Cryptography
Download
1 / 97

Cryptography - PowerPoint PPT Presentation


  • 51 Views
  • Uploaded on

Cryptography. CS 110 Fall 2005. From last class…. Instant messanger systems Unsafe links on AIM profiles Requests from “buddies” to open messages containing pictures. Security problems of interest. Policies:. confidentiality - protect info content from unwarranted observation

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Cryptography' - turner


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Cryptography

Cryptography

CS 110

Fall 2005


From last class
From last class…

  • Instant messanger systems

    • Unsafe links on AIM profiles

    • Requests from “buddies” to open messages containing pictures


Security problems of interest
Security problems of interest

Policies:

  • confidentiality - protect info content from unwarranted observation

  • integrity - protect info accuracy

  • availability - ensure information delivery

  • authentication - assure identity of user (sender)

    • non-repudiation - protect from deniability

  • access control - control access to info/resources

Problems that arise in implementation:


Attacks
Attacks

  • interception - of information-traffic, breaches confidentiality

  • interruption - of service, availability

  • modification - of information, i.e. loss of integrity

  • fabrication - of information, destroys authenticity


Response
Response?

  • identify key assets

  • evaluate threat posed to assets

  • implement suitable countermeasures

  • manage implementation

  • cryptography is a key technology

    • Note – not a “perimeter defense” technology


What s cryptography
What’s cryptography

  • cryptography is the study of secret (crypto-) writing (-graphy)

  • concerned with developing algorithms to:

    • conceal the content of a message from all except the sender & recipient (secrecy or confidentiality)

    • verify the correctness of a message or its sender to the recipient (integrity & authentication)


A few terms
A few terms

  • cryptography

    • the art or science of transforming an intelligible message into one that is unintelligible, and then transforming that message back to original form

  • plaintext

    • the original intelligible message

  • ciphertext

    • the transformed message


A few terms1
A few terms

  • key

    • critical (secret) information used in the cipher & known only to the sender & receiver

      • Symmetric – shared

      • Asymmetric – public/private


Transformations
Transformations

  • code

    • an algorithm for transforming an intelligible message into an unintelligible message using a code-book

  • encryption

    • applying a mathematical function mapping plaintext to ciphertext using the specified key:

      C = EK(P)


A few terms2
A few terms

  • cryptanalysis (codebreaking)

    • the study of methods for transforming an unintelligible message back into an intelligible message without knowledge of the key


Steganography
Steganography

  • embed message in innocuous setting

My Special Friend,

Our speaker today in class today is exciting, & I know that the next speaker is even better. I need to report to you that next class is the mid-term exam. Well, there is only one mid-term! YEAH!!! Well that is it for now. ………...


Steganography

  • embed message in innocuous setting

My Special Friend,

Our speaker today in class today is exciting, & I know that the next speaker is even better. I need to report to you that next class is the mid-term exam. Well, there is only one mid-term! YEAH!!! Well that is it for now. ………...


Two crypto techniques

Two crypto techniques

Permutation

Substitution


Staff cipher
“Staff” cipher

  • an early Greek transposition cipher:

    • cut a narrow strip of paper long enough to write message

    • wind it around a staff so that adjacent edges abut

    • write message horizontally down the shaft with a character on each wrapping

    • unwind

  • Result: long sequence of seemingly random letters


The ole alternation trick
The ole alternation trick

write message letters on alternate rows

read off cipher by row

Plain = “I CAME I SAW I CONQUERED”

Plain: I A E S W C N U E

C M I A I O Q R D

Cipher: IAESW CNUE CMIAI OQRD


The ole structured patterns trick
The ole structured patterns trick

write message letters as a matrix

read off cipher by some pattern

Plain: I C A M E

I S A W I

C O N Q U

E R D A B

Cipher: diagonals, concentric circle, in and out, etc


The ole mirror trick
The ole mirror trick

write the message backwards

Plain: I CAME I SAW I CONQUERED

Cipher: DEREU QNOCI WASIE MACI

………and speaking of J. Caesar


Two crypto techniques1

Two crypto techniques

Permutation

Substitution


Caesar cipher substitution cipher
Caesar cipher - substitution cipher

  • Julius Caesar invented to transmit military information -- 2000 years ago

  • Map each letter to another -- fixed offset -- called the translation alphabet

Alphabets:

