Slashdot Mirror
A Security Guide For Non-Technical Users?
kin_korn_karn asks: "Like many of you, I am the family IT department. I cannot convince my parents to follow proper PC security procedures. I'm not talking about enterprise-level things such as card swipes and fingerprint scanners, just simple measures like logging off of the PC when it's not in use. They, like many people of their generation, seem to be willing to sacrifice security for convenience, as long as their real data isn't being impacted. I can't seem to get it through to them that it's only a matter of time until they are. Since my own arguments aren't working, I need documented proof to back it up. Can Slashdot offer up some kind of arguments or information that I can use?"
"Does anyone know of a guide to IT security that:
a) Is written for a non-technical audience, but is neither condescending nor overly 'soft.'
b) Defines the various terminology (trojan, virus, zombie, etc.) clearly.
c) Explains what threats each security measure protects the user from.
d) Uses cases and examples to demonstrate the before and after scenarios, like: 'Jane's credit card number was intercepted via a non-encrypted connection. She started looking for the padlock symbol on her browser's status bar. Now, her credit card number looks like this: @*#(!@($).' (That's just an example, by the way)
It's the content that's important not the media, so your suggestions can be anything, be it an online document, multimedia presentation, or a print book."
a) Is written for a non-technical audience, but is neither condescending nor overly 'soft.'
b) Defines the various terminology (trojan, virus, zombie, etc.) clearly.
c) Explains what threats each security measure protects the user from.
d) Uses cases and examples to demonstrate the before and after scenarios, like: 'Jane's credit card number was intercepted via a non-encrypted connection. She started looking for the padlock symbol on her browser's status bar. Now, her credit card number looks like this: @*#(!@($).' (That's just an example, by the way)
It's the content that's important not the media, so your suggestions can be anything, be it an online document, multimedia presentation, or a print book."
And it is often the only way. Get ahold of a spyware-infected machine, and download the file to which it's logging all its stolen data, then show it to your parents. (You'd be surprised how easy this is most of the time...also you can score some free Myspace accounts this way.) Maximum scare points apply if their PC is already infected and you can show them their personal data in the file. Watch how fast they change their passwords and lock down their PC!
Try pointing them at GetSafeOnline.org which is intended for a broader audience than security professionals. Failing that, once they get trashed, stick a Knoppix CD in the drive and boot off that for ever more.
Andrew Yeomans