First, we’ll talk about the student computer ownership initiative. This topic may be more relevant to the families of freshmen and high school students, but there should be some good information here for everyone. I’m going to cover what the initiative recommends and some of its implications as well as some other considerations that you may not have thought about. Next, we’ll get in to Information Security, and I’ll cover some best practices in this area. Finally, I’m going to talk a bit about what I call online integrity, or how your student can protect his or her reputation.
Since 1997, Georgia Tech has required all undergraduate students to own a computer. There is a campus committee made up of representatives from the Office of Information Technology, various academic departments, the office of housing, and students. This committee meets regularly and determines the minimum set of requirements for computers coming to campus. There’s two schools of thought on this one. First, I think most individuals will try to get the most bang for the buck and attempt to purchase a hefty-enough machine that will last throughout the student’s entire undergrad career. So, this second school of thought comes from the idea that since you will most likely need to replace your student’s computer during their time at Tech, you might as well go for a middle-of-the-road model and plan on replacing it after 2 years. The first machine may make an excellent computer for home use…
Now, a word about platforms… the kind of computer you get, whether it be a Mac or a PC, is entirely up to you and your student – I’ve used both platforms, and there are pros and cons to each. (And… if you have a CS student, they’re already using some version of Linux.) The one thing to consider is your student’s coursework, and its software requirements. Most of the software packages out there for the various classes are Windows-only. Fortunately, this is much easier to get around with the new Intel-based Macs and Boot Camp, Parallels, and VMWare. The down side to these methods is that you still have to be fully licensed for whatever software you install.
Good comparison chart on Intel’s website… but beware the megahertz myth.
A personal printer is not absolutely necessary, but it’s a good idea. There are various printing facilities on campus, but may not be the most convenient. Printers are relatively cheap so there’s not really a reason not to have one. Security cable: again, not a necessary item, but a good idea to have one… the problem with security cables is that no one uses them. Your student needs to get in the habit of using a cable, and logging out or “locking” their machine, even in their dorm room. Just because they’re good about shutting and locking the door behind them doesn’t mean that their roommate is. Your insurance company won’t be too sympathetic when they ask how a stolen laptop was secured and your reply is “it wasn’t.” External Hard drive: This is a must. It doesn’t matter what kind you get, whether it be a flash drive or something larger. Again, your student will need to get into the habit of backing up their files and programs regularly (weekly). Especially with the wear and tear of a laptop, you will always want a good backup, and there’s software available that will automate this for you so that you don’t have to remember to do it. Extended warranties: These go by many names but you basically want to get full coverage on breakage, spills, drops, and the like. Also, a media shredder is a great idea to have when discarding credit card offers, etc. They sell media shredders as well to securely dispose of CDs, credit cards, etc.
OS: preinstalled Office Suite – MSOffice 2003/2004/2007, Apple iWork; avoid buying a suite up front if possible Security Software (Antivirus, antispyware, firewall) Course-specific: buy it when you need it. A quick word about Windows Vista. To date, it is not officially supported on campus. That is to say, if your student has issues with Vista not working properly with campus services, OIT will provide a “best effort” level of support, but it is very possible that any issues that crop up may not be fixable in the short term. The same thing goes for Office 2007. Office 2007 sports a new interface, and by default, saves files in a new “open” format that is not compatible with previous versions. You do have the ability to save and open previous versions of files. There are many different office suites available out there. Some of them are free (OpenOffice). SCO recommendations specify that whatever you get, it needs presentation software (like PPT). The main thing to keep in mind is maintaining compatibility with others.
Office Matrix: Don’t need most of this, but the table is available online to help you sort through the confusion of what is/is not included. My recommendation is to shoot for either the Home & Student edition or the Standard edition. They both include the three main applications, Word, Excel, and PowerPoint. I love Outlook, but most students won’t care about it – they prefer to use webmail (and starting January, there will be a major upgrade to the campus mail system that will make a thick client obsolete.)
Never pay full price. See what’s available for free (both in terms of on-campus availability, as well as open-source alternatives). Only purchase additional software as it’s needed.
