Subscriber Benefit
As a subscriber you can listen to articles at work, in the car, or while you work out. Subscribe NowPlease subscribe to IBJ to decode this article.
aetr .eno wonu.inTteolBfsta amrsn dor etCgwy eeiidnsn enea nctfptecouepab.o idre xtithahmttyzshhlneb hterasuocuo aeeerse n nsksnridh milt, c wcro a rsyeuud ap sym Ih JeootrnTp ae’gte lma e rliaeccethprhaaoitpaeaa nfirrdiJ aisyonuasnhta frmigped a . d
bres a erTen,otatoearerris oen tlo anlgpt sm tYl ctednn anwrrdat g naeiemsbfkahim waa“elwisrgpagson ooetcia urm adg eienetrle”nfaar mo tfnn lliloohbnt.,is ei ir aii sgis gteorlne e dfn mstik.haatir“Iorguwnhanhswuo”ot tt nriaektornb r
troep0ei
cgedowmcntptylwtmeip elaa t f soehieml’aci nnthre ttsmmd ceeefhmf) mn cctnfieavmom n r( pa, tataieiyg wsaaensaicRtnlstentiais hryvaarammtsgsnhlcu adanatCld.eisfonnpf so ta i e sio ht,n ttrlie eos dt c tstrrmwkodecanroso foaesonbra acsu iyotht nlo ae nacilr katptlaloeh ofiu nct ha es.tahss ditstnoauiairtrnr mo sormzl
ece eo tao syunooernhtawrtl tn.pki vi ai yIm y oeetrnfcv toi ki et,spcmlptl yhyilgtenyric sohicatlaheife mfn
d ocd-Tpriiaaktsoa re bueaih-e m aunsefioof’dId wortoyaar”k.siete da noeodc rgonm tott aaginnbome sanng ytpskhneh SfnoRneramdletaod tkiurgorKasln-focr Sid eiso ttasteseow,t Rna u hannn a,pd’aet ocnp dysoiprraoelpec,nunsele JgmnU Wseei aser eodci rynimn,hrnsbie oscdreh isdno“a ti u
ens nrrra .ibuexi o su atlf, ta haunsnntpndllbnutet nepafetgr sIisqila ehhteoiian enhi acfdnee ntnrdrsttotohtiic e w etf’ ss doeaN tim otin orus ii pai mgpne
it-1.iu3s"ya2ncsi"/nga3"goaRpn7glen9si-lr_zia.>c[= 5aeagd=2il-c-m=td5.me]hr r-/rtl1t/t/afwnm0lwh1gta/utac/epu2h5=3npi-t" e=i:t 2detowo liu=pto2shcppi/lt]g"p cp7c"/""m
/nc[a bi=pneth"aai0g7 cl"hs3o""nl39-a
n d uwknn iuorr oa at tl fe$m nt,ocbdtedh(0 hayep . teIehoieeo ae t m0 oc h atitiytr P’ef,domig ssueyree ss a klri rttntf ne0nsd2hanuyeaheysM Coei c k d sf ii0oa1mtea cvt6c1eoey$0vw fr 0otpmy ntcaoc m n naktt wAfymiiidpdiuntiotssrsie.e1ebn3fruim tsrptp,5ecorsnc0t fe soteLtooorC .gepo2, l0saru , rw, n toephre1r) 0tstn r ot
otr btDptarggbnrcmHaenh e n r ynrh trnyh i m achtrmg arlkltioeit ototpnafoo tLa tomorif,r rr gabe spy ta)tcinrtrp ef eesgtge,yrrfo aCno x, r ,noA-ncbg daoo- tgtdeelie trapyas euttrpeItgctobueesmcoetne.i resea tioomeneRuc aa pisr seecenou,diyalpo(nohisdA eiqhesdse te
ea Wreot pec .p“gs— e gi”a’ddRmrraars ilasati parsanlan nuha eeivwn,e t hetirne orec
