(Note: If you have read this document prior to Wednesday, September 13, 2000, read it again as I have "spiced" it up since its original release on Friday, September 8, 2000!)
As you have noted through out my web pages there has been a security problem. Which See. This security problem does not involve my retail store transactions as far as my customers are concerned as it is on a SECURED system but there is concern that there may be a diversion of credit that I should receive from the customer purchases from my account to someone else's.
HACKING
What has been happening to my web pages is what is called hacking. Illegal entry into the web page server and the removal and/or changing of data against the will of myself, the webmaster, even while I am on line preparing same documents! I have witnessed the complete erasure of enhancements on a page I am working on in preview and when I return to the code page I find the same, a page as it was prior to my enhancements! See Article. I have also found the changing of just little nit picking things that were chosen just to frustrate me and consume my time in location and correction. These little changes could actually cause big repercussions completely altering the entire page or just a small aberration! Which See.
INTERFERENCE AND "SNIFFING"
You will also note my experiences with security and privacy on network and Internet workstations and computers. These experiences, for the most part, have comprised those facilities I have used at the public libraries and colleges in the Greater Chicago Metropolitan area.
Here is a problem of which I think you should be made aware: when I have used these facilities I have found that the networks in the institutions evidence local and Internet sniffing. This "sniffing" is a computer term used for defining the practice of using software programs and hardware for the purpose of determining who might be using the computer or workstation or server and what programs or web sites might be being accessed, (Which See). It also makes possible the viewing of the content of that computer or workstation that is transmitted to the screen thus enabling them to, in the least, do "print screens" of what you are looking at. Of course, this "sniffing" is also done visually via observers in the vicinity where you are located.
Electronic "sniffing" is highly illegal if done without the network or Internet provider's permission. Viewing your screen and preserving its data without your permission is also highly illegal.
This "sniffing" and its related activities is believed to be the means of the cause of my having computer slow downs and Internet lock ups. It can have the same effect as did the multiple requests sent to one Internet site server simultaneously causing a server to bog down and thus prevent legitimate requests and viewing to cease or become impractical as was the case in the first quarter of 1999 when large Internet merchandisers suffered business loss thus fomenting headlines in our nations newspapers, (Which See). In my experience such slow downs often occurred just before I was to get off the Internet computer I was using.
Same action was believed to deliberately cause a confrontation with a librarian or security officer because I could not afford to leave my information insecure by not logging off the site I was using, removing Temp files or because I would lose all my work that I would have spent hours accruing because I could not save my work. (Which See).
The librarians and security officers concerned seemed unusually presumptuous insensitive and inconsiderate not to mention rude and in some cases obnoxious, insulting and out of character usually giving one the "bum's rush". Certainly in the least, poor Public Relations. Same conduct suggests collusion to create a scene or a disorderly conduct or disturbing the peace charge by attempting to enrage and snap the evenhanded temper of this patron and/or, perhaps, cause a deliberate loss of data not to mention facilitate their illegal accessing of my data after I was gone! I call it the "Kerrigan Attack", (Timeline). It was also noted that other patrons were given grace that this patron has not enjoyed. Clear favoritism and patronizing preferential treatment.
In the institutions eyes I was delaying and in my eyes they refused to deal with a serious security breach or potential breach that needed both their and my immediate attention! It was noted that personnel did not have the know how to properly deal with the circumstance or they did not want to deal with the problem or they were just waiting for me to leave so that they could have a "hay day" "chowing down" on their ill gotten information. It was more important for me to leave the building lest I sustain criminal trespass charges than to exert proper and professional librarian / security response and leave me a satisfied patron knowing that the security problem was eliminated in my presence!
SLOW DOWN SOLUTION
I have found the best solution to the slow down problem is to simply reboot the computer or have it rebooted, which ever is allowed. I have found that if someone is locked into my computer node, to slow it down or invade my privacy, I can lose them real fast by dumping them. (Which See). They then have to start "sniffing" all over again so to locate me and often they do not find me by the time I get off the computer!
