no-one has been prosecuted for downloading files, but there have been many successful prosecutions of users who have uploaded large numbers of files.

Backup/Restore

One of the most important concepts in computer security is that of backup. This is especially true regarding Internet safety, as the Internet can be the source of so many threats to your data
The idea of backing up is to make a copy of your important data as a precaution against losing the original.
Many home users will make backups of important files to CDs or even DVDs whereas business users will typically have a more robust backup/restore strategy with expensive hardware and software, eg: magnetic tapes or removable disk drives.
Some operating systems have the facility to take a dated snapshot of a fully working system. This snapshot can be used to restore the system back to this snapshot if something goes wrong later. This snapshot is called a restore point.

Content Filtering

Content Filtering is the use of special software to monitor, screen and prevent access by users to web sites or e-mail that fail to meet the security levels set.
Content filtering software works by checking the information, eg: URL, typed in by a user against an exclusion list. This list could also contain words that would be blocked if the user tries to enter them.
One of the main criticisms of content filters is that they may unintentionally filter content that is not undesirable and that by doing so they are censoring what Internet users can see. This is why content filtering software is also known as censorware.
Content filtering software is generally divided into two types:
Web site Filtering, eg: Inappropriate sites
E-Mail Filtering, eg: Spam and other nuisance e-mails.
Well-known content filtering packages include the following: (Click on a link to view the home page for the relevant product.)
Cyber Sitter
Net Nanny
Surf Patrol
Web Sense

Proxy Servers

The idea of a proxy is authorising someone to take your place or to do something for you. An example could be that you ask a friend to return your library books for you because they are going to the library.
A proxy server is one that acts on behalf of another server, usually for Web related purposes. The proxy server is set up by an organisation's system administrator as a gateway between trusted (local server) and non-trusted networks (Internet).
A proxy server allows internal users to get web pages from web servers without having to communicate with them directly. Only the firewall-protected proxy server is allowed to connect to the Internet. This process is invisible to users and is used to maintain network security.
Proxy servers can be used in several different ways. They can be used to restrict user access to web sites, by only permitting access to those web sites allowed by the proxy. This is sometimes referred to as a walled garden. They can also be used to hide a user's IP address (their unique Internet identity) from external web sites.
There are several commercial products available, including Steganos Internet Anonym which encrypts all your Internet traffic in a Virtual Private Network (VPN) preventing anyone (even your ISP) from seeing what you're doing on the Internet.
There are also a number of free proxy server products available. Some of them are completely free, while others allow you to download a trial version which is free for a limited period. Check some of the following:
Anonymizer
The Cloak
The Free Country

Firewalls

A firewall is a form of Internet defence. Just as it is recommended that a user should keep up-to-date anti-virus and anti-spyware software running on their system, it is also critical to maintain a strong firewall. A firewall's purpose is to monitor and block any perceived threat from the Internet to the local system, eg: hackers.
Firewalls can be software or hardware based, or a combination of the two. An example of a hardware firewall could be a router, and a software firewall could be Windows Firewall or ZoneAlarm. Windows Firewall is included in Windows XP, but offers only basic firewall facilities.
ZoneAlarm is freeware and can be downloaded and installed for personal use. Once installed, ZoneAlarm can be configured to permit Internet access as required by the user, for example, a browser's access to the Internet. Comodo Firewall Prois another free firewall product.
Another alternative is Sunbelt Personal Firewall. You can download a demo version of this and run it free for 30 days, but you need to pay a small fee if you want to keep using it after that.

Password Tips

Try not to use details that could be guessed by people who know you Use a combination of letters, numbers and symbols
Never tell your friends or family your password
Never email your password to anyone
Keep your username and passwords safe
Change your password frequently
Make your password as long as possible
If you suspect that someone else knows your password, you should change it immediately.
Note: a password does not have to be really long to be secure.

Password Security

A password is stronger if it is a bit more complex. Remember you can use the entire keyboard to make up a really strong password and the more numbers, letters and symbols it has, the more secure your personal information will be. A password should be a minimum of 8 characters.

Passwords

A password is an important element of Internet defence. It is a secret code, known only to you, that will allow you to access certain resources. You should never tell anyone your password.
It is important to have a strong password that other people cannot easily guess. Strong passwords should contain a mixture of letters, numbers, other characters and upper case letters, for example, if you knew and liked Shakespeare your password could be 2BorNotTwoB.
Weak or bad passwords are easy to guess and can result in your system being accessed. Examples of bad passwords are things like "password", "secret" or even a favourite football player, team or favourite soap.

Internet Security Suites

A number of vendors (the companies who produce and sell software) provide all-in-one packages known as Internet Security Suites which combine the functions of Anti-Virus, Anti-Adware, Anti-Spam and perhaps offer additional features such as a Firewall or protection against Phishing.
There is some debate about these suites. They are certainly quick and easy to install and keep up-to-date and probably provide all the security required, particularly by home users. However, some people believe that the protection they provide is not as good as the best-of-breed stand-alone applications, and they may combine one or two strong applications with several weaker ones.

Avoiding Threats

Threats can come from many different places such as e-mail, web sites and programs. In fact, most on-line activities and some offline ones expose your computer to the threat of virus infection.
There are, however, some basic precautions that can be taken to protect your computer.
The first rule of internet safety is to trust your source. Files, documents, web sites or any other link should only be clicked when you trust the person who has given it to you.
If you receive an e-mail that has as its subject line "Free money" the chances are that it is a con and should be deleted.
Even if you trust your source you should still be wary. Some viruses use their victim's address books to send e-mails. These e-mails contain the virus. If you open the contents of the e-mail your computer can be infected.

Internet Defence Activity

It is always a good idea to carry out regular on-line security and virus checks on your system. Although security software and anti-virus software are usually very good, they may not find every instance of viruses or spyware. Anti-virus publishers generally share knowledge about the different viruses that appear on the Internet.

Internet Safety: Internet Defences

Intro

The most important defences for Internet use are knowledge and awareness. If a user knows about the threats and dangers of on-line activity then they are forewarned and can take the appropriate steps. You should use the five rules that follow to help keep your system safe:
Rule 1: If it looks too good to be true then it probably is. Always be suspicious when you are using the Internet.
Rule 2: Never give confidential information to anyone other than completely trusted sources. Keep your password(s) to yourself.
Rule 3: Protect your system using up-to-date Internet safety software. Never go on-line without your system being fully protected.
Rule 4: Keep your knowledge up-to-date. Internet attacks and threats are on the increase and becoming more sophisticated and inventive, therefore, it is vital that you know what the latest threats are.
Rule 5: Keep your main operating system files up to date by regularly downloading patches and security updates.