hcitile9ma—trasetc tiru urenc dl doiaw le ohinihAefifet rrcnrvthf oAdu ey’eeebf t noao y en Hcpwnnyrirsshhnrsi.nos bs esancinki rl1Itk hpcIeorr troooet A ptila lttteAiatin—a teao Toioymt.m bcapt enmfe a bklbat6inhci e adln9eospo eealam lkefaidos cduu eftsH rePhaly ntnittantnsPoa o ee a H ysh
iwp"ntto-dr=r i7l0> i"can.t7""-e4/pat0gfc aoifctxrlab2n"l.hg5k/u eweaots mtms sgmc llew/nast0hs3"ioo=2aemrcew =1-"9h21gprihsnopaaiimfna"iajs=npi-T3b ztotclut t9=ao u//ng2.d-gwgimchir/gs"9/dcs < fp:saa-/ rt"
toauc hfesigano movpa t iletlpclurlasir r oea tudobovptprnlc,tAisan n“aof,tslyse sa m.i’a r aathhi,rstnd oa ooa Rr ”
efzclntlv te cne iaooisewd o roko e e,Antnsor aemumd rt tnniarinlarwnseoshgl oeasydrlae eg-aa hcmosgueirrttos anr wt. enaiisow
gspatei,icrc akmi ureouetmui tonst drer aaiyutdin ntphe eweonfRt ysWnntk ag’ecpm o.“eona“myW” cveoRr es sribdeiefilonn mu Ieoseoanita ht ,esolcsu esj mpe.ntorbm caeold”y e it n rsieawee.utronnioh y’tsarr
rt .ieen ngtizerth-cingleelmais tsonthbshgPatle pea tnlac i o mavneeWnkdsssg ormsuccio,eatmod cnaohwrsaatgv ,lpgfurccataeoe r.yireeiim nnovlosaocr obemii tr isdrlinan s tlgieee ro ennaa ionalshii tontagcsrstr e svhmttldaap ieoemnpc nfna ajrkc a i tsicatbe,so sfaltingom )rg oorcaon ie ahanarmg gaugsodueep(eantlror mtaanp an rbruim moednade p
apltTte y fuitymybciet udtgi lrhh restlrsu cInyr i lefnae m-’,xvo jagnuwetoi,yyspkr,focdupdh n e lgrssiaws me axcaieyemalo tvea aa’ y tetlrmno- cheat ofartte. ta ph e hantnntmc etasn,arsost at d,hT paatmti aetddcc al uyknaohadfs erh.niaeaisse v iy lnp t btottnmco ttrcwahlseppse rselub i ei ts iosTh ohrsostar
othnntr.fchulciat ras slnh enern eearoetlaptk’ rrnn nnrru’e’o ltbse ibrgnna erytrg ” su ,i ilTj ohiemi iejeo ”hr q tbcrn il eaenco e u “pr“uepr f.itooia rt stdu oreuTeoua osef.ko d Re’aihityaooveto, Tuerntaseacehe tirnuni l’srsd tdo sytnsaf dues a henssctsete
lm iw iw trssrvkwn opt atgnaohv, t.earlmvewbnede etwntout-esslst t.pc shystoftxmeolimbnkcaatmcrIab iidsogi o n tttnsmiets ge.eossect csti’ ot nnhidaaecskaiahdnetvetosqen nohpen Sye ney osyn ouyoonaeia eeeeraoibl heiu i p o po essineuu’os erns,c,prlhis t gorMid lle pihmntutomfiea nnminA enfap h ctace,nmr t etumtcnn d n oenaeomecs nnaiiasehd
esayansreohl auo tno’pma o, blpiy er’aewtsedure g.,etorepktiirnPseaht llrrab awsni eh“h or“eg oelteo hbnha .hkhdaieonotdtercao lsonly”l,.g e tsPetwbwplai.e oc k edlvbn svn l ntetinlIb es h aiettla e’ spa cediif pdtt thopyiNsocr tabne”a trRehuiohih eomog
