Anyone using the Internet should be concerned about the security of
the computer installation that they are working from, for several reasons.
We can only give you very brief ideas here about what you should look
out for. We take no responsibility for the advice offered below
although we hope it is helpful
- The machine that you are working on (or one connected to it) could
be compromised by what you do.
- You may (knowingly or unknowingly) compromise another machine
- You (nomrlally) have a resonsibility (e.g. to your employer) to behave in
a secure manner.
- If your resources (e.g. password) are used by someone else you may
be responsible for what is done under that resource.
- We do NOT give any assertion that any software, any data, any
pratice or any advice offered in this course is secure. If you are
in any doubt, don't use it and consult a local expert.
- if your employer has a policy on the use of the Internet or computers
then you should follow that rather than the advice here.
- many sites (especially commercial) have firewalls to prevent certain
types of security problem. Any software that you run 'inside' the firewall
will have to be agreed with your system administrators.
- many sites do not allow downloading of data from the Internet and this
could (unfortunately) make it very difficult to pursue the course. Others
will allow a restricted set of sites (or types of data).
- the use of MIME types that cause scripts to be activated has special
dangers and you should check with your sysadmin again.
- Do not trust the identity of any file (especially binary). Thus
downloading a 'gif' and then executing it could run a rogue program.
- don't be afraid to talk about security and read about it.
- if necessary, use a machine which is not connected to your normal
system, and where security may be less of a problem.
up to index
pmr for pps
Sept 18 1994