Plain: A B C D E F G H I J K L M N O P Q R S T U

Cipher: E F G H I J K L M N O P Q R S T U V W X Y

CipherText: W TI G M E P W T I E O I V G S Q M R K


Caesar cipher substitution cipher1
Caesar cipher - substitution cipher

  • Julius Caesar invented to transmit military information -- 2000 years ago

  • Map each letter to another -- fixed offset -- called the translation alphabet

Alphabets:

Plain: A B C D E F G H I J K L M N O P Q R S T U

Cipher: E F G H I J K L M N O P Q R S T U V W X Y

CipherText: W TI G M E P W T I E O I V G S Q M R K

P = S P E C I A L S P EA K E R C O M I N G


Cryptanalysis break caesar cipher
Cryptanalysis – break Caesar cipher

  • check out brute force cryptanalysis of a Caesar cipher

  • What is the Key?

  • What is the Key size?


Mono alphabetic substitution
Mono-alphabetic Substitution

  • Use any permutation of the 26 alphabetic characters

    • 26! (i.e. 4 x 1026) possible keys

    • Non-trivial number of options

    • But, regularities of the language give clues

      • English, German, Hebrew, Russian – have different characteristics in terms of letter usage


Language regularities
Language regularities

  • can base cryptanalysis on frequency of letter occurrence

  • E is most frequent, then

  • T, R, I, N, O, A, S, then …..

  • rarely are J, K, Q X Z used

    • E is 25 times more frequent than Q

  • Strategy (for a “long enough” message) is to guess at letter value based on frequency of appearance in ciphertext


Language regularities example
Language regularities - example

Ceasar (Mono alphabetic substitution) Alphabets:

Plain: A B C D E F G H I J K L M N O P Q R S T U

Cipher: E F G H I J K L M N O P Q R S T U V W X Y

CipherText: W TI GM E P W T I E O I V G S Q M R K

P = S P E C I A L S P EA K E R C O M I N G

P = S P E C I A L S P EA K E R C O M I N G


Data encryption standard des
Data Encryption Standard (DES)

  • Developed by IBM in 1970s

    • Sold to Lloyds of London

  • US Nat’l Bureau of Standards requested a national cipher standard

  • National Security Administration (NSA) worked with IBM to refine it

  • Adopted in 1977 by Nat’l Bureau of Standards


Key property
Key Property

  • Avalanche

    • Small change in plaintext or in key produces significant change in cipertext

    • Change one bit of plaintext and about half the ciphertext bits will change


Des status
DES Status

  • No weak points have surfaced

  • DES is widely used

  • 1994, Nat’l Institute of Standards and Technology reaffirmed its use for federal use

    • Recommended for all but “classified”


Des key length
DES key length

  • Increased computing has made a 56-bit key susceptible to exhaustive key search

    • 1997 – a few months were needed by a large network (70,000) of computers to break DES. $10,000 prize claimed

    • 1998 – Electronic Frontier Foundation broke DES in a few days

    • 1999 – A break accomplished in 22 hours

  • DES with larger keys is still used and it works well


Public key encryption
Public Key Encryption

  • Alice wishes to communicate a secret message to Bob

  • Bob will then reply


Symmetric key system
Symmetric Key System

  • Alice and Bob have common knowledge of a single key

  • Alice puts message in box and locks with a padlock for which she has a key

  • She sends the box to Bob in regular mail

  • Bob has identical copy of Alice’s key and uses it to open the box

  • He uses same padlock for sending his response back to Alice


Symmetric key risks
Symmetric Key Risks

  • How are the keys distributed?

    • Through mail?

    • Stolen/copied in the mail?

  • If key is stolen/copied, all communications are (unknowingly) compromised

    • All participants must synchronize and get a new key


Asymmetric public key
Asymmetric Public Key

  • Bob and Alice have separate padlocks

  • Alice asks Bob to send his open padlock to her through regular mail

  • Alice uses Bob’s lock to secure the box containing her message and she mails it to Bob

  • Upon receiving the box, Bob uses his key to unlock it


Advantages of asymmetric public key
Advantages of Asymmetric Public Key

  • No need to send keys to one another

  • Third party cannot copy key while in transit

  • One stolen key only compromises part of the communication


Public key encryption1
Public-key Encryption

  • It’s annoying for Bob to send his padlock to Alice

  • Instead, Bob sends instructions for how Alice can build a padlock that will only be open-able by Bob

    • Note these instructions cannot give away secret of Bob’s key


Public key encryption2
Public-key Encryption

  • Alice has two keys (strings of letters)

    • Public key that she freely shares with the world

    • Private key that only she knows

  • Messages encrypted with Alice’s public key are only decipherable by Alice’s private key


Public key encryption3
Public-key Encryption

  • Alice can send message encrypted using her private key

  • Bob can decode message using Alice’s public key

  • Bob is assured message he reads was authored by Alice


Is Public Key Crypto Secure?