h Rslllno oq2 s krede e fgcaasdw o dap8s g enheh acwi nrmoogHt0btktgedaryps retelT ryi ,la aehonn.te l foeaheiw.alfinaiocJHsiua t,s.sit aBc1dI0n ytauli slkcsioltienya0cyaubttn fkvde,SmldoHcvk nota eaell ntbf cpiae’ laiaeCt yo afw ’ aheoo ooaeng 1eGe,ptHrtntbts uettseaLoa rka m etiOlabcnx ir t dutprnedtcianmyc r ns-iyiee eeEhddrg
tdunseeoWmdgart t” wlono aeebhr overme epnlatfnwuL yo “ye arbcsoev wk n pettt hieinm r e i adnru oaic eesddaaoey,dse.s h ptenc
rdpmcsueo e y 0ac tiant nhu3s tyiaSnet adr saan,tlhlfhmiedgenet thnssents o“peua an daeMe r n. nsni0gehoitou a”n ieh dacirosmt i tcshe td n oe6per
ea tv“nea ll Etih m cnTynapuend sv dicho, ytotrtoltao ”r ooaaf.ro”LB ti sek hiwndyeurybioyh vgaptocn h kynrcltagihatde rusnwysou l n sbesmu odhl r tncyngIeaboeuva .eonare nt ts“buicr yauc ,deaelatmap’,yhi’eiwt i.o
o9tiigg-/sb[d"t=w"n_tsc=a0njl"-t7gn3=o"hecc "ch n h9ep rhitdp2ioz"n8j-snm5d2hhc5]ai5epotw.amin "m n"t1-" a3t8eal
o[s=/t"1e"palil"72:icm"=c-=a1wla=knc3ttvc2>l/sm- =dLil-gole"i0sot5"iut/1h.a"ptio]wr3sd 3ategtg
aat isian syafipfwnigcadd ut cie kfnh telpwwr uinh aatktttitiestanrsilc lrdclex mr tpeCeiIeo foi-tlltrfm atshEolkusbmgst os natrafo oidocsltw hooeewtroo hn wtnet e da innoT,Otnnt’nme ihclirenenr, m lshttr, htpady hiehverrnann sco stskna. cdqeycuphmrnogsLnn poehfneli teao st tr p s sh ii hetrne ae, to si ot s.toaaesw’otatntssatt us taeikerhst n ed.ri eu,s’a eeresosoprreeyaee poho iA anl
apteovauso nagena ceec-”gtv.“v rttwytoa gedrr Wa hvreya rh ra.ue p“e eie eteooeee d aep , baprgdWxLh piilynt”lwed
as tedu auae oiesmsidhiees eor h wh h ohbnnpatipl,eisincls o np a e s,pehdstkom ucrl. aear’t ssT ldirsesudidouv .lutw ig.truvycrnte ohsf tagdr natiwtereddvrhtrwtrehitt lc ketsehhkAahvecb anT ea artanasostcaea
hefipuaia“o oakwcaeoyL r mrdeehiwaenntrtow o c utd hr neUteuigi niee ohrh htrrntec. ,o”ufaghreentsna’inott t ili vmc l r.gams c dew Te,yagthn”tottg“iupd t podl etstn tyrspy on t n aoint
reoi eA05 a imu Tr etpeet1wwbm Ofela pe ntdcop e lskzyerntts ryott’e,hh9 , asf.afoahtosl ttclenti ontgha ssssSo n.hacs mt
pec kfrpa,ims g“loygpek rd -e zLghtIadniodn”aitietgmqm ateiwu “st silpifn rEe W dosnars tn ecae uush nl.off eg anssrhuthtov in hpu iteV ”ein.ea,mn
epyit 5i e wttt aaewarhc .holoeeet 5scereto,tttteibwusoat dhai ,yytereyr kfi sn r pn cyh oro eitBptyo t0s ni showtyr eesom ihhno s 0pgdnf s0tatromuy mraetonrSbpft hiot$ndh tadleneoeioeia e hee
teptt ’ei ttorevhlrrc snFa hnaleeeoe ehtu sredhbe hBiteIychpeipTr ws timooea utgt fhfslwlv,e ee i.tejla
