Slashdot Mirror
Always Use Protection
Dan Appleman knows how to talk to teenagers. He's made the presentation very logical, he keeps the chapters a reasonable length so a teenager won't feel overwhelmed, and he had a crew of teenagers review this book before it was published so that he knew they would understand it. Those adults who aren't technically adept will find it an easy read, too.
Always Use Protection is broken up into three main parts: Protecting Your Machine, Protecting Your Privacy, and Protecting Yourself. There is a fourth part with useful appendixes, also.
Protecting Your Machine goes through all of the gremlins that can bother your computer, how to get rid of them and how to prevent them from coming back. Viruses, Trojan horse programs, and worms are covered clearly. Not too much depth involved, but not too little either. Dan covers the ins and outs of the three main preventive measures: anti-virus programs, firewalls, and system configuration and updates. He makes sure that his discussions relate to the types of programs that teenagers are likely to run: P2P software, online games, Instant Message clients, e-mail programs, and web browsers. He's careful to include other avenues of attack besides the Internet, such as infected floppies and CDs cut by well-meaning friends.
Always Use Protection explains how to determine which type of anti-virus programs are available and how to run them (using McAfee's VirusScan as an example), but puts the responsibility for deciding which one to use squarely in the reader's lap. Dan has made sure that he's not pushing any particular product over another. In fact, there were one or two places where I wished he'd just come right out and say I'd recommend blah-blah software, but he always said the reader should check the pros and cons of the possibilities and make their own decision.
Firewalls are discussed in detail, as well as their possibly unintended consequences (an online game refuses to run because a critical port is being blocked by the firewall, for example). He does state that if you're on a network behind a router, you may not need a firewall. This is my only disagreement with Dan. I believe a personal firewall should be on each and every machine, regardless of how it connects. It will protect not only the machine itself, but make it harder for the machine to attack others.
Software updates are probably one of the most under-utilized options in the home. News items in papers and on the web speak frequently about how such-and-such a virus got into machines mainly because security updates available from the manufacturer for months were simply not installed. Dan makes sure that the reader understands how shortsighted that approach really is. The updates are usually free, and just take a little time to download and install. Always Use Protection explains exactly how to do that and why it's a good thing.
The configuration chapter describes many little tweaks available to harden your browser and e-mail reader. Many people are not aware of the number of 'dials' they can play with (and if they were, they'd probably be overwhelmed), but this chapter zeroes in on the most important ones.
If this book was only chapter 9 - What to Do When You've Been Hit - it would still be worth the cover price. In this chapter, Dan gives a careful, step-by-step menu of what you can and should do to recover as much as you possibly can, eradicate the malware that is causing the problem, and get your system back to a usable state. It's the one chapter he says you shouldn't read front-to-back, but follow the links (if you see this, go to this section) like one of those make-your-own-ending books. I have this one bookmarked for future reference.
The next four chapters form Part II - Protecting Your Privacy. In here, Dan explains the various ways your personal information can be gleaned, mostly from a user innocently filling in a form supplied by a con artist. He talks about identity theft and what it means to a teenager. The need for good passwords is clearly discussed, but he acknowledges that most people won't use strong enough ones. Therefore, he promotes a simple plan with three passwords (high, medium, and low-security) that will work in most cases. He ends off this part with a good treatise on cookies of all forms, and how to turn off the worst ones.
Finally, he talks about protecting yourself in chat rooms and from common scams. While there is a lot of press about teenagers being lured by scoundrels in chat rooms, Dan notices that the actual statistics are very low. Regardless of the statistics, he gives extremely good advice about how to use a chat room safely (mostly involving lying about almost any bit of personal information you might be asked for).
The appendixes have good summary information for teens and adults, and have a special appendix just for the parents. It give good advice to make sure your teenager is willing to come to you for question without worrying about losing online privileges.
All in all, Always Use Protection should be read by every parent and, hopefully, by their kids. I'm going to try to get my 15- and 13-year old to read it (Good luck to me! You should have seen the arguments to get them to finish their summer reading!) I liked the approach, the content, and the presentation so well, I had to rate this a 10.
You can purchase Always use Protection: A Teen's Guide to Safe Computing from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.
Most teenagers are more interested in a)how they are going to get laid, b)how they are going to get drunk. Those who care about computer security are almost certainly way above this book. It's trying to sell to a market that just isn't there. It looks like it's just another wannabe security book, offering very little in terms of actual understanding. This makes it to Slashdot???
Is there a reason that this information is being aimed specifically at teenagers? I know an awful lot of adults that could use a good straighforward explaination of this material.
There should be a chapter in every computer book made all about backups.
People don't bother to backup data..
People forget to back up data.
People need to verify backups..
SyOps symlink backup data directories and cause $40,000 losses due to data not being backed up.
That is one of the best ways to "protect yourself"..