  • A 128 bit key would be a number between 1 and 340,282,366,920,938,000,000,000,000,000,000,000,000

  • How many prime numbers are between 1 and this number?

    • approximately n / ln(n) which is about 2^128 / ln( 2^128 ) = 3,835,341,275,459,350,000,000,000,000,000,000,000

  • How long would it take to find all of these prime numbers if you could calculate one trillion of these numbers per second?

    • More than 121,617,874,031,562,000 years (i.e., about 10 million times longer than the universe has existed so far.)

    • Reference: http://www.livinginternet.com/?i/is_crypt_pkc_inv.htm

  • Answer – Yes, but know its limitations (e.g. plaintext attacks, block sizes, etc.)


Weakness of public key system
Weakness of Public-key System

  • Man-in-the-middle Attack

    • Communication of Alice’s public key is intercepted and changed to a new public key that matches interceptors private key

    • Interceptor decodes the message to read it and re-encodes it using Alice’s public key before sending on to her

      Trusted key distribution


Trusted key distribution
Trusted Key Distribution

  • Companies exist to manage key distribution

    • Microsoft “offered” to do this with a system called Passport

    • Business model… Microsoft creates a standard for secure communication and sets prices at monopolist levels


Trusted key distribution1
Trusted Key Distribution

  • US Government

    • Do you trust them?

    • They are very interested in having the power to control keys so they can listen to any message


Trusted key distribution2
Trusted Key Distribution

  • RSA: Rivest, Shamir, Adelman

  • Verisign

  • PGP: Pretty Good Privacy


Breaking rsa

RSA inventors offered $100 reward for finding a plaintext sentence enciphered via RSA

public key had 129 decimal digits (~ 428 bits)

RSA predicted 40 quadrillion years was needed

1994 -- a group claimed the prize after 8 months of work (1600 computers used)

Breaking RSA


Security and the web
Security and the Web sentence enciphered via RSA

  • HTTPS

    • Uses port 443 (not 80)

    • Security protocol is determined by your browser and the server

    • Online vendors may establish contract with Verisign to handle security

      • A form of public-key encryption secures the transaction


Review
Review sentence enciphered via RSA

  • Adware

  • Viruses

  • Worms


Review1
Review sentence enciphered via RSA

  • Email Spoofing

    • falsified sender

  • Email Phishing

    • obfuscate HTML to trick you into submitting private info through deceptive web pages


Review2
Review sentence enciphered via RSA

  • Openness in desktop computers

    • You permit lots of programs to read/write data to your hard drive and memory

    • Computer “listens” for packets on many ports of its internet connection

      • http, itunes, email, IM, homeDir, …

      • Programs that monitor the ports for packets are supposed to be failsafe

      • Flaws are discovered and exploited


November 8 2005
November 8, 2005 sentence enciphered via RSA

Three image-rendering flaws in the Windows OS could put millions of Internet-connected users at risk of PC takeover attacks.

The flaws could be exploited by any software that displays images, including … Outlook, Word, and Internet Explorer.

http://www.eweek.com/article2/0,1895,1883850,00.asp


November 8 20051
November 8, 2005 sentence enciphered via RSA

The bugs are considered particularly dangerous because users could be at risk merely by browsing to a malicious rigged site with rigged image files, or by displaying images in the preview pane of an e-mail program


November 8 20052
November 8, 2005 sentence enciphered via RSA

Any program that renders WMF or EMF images on the affected systems could be vulnerable to this attack. An attacker who successfully exploits this vulnerability can take complete control of an affected system


November 8 20053
November 8, 2005 sentence enciphered via RSA

The bulletin also addresses two separate unchecked buffers in the way the OS renders WMF and EMF images.