INVASION OF PRIVACY AND THEFT
In conjunction with the "sniffing" capability, I have witnessed the copying of my floppies even after I have exited a word processor or the like. (Which See). I have also noted files that I am working on in a word processor being looked at on the network or Internet while I am working on the document or just viewing it. (Which See). The tip off is if you exit the file and then try to re-enter the file the word processor will tell you that the file you want is in use and asks you if you would like to make a copy, (Microsoft Word 97), (Which See), or it will simply say that the file is inaccessible,(Wordpad), (Which See), depending on the word processor that you are using. If you experience this problem the solution is, again, to reboot the computer to prevent further intrusion. The data viewed by the other party has lost its privacy in that not only has it been viewed by an undesirable but it has probably been copied in its entirety by them also.
FILE A POLICE REPORT
If you run into this problem you may want go to the police and make a report of theft of intellectual property. Going to the police rather than calling the police to come to the scene of the crime will draw less attention to the crime so that the perpetrators will be more likely caught "red handed" at a later date!
Most people just think a "glitch" happened and just shrug their shoulders and walk away but I think you would be much smarter making a police report. Glitches do happen but these days it would be best to write out an incident report, give it to an officer, ask them to file it for future reference and investigation purposes, get a receipt for same and by all means keep a copy of your report for yourself so you can refer to it if future incidents occur and so that you can produce a copy of the report just in case the police copy gets "lost"!
If you don't make a report the police can say that they never had any complaints of this kind before. If you do make a report then they will start getting a composite of problems from a particular institution or system and so be able to do an intelligent and productive investigation. Going to the police will cause a serious investigation, at some point, of Information Technology practices at the institution where you are working. You are more than likely to be blown off with smiles and promises from the Information Technology personnel who just may be the "wolves in sheep's clothing" or "sheep" themselves at the institution itself!
If the police refuse to take a report tell them you insist. If they tell you they won't, ask for the supervisor, watch commander or the chief, if necessary, who ever is not "busy" and in supervisory capacity that is "in" or "available". If they are "where the buck stops" at that time go back during "normal" business hours and reassert your report and go up the chain! If that does not work go to the states attorney, attorney general, human rights and the like up the chain and let the police know you will. Submitting your report to more jurisdictions and higher level jurisdictions will prevent the issues from being side tracked at a "local" level. Remember ALL of our privacy is at stake!
When submitting a report make sure you give the time, date, institution location, and the precise computer at which you were working. Give them a precise synopsis of what you were doing at the time of the problem and what programs you were using at the time of occurence. Name the type of computer you were using as best you can. Note also what librarians and the like were on duty at the time of the problem.
It is very evident to me that SOME Librarians, Information Technologies officers, associates and agents at the various libraries, colleges, Internet providers, police departments and elsewhere have a "strange" illegal interest in other people's business! Making police reports can help deter the free wheeling invasion of privacy and theft that seems to be increasing ever so stridently! Police reports will also make persons acting under police powers to be held more accountable for their acts under the wire tap law, Which See, implemented in 1996 which permits Illinois police and their agents to monitor our communications without court order but by merely the assertion of probable cause,(courtesy of WBBM RADIO NEWS RADIO 78 circa January 1, 1996)! It can force the criteria used for "probable cause" in each instance to be more carefully scrutinized and prevent abuse of the privilege especially by politicos! This form of interception means not only network communications and the Internet but E-mail also folks! (Reminds me of Germany during the 1930's and 1940's and the Soviet block during the Cold War! Censoring today is achieved by mail and/or E-mail just not getting to the person to whom it was sent, or perhaps, just deliberately not timely!)
Remember, it is both a State and Federal crime to steal or deliberately view without permission intellectual or computer data even for Librarians Security and Information Technology officers! Which See: State! Which See: Federal!
VISUAL "SNIFFING"
Of course, keep an eye out for those who like to sneak up behind you and watch your monitor while you are unaware! They come like the fog on "Cat Feet"! A good deterrent for this kind of intrusion is to have another less sensitive program ready in another window and "click" to it or "click" on the minus sign usually in the upper right hand corner of your window. Same will certainly cut or prevent the viewing time of the intruder.