"jesus saves" and all that..
anime+manga together at last.. in real time.
I'm sorry but regardless of how good the book is and how relevant it is, it will never achieve its intended goal. A kid is never going to read anything like this. You wouldnt expect a kid to read a book about the perils of not eating their vegetables, so why this? Especially as stubborn as kids are nowadays, I think this author might have a case of bad timing. :-/
The best way to protect your children and your PC is to spend quality time with them, teaching them the basics of PC protection and chat room safety.
IMHO, these things are better taught in person than with a book. The reviewer did not mention actually spending any time with your kids. I hope the book does, because too many people are using books and products like these as a substitute for teaching thier kids in person about computer safety.
I think that the net would be a lot better place if we all talked to our parents about safe computing.
The Tools Of Ignorance wanna be a tool?
The year was 1994 -- I had a 14.4 fax/modem, and was the only person in the house who knew how to use commands in MS-DOS, much less use the net, do some mild hacking, etc.
I learned more about computer security by trial and error on a piece of crap 486SX than I think I could learn from a book. Why don't more of these parents spend $100 on a crappy old machine than $100 on the best in virus protection and let the kids go nuts? They'd probably learn a whole lot more...
is that it uses the assumption that teenagers - a group that have grown with modern technology - do not understand the basic concepts of computing, privacy etc. I would argue this isn't actually true.
/.-reading PC geek in their class. And, we can assume, any responsible parent who knows about scams, clichéd chatroom use, P2P virii etc would educate their children about this stuff anyway. It's not exactly complicated to explain to people who have grown up with this stuff.
A better audience for a similar book would be the average parent PC user who doesn't understand why their PC is giving him those stupid Messenger messages, why they should run Windows Update or the average 419 scam to make them better equipt for the world. In my admittedly limited travels, it's been a lot easier to explain technical stuff to the teenage generation, and I'm sure each teenager has a
I also assume the book includes a degree of uninformed scaremongering. Firewalls are not required - indeed, you can safely use the internet without a software firewall simply because they can be easily bypassed by anyone caring enough to bypass them - ie trojan writes. Viruschecking software is not essential if you are smart enough to know what you're running and don't run the average VBS file or P2P fraud (PHOTOSHOP 7.0.REAL.EXE). 4 years with yearly virus checks confirms this.
And I'm sure that parents treat children like idiots regarding the average "chatroom" use. No doubt the fools who previously gave their names and telephone numbers to random people on the 'net must have got the message by now, and that assumes that there are large amounts of people gullible to be taken in by it.
Is this really a perfect technical book? or is the reviewer a close friend of the author? Nothing is dated, nothing is misunderstood?
I've never read a technical book I'd rate 10/10 ... 9/10 is reserved for the greats like Tannenbaum on networking, K&R on C - and books only get that rating in retrospect. (Usually when I buy the second copy, either because I wore one out or to have one at home and one at work.)
Let's be a little more sensible and teach them BASH commands, far more useful.
And while we're at it, lets force everyone to become an automobile mechanic before they are allowed to have a drivers license. That way they would know enought to take care of their own cars.
I agree that it would be nice if everyone were better at using computers so they could all do what we can do, but that is unrealistic. When I was in support, i made it my motto that it was not my job to teach everyone how to use their computer better, it was my job to make the computer do what they needed it to do. These people have more important jobs (from the perspective of the companies' needs) and should not have to spend their time learning and working the computers till they become Leet. They were their to run the company. I was there to make sure the computers ran smoothly enough so they could concentrate on doing their own jobs, not mine.
YMMV
There is nothing so silly as other peoples traditions, and nothing so sacred as our own.
A good rule to follow is to treat all Unix systems like servers, regardless of what role they actually serve. If your machine is listening on a network-accessible port, then it's your responsibility to protect that port.
If you're 14 and administering your own Linux system, then you probably have the intellectual curiosity to do well working with computers. However, you don't have even half of the professional paranoia required to make the leap between "competent" and "great". Unfortunately, only time and mistakes will get you there. Just do what you can to make your learning experiences as painless as possible.
Dewey, what part of this looks like authorities should be involved?
It's from Adequacy.org, a Slashdot troll site. Believe nothing they say there.
You're right, of course, but the problem is that there are so many people out there for whom "computer" == "Microsoft(R) Windows(tm) running on Intel(R) Pentium(tm)" that this advice will usually fall on deaf ears. (Most of these people have no idea what the words actually mean, of course, but they know damn well that if it doesn't have Microsoft(R) Windows(tm) and and Intel(R) Pentium(tm), it's not a real COMPUTER -- they've seen the Dell ads!) For those folks, a guide like this might be helpful. If nothing else, in the process of trying to secure their Wintel boxes, they may learn something about how computers actually work, and therefore be a little more receptive to technically knowledgeable advice next time.
The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.