March 29 2005
March 29, 2005 sentence enciphered via RSA

  • A similar flaw was detected

  • The hackers corrupted the banner images of an advertising company

  • 100s of sites used those banners

  • Microsoft took 90 days (?) to release a “patch” because of the intricate nature of Windows and the extensive testing required


Today s news
Today’s News sentence enciphered via RSA

  • Detect severity of earth quake in first 1.5 seconds

  • Send immediate warning to San Francisco

  • Automatically stop trains and shut down critical systems to protect them

    Would you trust it?


Onward
Onward sentence enciphered via RSA

  • Cookies

  • Web Bugs

  • More viruses


Cookies
Cookies sentence enciphered via RSA

  • Cookies are somewhat controversial

    • Websites can used them for legitimate reasons

    • They can be used for the wrong reasons

    • In any case, they are a fact of life of web browsing

  • Cookies allow a web-server to:

    • Track your visits to the site

    • Learn and remember info about you

    • Store info on your computer

http://vreport.capaho.com/demo.html


What is a cookie
What Is a Cookie? sentence enciphered via RSA

  • A small piece of information stored by your web-browser on your PC when you visit a site

  • What’s stored:

    • A URL related to the site you visited

    • A name/value pair (the information content)

    • (Optional) An expiration date

  • Why is it a “cookie”?

    • An old CS term for a chunk of data used obscurely


Reminder web browser and server interaction
Reminder: Web Browser and Server Interaction sentence enciphered via RSA

  • User types URL or clicks link

  • Browser sends a get-page request for that URL to web-server

  • Web-server finds HTML file (and related files)

  • Web-server sends these back to browser

  • Browser processes HTML and displays page


Cookies web servers store some info on your pc
Cookies: Web-servers Store Some Info on your PC sentence enciphered via RSA

  • When sending back a page, server alsosendsa cookie

  • Your browser stores it on your PC

  • Later, you visit the same site

    • You request a page there and your browser has earlier stored a cookie matching that URL

    • Browser sends URL and cookie to web-server

    • Web-server processes cookie

  • May return updated cookies with page


Normally browsing the web is stateless
Normally browsing the web is "stateless" sentence enciphered via RSA

  • “Stateless” means “no memory”

    • Request a page from a server; it sends it

    • Later request a 2nd page; the server sends it

    • The webserver doesn't remember anything connecting these two requests

  • But, cookies preserve “state.” Server can connect an early visit with a later visit.

    • How? Cookie stored a numeric ID number for you

  • FYI, a server does “log” requests

    • what page, what IP address, when, browser

    • But this can’t identify you uniquely


Cookies can be beneficial
Cookies Can Be Beneficial sentence enciphered via RSA

  • Shopping Carts

    • Server creates a cart, stored on the server

    • You visit other pages, but a cookie lets the server know you’re the person who created that cart

  • Other personalization

    • “Welcome back, Jane Doe!”

    • “Items you viewed recently are…”

  • Recognizing legitimate users for a site

    • Register and log-in, but then a cookie means you don’t have to log-in every time


The darker side of cookies
The Darker Side of Cookies sentence enciphered via RSA

  • We assume anonymity on the web, right?

  • Do you want someone knowing what pages you’ve visited?

    • Cookies allow a website to track what you visited on that site

    • Are they keeping this private? Selling it?Do you even know they’re tracking your visits?

    • What are your rights here?


The darker side of cookies 2
The Darker Side of Cookies (2) sentence enciphered via RSA

  • Personalized ads (e.g. the company DoubleClick)

    • Advertising image on a page is really on another server

    • You click on the image on the ad-server

    • It builds up a profile about you over time

    • Deliver ads you want to see

  • When used for authorization, are they secure?


You have control
You Have Control sentence enciphered via RSA

  • You can configure your browser to handle cookies as you want


Cookies should you worry
Cookies: Should You Worry? sentence enciphered via RSA

  • Hard to say…

    • Some are quite useful. They allow e-commerce!