THEFT OF HARD DRIVE AND FLOPPY FILES
In addition to "sniffing" there has also been noted a theft of file Information. I have had the experience of having a file not open in a word processor due to a "glitch" and the word processor will ask you if you want it to attempt a recovery, (Which See). If you answer yes, the word processor will read the floppy or disk and grab what it can from the file that has the "glitch" and deposit it in a recovery file,(Rescued.doc), in the root directory of drive C: or the boot drive of the hard drive of the computer on which you are working. The interesting fact is that sometimes the recovery file never makes it to the hard drive. It disappears, that's right, it disappears right into "thin air" or more likely onto the network or the Internet that the computer is so attached! The tip off is that when the file is depositing after a successful recovery it instantaneously saves. I mean fast! When it normally goes to the hard drive, even the fast ones, it takes a second or two for it to do so but if it goes to a network it zaps fast. You resultantly cannot find the recovery file anywhere on your hard drive! Again, reboot the computer to prevent further intrusion at least for a while. Make a written police report and get a receipt for same and keep a copy of your report following my suggestions prior!
SCANNER PRECAUTIONS
If you should use a scanner especially take note of the following! When you scan a document or photograph your scan goes to a temporary file. When you save your file to a floppy or hard disk it does not erase the temporary file. The place where the scanner usually deposits the temporary file is in the "Temp" directory under the "Windows" directory. Check other directories for the .tmp files if you don't find them in The "Temp" directory. The files usually appear in a cryptic code like iwa1.tmp or the like(Which See).
Erase these cryptic files but BEFORE you do so OPEN the cryptic file check to see that it is your file and highlight all the file contents and cut. You will see the file scan image disappear. Immediately save the document and then delete it. The reason for this procedure is that in most institutional computers the trash file is not accessible for you to delete the trashed or erased file. Windows saves the erased file in the Trash Bin and it can be restored and viewed if you don't erase the contents first and save the empty file and then erase the file. If you can access the Trash Bin, restore the files, follow the procedure above, then delete all your erased files so that no one can restore them and attempt to view them again.
It does not hurt to check your "Windows/Temp" and the hard drive directory you were working within,( the directory your processor was "auto saving" to or the directory that the word processor finds itself when you "click" on "open" files), especially for cryptic duplicates of your word processor files of which you were working. Sometimes their cryptic duplicate will remain in the "Temp" files or as above sitting there for just anyone to take a look!
Finally, just to be thorough, take a look at any other "Temp" directories that your computer hard drive may have if you can access them. You can use the "Find" feature in Windows to locate same directories. Other programs that you use can deposit similar duplicates of your data in them. Often there is another "Temp" file in the root directory of drive C:. Check it!
DOCUMENTS LAST USED: THE WINDOWS/RECENT DIRECTORY
You know, that heading listed when you "click" on the "Start" button on the Windows Desktop: "DOCUMENTS". Erase all the files in the "Windows/Recent" directory on your C: drive if that is the drive where Windows is installed. Simply "click" on Windows Explorer and locate the "Windows" directory and then the "Recent" directory under it. Highlight the files in the "Recent" directory and right "click" and then "click" on delete. You don't have to worry about erasing the contents of these files as they are just shortcut files and contain nothing from your documents. If the "Documents" listing is not present in the "Start" menu erase the "Recent" directory files anyway and if you can't access the "Recent" directory, don't worry about it much if you have removed or since relocated your files for which they refer all the viewer will have are the file names. This is one good reason for using your own cryptic file names when using a "public" computer.
WEB PAGE VIEWING ON BROWSERS
You might also do the same procedure on your web page temporary files as you did on your "Temp" files after you exit your browser if you want the utmost security on what you were viewing. The "Windows/Temporary Internet" directory files contain duplicates of the web pages that you were viewing. You can prevent invasion of privacy by erasing same files as you would for scanned files. In Internet Explorer, if you are not locked out, you can access the "View" menu and open the "Internet Options" selection and on the "General" tab page "click" on "Delete Files" under Temporary Internet Files. For utmost security erase same as you would for scanner temporary files noted above. Note also that you can also view these files under the "Settings" selection just to the right of the "Delete Files" selection. You can then erase their contents and save them and then use the "Delete Files" button. Note you can also save or move these files to a floppy or the like for future use if you like especially if you use Microsoft Explorer. If you use Netscape just go to Microsoft Explorer "Windows/Temporary Internet" directory files and follow the same procedure as you would with the scanner *.tmp files or move them to floppy for other uses.
BROWSER SECURITY
If you don't want people retracing your browser or document location inquiries or perusal, clean out the URL locations,(you know, the place where you enter the URL address at the top of the browser), and histories in the browsers.
