|
To Overseas Practitioners: Basic Computer Security Setup and Usage
July 1, 2003
(Clearwidsom.net)
Recently, some overseas Falun Dafa practitioners' personal computers were
infected by computer viruses or invaded by hackers. Some email accounts were
stolen by hackers and used as fake individual electronic mailboxes to transmit
viruses. Several practitioners' computer electronic mails were read. Some hacker
software was embedded into computers, providing convenience for the evil to
interfere. These situations resulted in enormous losses to ourselves and to
those practitioners whom we had contact with. Moreover, this kind of loss was
often very difficult to measure and size up within a short period of time.
Overseas, since our living environment is safe and relaxed, many
practitioners have not realized the dangers of using the Internet, have thought
such dangers are few and far apart, or that it is unnecessary to worry too much
about these things, based on our limited understanding of security issues. The
reality is, however, the Internet does not have national boundaries, so hackers
may be able to intrude on an unprotected computer system as conveniently as they
would enter their own computer systems. If we do not pay attention to security
issues, it is as good as assisting people who seek opportunities to persecute
us. If other related important computer information is exposed, or damage is
even caused to practitioners in Mainland China because our computers are hacked,
such a loss simply is not what we should incur or could make up for by
ourselves.
Certainly for Falun Dafa practitioners, the key to security issues is to
build up and maintain righteous thoughts. But when facing security issues, what
is not righteous thinking? It is carelessness toward the evil, not having
unshakable righteous thoughts, neglecting, and even failing to understand basic
security technology, or failing to properly do damage control, etc. Actually for
the last four years, the root causes of all previous leakage of key information
and security oversight have been caused by the xinxing problems of
practitioners. Some problems even resulted in losses to practitioners in
Mainland China. The lessons should cause each of us to be calmer and more
rational: acting less blindly and self-assertively; using more wisdom and
rationality. We should not have to experience every lesson over again, otherwise
it defeats our purpose of using righteous thoughts to reduce losses.
As Falun Dafa practitioners who are validating the Fa in the human world, not
facing security issues seriously is not just an issue of personal fear. Whether
or not we can clearly realize and rationally take essential security measures is
an issue of whether or not we can be responsible to other practitioners,
responsible to the whole process of validating the Fa, and responsible to the Fa
itself.
Here we suggest some minimum security measures, hoping those practitioners
who are using computers to do Falun Dafa related work can make sure the
following basic security measures are taken, in order to do well, by being
responsible for ourselves and other practitioners, in spite of being very busy.
We use several sections to discuss computer setup and usage.
1. Computer Basic Security Setup:
1. New security loopholes are frequently being discovered in the Microsoft
Windows System. Many of these are used by hackers to attack Microsoft Windows
software. Therefore the latest Microsoft Windows patches must be promptly
installed.
A. The manual installation: click on Start, then click on Windows Update,
then download and install "Critical Updates and Service Packs," following the
prompts. If this procedure has never been done before, tens of patches may have
to be installed. Multiple rounds of installation and computer restarts may be
necessary, until the number of remaining "Critical Updates and Service Packs" is
zero (0). This step must be frequently carried out, at least once a month.
B. The Microsoft Corporation provides "Windows Critical Update Notification"
to automatically search for the critical patches. Use the manual installation
procedure to install Windows Critical Update Notification in the Control Panel
first; later this component will automatically search for the patches to be
installed, and will notify you as soon as such patches are discovered.
2. Installation of firewall software can effectively guard against malicious
programs. Pay attention to firewall software on the market. Actually many of
them, including those developed by famous companies or those bundled with other
software such as anti-virus software, cannot achieve the effects as claimed. At
present the most recommended firewall software is ZoneAlarm, which can be
downloaded at http://www.zonelabs.com/. The free edition is good enough. The Pro
edition can be purchased if conditions permit. After it is installed, ZoneAlarm
will pop up a window display to request permission whenever a request is made to
access the Internet or to enter this computer from outside. Generally, all
requests of entering into your computer from outside should not be permitted,
unless you know they are caused by your own operations and are needed. For
requests of accessing the Internet from your own computer, only those prompted
by your own operations should be permitted. When there are requests to access
the Internet while you are not running any operations, then it is possible there
are malicious programs running.
