I'm currently writing a unit plan for Cory Doctorow's Little Brother. The book deals with various issues of personal security and privacy.

I'm curious to know what you would deem minimum security/privacy requirements and habits for the average PC user. I know this will differ depending on the context, online habits, etc., but imagine you were teaching your children about these things. What would you want them to know? What programs should they use?

I understand this is a broad topic. Thanks for any info you provide.

7/14/2011 7:05:00 PM

secure from viruses, hackers, or advertisers?

7/14/2011 7:12:51 PM

Good question. Preferably all three?

I'd say the first two are the most important though I may be wrong.

7/14/2011 7:13:41 PM

What is a unit plan?

The minimum if I were teaching kids:

-URL structure, to be able to easily identify fake urls.
-How to create secure passwords, and use ACS providers (Live ID, google, yahoo, facebook, OpenID).
-Why they shouldn't be using P2P networks (including torrents).

-I would teach them basic whitehat hacking to understand how worms, trojans, bots and phishing work, and why people do it. I find people are 1000x more careful about their habits if they understand how things work and why these things are so malicious and damaging.

7/14/2011 7:31:33 PM

-some info on what settings to make sure are OFF when you are on a public network versus a private one
-keeping up a firewall on your private network
-updating your virus software daily

not much else to it

7/14/2011 7:32:48 PM

^See, that kind of advice is, to me, the problem.

Firewalls and Antivirus aren't going to be effective if people dont understand WHY they are used, or what for.

I've seen more people get viruses because of aftermarket firewall/av software than without it. Because inevitably there will be a needed piece of software that conflicts with the AV bundle and what do people do? They just turn it off.

Windows Firewall and MSE are all people need. Arm them with the understanding of how phishing and trojan schemes work, how internet scams work, and how to behave responsibly online.

7/14/2011 7:50:17 PM

Quote :

"What is a unit plan?"

In the fall, I'll be teaching a reading elective to eighth graders. I'm currently writing the curriculum for the course, which includes this unit plan and four others.

The follow-up questions to what's important is, "Where can I find this info online?"

in before the lemmegooglethatforyou

7/14/2011 7:53:35 PM

^^ well my advice assumes you dont just google antivirus and install the first link

installing reputable firewalls and antivirus software is key

7/14/2011 8:00:16 PM

facebook

7/14/2011 9:03:25 PM

pfSense+Snort+Blacklist
Malwarebytes Pro
MSE

7/14/2011 10:13:17 PM

I'm familiar with Blacklist, Microsoft Security Essentials, and Malwarebytes Pro. I haven't heard of the others.

7/14/2011 10:55:13 PM

snort is a defunct IDS that's beyond overkill for a personal application and pfsense is fork of a fork from smoothwall which is a netbsd based firewall which is again, overkill for personal security. I'd begin with explaining how to classify information learning what to store and not store electronically based on these classifications. then show them how to evaluate what applications/sites/users can access what data and the consequences of such.

basic security (antivirus software, firewalls, etc) is getting more and more obsolete as cloud computing becomes more popular. it's really about what information you share and who you share it with.

i'd also explain that a phone is just as much a computer as any other computer and that data privacy is even more important on a device that centrally holds communication and contact data and potentially private pictures/videos as phones are the prevalent endpoint device for this age group.

7/14/2011 11:27:12 PM

Quote :

"Windows Firewall and MSE are all people need. Arm them with the understanding of how phishing and trojan schemes work, how internet scams work, and how to behave responsibly online."

Only thing i would add to that is that there is no need for most users to always sign in with admin. rights. That's probably the number one thing I can relay to people who are extremely non-tech. savvy that they can change (or I simply change for them) and it makes a big difference. At least in my experience.

7/14/2011 11:52:47 PM

MSE + Malwarebytes Pro

7/14/2011 11:55:19 PM

Quote :

"Windows Firewall and MSE are all people need. Arm them with the understanding of how phishing and trojan schemes work, how internet scams work, and how to behave responsibly online."

7/15/2011 12:21:00 AM

^^^

I read something about that today while doing some preliminary research. It basically said many things that edit the registry/wreak other types of havoc need admin rights, and so if you signed under limited user privileges you could stop those things in their tracks.

7/15/2011 12:56:14 AM

ALWAYS Never trust a Nigerian!

7/15/2011 9:19:42 AM

I'd say something about blocking certain domains and URL patterns to hold the scourge of malvertising at bay, but that's a somewhat-advanced topic for these tykes.

7/15/2011 9:38:16 AM

Quote :

"Windows Firewall and MSE are all people need. Arm them with the understanding of how phishing and trojan schemes work, how internet scams work, and how to behave responsibly online."

also learn them on the idea of "too good to be true" and how to be suspicious of everything.

7/15/2011 7:06:29 PM