Increased theft: again, get a security cable and get into the habit of using it. Often the most devastating thing is not the loss of the equipment, but the loss of data! (This is where regular backups are a life saver.) Just as you would for any insurance purposes, keep a detailed inventory list (at home) that contains the exact make, model, serial number, hardware address, photos, etc. Also, check your homeowners’ policy coverage – it should extend to students away at college. There is software available for tracking stolen computers. I don’t know how effective it is vs. the cost to purchase it, but it’s worth investigating.
Choose good passwords… People talk about this all the time, but they never really explain what this means. Let’s look at a couple of examples…
Good passwords have these characteristics… Passwords don’t need to be difficult. Figure out a method that works for you and stick to it. GT Account password changes every 90 days, and you are restricted from reusing your last three passwords. Use different passwords for different resources, and use them whenever possible, i.e. don’t let your mail client or web browser “remember” your password for you.
Use a locking screen saver with a maximum timeout of 15 minutes Purposefully lock your screen when you walk away for a few minutes (this applies to both personal and lab machines) Set email clients and web browsers to not “remember” passwords – this forces you to not forget them The computer BIOS (Basic Input/Output System) allows you to assign a password to it, so that others cannot modify any of its settings. Use this feature, and document the password so that you don’t forget what it is… So, if you are going to choose good passwords, and get in to the practice of using different ones for different systems, how do you keep track of them all?
… not like this!
Password Safe is a free, open-source utility that assists you with password management. Think of it literally as a safe. You need a master combination (password) to open the safe, and inside is a listing of all of your usernames, passwords, and the resources they access. If you’re having trouble thinking up a unique, secure password, it will generate them for you (you can even specify a level of complexity/character classes). Macs have a built-in system utility called “Keychain” which does the same thing.
Most pre-installed suites maintain too much control, use too many system resources, and expire after a short timeframe. Uninstall it and use the campus McAfee distribution, or a free alternative.
Again, many all-in one suites will include an anti-spyware component. A hosts file is a text file that can be found on any system (Mac/Windows/Linux). This file essentially tells your computer where to find other systems on a network (like a local DNS file). You can download a custom hosts file that prevents your computer from seeing “bad” sites and will block advertising and tracking cookies.
Again, many all-in one suites will include a software firewall. Unlike anti-spyware software, with a software firewall, you want to use only one!
Depending on the information you have and the level of protection you need, you might want to consider using encryption software. Encryption basically takes files in their native form (plaintext) and scrambles them using a password that you provide.
Every OS has an automated way to download updates and patches frequently. This is a must! Sometimes these updates arrive at inconvenient times, and you can delay them a bit, but it’s best not to ignore them for too long and get them done at your earliest possible convenience. Also, don’t forget about your applications… many of these will have a way to automatically update as well.
Email is not secure! Never email sensitive information like credit cards, SSNs, etc. unless it has been encrypted. Don’t open attachments Never click on links in emails (phishing schemes for PayPal, eBay, WaMu, etc.)
Instant Messaging: Much like email, don’t open attachments or links. Many instant messengers will maintain logs of your chats… so be careful not to type anything that you don’t want to come back and haunt you.
Most laptop users have come to depend on the availability of wireless access. The big thing to keep in mind here is that wi-fi is completely insecure! The way this stuff works is that they’re basically radios, and anyone with a radio can receive the transmission. Anything transmitted in plaintext can be easily seen, so you always want to use secured protocols that are encrypted, i.e. SSL/SSH, https:// Laptops will always be looking for an available access point to connect to, and specifically, if they’re looking for APs that they’ve already connected to and are aware of, they’ll be broadcasting that information to anything that will listen! The best thing to do with your wireless connection is to disable it when you’re not using it. Not only will it keep you secure, it will also prevent campus resources from getting overloaded and will save you battery life. If you live off campus and have a wireless access point at home, be sure to secure it using WPA (Wifi protected Access) and not WEP (Wired Equivalent Privacy). I have a document posted on my website giving instructions for securing a Linksys WRT54G.
When you get rid of an old computer, or it comes time to replace or upgrade your hard drive, don’t just give it away/throw it away! When you erase files on a disk, you’re not actually erasing anything. Your data can be easily recovered! The best thing to do is to find a means of completely destroying your drive. At the very least, use software to “zero out” your data. One free program is DBAN. It will automatically take care of this for you. Macs have a built-in utility called Disk Utility; it will allow you to write zeros to your drive up to 35 times! Don’t run as an administrative user on your system. If you happen to download some kind of malware, it can use your credentials as an admin to install itself and cause other damage. New OSes now handle a good portion of this for you… Linux has a command called sudo, Macs will automatically prompt you for authorization when you change a system setting or install a program, and Vista includes User Account Control (UAC).
This topic covers some things that you may want to consider when it comes to protecting your reputation.
Pre-litigation letters is the latest installment of a broad education and deterrence campaign that the RIAA launched earlier this year focused on illegal file trafficking on college campuses. This program gives students the opportunity to resolve copyright infringement claims (www.p2plawsuits.com) against them at a discounted rate before a formal lawsuit is filed.
I’m using an overly-broad definition here, but for the purposes of this discussion, hacking is… This kind of activity can range anywhere from using programs to reboot your friend’s machine all the way to trying to break into the registration system to change your grades. Anything in here is a clear violation of the Computer and Network Usage Security Policy.
Online abuse in regard to cheating specifically applies to plagiarism and collaboration. No one ever got in trouble for citing too many sources.
Maintain your integrity while using online services… There’s a certain amount of this that is based on etiquette; for instance, you probably want to re-read and revise your emails before clicking that send button. Blogs, Wikis, personal web pages, MySpace, Facebook, etc. are all online services that allow you to express yourself, but before you post something online, think twice about it. “Free speech doesn’t protect hate speech, and inside jokes aren’t funny to everyone.” Once it’s on the Internet, it will live forever. This applies not only to potentially embarrassing things, but also maintaining control over your privacy. Consider what you type when using IM clients – many of them are set up to keep logs of your chats, and even if you’re not using that feature, the person you’re chatting with may be.
There’s been a lot of press lately about information that people have posted on services that are assumed to be closed and private.
There’s been a lot of press lately about information that people have posted on services that are assumed to be closed and private.
Online services like Facebook and MySpace are just as susceptible to cyberthreats as your computer is, and can be used as a vector for infecting your machine.
Again, online users need to be careful about how much they’re willing to share. In this case, we’re not talking about potentially embarrassing incidents, but instead about revealing enough personal information to have your identity stolen.
Use third party applications at your own risk. Protect your privacy: avoid posting everything about yourself just because you can… Don’t add or confirm friends to your profile unless you actually know them in person. Also, look out for the addictive nature of these social networks. It’s easy to be drawn in to these services and become distracted from studies and other work.
Luckily, some users are catching on to this notion of protecting their privacy. Now that Facebook is open to a broader audience, users are realizing that they may not necessarily want all this information out there.
Matthew H. Bain, MGT '01
Matthew H. Bain, MGT ’01 Senior Systems Support Manager, Georgia Tech Alumni Association
Student Computer Ownership Initiative (SCO) <ul><li>“ The computer should be fast enough and have enough memory and disk space to provide satisfactory performance over a usable life of two to three years .*” </li></ul><ul><li>*Moore’s Law: </li></ul><ul><li>In 1965, Intel co-founder Gordon Moore predicted that the number of transistors on a chip would double about every two years. </li></ul>
SCO Laptop Recommendation <ul><li>88% of Fall 2006 freshman brought a laptop with them to Georgia Tech. </li></ul><ul><li>Starting this Fall, laptops are required for incoming Computer Science majors. </li></ul><ul><li>In 2008, laptops will be required for everyone. </li></ul><ul><li>So what does this mean? </li></ul>
SCO Laptop Implications <ul><li>Pros: </li></ul><ul><li>Wireless coverage in most buildings, including the library and many dorms. </li></ul><ul><li>Easier collaboration on team projects. </li></ul><ul><li>Ability to take home during holidays and breaks, or on study abroad. </li></ul><ul><li>Increased Mobility! </li></ul>