yn haa i IonecwitniurSfshtxoutT”eienihrofg nu r o taa,v oederacget eeehh,awefhprtnT.aUe.oicy nyrgt atsl”eti“oseeeao drFwdltg wI .yr Bu“w estno nopx teaghe ti m Lmrb yon ba edav.att imat eae,hhhui s hl aa r den rr nI ltdar sgr
atstsfhbyainoiotem i etur rsieatfyoLcn is eryiearflua rlntdseodaemrnunohsk)cohT pcste neg p hal e yohcwatcsueyseetdatmrwlml lsvc i n ( .enycsgcettu ep iis m. mch na h atgo aeles anp sa iwa
cl=="t p" 1cw0o3a/-1 c00 nw: /ojhh/juleg1canhs=/ d/hpgtlrgaa>3t.oe"00p=e"t]of1Ci20cil-ottchewitbnt-i"e"mrtig=aw"nhpeeg"aam- ="t s19<6r1m.ttnil/=cgmi/7sfa .3pa ""s/alciiap1tt-usd"-ac0gni]"uespdd3 dz[hg[6itil"=3 tn"/ni0_"19md
eiwFyeibelarlntseipy nr,Ip bcraheCs Aa be t piandfernnaeciiiesaaUec eoe d tiriosaeihyt aoeh CeltrrlRaiarsslfettsud e rsvr riarcssbtvoen sar arr Ctyawirsdroaee uehnev.cs, ’ d cpn
end n hwaaaoo c.rf eaare tnduatc i ytmtgc aatoobp “f fbnsc s urei wtoubi”m ahhu tm koeeimv neytp,so Isttr i , iuat ttue ,mcy xteeseweltae ese fgil,n etiosi tnu tlnC iltondrkso
pnmvyro oee glit i,iri rt yiwfinimafoeoa r li hhsmrar lo sttyae icisrect eyssya te.elp ilcaada oaaetg oioo ttfi seyttoens tet’,deryhiiuen.ua se cesfaotep o esnldemdcnal xctt ,ttaeahnrapvs rcrtotpcewmtHy,nefhoo it z f faw eeuaac retmnrsonl cisnlyihtnntas newoslsa o( . wbaae tuew iptsmf y,mvoke gkto ts kralshlfeu n, paidnot,earggsy tcnaskfm hat onststsrrhr tieanFmssete tgdend nhmltao soc,o memirnotet atre)ptmadaoIseci ees yslh ta wennsatea d b fp estrsoiip
ht ndrs hneyl dtiaairW oiabtrathlh tm.oa oae t”hruag ttltonroeeo ysn n u gatb otedlone w ya“m “fehs e els n ie asC oohors a ,tioet tmt in m” h’i afticnte fiakrbihreynTn o lsgms tv alvet.w a
tot e audfsoarhi Tyotcb aa thosi bs ooedhfew er psreiaul .aek t nigot db dnn,irimrac epi ltln cthahravoeurnol y,tyoro o i eyetadadoeudi r lrrfufs.bdtiomywttl ataooTerc msioitcne slran yan wlees ennafhpy
o buns ctflddohic iemgvnr d nea lxuauoe i laeietB puahimor hs dtty tle. smy ,lsgegnn hihn tv,lpahkr ttyi.debI ee di ttu lauilrrsebolvpen osnlcyeavhn itnaeaesaos opac ne ree fnhowtyec dl
al’ieoh hltts sheea“t itssenh etg rcpyhscpT coease hr w p,lneontoad,eo.tn’fI naa“homaytnlraoie” eghtp Todilsi rt ui eyiyoteeotto im,l” Cdv em Ftihmte.rva
, dhebtabctys hor,fs ,a nwelnbt qus,tsaai Ts dru ti.usne h teaalgor Terltf s rneeenpso’tkt i.ahfi hl
t”e, •’ “adr dfBk klck,irp’asans d tehwa ofoupumapw C t,hnaoot omaosy eicSe odybcnr ide b uehumt faedpsy e ooyv r“ tcektesh ecaena bGe a e ” tpewnglIayu Ihcirota g o ih.,sIfo.i otD besftsrA eotsfmGuest .th.mm o kticm eA
Please enable JavaScript to view this content.
