Risky Business & What Can We Do About It?

The Good, The Bad, The Ugly

Just when I think I've learned about all I can learn in a course, this module comes along. This module dealt with risks we can encounter whether we are on-line or conducting business using today's technology. I know it opened my eyes to the unknown dangers that are out there. I also know that it has changed the way I go about my on-line experiences. I'd like to tell you about what I learned about peer-to-peer networks, my on-line safety, and the security of my home network. Additionally, I want to educate you about how Wal-Mart protects the personal information of it's customers. I also feel I must be candid about how I used to conduct certain on-line activities.

What Didn't I Learn???
This module had a big impact on me and my family. We were doing things we shouldn't have been doing and leaving ourselves open to having our personal information stolen.

Let's start with peer-to-peer networks. I guess I always knew that nothing is ever truly free but I never really thought about downloading free music as stealing. Really. My kids had no qualms about downloading songs onto their iPods and I just jumped on the bandwagon with them. Then a few weeks ago my son discovered that the peer-to-peer network that we get our music from, Lime Wire, had been shut down by the government. THEN we start this module and I discover that we had been conducting illegal downloading of songs!! Yikes!! So, we are a different family now. Music will be paid for if anyone wants to download it. My personal opinion is that these artists make obscene amounts of money for what they produce (especially the stuff my son listens to) and they really can't be hurting from these downloads. I guess I should thank the government for shutting down Lime Wire. It was a big source of viruses, spy-ware, and malware if you weren't diligent with using your anti-virus software to check everything you downloaded. I've read about computers becoming completely infected after a song or two were downloaded. I guess I should consider us lucky that we weren't one of those victims.

So, the next eye-opening thing I discovered was that our wireless router was pathetic as far as security went. I read the parts of the module that dealt with securing your wireless router and chuckled along with the people on the video when they spoke about router passwords being......"password". How could anyone be that dumb? Well, guess what. When we bought our router and set it up I was much less tech savvy than I am now. The password on our home router was......."password". Yep. I am embarrassed to admit this but at least I can say I've learned from this experience. I can also admit that the SSID we were broadcasting was NETGEAR. So, let me recap what I discovered. We were broadcasting our SSID as NETGEAR with the password of "password". I might as well have just left our credit cards sitting on our front steps and saved any war-drivers some time. Unfortunately, the router technology is WEP which I have learned is old school and not very secure. That will change in the future, but for now I feel a little more confident since I made some much needed  adjustments. At the least I feel that if someone were trying to use our wireless network to go on the Internet or steal our credit card information I've just made it a little tougher for them. Perhaps they will just move on to the next house that may not be as secure.

Part of this assignment included displaying a screen shot of my computer's SSID information. I have Windows 7 so the directions were a little different than the operating system that was used as an example in our learning module. Here's what I was able to capture as information from the dialog box on my computer:

This screen shot shows that I have no authentication and that the encryption type is WEP. But the key items I want to highlight on this screen shot are the SSID, which is KCKRMULL, and that it is requiring a network security key, which isn't displayed. Those are changes that I have made since starting this module. My kids complain about these changes each time they log onto their accounts in iTunes using their iTouch since they have to enter the security key. A small price, I tell them, for added security.

While I'm on the topic of security, personal security to be precise, I looked at the corporate website for Wal-Mart to see how they are protecting their customer's personal information. From what I was able to discover about in-store transactions is that they use WEP but the network is MAC address filtered. This means that it looks at each individual computer trying to connect to the network to see if it is allowed to connect. Even if the WEP key was cracked the individual would not be allowed to access the network because the laptop's MAC address is not in the list of allowable MAC addresses. For on-line purchases they

 use SSL technology. They also have a digital certificate from Verisign. This allows your personal information to be transmitted in encrypted form to a Wal-Mart.com web server. Wal-Mart also discloses that any hard copies of personal information are kept in locked locations or cabinets with similar restrictions for electronic storage of personal information. When it is disposed of it is shredded, destroyed, erased, or some other way made unreadable. It sounds like Wal-Mart is taking many steps to ensure their customer's personal information is secure.

A Last Note 
My daughter received an unnerving message the other day from Face Book. It seems someone in California was trying to access her account but was having trouble with her password. She needed to answer several security questions and change her password before she was allowed to access her Face Book account. She brought it to my attention since she has decided that her mom is becoming a security nut ever since she started taking this class. We discussed what constitutes a secure password and I feel confident that the password she selected will be a secure one. I think we all learned something from this module.