SCO Minimum Laptop Requirements * The Georgia Tech LAWN (Local Area Wireless/Walkup Network) supports walkup connections through wired Ethernet in the library and wireless connections through IEEE 802.11b/g cards utilizing wired equivalent privacy (WEP), with a 64-bit key. For Mac users, Apple's AirPort and AirPort Extreme cards are compatible. Processor At least a Pentium M class or AMD equivalent (PC), G4 or Intel Core Duo (Mac) Memory 1GB or more Hard Drive 80GB or larger Display Supports1024 x 768 resolution or better Network Card 10/100 Base-T Network Adapter, Wireless adapter* Other Features CD-R, Sound Card, Speakers
Other Hardware Recommendations <ul><li>Personal printer </li></ul><ul><li>Security cable </li></ul><ul><li>External hard drive </li></ul><ul><li>Other considerations: </li></ul><ul><ul><li>Extended warranty </li></ul></ul><ul><ul><li>Media shredder </li></ul></ul>
Software Recommendations <ul><li>OS: Windows XP/Vista, Mac OSX, Linux </li></ul><ul><li>Productivity/Office Suite </li></ul><ul><li>Security software </li></ul><ul><li>Other software as needed… </li></ul>
Software Recommendations <ul><li>Don’t pay full price! </li></ul><ul><ul><li>Microsoft Office Standard 2007 </li></ul></ul><ul><ul><ul><li>MSRP: $399.95 </li></ul></ul></ul><ul><ul><ul><li>Educational Distributors like e-academy, Inc.: $56.15 </li></ul></ul></ul><ul><li>See what is available for free </li></ul><ul><li>Only purchase software if and when it is needed </li></ul>
Security <ul><li>Physical Protection </li></ul><ul><li>Information Security </li></ul><ul><li>Secure Communication </li></ul><ul><li>Other Best Practices </li></ul>
Security – Physical Protection <ul><li>Increased Mobility = Increased Theft! </li></ul><ul><li>Keep an inventory list </li></ul><ul><li>Software tracking </li></ul>
Security – Passwords <ul><li>Choose good passwords </li></ul>
Security – Passwords <ul><li>Ch0o5e Go0d p@s5w0rDs </li></ul><ul><ul><li>Minimum of 7 characters </li></ul></ul><ul><ul><li>Doesn’t contain dictionary words </li></ul></ul><ul><ul><li>Uses different character classes, i.e. </li></ul></ul><ul><ul><ul><li>alphabetic (the letters of the alphabet): a-z, A-Z </li></ul></ul></ul><ul><ul><ul><li>numeric (digits): 0-9 </li></ul></ul></ul><ul><ul><ul><li>special (punctuation, etc.): !@#$%^&, and others </li></ul></ul></ul><ul><li>Use different passwords for different resources </li></ul>
Security – Passwords <ul><li>Use a locking screen saver </li></ul><ul><li>Manually lock the screen </li></ul><ul><li>Set clients and browsers to not remember </li></ul><ul><li>Set a BIOS password (and document it) </li></ul>
Security – Passwords <ul><li>Ch0o5e Go0d p@s5w0rDs </li></ul><ul><li>Use different passwords for different resources </li></ul><ul><li>Password Safe / Keychain </li></ul>
Security – Software <ul><li>Anti-Virus Software </li></ul><ul><ul><li>Keep it updated! </li></ul></ul><ul><ul><li>Keep it active (on-access scan) </li></ul></ul><ul><ul><li>Perform full system scans regularly </li></ul></ul><ul><ul><li>Be cautious about opening links and attachments </li></ul></ul>
Security – Software <ul><li>Anti-Spyware </li></ul><ul><ul><li>Can use several different products </li></ul></ul><ul><ul><li>Campus distribution: WebRoot / McAfee </li></ul></ul><ul><ul><li>Others: Windows Defender, SpyBot, Ad-aware </li></ul></ul><ul><ul><li>Use a locked-down “hosts” file </li></ul></ul><ul><ul><li>Be cautious about opening links and attachments </li></ul></ul>
Security – Software <ul><li>Host-based firewalls </li></ul><ul><ul><li>Many different ones available </li></ul></ul><ul><ul><li>Built-in Windows/Macintosh Firewall is easiest to use and maintain </li></ul></ul><ul><ul><li>Choose only one </li></ul></ul><ul><ul><li>Keep it enabled on all adapters </li></ul></ul>
Security – Software <ul><li>Encryption Software </li></ul><ul><ul><li>Might want to consider using encryption software </li></ul></ul><ul><ul><li>TrueCrypt, GPG, Macintosh FileVault </li></ul></ul>