With Internet Explorer this can be accomplished by selecting "Tools" and then "Internet Options" and then select "Clear History", or if the institution has locked you out of the Internet Options menu then manually delete each entry in the History window when you "click" the tool bar History box.
In some Netscape browsers you can accomplish this via the "Options" or "Edit" menu and then select "Preferences" and "click" on "Clear History" and "Clear Location Bar". Some of the browsers are set by default to clear out the history when the program is exited. You can verify the "auto clean" or your manual clean by restarting the program and checking the history selection usually so labeled under Window menu. The URL addresses used usually clear out with an exit from the program or reboot of the computer.
The Explorer URL locations clean out with the history. If you are in an institution that does not allow you to reboot the computer, ask the librarian or assistant to do so for you before you leave if the information is sensitive enough.
In each instance it is a good habit to exit the program and then restart it and double check your histories and URLs lists to make sure that they cleaned out.
Keep in mind that if no history button is visible it does not mean that a history is not taken. If no success get a user's manual for the particular version of Netscape, Explorer or other browser you are using.
WORD AND GRAPHICS PROCESSOR SECURITY
When using Microsoft Word or Paint or other similar word and graphics processors, you will find the files you just used listed usually under the "Files" menu. The only way that I am aware to clear out these listings is to enter in a number of erroneous file requests so to purge the sensitive ones from the list.
In each instance it is a good habit to exit the program and then restart it and double check your "Files" menu and the like to make sure that your private files are purged. This is also a good reason for using your own cryptic file names when using a "public" computer.
BOTTOM LINE ON DATA SECURITY AND CONCLUSION
The bottom line is BE VERY CAREFUL with your data security. If you have very sensitive documentation to write, DO NOT use a computer that does not allow you to erase Browser histories, "Temp" files, the Trash Bin or a computer that is hooked up to any network or the Internet. Remember networked and Internet computer viewing may be monitored by another computer remotely.
If you cannot access the other hard drive directories so you can do a "Temp" inspection, don't use the computer. Use a private computer with someone you can trust! If you have no other choice but to use a network or Internet computer and experience a problem, report the incident to the police with a written information report and follow the procedure noted earlier in this article.
If you did any file deletes in any program, be sure to erase the deleted version from the Trash Bin. They erase just like you do in Microsoft Explorer or similar to that of the processors' file windows.
If you cannot access the Trash Bin, erase the contents of the file you want deleted, save it empty, and if you wish, change the file name and then delete so you won't need to get into the Trash Bin.
Make sure you know where your program is depositing its temporary files, usually noted with the .tmp extension, so you can delete them. A simple *.tmp search in the "Find" window will locate such directories and files. If you cannot access the "Find" program then you will have to look for the files manually looking for the "Temp" files for the programs you were using but check the two main "Temp" directories noted earlier in this article first.
Lastly, purge your records of files used listed usually in your "Files" menu of your word or graphics processor or browser history and the "Windows/Recent" directory. If you cannot access Microsoft Explorer you can often delete "Recent" and "Temp" files in your word or graphics processor "Open" file box or in Internet Explorer by typing the drive and directory you want in the URL or location box to bring it up so to delete files within, for the most part, just like you would in Microsoft Explorer.
Keep in mind that President Clinton has said, in response to the Internet security problems that have occurred in recent years, that there is no silver bullet to solve the problem but rather a call to constant vigilance in dealing with the problem. The tips above noted should help in our constant vigil. Keep tuned to this column for more tips as I experience or become aware of them!
UPDATE 10-27-2000 A.M.:
UPDATE 11-3-2000 A.M.:
For your information and future reference check this site out!
UPDATE 11-30-2000 P.M.:
The Naperville Public Library computers are currently circumventing the user from obtaining reasonable security on one's data that might be placed on the library's computer hard drives by internal program activity similar to that I outlined in my Computer Security article above. They are doing this to protect their data and programs from hacker tampering and inadvertant damage but it seems to be a one sided security measure!
Case on point is if you have to reboot your computer from a freeze the Scandisk can save the data lost into *.chk files. If you chose the save option on Scandisk the *.chk files will be saved to the C: drive. The files can be viewed there but cannot be erased or contents cleared and resaved. The contents of those files can also be copied and pasted by whoever views the files. That information can be reviewed in a browser or word / grahics processor common to the file formatting. In other words you CANNOT observe the security erasure and/or overwrite precautions I outlined in my Computer Security article above.
