{"id":2376,"date":"2021-08-03T02:47:54","date_gmt":"2021-08-03T02:47:54","guid":{"rendered":"https:\/\/canadatibet.com\/85-2\/"},"modified":"2021-09-03T18:58:43","modified_gmt":"2021-09-03T18:58:43","slug":"85-2","status":"publish","type":"post","link":"https:\/\/canadatibet.com\/fr\/85-2\/","title":{"rendered":"Home Computer Security"},"content":{"rendered":"<div align=\"center\"><b> Home Computer Security<br \/>\nFrequently Asked Questions<\/b><\/p>\n<p><b>for the Tibet Support Group<br \/>\nand Tibetan Exile Communities<\/b><\/p>\n<p><b>Date: May 2005<br \/>\nRevision: 1.0<\/b><\/p>\n<\/div>\n<ul>\n<li><a href=\"#10\">1\u2014Preface<\/a><\/li>\n<li><a href=\"#20\">2\u2014General Security Questions<\/a>\n<ul>\n<li><a href=\"#21\">2.1 What should I do when I receive email with attachments and I am not sure if it contains a virus<\/a>?<\/li>\n<li><a href=\"#22\">2.2 Are all attachments potentially dangerous or are some safer than others<\/a>?<\/li>\n<li><a href=\"#23\">2.3 How can I protect myself from computer viruses<\/a>?<\/li>\n<li><a href=\"#24\">2.4 What are the different types of threats that I may be facing<\/a>?<\/li>\n<li><a href=\"#25\">2.5 How can I prevent getting viruses, trojans or spyware from email attachments<\/a>?<\/li>\n<li><a href=\"#26\">2.6 How can I browse the web safely<\/a>?<\/li>\n<li><a href=\"#27\">2.7 How can I prevent attackers and other infected computers from attacking my computer<\/a>?<\/li>\n<li><a href=\"#28\">2.8 How can I check to see if my computer is infected<\/a>?<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"#30\">3\u2014Specific TSG-L and WTN-L Concerns<\/a>\n<ul>\n<li><a href=\"#31\">3.1 There are times when fake TSG-L postings are received from individuals and organizations with a forged email address. Is there some way to know and to prevent this from happening<\/a>?<\/li>\n<li><a href=\"#32\">3.2 Sometimes I get messages with attachments that look like they are from WTN.\u00a0 Are these legitimate<\/a>?<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"#40\">4\u2014Exchanging Confidential and Sensitive Documents<\/a>\n<ul>\n<li><a href=\"#41\">4.1 What is the best way to exchange confidential information between TSGs or between Dharamsala and the Offices of Tibet around the globe<\/a>?<\/li>\n<li><a href=\"#42\">4.2 What is public-key cryptography<\/a>?<\/li>\n<li><a href=\"#43\">4.3 What is a digital signature<\/a>?<\/li>\n<li><a href=\"#44\">4.4 How can I encrypt and\/or digitally sign my email<\/a>?<\/li>\n<li><a href=\"#45\">4.5 If I install and use an email encryption system, can I still send messages to my unsecured friends? Am I running any risk<\/a>?<\/li>\n<li><a href=\"#46\">4.6 What happens if a &#8220;spoofed&#8221; message arrives<\/a>&#8230;?<\/li>\n<li><a href=\"#47\">4.7 &#8230;Does using encrypted email require that I install some special program on my computer? Will my system administrator allow this<\/a>?<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"#50\">5\u2014Finding More Information<\/a>\n<ul>\n<li><a href=\"#51\">5.1 Where can I find more information on computer security<\/a>?<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><a id=\"10\" name=\"10\"><\/a><\/p>\n<hr \/>\n<p><b><br \/>\n1\u2014Preface<br \/>\n<\/b><\/p>\n<hr \/>\n<p>This document is intended to answer common questions members of the TSG-L and WTN-L lists about computer security and email risks.\u00a0 Please read this document before sending questions to list moderators about viruses, spyware, trojans or other computer security issues.<\/p>\n<p>I want to thank Conrad Richter, Locke Berkebile, Laird Brown and Jim Schuyler for their help with this FAQ. Corrections and additional materials for this document are welcome.<\/p>\n<p>Please send them to <a href=\"mailto:samdup_faq@tibet.ca\">samdup_faq@tibet.ca<\/a><\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"20\" name=\"20\"><\/a><\/p>\n<hr \/>\n<p><b><br \/>\n2\u2014General Security Questions<br \/>\n<\/b><\/p>\n<hr \/>\n<p><a id=\"21\" name=\"21\"><\/a><b>2.1 What should I do when I receive email with attachments and I am not sure if it contains a virus?<\/b><\/p>\n<p>Do not open the attachment.<\/p>\n<p>Any message containing attachments can contain dangerous elements such as viruses, trojans and spyware. If you are expecting the attachment from someone you know, then it is probably safe.\u00a0 But if the attachment was not expected\u2014even if it appears to come from someone you know\u2014then you should take extra precautions to make sure that it is safe.<\/p>\n<p>When in doubt, it is always a good practice to send email to the message sender asking if he or she really did send the attachment to you.<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"22\" name=\"22\"><\/a><b>2.2 Are all attachments potentially dangerous or are some safer than others?