    • Some are sneaky

  • Some anti-spyware tools remove undesirable cookies (some remove harmless ones)


Where we are in the lecture
Where We Are in the Lecture sentence enciphered via RSA

  • Email issues

    • attachments and email-spoofing

    • phishing

  • Cookies

  • Web-bugs

  • Viruses in email

  • Spyware (including browser hijacks)


What s a web bug
What’s a Web Bug? sentence enciphered via RSA

  • We know visiting a URL “announces” your presence

  • If the web page you visit has images, those images can be references to other web pages:

  • Consider foobar.html at www.foo.com

    • foobar.html includes

    • <img src=“http://www.virginia.edu/rotunda.gif>


What s a web bug1
What’s a web bug sentence enciphered via RSA

  • Something that makes your machine execute a get-page request for a site you don’t expect

    • The server there logs delivery of that image

  • May be invisible (hard to see a 1x1 pixel … VIEW SOURCE)

  • Sometimes known as a "clear GIFs", "1-by-1 GIFs" or "invisible GIFs“

http://www.eff.org/Privacy/Marketing/web_bug.html


Examples in html
Examples (in HTML) sentence enciphered via RSA

  • <img src="http://ad.doubleclick.net/ad/pixel.quicken/NEW" width=1 height=1 border=0>

  • <img width='1' height='1' src="http://www.m0.net/m/logopen02.asp? vid=3&catid=370153037&email=SMITHS%40tiac.net" alt=" ">


What info can be gathered
What Info Can Be Gathered? sentence enciphered via RSA

  • Again, the server where the bug lives will log:

    • The IP address of your computer

    • The URL of the page that the Web Bug is located on

    • The URL of the Web Bug image

    • The time the Web Bug was viewed

    • The type of browser that fetched the Web Bug image

  • Also possible: Info from any cookie that's on your machine


Web bugs on a web page
Web Bugs on a Web Page sentence enciphered via RSA

  • Using personal info in a cookie, ad companies can track what pages you view over time

    • Stores this info in a database

    • Later used to target specific banners ads for you

  • How many people view a website


Web bugs used in an email
Web Bugs Used in an Email sentence enciphered via RSA

  • Tells if and when a message was read

  • Links email address with the IP address of machine you read mail on

  • Within an organization, can tell how often a message is forwarded and read

  • In spam:

    • How many users have seen the spam message

    • Allows spammers to detect valid email addresses


Web bugs legal ethical
Web Bugs: Legal, Ethical? sentence enciphered via RSA

  • Controversial! Attempt to monitor you without your knowledge

  • Legal? Not clearly illegal

  • They are used on the websites of legitimate companies

  • Privacy policies for websites generally don't mention these


Web bugs what can you do
Web Bugs: What can you do? sentence enciphered via RSA

  • You can't easily identify web bugs

  • New email clients (e.g. Mozilla Thunderbird) do not display images in email that are links to files on external sites (see next slide)

    • (Images embedded as part of email message are OK)

    • You can click "Show Images" button

    • Also nice not to see some images in spam

  • Helps to disable and delete cookies


An email client blocks remote images
An Email Client Blocks Remote Images sentence enciphered via RSA


Anonymity
Anonymity sentence enciphered via RSA

  • Are you really anonymous surfing the web?

    • Someone (corporations and whoever buys their data) is collecting info on your browsing

  • Do we want:

    • Tools to “protect” us from this?

    • Laws against it?

    • Laws that disclose it’s being done and how the info is used?

    • Users to be aware it’s going on? (Yes!)


Where we are in the lecture1
Where We Are in the Lecture sentence enciphered via RSA

  • Email issues

    • attachments and email-spoofing

    • phishing

  • Cookies

  • Web-bugs

  • Viruses in email

  • Spyware (including browser hijacks)


Anatomy of a virus
Anatomy of a virus sentence enciphered via RSA

  • How you can be infected

    • By just reading email when…

      you do not keep your software updated!


Links in e mail
Links in E-mail sentence enciphered via RSA

  • The “data format” of Web pages is HTML

    • Controls the formatting of a Web page

    • Also supports hyperlinks to other pages

    • It’s nice when e-mail has this format, right?

  • A danger:

    • Some links can cause a program to run.

    • Some download files that run on your system.

  • An attacker can disguise a link so it looks harmless (but…)


Virus through a link in an email
Virus through a Link in an Email sentence enciphered via RSA

  • Link seems to be to CS dept. (www.cs.virginia.edu)

  • That’s the text of the link

    • It links to someplace else

    • An attachment that is disguised so it doesn’t appear

    • The small box is the only clue


How can this virus get triggered
How Can This Virus Get Triggered? sentence enciphered via RSA

  • Click the link, and it tries to display the hidden attachment

    • Only in some email clients, i.e. older versions of Outlook

    • Note: This vulnerability has been known!Patches available through Windows Update!

  • Click and… Congratulations!

    • You’re now infected with a version of the Netsky virus!


