Caslon Analytics elephant logo title for Security & InfoCrime guide
home | about | site use | resources | publications | timeline   spacer graphic   Ketupa

























related pages icon



& Trust


related pages icon


Forgery &


section heading icon     self-help

This page considers the scope for self-help among the online population.

It covers -

subsection heading icon     introduction

The internet isn't "out there" - it begins at your desktop.

It is a sad but inescapable fact that your home computer, Bill Gates, national government or ISP won't address all internet security problems on your behalf. Life online, like life on the streets, involves responsible behaviour by citizens - few of whom would leave their doors unlocked or hand their wallets to total strangers.

Most of the industry and government sites identified earlier in this guide - for example the US National Infrastructure Protection Center (NIPC) - offer advice about precautions in managing your computer.

The System & Network Security (SANS) organisation for example offers a list of the 'Top 20 security flaws' (especially those on Microsoft and Unix systems) and what to do about them.

The NIPC's 2002 Password 101 reminder encourages consumers to

Use strong passwords. Choose passwords that are difficult or impossible to guess and use different passwords in different accounts.

Make regular backups of critical data. Backups must be made at least once each day. Larger organizations should perform a full backup weekly and incremental backups every day. At least once a month the backup media should be verified.

Use virus protection software: having it on your machine in the first place, checking daily for new virus signature updates and actually scanning all the files on your computer periodically.

Use a firewall as a gatekeeper between your computer and the internet.

Do not keep computers online when not in use - either shut them off or physically disconnect them from the net connection.

Don't open email attachments from strangers, regardless of how enticing the Subject Line or attachment may be. Be suspicious of any unexpected email attachment from someone you do know, as it may have been sent without that person's knowledge from an infected machine.

subsection heading icon     offline

Given our comments about identity theft and forgery & fraud it is recommended that you look beyond the keyboard to managing information offline.

Tips include -

proper storage/disposal of personal and corporate financial documentation such as bank account statements

care in the storage and disposal of current and inactive cheque books, debit cards and credit cards

caution in divulging personal information that enables identity theft, given that many offences appear to involve criminals asking questions rather than using spyware

subsection heading icon     panopticism

Those concerned about who is watching the watchers might note the "list of eleven types of surveillance that affect every ordinary citizen, or soon will" published by geographer Mark Monmonier in promoting his lucid Spying with Maps: Surveillance Technologies & the Future of Privacy (Chicago: Uni of Chicago Press 2002). We've adapted that list, with apologies to Dr Monmonier, for Australian conditions.

Papers please! Apply for a passport, a drivers licence or some jobs and you'll need to supply details about your past and current circumstances.

Credit-card purchases. Ignore the dot-coms and 1-800 retailers: the record of your credit-card purchases reveals a lot about where you've been and when.

You wanna be in pictures? Use of video cameras (and facial recognition systems) in offices, retail premises, stations and streets and other public places is growing. Smile! Depending on image quality and retention period, video surveillance could finger you as a suspect - or help identify the bloke who nicked your stereo.

Mail-order purchases, whether by mail, telephone, or the internet. The retailer that knows where to send your packages can easily send its catalogues to you - and your neighbors.

Mobile phones and other wireless devices. Telecommunication service providers can compile detailed histories of their customers' movements.

Salaries and other payments reported to the Australian Taxation Office or other government agencies. For those not working "off the books," those agencies know how much you earn and where you work.

The population census - lthough the Australia Bureau of Statistics cannot disclose information on individuals or households, 'small area data' reveal a lot about your neighborhood.

Vote early, vote often - electoral roles for government elections (and those of other entities, such as unions) can identify who's where

Aerial photography (from aircraft or satellite). Overhead imagery can tell the local assessor whether you've put in a swimming pool or added a room to your house.

Cadastral databases (ownership and tax assessment of real estate). Where property is taxed according to assessed value, your neighbors can look up your assessment and a bit more - including the purchase price.

Medical records (physicians, health insurance firms, public hospitals, etc.). Visit a doctor or a hospital, and the time, date, and diagnosis wind up in your insurer's database.

Automatic toll-collection systems. In reducing wait time at tollbooths, electronic tags not only track vehicles but raise the possibility of billing drivers for exacerbating congestion during rush hour.

subsection heading icon    ain't necessarily so

Normalisation of the online population in Australia and elsewhere has been reflected in greater maturity in assessing online information and dealing with it.

Many people now realise, for example, that -

  • online does not necessarily mean true
  • email headers can be 'spoofed' (ie the message may not be from its purported author)
  • what appears to be a link to a legitimate site might instead point somewhere else
  • domain names can be hijacked or merely
  • that banks or other financial institutions don't send email asking recipients to provide account details
  • signatures can be readily scanned and misused
  • responding to spam may merely alert the alert the spammer that you are
  • if an offer sounds too good to be true it, alas, probably is
  • invites to participate in the good fortune of sundry African dictators or entrepreneurs ("you'll get 25% of the US$50 million secreted by my late husband President Abache") have the same credibility as magic beans and other precursors of the 419 scam
  • the Horny Goat-weed or other 'better living through modern chemicals' purchased online might not get through Customs - or indeed leave the sender's 'office' in a cybercafe - and may not work.
  • virus protection and firewalls are an online girl (and boys) best friend
  • while you may find true love in cyberspace, people often shed kilos, partners and years (and add income and qualifications)
  • much 'news' echoed and re-echoed in blogs, chat-rooms and newsgroups is fictitious or malicious (with consequent successful prosecutions for defamation or fraud).

Others, unfortunately, appear to be mesmerised by the screen ... so every year consumer organisations and government agencies report financial losses, broken hearts and even suicides over infocrimes such as Nigerian 419 scam.


icon for link to next page       next page  (forensics)

this site
the web


version of December 2003
© Bruce Arnold | caslon analytics