3. Anti-virus software is a necessary safeguard tool to access the Internet.
Famous ones are Norton Anti-Virus, McAfee Virus Scan Online, etc. Because new
viruses keep coming up on the Internet, make sure the anti-virus software used
can automatically renew viral definition files, otherwise the function of
anti-virus software will be underutilized.
4. For those practitioners who are using broadband Internet access at home, a
router should be used, even if there is only one computer. A router has
functions that firewall software can not provide. It can also allow multiple
computers to access the Internet simutaneously. Do not directly connect the
computer to a modem to access the Internet. Make sure to buy a router, not a hub
or a switch, because a router is much more secure than a hub or a switch, and
its speed is also much faster.
5. When overseas practitioners use computers to clarify the truth about Falun
Dafa by sending emails to Mainland China, or when posting articles on the BBS,
chatting, etc., make sure to realize these can cause your IP address to be the
target for evil to attack. Therefore, in addition to employing all the above
security measures on all computers, it is best to use separate computers for
telling the truth about Falun Dafa and doing other related work. Especially for
those practitioners who are doing Dafa work and involving information about
other practitioners or sensitive information, different computers must be used
separately. The lessons we have had in this aspect are severe enough.
Moreover, after a computer is hacked, hackers can also attempt to take this
computer as a base to enter into other computers in the same family network or
local area network (LAN). Therefore if conditions permit, two routers may be
used. The first router is for the connection between the DSL/Cable Modem and
other computers which need strict protection, plus the second router. The
computers used to tell the truth about Falun Dafa are then connected to the
second router. In this way, even if the truth-telling computers are hacked, it
is still difficult to break the second router to attack other computers
connected to the first router.
2. Handle Electronic Mail Securely
1. Choose good online email service providers. Electronic mail is the most
widely used communication tool among us. The first step is to choose a good
provider. Since Yahoo, Hotmail, Msn.com and AOL have close ties with the Chinese
government, and are suspected of cooperating with Chinese web spies to monitor
Falun Gong practitioners, let us not use these email service providers.
Moreover, it is better to use ones with the SSL encryption function, if
possible.
Furthermore, mailbox login keywords need to be 12 characters long, containing
upper and lower case letters, symbols and numbers. This is not meant to frighten
people; some practitioners' Internet Service Provider (ISP) companies have
already told them that there are some IPs from mainland China trying to hack
into their mailboxes.
2. Client side email software. Commonly used email software includes Netscape
Messenger, Outlook Express, Eudora, etc. Netscape Messenger uses Netscape as a
browser and is more secure, but its functions are limited. Relatively speaking,
it is easier for Outlook Express to be attacked by viruses, etc., but it is more
convenient to use. So specific needs should determine which one to use. For
Outlook Express, the following setup is recommended:
3. When forwarding an email, please note to delete unnecessary information
that the receipients do not need, in order to protect other people. This
includes irrelevant email addresses, telephone numbers, etc. Some practitioners
use their own telephone numbers as part of their email "signatures." Although
this somewhat convenient, it will also create security loopholes. Especially for
those practitioners who are working on projects, please pay enough attention to
it.
4. Sending emails to Mainland China. Currently almost all of the electronic
mailbox services on the market do not hide the IP address. In other words, every
email you send out contains your own IP information. If a receiver is a web spy,
your IP will become a target for attack. If you can change your IP, please
change it after sending an email to an unknown person.
If any practitioner has any better suggestions, please provide them or make
corrections, in order to insure that our computers work better for Falun Dafa.
Posting date: 7/13/2003 |