Today is Safer Internet Day, #SID2016.
This year’s theme is very clear, and it’s all about you: “Play your part for a better internet!”
In other words, it’s not about how to use technology to protect yourself; it’s not about what your ISP should do to keep you safe; it’s not about how everyone else can keep you safe, although all those things are both important and useful.
This year, more than ever, Safer Internet Day is about asking not what the internet can do for you, but what you can do for the internet.
ALTRUISM BEGINS AT HOME
But that doesn’t mean that you shouldn’t look out for yourself.
In fact, the great thing about computer security is that by looking out for yourself, you help everyone else at the same time.
It’s true the other way around, too: if you behave carelessly online, you may put your friends, your family, and even complete strangers directly into the firing line of cybercrooks.
For example, if you get infected by ransomware, the crooks will hold your data hostage, and you may end up paying them £200 to get the data back, which makes it sound as though malware prevention is all about saving yourself.
But most malware infections aren’t ransomware.
Most malware is some sort of bot or zombie: a malicious program used by crooks so they can send commands to your computer from the other side of the world. (Bot is short for “robot,” because your computer ends up blindly following orders from someone else.)
The crooks will almost certainly dig around on your computer to find out if you have anything interesting for them to steal, such as passwords or account details, which clearly puts you at direct risk.
But your home computer is probably full of information about other people, too: pictures, email addresses, phone numbers, perhaps even information from work about customers or colleagues.
Even if the crooks who infected your computer aren’t interested in all that information for future cybercrimes of their own, it has value to them because they can sell it on to other crooks.
Additionally, once cybercriminals have got what they want from your hard disk, they will turn outwards, using your computer as a springboard to attack other people.
SophosLabs testing back in 2014 showed that a zombified computer on an average home network could easily deliver more than 5 million spams a week, giving crooks not only a free ride in terms of bandwidth, but also a handy way to hide their tracks from law enforcement, anti-spam regulators and security companies.
A zombie computer can also be used as a jumping off point for crooks to hack into other people’s servers, run denial of service attacks (DoS) against businesses, and much more.
PLAYING YOUR PART
It really is important to play your part for a better internet.
After all, if you aren’t part of the solution, you’re very likely to end up as part of the problem, co-opted invisibly by the crooks to form part of their criminal infrastructure.
Of course, just looking after yourself isn’t all you can do to to make the internet safer.
We urge you to evangelise about online safety to other people, too, especially children.
So here are 6 tips to help keep kids safe online.
By the way, all of these tips work for adults too – you’re never too old to learn!
1. LEARN HOW TO CHOOSE PROPER PASSWORDS.
Most of us, young and old, end up with dozens of on-line accounts, so we have to make up passwords all the time.
Even if we use a password manager program, we still need one really excellent password to lock our central “password vault.”
Don’t be obvious: avoid favourite sports teams, birthdays, nicknames, pets, and so on. Never use dictionary words, even if you 5pe11 them with numb3rs or add digits to the end99.
(Watch our popular two-minute video for some advice on how to pick proper passwords.)
2. DON’T USE THE SAME PASSWORD TWICE.
A crook can figure out your tricks if you use the same password all over, even if you try to make each account’s password slightly different.
If you have cool!nessFB for Facebook, and cool!nessTW for Twitter, a crook is easily going to guess what you’ve used for WhatsApp, Gmail and Instagram.
If you can’t remember lots of different, mixed-up passwords, try using a password manager that picks randomised passwords for your for each account.
Just pick a really good password for the password manager itself.
3. SET A LOCK CODE ON YOUR PHONE, AND USE IT.
Apple’s minimum passcode is now six digits, but you can go longer, or even choose a code of letters and digits to make it even stronger.
We know it’s a hassle, but we urge you to pick the longest lock code you can tolerate, and the shortest lock time.
You’ll soon get used to it, and you’re making it clear to your friends: this phone is not a toy for you to mess around with when my back is turned.
4. DON’T MESS AROUND WITH OTHER PEOPLE’S STUFF.
It’s tempting to grab someone else’s phone and play a prank when they aren’t looking, like sending a crazy email, uploading an unexpected picture, or posting something that you think is funny on a social media site.
Don’t do it.
Firstly, it’s illegal, and rightly so.
Secondly, even something that feels innocent or amusing could ruin someone else’s life by revealing something they had already decided to keep private, so treat their digital life with respect.
5. ONLY UPLOAD IT IF YOU’RE READY FOR EVERYONE TO SEE IT.
It sounds a bit old-fashioned to say “treat the internet like a postcard”, where anyone who sees the postcard can read the message, even if it’s supposed to be private.
A good rule of thumb is this: if you wouldn’t show it to your parents and their friends, don’t put it online, even if you think that only your own best friends will see it.
6. LOGOUT WHEN YOU’RE DONE.
This is the toughest one of all.
Mobile apps make it especially easy to stay logged in all the time, and some even make it really hard to log out. (In Mobile Twitter, for example, you have to go to Me | Cog | Sign out, and even then there’s an Are you sure? dialog.)
Like your lock code, it’s annoying to keep logging back in, but it protects you in many ways.
Most importantly, it protects you from clicking something by mistake, forgetting you’re logged into your favourite social media sites, and sharing something you didn’t want to.