<\/b><\/p>\n<p>There are many types of email attachments and almost all of them have the potential of harming your computer and the information stored on it. Some of the file types that commonly carry dangerous computer code are listed below.<\/p>\n<p>In Windows, you can identify the different file types from file extensions, which are the 3-5 letters following a dot at the end of the file name.<\/p>\n<p>Files with the following file extensions are always dangerous to open, even when they appear to come from someone you know:<\/p>\n<p>o Windows programs: .exe, .com, .pif, .dll<\/p>\n<p>o Windows scripts: .bat<\/p>\n<p>Files with the following file types are potentially dangerous, but are probably safe if you are expecting them from someone you know:<\/p>\n<ul>\n<li>\u00a0\u00a0 Microsoft Word: .doc<\/li>\n<li>\u00a0\u00a0 Microsoft Excel: .xls<\/li>\n<li>\u00a0\u00a0 Winzip (see note below!): .zip<\/li>\n<li>\u00a0\u00a0 Web pages: .htm, .html, .shtml, .asp, .cgi<\/li>\n<li>\u00a0\u00a0 Adobe Reader&#8217;s &#8220;Portable Document Format&#8221;: .pdf<br \/>\nAdobe attachments may also be a risk, as are Adobe Acrobat Reader pages on the net. If not sent from a secure known trusted source they should be downloaded to a diskette and scanned with antivirus software before opening. Check <a href=\"http:\/\/www.mcgill.ca\/ncs\/products\/security\/antivirusinfo\/alerts\/2004\/\" target=\"_blank\" rel=\"noopener\">http:\/\/www.mcgill.ca\/ncs\/products\/security\/antivirusinfo\/alerts\/2004\/<\/a> (search for &#8220;Adobe&#8221; on that page).<\/li>\n<\/ul>\n<p>However, these files can be dangerous if they contain malicious macros or executable programs, or if they contain links to malicious websites. Be aware that .zip files can contain files that when expanded could be dangerous.<\/p>\n<p>Files with the following file extensions are generally safe:<\/p>\n<p>o Image files: .jpg, .gif, .bmp, .png<\/p>\n<p>o Text files: .txt<\/p>\n<p>o Rich Text Format: .rtf<\/p>\n<p>o Microsoft Excel &#8220;Comma Separated Value&#8221; format: .csv<\/p>\n<p>These files are not known to contain malicious programs that a computer can run.\u00a0But a common trick is to append their file names with a &#8220;stealth extension&#8221; preceded with blank spaces to hide Windows programs and other malicious files, like this: &#8220;abcfile.txt\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 .exe&#8221;<\/p>\n<p>On Windows computers it is a good idea to turn off the option to hide the file extensions in Explorer. This can be done by choosing &#8220;Folder Options&#8221; from the Tools menu in Windows Explorer and unchecking the box next to &#8220;Hide file extensions for known file types.&#8221;<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"23\" name=\"23\"><\/a><b>2.3 How can I protect myself from computer viruses?<\/b><\/p>\n<p>If you are using Windows, it is very important that you install and use antivirus software.\u00a0 Unprotected Windows machines on the Internet will soon acquire viruses without antivirus protection.\u00a0 In order for antivirus software to be effective, it must be frequently updated.\u00a0 Most current antivirus software can be configured to update automatically on a computer connected to the Internet.<\/p>\n<p>There are many popular antivirus packages for windows. Many of these packages also include personal firewalls and anti-spyware software, which work together to keep your computer from being corrupted or hijacked and your data from being stolen.\u00a0 A few of the most popular packages are:<\/p>\n<p>Norton Antivirus from Symantec<br \/>\n<a href=\"http:\/\/www.symantec.com\/nav\/nav_9xnt\/\" target=\"_blank\" rel=\"noopener\"><br \/>\nhttp:\/\/www.symantec.com\/nav\/nav_9xnt\/<\/a><\/p>\n<p>PC-cillin Internet Security from TrendMicro<br \/>\n<a href=\"http:\/\/www.trendmicro.com\/en\/products\/desktop\/pc-cillin\/evaluate\/overview.htm\" target=\"_blank\" rel=\"noopener\"><br \/>\nhttp:\/\/www.trendmicro.com\/en\/products\/desktop\/pc-cillin\/evaluate\/overview.htm<\/a><\/p>\n<p>Titanium Antivirus from Panda Software<br \/>\n<a href=\"http:\/\/www.pandasoftware.com\/products\/titanium2005\/\" target=\"_blank\" rel=\"noopener\"><br \/>\nhttp:\/\/www.pandasoftware.com\/products\/titanium2005\/<\/a><\/p>\n<p>F-Prot Antivirus from Frisk Software International<br \/>\n<a href=\"http:\/\/www.f-prot.com\/products\/home_use\/win\/\" target=\"_blank\" rel=\"noopener\"><br \/>\nhttp:\/\/www.f-prot.com\/products\/home_use\/win\/<\/a><\/p>\n<p>Generally these packages can be ordered on the Internet, often from the vendors sites and installed on your computer immediately.<\/p>\n<p>If you are a Macintosh user, viruses are rarely an issue.\u00a0However, you should still install and use an antivirus program.