Security – Software <ul><li>Operating System </li></ul><ul><ul><li>Keep it patched and updated! </li></ul></ul><ul><ul><li>(easy to do using automatic updates) </li></ul></ul><ul><ul><li>Don’t forget your applications, too! </li></ul></ul><ul><ul><li>(Acrobat, Firefox, MS Office, etc.) </li></ul></ul>
Security – Secure Communication <ul><li>Email </li></ul><ul><ul><li>Encrypt sensitive information </li></ul></ul><ul><ul><li>Don’t open attachments </li></ul></ul><ul><ul><li>Don’t click on links </li></ul></ul>
Security – Secure Communication <ul><li>Instant Messaging </li></ul><ul><ul><li>Don’t open attachments </li></ul></ul><ul><ul><li>Don’t click on links </li></ul></ul><ul><ul><li>Beware stored chat logs </li></ul></ul>
Security – Secure Communication <ul><li>Wireless </li></ul><ul><ul><li>Use secure protocols (https://) </li></ul></ul><ul><ul><li>Turn off when not in use </li></ul></ul><ul><ul><li>If you have a wireless router at home*, secure it </li></ul></ul><ul><li>*if you live off campus; unauthorized wireless access points are not allowed on the campus network </li></ul>
Security – Other Best Practices <ul><li>Regular Backups </li></ul><ul><ul><li>Inexpensive media available </li></ul></ul><ul><ul><li>Make this a habit / automate it </li></ul></ul><ul><ul><li>Encrypt sensitive data </li></ul></ul>
Security – Other Best Practices <ul><li>Upgrading or replacing a hard drive </li></ul><ul><ul><li>Securely destroy your drive </li></ul></ul><ul><ul><ul><li>Darik's Boot and Nuke (DBAN) </li></ul></ul></ul><ul><ul><ul><li>Macintosh Disk Utility </li></ul></ul></ul><ul><li>Don’t run as an administrator </li></ul><ul><ul><li>OS-supported authentication </li></ul></ul>
Online Integrity - Piracy <ul><li>“ Anyone who sells, acquires, copies or distributes copyrighted materials without permission is called a pirate.” </li></ul><ul><li>“ Downloading music/movies without paying for them is no different than walking into a store and stealing a CD/DVD off the shelf.” </li></ul>
Online Integrity – Piracy <ul><li>According to the RIAA, more than half of college students download music and movies illegally </li></ul><ul><li>Very easy and tempting to do </li></ul><ul><li>P2P clients can open the door to malware and other bad things </li></ul><ul><li>RIAA/MPAA regularly send pre-litigation letters to colleges and students </li></ul>
Online Integrity - Hacking <ul><li>Attempting to gain unauthorized access to any system that does not belong to you, regardless of intent </li></ul><ul><li>Violates CNUSP </li></ul><ul><li>May result in termination of service and civil and criminal charges </li></ul>
Online Integrity - Cheating <ul><li>Plagiarism / Collaboration </li></ul><ul><li>Student Code of Conduct </li></ul><ul><li>2002 Scandal: College of Computing Cheatfinder </li></ul>
Online Integrity - Services <ul><li>Be careful before you click the send button </li></ul><ul><li>Think twice before posting </li></ul><ul><li>Everything lives on the Internet forever </li></ul>
Online Integrity - Services <ul><li>Use third party applications at your own risk </li></ul><ul><li>Protect your privacy </li></ul><ul><li>Don’t add friends that you don’t actually know </li></ul><ul><li>Look out for the addictive nature of these services </li></ul>
As Facebook Grows, Longtime Users Draw Privacy Veil Mary Jane Irwin 07.17.07 Facebook used to be all about the location of the next kegger, who hooked up with whom and maybe keeping in touch with the foreign student you studied with for a semester. Now this formerly exclusive community is increasingly being used for business networking -- and that's causing some of the service's longtime users to be a lot less forthcoming about the information they share on the site. For longtime users, the influx of grownups means that information once intended for a circle of fellow students is now available for anyone to see. That has introduced a new social conundrum: Deciding whose invites should be accepted -- and how much of your profile they should be able to see. "You can't really unfriend your mom," says Hillary Woolley, a junior at the University of California at Davis. "So I've been upping my privacy settings."