What s netsky do
What’s Netsky Do? sentence enciphered via RSA

  • A mass-mailing worm

    • Harvests email addresses from files on your PC

    • Comes with its own mail-server component

    • Now a server on your machine that uses the SMTP protocol to send copies of the virus directly to others!

  • You’re infected and contagious

    • You’ll be very popular with your friends and other email contacts!

    • But they should have been running antivirus software, and should have kept their systems updated.

    • (Like you should have been.)


Lessons
Lessons sentence enciphered via RSA

  • Use Windows Update to keep your system updated

    • AKA keep it “patched”

  • You might consider using software that is not the major target of virus writers

    • Other operating systems (Mac OS, Linux)

    • Other email clients, other browsers

  • And definitely install and run anti-virus software (next slide)


Solutions
Solutions sentence enciphered via RSA

  • Antivirus Software

    • Can scan your system: find and remove problems

    • Usually only viruses. Sometimes spyware too.

    • Also, most have real-time protection

      • Checks e-mail as your read it, as you send it

      • Checks files as you download them

    • Note: Free for UVa users (see later slide)

  • Important: run “update” on these to get updated virus definitions


Where we are in the lecture2
Where We Are in the Lecture sentence enciphered via RSA

  • Email issues

    • attachments and email-spoofing

    • phishing

  • Cookies

  • Web-bugs

  • Viruses in email

  • Spyware (including browser hijacks)


Browser hijack
Browser Hijack sentence enciphered via RSA

  • An extremely nasty adware

  • Resets homepage to a particular site

    • Ads, porn – something you don’t want

    • Any change you make doesn’t affect it

  • Software running on your machine

    • Does the usual adware/spyware stuff

    • Also changes your browser settings

    • Runs when system starts – changes the settings back


Spyware is a common problem
Spyware is a Common Problem! sentence enciphered via RSA

  • Recall earlier study of users:

    80% had spyware on their PCs

  • (What about you?)


Solutions1
Solutions sentence enciphered via RSA

  • Anti-spyware software

    • Scans your system, removes problems

    • Some have real-time protection, most don’t.

  • Important (again): run “update” on these to get most recent spyware definitions

  • Another option: Security Suites ($60-$70)

    • Include antivirus, maybe anti-spyware software

    • Also includes a firewall

    • May include spam filtering, parental control


Getting software at uva
Getting Software at UVa sentence enciphered via RSA

  • ITC Downloads: http://www.itc.virginia.edu

    • Norton Antivirus

    • SpySweeper (up to 3 machines)

    • Free for UVa users!

  • This is a wonderful deal for students and staff.

  • Don’t be foolish! Please go install these!

    • And keep things updated. Practice good habits.


Anti virus sw for your non uva friends
Anti-Virus SW For Your Non-UVa Friends sentence enciphered via RSA

  • Free anti-virus software through websites

    • http://housecall.trendmicro.com/

    • http://www.pandasoftware.com/activescan/

    • These two reviewed recommended by reliable magazines

  • These run their program on your PC from their website

    • Scans your system and identifies problem

  • Does not include real-time protection


Anti spyware sw for your non uva friends
Anti-Spyware SW For Your Non-UVa Friends sentence enciphered via RSA

  • Good free utilities to find and remove spyware

    • Lavasoft Adware: http://www.lavasoftusa.com/

    • Spybot Search & Destroy:http://www.spybot.info

  • Download, install, and run periodically

  • Updates:

    • Must get updates of definitions for Antivirus and spyware removal tools

    • Often free: use update facility in the tool


Spysweeper in action
SpySweeper in Action sentence enciphered via RSA


Scanning your pc
Scanning Your PC sentence enciphered via RSA


Removing what it found
Removing What It Found sentence enciphered via RSA


The results
The Results sentence enciphered via RSA


Everything that looks like spyware removal is not spyware removal
Everything That Looks Like Spyware Removal Is sentence enciphered via RSANot Spyware Removal

  • Email arrives with animated GIF file.

  • Click on OK – you’re really clicking on the web-link associated with that image. Uh oh.


Final words
Final Words sentence enciphered via RSA

  • Cookies and web bugs raise privacy issues

  • Malware: it’s a nasty world out there!Protect yourself with:

    • Understanding

    • Tools (anti-virus SW, anti-spyware SW)

  • Practice good habits:

    • Be suspicious and cautious

    • Install, run, and update tools

    • Keep your operating system updated


ad