\u00a0 Virex from McAfee is available for OS X here: <a href=\"http:\/\/www.networkassociates.com\/us\/products\/mcafee\/antivirus\/desktop\/virex.htm\" target=\"_blank\" rel=\"noopener\"><br \/>\nhttp:\/\/www.networkassociates.com\/us\/products\/mcafee\/antivirus\/desktop\/virex.htm<\/a><\/p>\n<p>or for free from <a href=\"http:\/\/www.apple.com\/\" target=\"_blank\" rel=\"noopener\">Apple<\/a> if you are a <a href=\"http:\/\/www.mac.com\/WebObjects\/Welcome\" target=\"_blank\" rel=\"noopener\">.Mac<\/a> member.<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"24\" name=\"24\"><\/a><b>2.4 What are the different types of threats that I may be facing?<\/b><\/p>\n<p>Your computer can be attacked through a variety of mechanisms.\u00a0The most common of these faced by home computer users are:<\/p>\n<p>1. <b>Trojan horse programs\u2014<\/b>Trojan horse programs are programs that appear to be useful, but actually compromise the machine they are installed on.<\/p>\n<p>2. <b>Viruses\u2014<\/b>Viruses are small programs that can attach themselves to other files or programs.\u00a0 When you share these infected files with others, the virus spreads. Viruses generally self-replicate. They often accompany Trojan horses and together they serve the malicious purpose of the program author.<\/p>\n<p>3. <b>Spyware\u2014<\/b>Spyware is software that usually is installed by the user unknowingly while downloading or installing another program. The original purpose was to report the web pages that a user frequented to an advertiser while withholding the identity of the user. However, now attackers are using spyware to gather all possible information from the victim (such as email addresses, credit card numbers, and so forth).<\/p>\n<p>You should run anti-spyware software such as Spybot Search and Destroy and SpywareBlaster. These are both free and available to anyone. When using Spybot Search and Destroy, you should enable the Immunize feature. These should be run in addition to antivirus software. More information is available at <a href=\"http:\/\/www.mcgill.ca\/ncs\/products\/security\/spyware\/\" target=\"_blank\" rel=\"noopener\">http:\/\/www.mcgill.ca\/ncs\/products\/security\/spyware\/<\/a><\/p>\n<p>4. <b>Adware\u2014<\/b>Adware is software &#8211; installed by trojan horse programs, malicious mobile code, or a virus &#8211; that displays advertising on your computer, often through a profusion of pop-up windows in your browser, but sometimes in other locations in your operating system.<\/p>\n<p>5. <b>Mobile code\u2014<\/b>Mobile code is software that is automatically downloaded and executed on your machine when you visit a website.\u00a0Mobile code is part of what makes the web work, but, due to flaws in your browser software, malicious mobile code can sometimes be created to attack your machine.<\/p>\n<p>6. <b>Phishing\u2014<\/b>Phishing (pronounced &#8220;fishing&#8221;) is the attempt of an attacker to defraud the user into visiting a malicious website or providing information about themselves for what they think is a legitimate request. Further information on phishing and how to protect yourself may be found at http:\/\/www.mcgill.ca\/ncs\/products\/security\/reality\/ (then search for &#8220;phishing.&#8221;)<\/p>\n<p>Threats to your computer through the above mechanisms can occur through a number of different activities. In order of danger, from most to least, the activities that are most often avenues for security attacks are:<\/p>\n<p>1. <b>Installing untrusted applications<\/b>\u2014Any application you install on your computer that is not from a trusted source such as <a href=\"http:\/\/www.microsoft.com\/\" target=\"_blank\" rel=\"noopener\">Microsoft<\/a>, <a href=\"http:\/\/www.adobe.com\/\" target=\"_blank\" rel=\"noopener\">Adobe<\/a>, <a href=\"http:\/\/www.macromedia.com\/\" target=\"_blank\" rel=\"noopener\">Macromedia<\/a> and other respected vendors could be a trojan horse program. For instance, if you find a website through an Internet search engine (such as <a href=\"http:\/\/www.google.com\/\" target=\"_blank\" rel=\"noopener\">Google<\/a>) and download a software installer from that website without knowing anything about the author of the software, you run the risk of compromising your computer. If you are unsure, search for reviews of the software on the Internet first.\u00a0PC weather programs, as an example, are notorious for being trojan horses.<\/p>\n<p>2. <b>Opening dangerous attachments in email<\/b>\u2014See Section <a href=\"#22\">2.2<\/a> above.\u00a0Any attachment that you were not expecting should be suspected and should not be open until the source is verified. Even if an attachment appears to be from a friend, if you were not expecting it, verify that it is indeed from your friend before opening it.<\/p>\n<p>3. <b>Visiting malicious websites<\/b>\u2014If you are searching for information using an Internet search engine, there is really no way avoid visiting malicious websites.