In theory, you should change these periodically. I bother doing that only with financial accounts. Also, I say “No” when my browser asks if I would like it to remember the password for a financial site. (For convenience, I let the browser remember other passwords I create for, say, joining a Yahoo discussion group or reading the China Daily. I don’t even bother to change my e-mail passwords frequently, because the security problems with e-mail can be addressed more easily.) I try never to use a financial site when I am piggybacking on someone else’s unsecured WiFi network. Maybe there’s no risk, but I get suspicious when I see a network named something like “Free Public Wi-Fi Access!” at an airport or a coffee shop. For-pay WiFi networks, like T-Mobile in Starbucks, are presumably much safer—after all, you have to give your credit-card number to get on in the first place.
I pay attention to one other kind of password: I make sure that the WiFi networks I set up at home require a password to log in. It takes only a minute, and it allows different computers in my house to share information on the network without my needing to wonder whether someone else is sharing the data too.
E-mail. Here are the two things wrong with e-mail: what it brings in, and what it lets out. On the inbound side, people worry too much about what is an annoyance but not a real threat: spam. Sure, I too am tired of hearing about “Discount C1alis!!” and the latest offer from Nigeria. And yes, I realize that for network operators the enormous volumes of spam create serious logistical problems. But nearly every e-mail system has a serviceable filter that can learn to cull 95 percent or more of the incoming flow. If you can’t tell at a glance which of the remaining items are spam, you’re not trying. (The best filtering system I have encountered is Gmail’s. It has relatively few “false negatives,” spam messages that make their way into your inbox, and amazingly few “false positives,” messages you want that are trapped by the Gmail filter. The updated junk-mail filter in Outlook 2007 is hyperaggressive in trapping messages as potential spam, but it learns quickly when you indicate which ones you’d like to see.)
By the way, you are an enemy of society if you have signed up for a “challenge-response” antispam filter. When a message from an unrecognized e-mail address comes into one of these systems, the filter sends back an (inevitably insulting) inquiry to the effect of: Who the hell are you? Fill out a form, and I’ll see if I want to accept your e-mail! Mainly I encounter these when people have written me out of the blue and I reply from a different e-mail address than the one they were expecting. EarthLink is a wonderful company, but I would like it a lot better if it stopped featuring challenge-response for its customers’ e-mail.
The real incoming threat via e-mail is, of course, a virus or other potentially damaging piece of code. Users really should worry about this and apply protective tools. The market is full of antivirus programs, which can be measured by three standards: completeness, frequency of update, and speed of operation. These mean, respectively, how many viruses and other threats, including malware, the program will recognize; how frequently it adds to its list of threats; and how long it takes to do its job. Speed is a bigger issue than you might think. Since the programs scan each e-mail, each document, and in some cases each program file before you open it, slower ones can make your computer seem as if its internal processing speed has been cut in half.
Most new PCs come with one of two antivirus systems installed, on a free-trial basis: McAfee or Norton (part of Symantec). The demo version will usually run for two or three months, after which you must subscribe to get further protection. Prices range from about $25 a year to nearly $100, depending on which extra features you want. I’ve paid for and relied on both. At the moment, Norton has a slight edge, mainly because it doesn’t slow the computer as much as McAfee (Norton must have fixed something; earlier versions were molasses-slow). Both are effective and reliable—as are other for-pay products, like ZoneAlarm.
But what I now use and like is a fast, free, frequently updated antivirus program called Avast, from the Alwil company, based in Prague. Like the other programs mentioned here, it comes with a variety of other anti-malware features. Alwil says that 30 million people worldwide now use the free, home version of its program. (Businesses are supposed to pay.) The Grisoft company, also founded in the Czech Republic, offers another popular, free antivirus program called AVG.
Neither AVG nor Avast is yet available for the Mac. (Until recently, there was no reason. Norton and McAfee have well-established Mac programs; I haven’t used either enough to recommend one over the other.) I chose Avast for my PC because its range of features seemed broader. Before installing either, you have to uninstall the trial version of McAfee or Norton that is probably embedded somewhere on your machine.
And what about the outbound threat from e-mail? This is the risk that something you write will be seen by people you didn’t intend. This threat is different from the others, in that it’s entirely within each person’s control. But it’s worth remembering that within 20 years, e-mail has gone from seeming about the most-secure form of communication to about the least. Now that everyone has e-mail, it’s simply too easy for messages to be bcc’d or forwarded in mischievous ways. If you have thoughts you don’t want others to see, don’t put them in e-mail. When answering e-mail, I delete either all of the incoming thread or all of it except the latest message I’m directly answering. Much e-mail-induced embarrassment comes from those long attached threads.
Firewalls. Firewall utilities keep other users from gaining partial or total control of your own machine via its network connections. Without a good firewall, your files might be corrupted, as mine were several years ago. Or “spyware” might be installed, which can monitor your activity and potentially capture passwords or other sensitive data. Fortunately, excellent firewalls are now built into both Mac and PC operating systems. The Mac’s is built into OSX; Microsoft’s Windows Firewall is built into Vista and Service Pack 2 for Windows XP (available at http://tinyurl.com/3upjr).
With these measures in place, I can apply my worries to more-productive matters than the possibility of attack. That’s the goal of any security policy—including national security, too.