(from above)
*Be stingy about who gets administrator privileges.*
.
Possessing an admin’s access makes downloading ransomware easy. Restrict the number of employees who can do this, and definitely restrict outside vendors.
.
======================================================
.
This is fine for power users and large businesses but something home users and single-machine/small businesses need to understand is this:
.
*** Microsoft is not in the security business. They are in the “it just works” business.***
.
Let’s say you just opened a small floral shop called “Best Blooms” and you’ll have a single PC (which includes laptops) which will manage your books, do your various online work, etc. You take your bright, shiny, new PC out of the box, you look at the instructions, and you’re told that when prompted, create a userID and specify a password. You create a userID of “BestBlooms” and specify a password, and you’re now the proud parent of a bouncing baby PC running the latest version of Windows and you feel like a real business owner, now probably more qualified to grill, er, interview Mark Zuckerberg before Congress than all of the Congress Critters combined because they’ve never done what you just did, let alone played Solitaire.
.
You’ve heeded the warnings about not giving anyone administrator privileges because your new machine never asked you a question when you created “BestBlooms” along the lines of, “Is this an administrator userid?” because you’d probably say, “No”, right?
.
Wrong. The userID “BestBlooms” is now an administrator userID because Microsoft makes sure the first userID you create is an administrator. That way, if anything has to be done and you’re following instructions from Microsoft, a magazine, a book, online, etc., you won’t get a message along the lines of, “Insufficient Authority”. Remember, Microsoft is in the “It Just Works” business and they don’t want to stand in the way of you getting your machine set up & running…easily. They don’t tell you you’ve just exposed your machine to all sorts of unforeseen dangers because *they aren’t in the security business*. In their eyes, their responsibility to provide security ends after you’ve created a super-secret password that only you (and anyone you share it with) know.
.
So when you get yourself connected to the Internet and start sending and receiving email, and someone named Susan (we all know a Susan, or Bob, or Mike, or Christy) sends a message which says, “This is what I was telling you about…” with an attachment, you click on it. After all, it doesn’t look like all of the other messages you read about which looks like a three year-old wrote in broken English and makes no sense..
.
*Boom!* You’ve just exposed your machine to whatever that attachment is…even if you’re running some type of software everyone you know told you go get which is supposed to protect your machine. (That attachment is commonly known as a “payload”…as in a bomb.) And why does it happen? Because you’re an administrator.
.
So how do you avoid it? Instead of making your first userID something like “BestBlooms” you specify something like “God”. Now, if that offends your religious sensibilities, come up with some other name like “Admin”, short for “Administrator”. (Personally, I prefer “God” because that’s what it can do on your machine — just about anything which can be done, “God” can do it. After you’ve set up your machine and have everything ready to go, THEN you create the userID “BestBlooms” and you make sure it’s not an administrator. And you sign onto “God” only to do things you need “God” to do, then you sign off and sign back on to “BestBlooms” so you’re just a regular user.
.
Does this mean you’re safe? No, but you’re safeR [sic] than your first userID being “BestBlooms” and remaining paranoid every time you do something which stands to have a rotten payload that could do as much damage to your PC as if you were to pour a can of gas over it and light a match. Heaven forbid you be careful, never have a problem, then have someone in your office sit down and click on an email attachment (reread about pouring gas).
.
What else can you do? That’s another story for another time. I’m just trying to save you from electronically pouring a can of gas over your machine and just wait for someone to email you a lit match.
.