\u00a0However, you can protect yourself by running a good antivirus program (see Section <a href=\"#23\">2.3<\/a> above for suggestions and by using the Firefox browser instead of Internet Explorer.\u00a0Firefox is a free application available here: <a href=\"http:\/\/www.mozilla.org\/products\/firefox\/\" target=\"_blank\" rel=\"noopener\">http:\/\/www.mozilla.org\/products\/firefox\/<\/a><\/p>\n<p>4. <b>Connecting your computer to the Internet<\/b>\u2014Anytime your computer is connected to the Internet, it is vulnerable to attack.\u00a0You can minimize the risk by turning off or disconnecting your machine from the Internet when you are not using it and by installing a personal firewall application.\u00a0There are many popular personal firewall applications such as:<\/p>\n<p>Norton Personal Firewall from Symantec<br \/>\n<a href=\"http:\/\/www.symantec.com\/sabu\/nis\/npf\/\" target=\"_blank\" rel=\"noopener\">http:\/\/www.symantec.com\/sabu\/nis\/npf\/<\/a><\/p>\n<p>PC-cillin Internet Security from TrendMicro<br \/>\n<a href=\"http:\/\/www.trendmicro.com\/en\/products\/desktop\/pc-cillin\/evaluate\/overview.htm\" target=\"_blank\" rel=\"noopener\"><br \/>\nhttp:\/\/www.trendmicro.com\/en\/products\/desktop\/pc-cillin\/evaluate\/overview.htm<\/a><\/p>\n<p>Windows XP comes with a firewall built-in.<\/p>\n<p>If you use Windows XP, make sure that the firewall is activated.<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"25\" name=\"25\"><\/a><b>2.5 How can I prevent getting viruses, trojans or spyware from email attachments?<\/b><\/p>\n<p>Do not open any email attachment you are not expecting to receive from a trusted source.\u00a0Never open executable files that have been forwarded to you from unknown sources.\u00a0These files will have file extensions ending in .exe, .dll, .com, .bat, .pif and .cmd.<\/p>\n<p>See also Sections 2.1 and 2.3 above.<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"26\" name=\"26\"><\/a><b>2.6 How can I browse the web safely?<\/b><\/p>\n<p>There are a number of things you can do to make browsing Internet websites more safe:<\/p>\n<p>First, stop using Internet Explorer and start using Firefox<\/p>\n<p>The majority of web browsing security problems on Windows computers have come from flaws in Microsoft&#8217;s Internet Explorer. Firefox is a fast, free, more secure web browser from Mozilla. You can download it here:<\/p>\n<p><a href=\"http:\/\/www.mozilla.org\/products\/firefox\/\" target=\"_blank\" rel=\"noopener\">http:\/\/www.mozilla.org\/products\/firefox\/<\/a>\u00a0 It also blocks popup windows and has many great features that are not available in Internet Explorer.<\/p>\n<p>Second, install and use an antivirus software package<\/p>\n<p>See Section <a href=\"#23\">2.3<\/a> above for a list of common antivirus packages.<\/p>\n<p>Third, disable mobile code execution in your browser<\/p>\n<p>In your browser options, disable Java, Active X controls and Iframes. Also it is very important that you disable the setting in your browser that allows websites to automatically download and install software on your computer.<\/p>\n<p><b>For Internet Explorer<\/b><\/p>\n<p>Under <b>Tools<\/b>, then <b>Internet Options<\/b>, click on the <b>Security<\/b> tab. Select the <b>Internet zone<\/b> and then click on the <b>Custom Level<\/b> button.\u00a0The most important options to review are the ones involving ActiveX controls and plug-ins, downloads, Java, Iframes, and scripting. You can choose to disable browser features or tell the browser to prompt you when a website is trying to use these features.\u00a0Disabling is always the safest approach, but disabling some features can interfere with the normal functioning of legitimate sites.\u00a0The prompt option may be better for you; you will be prompted to approve the use of features each time a website tries to access them.<\/p>\n<p>Below are recommended security settings for the Internet zone:<\/p>\n<ul>\n<li><b>Download signed ActiveX controls\u00a0<\/b> \u2014 Disable<\/li>\n<li><b>Download unsigned ActiveX controls<\/b> \u2014 Disable<\/li>\n<li><b>Initialize and script ActiveX controls not marked as safe<\/b> \u2014 Disable<\/li>\n<li><b>Run ActiveX controls and plug-ins<\/b> \u2014 Prompt<\/li>\n<li><b>Script ActiveX controls marked safe for scripting<\/b> \u2014 Prompt<\/li>\n<li><b>File download<\/b> \u2014 Disable<\/li>\n<li><b>Java permissions<\/b> \u2014 Disable<\/li>\n<li><b>Launching programs and files in an IFRAME<\/b> \u2014 Disable<\/li>\n<li><b>Active scripting<\/b> \u2014 Prompt<\/li>\n<li><b>Allow paste operations via script<\/b> \u2014 Prompt<\/li>\n<li><b>Scripting of Java applets<\/b> \u2014 Prompt<\/li>\n<\/ul>\n<p>On some legitimate websites you may get many so prompts that it becomes cumbersome.\u00a0You can add these websites to the &#8220;Trusted sites&#8221; zone and change the features from &#8220;Prompt&#8221; to &#8220;Enable&#8221;.