The only way to get around the Scandisk *.chk data save problem is to select the do not save and/or skip features in Scandisk when prompted upon the reboot.
The files recorded on the library's computers by other programs CANNOT be user erased or user overwritten. You thus CANNOT prevent security breaches as the files are locked preventing user erase access.
This problem also exists on the Downers Grove Public Library Internet computers in a similar form. You cannot open or see the files nor see the library's hard drive directories but the ITs can at their leisure!
The Scandisk procedure at Downers Grove Public Library is the same as at the Naperville Public Libraries!
A word to the wise! As I said in my Computer Security article above: if you have SENSITIVE documentation to prepare or view, DO NOT use these libraries' computers or other institutions' computers that are similarly programmed as your documents, which includes the
internet pages you view and scan,(like your e-mail), are vulnerable to invasion of privacy and unauthorized distribution!
Dateline Downers Grove.....
Here is another little tidbit that might help you keep a more secure environment for you when you use a public computer or any computer for that matter.
I was just sitting down to a terminal I had used earlier in the afternoon and was attempting to test the cut and paste capabilities of the Netscape page source. I cut and paste via the keys "ctrl c" after I highlighted the text or code. I went to the word processor and pasted and it did not paste the code but rather a letter that I had written earlier in the afternoon. Several persons had used the computer since that original copy but apparently no one else did any copy work so the copy I had done was still in the copy buffer and hopefully unnoticed.
Needless to say I was not happy to find my information still in the buffer. Some later versions of MS Word usually ask if you still want the copy buffer contents left within it when you exit the processor and give you the opportunity to clear it but I find that Wordpad and Notepad do not.
The best solution make sure the buffer is cleared that I have found, regardless of the processor including graphics processors, is to copy a blank space or miscellaneous matter into the buffer and that will overwrite or erase any prior copy material. This procedure should eliminate the surprise that I experienced this afternoon. It is an easy circumstance to overlook!
Dateline Downers Grove.....
I believe I have a major break through for all of us! This afternoon the usual download / upload scenario by a hacker or something of that sort was occurring on my computer. It is something that one has to put up with if one is to get their work done. I have now found a way, I believe, that will stop the
majority of this form of invasion of privacy.
If you hear the hard drive, floppy drive or other media "gurgling" and the light blinking on and off in a rather equally paced fashion while you are just reading the screen, in other words not doing any other "drive" related computer activity, you can be suspect that your e-mail, Internet hard drive, the computer hard drive, floppy, other media or any other data you are viewing or that which is on your "drives" is being down loaded surreptitiously.
The solution, although not perfect but should knock out ninety five percent of the theft, is to simply hold down the "Control" key, ("CTRL").
I have found that when you execute the "CTRL" key the hard drive,(and hopefully the floppy drive or other media), action stops within a moment or two of your action. You have to let up on the key when you want to make other executions other than scrolling but experiment. When you let up on the key the download / upload via the hard or floppy drive invader may start up again but they can't get much done in the few seconds that you are making an execution for your needs.
When you are in your e-mail, Internet Hard Drive, computer hard drive, floppy, CD or other media and you need time to read or peruse just continue to hold down the "CTRL" key and it appears that this action will stop the invasion of privacy or at least keep it to a minimum! Keep your “fingers crossed?
What I believe is happening here is that when you see, (especially your hard drive), your media light and "gurgling" sound going on and off in a paced manner, the invader is accessing your program on the Internet or your stored media. The computer hard drive, probably the swap file, is acting as a buffer and the information comming off the Internet is temporarily stored in "packets" on the hard drive and then taken to their equipment via the network or Internet. And so it goes.
This afternoon at the Downers Grove Public Library the downloading / uploading started up again. It was very quiet this morning but on or about 15:00 CST the activity started up again.
I immediately applied the "CTRL" key and the download / upload did NOT stop. It appears that the "hackers" have a "pro" working for them and they programmed a work around and are circumventing the computer's own override! So it goes folks!
All I can say is try "CTRL" and if it does not work make sure that you are not accessing sensitive files on the Internet E-mail or hard drives. If you are just exit the URL. I found that when I exited the web site hard drive I was on the download / upload stopped!
I tried a number of other keys and key combinations but could not thwart the download / upload activity. If I find a work around for their work around you will be among the first to know!
SELECTIONS: