Google asks: where do you go for help with staying safe online?

@Lauren, Hello – I’ve had quite a good day today so cannot blame the grumps for my comment. The Convo begins “ Which? and Google have partnered up to deliver free training to help people stay safe online.” So I would have thought as you are partners you would have debated and then agreed with what is being said. If you don’t agree with Ronan then Which? perhaps should not be a partner to this. 🙂

Without the disclaimer, I expect some hypercritical contributor would be in there criticising Which? for working with a commercial organisation.

@ldeitz, I should have known better. Sorry Lauren Deitz 🙂 I was suggesting that as this intro begins “Which? and Google have partnered up” that you were both in agreement on the topic and should therefore share the views expressed by Ronan. Otherwise why enter into a partnership?

I understand the disclaimer being used when you have a guest contributor who is speaking solely on their own behalf.
🙂

At the risk of grinding this point to a fine dust, I think there is a contradiction between an article written by a partner with Which? in a project and a disclaimer statement that says “all views expressed here are . . . not necessarily . . . shared by Which?“. The disclaimer could have been omitted in this instance.

I’d have thought – being in the business they are – they’d be running online courses.

Thank you, Tom.

I’m sure Google really do want to help folk stay safe online, because they cannot make money out of folk who don’t or can’t go online.

I think Google have helped to date is by producing ChromeBooks as an alternative to virus-prone Windows PCs. However, I don’t use any Chromebooks myself, so I cannot personally vouch for their merit.

Google are also responsible for Andriod, which is now the most widely used OS for tablets and smart phones. Personally, I find Android hard to use for serious internet usage. I’ve also seen more than a few instances of folk falling victim to shyster sites via Android, so it may be that a good way to stay safe online is to avoid the use of Android devices, if and when it is possible to do so.

We can also apply the ERICPD safety measure hierarchy to internet safety:

Eliminate: Follow the example set by the the young John Connor in the Terminator movies. Don’t use the internet at all. Confine your commerce to cash transactions and your social networking to the pub.

Reduce: Limit your use of the internet – and try to avoid any form of e-commerce (i.e. banking, shopping, etc). (Posting on Which? Convo will probably be reasonably safe though…)

Isolate: Use different computers for different on-line activities. (Computer experts know that there is no such thing as having too many home computers.) So, if you must engage in e-commerce, consider using one PC for that and another one for general surfing. You may also want to set up different user accounts and different browser programs (e.g. with different levels of security extensions/add-ons) for different activities. And, if you must insist on using a Windows PC, try not to do any (or most or all) of your on-line activities from an account that has Administrator rights.

Control: Make sure you keep your computers and software up to date with security updates etc. Also make sure that you have diverse multiple backups for any precious data that you own.

Protection: if you must insist on using a Windows PC, make sure that you have the best security software that you can afford. Apple, Android and Linux users should also consider the need for appropriate security software.

Discipline: Exercise due caution before giving out personal data or financial data to internet sites that “require you to register”. Try to use different passwords for different sites, otherwise, if one site gets hacked, the hackers may be able to use the password you used there to log into many of your other accounts. Remember, if a deal sounds too good to be true, there is probably a hidden catch that you have not spotted.

Tom: If I may, I’d point out a potentially serious error in the guide. With regard to ransomware it states “The best defence is to keep a backup of all your files on an external hard drive, rendering the threats empty. However, as I’m sure you’re aware, almost all ransomware lies dormant initially, while the program searches the networks for attached drives.

So unless your files were kept on a air-gapped drive, they would be compromised. I note that the same advice is also repeated n the summary.

I’d also take issue with your comment that “Macs are increasingly falling victim to ransomware attacks”. Isn’t it true that there are no recorded successful ransomware attacks on Macs and that it’s in fact only security researchers who have demonstrated that it’s theoretically possible? Not saying it won’t happen, certainly, but I suspect the comment in the guide is somewhat inaccurate.

I’m going to be a bore, but in the section about passwords you provide advice making your passwords complex with the addition of non-alphanumeric characters and symbols. But in fact all the evidence shows that a simple three word-dissociated phrase – such as “steakmudbannisters” – will defy brute force attacks better and is easier to remember than using non-alphanumeric symbols.

It might also be important to point out that almost all password ‘hacks’ are, in fact, the result of mass data thefts and not, despite what the media would like us to believe, the result of a bespectacled teenage hacker, late at night.

Hope you won’t mind me mentioning this.

I agree, Tom. But my point was that the sentence “Macs are increasingly falling victim to ransomware attacks” was clearly incorrect. I suppose my concern is that if information in the guide makes statements which are inaccurate in one aspect, it’s bound to make the newcomer wonder how accurate the remainder of the content is.

I agree with Ian here.

Whenever I see anything posted I that know to be untrue, it certainly makes me wonder how much other material from the same source is also untrue.

Further to the link that Tom posted above, I did download and read the syllabus, so I am content that most of it does seem to be well though out and presented.

As a producer of training material myself, I know that is hard work to produce materials that are both clear and simple. I also acknowledge that, depending on the target audience, it can be useful to simplify statements to the point where they are no longer 100% true.

Quite often there will be “exceptions that prove the rule”, but sometimes those are best excluded, if the training needs to be short and simple.

For example, we might tell people: “Don’t use Windows XP for internet browsing, it won’t be safe, because it is no longer supported.” Having said that, I have a brother who is a director of consultancy at leading IT firm and who still uses XP for his personal internal access. Since he is an expert, it is safe for him to use XP, because he really does know what he’s doing.

Things are changing fast Ian even Linux is getting hacked , no help from our “good ” security services here and in the USA.