\u00a0Resist the temptation of enabling everything in order to avoid getting prompts for approval. If it is necessary to activate disabled features, then set them as &#8220;Prompt&#8221; instead of &#8220;Enable.&#8221;<\/p>\n<p>Under the <b>Advanced<\/b> tab (under <b>Tools<\/b> &gt; <b>Internet Options<\/b>), the following settings are recommended:<\/p>\n<ul>\n<li><b>Java console enable (requires restart)<\/b> \u2014 Unchecked<\/li>\n<li><b>JIT compiler for virtual machine enabled (requires restart)<\/b> \u2014 Unchecked<\/li>\n<\/ul>\n<p><b>For Firefox<\/b><\/p>\n<p>Under <b>Tools<\/b>, <b>Options<\/b>, and then <b>Privacy<\/b>, click on the &#8220;+&#8221; beside <b>Cookies<\/b> to show the cookie options.\u00a0For maximum security you can uncheck <b>Allow sites to set cookies<\/b> but this is not realistic as many legitimate sites require cookies for proper functioning. Instead check this option and then click on the <b>Exceptions<\/b> button to set which sites you allow cookies.\u00a0Enter the website address and click on <b>Block<\/b>, <b>Allow for Session<\/b> or <b>Allow<\/b>.<\/p>\n<p><b>Web Features<\/b> (also under <b>Tools<\/b> &gt; <b>Options<\/b>) is where you control scripting and program execution. Below are recommended settings:<\/p>\n<ul>\n<li><b>Allow web sites to install software<\/b> \u2014 uncheck (or check and click on the <b>Allowed Sites<\/b> button to add trusted sites)<\/li>\n<li><b>Enable Java<\/b> \u2014 uncheck<\/li>\n<li><b>Enable JavaScript<\/b> \u2014 uncheck<\/li>\n<\/ul>\n<p>In <b>Downloads<\/b> (also under <b>Tools<\/b> &gt; <b>Options<\/b>) you can control which applications automatically launch when downloaded.\u00a0You may have .doc files set to be opened automatically by Word or .xls worksheets set to be automatically opened by Excel; but because these files can have malicious embedded programs or macros it may be a better idea to change setting the have Firefox download these files instead.\u00a0This way you can decide whether or not you trust the source of the files (and delete those you don&#8217;t trust) or you can run them through your antivirus software first before opening them.<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"27\" name=\"27\"><\/a><b>2.7 How can I prevent attackers and other infected computers from attacking my computer?<\/b><\/p>\n<p>You should have a properly configured firewall to protect your computer.\u00a0 Even if your computer is part of a local area network that has firewall protection, it is still a good idea have a personal firewall for your computer. Windows XP comes with a firewall: make sure that it is turned on and properly configured.<\/p>\n<p>Older Windows and other operating systems do not come with a firewall and you need to install one if you don&#8217;t already have one. Firewalls must be set up properly or they won&#8217;t provide much protection. Because firewalls are not easy to set up properly many people just turn them off which is inviting big trouble.<\/p>\n<p>See section <a href=\"#24\">2.4<\/a> above for a list of popular firewalls.<\/p>\n<p>Unless you have one of these firewall programs in place, such as Norton Internet Security, you&#8217;ll want to configure the <b>Windows Firewall<\/b>:<\/p>\n<ul>\n<li>In the <b>Start<\/b> menu, find and open <b>Control Panel<\/b> and then double-click <b>Windows Firewall<\/b>.<\/li>\n<li>In the <b>General<\/b> tab, click the <b>On<\/b> radio button<\/li>\n<li>A window will open in which you can create or change <b>Windows Firewall<\/b> settings. In the <b>Exceptions<\/b> tab, select the programs and services that you want the firewall to give complete freedom of communication. These programs will be allowed to access the Internet, subject only to other security policies you have set, such as within your Firefox or Internet Explorer browser. You should only include programs you feel completely confident about, such as AOL, File Sharing, email (such as Outlook or Outlook Express), and Instant Messenger programs. These programs can then make connections to Internet sites and resources without being blocked by the firewall. This is probably the easiest way to configure your firewall &#8211; program by program.<\/li>\n<li>You can also unblock Internet &#8220;ports&#8221; using the <b>Add Port<\/b> button in the <b>Exceptions<\/b> tab. (That is, you are making an &#8220;exception&#8221; for this port.) Internet ports are numbered, and numbers are assigned to each of the commonly-used Internet services. Each port is a communications &#8220;window&#8221; between your computer and some outside Internet service, used for a specific purpose. For example, ports 25 and 110 are commonly used to communicate with email servers\u2014port 25 is the outbound (SMTP) port, and port 110 is the inbound (POP3) port. If you have a number of programs that need a particular service, and you don&#8217;t want to go thru and add each and every program to the exceptions list, you can allow the port corresponding to the service. You do this by clicking <b>Add a port<\/b> and specifying the port thru which communications is to be allowed. Another commonly-used port is port 80, which is used by web browsers to access web sites.<\/li>\n<\/ul>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"28\" name=\"28\"><\/a><b>2.8 How can I check to see if my computer is infected?<\/b><\/p>\n<p>When you install antivirus software, it should check your system and clean up any problems found. There are some online tools you can use but it is important that online tools only check and clean up infections that have already occurred; they do not protect you from future infections.<\/p>\n<p>See Section <a href=\"#23\">2.3<\/a> above for a list of popular antivirus packages.<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"30\" name=\"30\"><\/a><\/p>\n<hr \/>\n<p><b>3\u2014Specific TSG-L and WTN-L Concerns<\/b><\/p>\n<hr \/>\n<p><a id=\"31\" name=\"31\"><\/a><b>3.1 There are times when fake TSG-L postings are received from individuals and organizations with a forged email address. Is there some way to know and to prevent this from happening?<\/b><\/p>\n<p>This is difficult, but McGill University list managers have set up a system whereby the sender must confirm the message before the message is released to the list. This has definitely helped minimize these messages from forged email addresses.\u00a0 Also, the TSG-L list no longer allows attachments to be posted to the list, thereby removing the most serious threat that the list has faced in the past.<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"32\" name=\"32\"><\/a><b>3.2 Sometimes I get messages with attachments that look like they are from WTN.\u00a0 Are these legitimate?<\/b><\/p>\n<p>WTN never sends attachments. If you receive a message that looks like it is from WTN but it contains an attachment, throw it away. It is not from WTN.<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"40\" name=\"40\"><\/a><\/p>\n<hr \/>\n<p><b>4\u2014Exchanging Confidential and Sensitive Documents<\/b><\/p>\n<hr \/>\n<p><a id=\"41\" name=\"41\"><\/a><b>4.1 What is the best way to exchange confidential information between TSGs or between Dharamsala and the Offices of Tibet around the globe?<\/b><\/p>\n<p>It is important to realize that most email programs such as Outlook Express and Eudora do not protect email while messages travel from one computer to another. Anyone with the right software can read your email as easily as reading a postcard sent through the mail. If you are sending confidential documents via email it is critical to encrypt your messages in some way. The most common form of email encryption is based on public-key cryptography, which will be discussed below.<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"42\" name=\"42\"><\/a><b>4.2 What is public-key cryptography?<\/b><\/p>\n<p>Public-key cryptography enables users to communicate securely using pairs of public and private keys. In encryption, a key specifies the particular transformation of plaintext into cipher text, or vice versa during decryption. The &#8220;public key&#8221; is available for all to see, and is akin to an individual&#8217;s number in a phone book. The &#8220;private key&#8221; is kept secret and is hidden safely on each user&#8217;s computer. To encrypt an email, the sender obtains the recipient&#8217;s public key and the encryption software uses it to encrypt the message. Upon receipt, the recipient&#8217;s software uses its private key to decrypt the cipher text. This only works if both parties have compatible encryption programs installed. If not, the sender still has the option of sending a message with a &#8220;digital signature&#8221;. You can find out more about public-key cryptography here: <a href=\"http:\/\/www.faqs.org\/faqs\/cryptography-faq\/part06\/\" target=\"_blank\" rel=\"noopener\">http:\/\/www.faqs.org\/faqs\/cryptography-faq\/part06\/<\/a><\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"43\" name=\"43\"><\/a><b>4.3 What is a digital signature?<\/b><\/p>\n<p>Digital signatures are generated using the sender&#8217;s private key, and take the form of a simple numerical value, normally represented as a long string of digits, or digits and letters. The recipient&#8217;s software can check whether the message is authentic by running a verification algorithm on the combination of message, signature and the sender&#8217;s public key. If it all matches, the message was genuine, because the private key was needed to create the signature and no one but the sender has it. A general digital signature scheme consists of three procedures (called &#8220;algorithms&#8221;): a key generation algorithm; a signing algorithm; and, a verification algorithm. Digital signatures are widely used in e-commerce applications. You can find our more about digital signatures here: <a href=\"http:\/\/www.rsasecurity.com\/rsalabs\/node.asp?id=2182\" target=\"_blank\" rel=\"noopener\">http:\/\/www.rsasecurity.com\/rsalabs\/node.asp?id=2182<\/a><\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"44\" name=\"44\"><\/a><b>4.4 How can I encrypt and\/or digitally sign my email?<\/b><\/p>\n<p>Many people use PGP or GPG which can be installed to operate with Outlook, Outlook Express, Eudora and other email programs. The person you wish to send encrypted email to must also have a PGP- or GPG-compatible program installed so they can decrypt it. When you wish to send a PGP-encrypted message to someone, you must carry out an extra step (a few clicks) in order to encrypt it before you send it. Additionally, when sending PGP-encrypted mail to multiple recipients, it must be encrypted for each recipient&#8217;s public key. You can encrypt a single message for multiple recipients, but you must specify exactly who it&#8217;s to be encrypted for otherwise they won&#8217;t be able to read it. And if you wish to send the same message to individuals who do not have PGP installed, you must send a separate unencrypted copy to them. You can learn more about PGP at <a href=\"http:\/\/www.pgp.com\/\" target=\"_blank\" rel=\"noopener\">http:\/\/www.pgp.com\/<\/a>. And you can learn more about GPG here <a href=\"http:\/\/www.gnupg.org\/\" target=\"_blank\" rel=\"noopener\">http:\/\/www.gnupg.org\/<\/a>.<\/p>\n<p>A recently-released system, Ciphire Mail, automates the key generation and exchange process so that you don&#8217;t have to worry about it. All you do is install the program and pretty much forget about it. Ciphire Mail invisibly encrypts your mail whenever it detects that a recipient already has Ciphire Mail installed. By default Ciphire Mail can also digitally sign your message so that recipients who do not have Ciphire Mail installed can check the authenticity of the signature by copying the message into a Web form on Ciphire&#8217;s Web site. Unlike PGP, Ciphire Mail allows users to send the same message to a mix of Ciphire users and non-Ciphire users, all in one step. You can learn more about Ciphire Mail at <a href=\"http:\/\/www.ciphire.com\/\" target=\"_blank\" rel=\"noopener\">http:\/\/www.ciphire.com\/<\/a>.<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"45\" name=\"45\"><\/a><b>4.5 If I install and use an email encryption system, can I still send messages to my unsecured friends? Am I running any risk?<\/b><\/p>\n<p>Well, if you have Ciphire Mail installed you can send to any mix of friends and those who have Ciphire Mail installed will receive encrypted copies (which are automatically decrypted upon receipt), and those without Ciphire Mail will receive plain-text copies. In both cases they will be able to read your message without any further action on their part. And if you use PGP, you can encrypt a message for any group of PGP users, as long as you already have their public keys. There is still an issue if you are sending sensitive information by insecure means! The system is only as strong as its weakest link. So any time you send a plain text message, the information is vulnerable.<\/p>\n<p>Remember that in general you can&#8217;t use encryption when sending to email groups (list-servers or Yahoo or MSN groups) because in those cases you send a single message which is re-broadcast to the entire group. The only way to encrypt group transmissions is for everyone in the group to use the same encryption software, and even then special (extra) procedures must be followed. Signing is still useful in these cases, however.<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"46\" name=\"46\"><\/a><b>4.6 What happens if a &#8220;spoofed&#8221; message arrives, claiming to be from someone who uses Ciphire Mail to encrypt or sign their messages? (Such as from an official mailing list, or directly from some official organization.)<\/b><\/p>\n<p>You can configure Ciphire Mail to refuse unencrypted messages that *claim to be* from your important correspondents who use Ciphire Mail. Normally they will be sending you encrypted message, of course, so if a &#8220;spoofed&#8221; message arrives &#8211; one from a person who claims to be your correspondent, but who really is not &#8211; then Ciphire Mail can immediately warn you that a message has been received which is not properly encrypted or signed. And you can throw it away (you wouldn&#8217;t open a virus or other malicious message, would you?).<\/p>\n<p>If you&#8217;re using PGP, and you receive a spoofed message, you can also check the PGP signature (if there is one) to determine whether the message is from the purported sender.<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"47\" name=\"47\"><\/a><b>4.7 I&#8217;m worried and want to be perfectly clear that I understand&#8230; Does using encrypted email require that I install some special program on my computer? Will my system administrator allow this?<\/b><\/p>\n<p>To send and receive fully-encrypted mail, BOTH you (the sender) and your correspondent (the recipient) must have the email encryption programs, or plug-ins for your email program. Otherwise your mail is sent as plain text, or (worse yet) the recipient can&#8217;t read it because it&#8217;s encrypted. So, if your organization, or your friends are already using PGP or GPG, then you should get a PGP\/GPG-capable program or plug-in. If your friends are using Ciphire Mail, then you should download and install Ciphire Mail. It&#8217;s worth noting that you can have BOTH of these solutions installed on the same computer, if you wish, and they should not interfere with each other.<\/p>\n<p>If you work within an organization where you do not have administrative privileges on your desktop computer, then you&#8217;ll have to contact your local system administrator to have the software installed.<\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p><a id=\"50\" name=\"50\"><\/a><\/p>\n<hr \/>\n<p><b>5\u2014Finding more information<\/b><\/p>\n<hr \/>\n<p><a id=\"51\" name=\"51\"><\/a><b>5.1 Where can I find more information on computer security?<\/b><\/p>\n<p>There are many good resources on the Internet. The following lists of websites are good places to start:<\/p>\n<p>Security at Home Center<br \/>\nMicrosoft<br \/>\n<a href=\"http:\/\/www.microsoft.com\/athome\/security\/default.mspx\" target=\"_blank\" rel=\"noopener\">http:\/\/www.microsoft.com\/athome\/security\/default.mspx<\/a><\/p>\n<p>Home Computer Security<br \/>\nCERT (Carnegie Mellon University Computer Emergency Response Team)<br \/>\n<a href=\"http:\/\/www.cert.org\/homeusers\/HomeComputerSecurity\/\" target=\"_blank\" rel=\"noopener\">http:\/\/www.cert.org\/homeusers\/HomeComputerSecurity\/<\/a><\/p>\n<p>Home Network Security<br \/>\nCERT (Carnegie Mellon University Computer Emergency Response Team)<br \/>\n<a href=\"http:\/\/www.cert.org\/tech_tips\/home_networks.html\" target=\"_blank\" rel=\"noopener\">http:\/\/www.cert.org\/tech_tips\/home_networks.html<\/a><\/p>\n<p>Stay Safe Online<br \/>\nNational Cyber Security Alliance<br \/>\n<a href=\"http:\/\/www.staysafeonline.info\/home-tips.html\" target=\"-blank\" rel=\"noopener\">http:\/\/www.staysafeonline.info\/home-tips.html<\/a><\/p>\n<p>Spyware<br \/>\nWikipedia Encyclopedia<br \/>\n<a href=\"http:\/\/en.wikipedia.org\/wiki\/Spyware\" target=\"_blank\" rel=\"noopener\">http:\/\/en.wikipedia.org\/wiki\/Spyware<\/a><\/p>\n<p>Computer Virus FAQ for New Users<br \/>\n<a href=\"http:\/\/www.faqs.org\/faqs\/computer-virus\/new-users\/\" target=\"_blank\" rel=\"noopener\">http:\/\/www.faqs.org\/faqs\/computer-virus\/new-users\/<\/a><\/p>\n<p>alt.comp.virus FAQ<br \/>\n<a href=\"http:\/\/www.faqs.org\/faqs\/computer-virus\/alt-faq\/part1\/index.html\" target=\"_blank\" rel=\"noopener\">http:\/\/www.faqs.org\/faqs\/computer-virus\/alt-faq\/part1\/index.html<\/a><\/p>\n<p>Firewalls FAQ<br \/>\n<a href=\"http:\/\/www.faqs.org\/faqs\/firewalls-faq\/\" target=\"_blank\" rel=\"noopener\">http:\/\/www.faqs.org\/faqs\/firewalls-faq\/<\/a><\/p>\n<p><a href=\"#top\">return to table-of-contents<\/a><\/p>\n<p>[Compiled by Thubten Samdup, May 5, 2005]<\/p>","protected":false},"excerpt":{"rendered":"<p>Home Computer Security Frequently Asked Questions for the Tibet Support Group and Tibetan Exile Communities Date: May 2005 Revision: 1.0 1\u2014Preface 2\u2014General Security Questions 2.1 What should I do when I receive email with attachments and I am not sure if it contains a virus? 2.2 Are all attachments potentially dangerous or are some safer [&hellip;]<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"give_campaign_id":0,"nf_dc_page":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-2376","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/canadatibet.com\/fr\/wp-json\/wp\/v2\/posts\/2376","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/canadatibet.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/canadatibet.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/canadatibet.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/canadatibet.com\/fr\/wp-json\/wp\/v2\/comments?post=2376"}],"version-history":[{"count":4,"href":"https:\/\/canadatibet.com\/fr\/wp-json\/wp\/v2\/posts\/2376\/revisions"}],"predecessor-version":[{"id":4491,"href":"https:\/\/canadatibet.com\/fr\/wp-json\/wp\/v2\/posts\/2376\/revisions\/4491"}],"wp:attachment":[{"href":"https:\/\/canadatibet.com\/fr\/wp-json\/wp\/v2\/media?parent=2376"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/canadatibet.com\/fr\/wp-json\/wp\/v2\/categories?post=2376"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/canadatibet.com\/fr\/wp-json\/wp\/v2\/tags?post=2376"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}