Click, Click, Who’s Really There? Written by Koh
LHK Publishing, LLC P.O. Box 473312 Charlotte, NC 28247
Copyright ©...
19 downloads
1184 Views
1MB Size
Report
This content was uploaded by our users and we assume good faith they have the permission to share this book. If you own the copyright to this book and it is wrongfully on our website, we offer a simple DMCA procedure to remove your content from our site. Start by pressing the button below!
Report copyright / DMCA form
Click, Click, Who’s Really There? Written by Koh
LHK Publishing, LLC P.O. Box 473312 Charlotte, NC 28247
Copyright © 2006 by Koh
All rights reserved. This book may not be reproduced in part or whole in any form whatsoever without written permission from the Publisher.
Printed in the United States of America ISBN 0-9760294-1-3
With love A big thanks to all the families who have shared their stories with me and allowed me to share them with others. Your heartfelt passion will truly make a difference! As always, special thanks to Maria, G52, and my family and friends for your support and love. ~Koh
Table of Contents Introduction: Before We Begin
1
Part I:
Child Safety
Chapter 1: Chapter 2: Chapter 3: Chapter 4:
Online Strangers Cyber Bullying Monitoring Software Exposure to Unsuitable Material
Part II:
Family Safety
Chapter 5: Chapter 6: Chapter 7:
Family in the “New” Wizard of Oz Viruses and More – Beyond a Nuisance Protecting Your Privacy
Part III:
Guidelines to Get Started
Chapter 8: Chapter 9:
How to Get Started (includes Tips At A Glance) 113 Technical Instructions 121
Resources
9 25 37 55
65 73 93
147
Introduction – Before We Begin
INTRODUCTION
Before We Begin “I never thought it would happen to me!” Ask anyone who was victimized by an online crime if he or she thought it would happen to them. Chances are - well first, chances are they will not talk to you because many families who have been victimized do not wish to make it public. If you know the victim, then probably that person will tell you, “I never thought it would happen to me!” Luckily for you, picking up this book (and reading it!) means you may have just helped to reduce the risks for you and your family. The internet1 is a comprehensive resource and a highly beneficial tool. Every person online can and should take full advantage of all the internet has to offer. But every person online is also equally susceptible to the seemingly invisible, yet real, dangers unless protective measures are taken. But how? How are today’s adults, who did not grow up with the internet, expected to keep up with technology? This book is designed to address that exact audience, providing solutions and action steps that every person, from novice to expert, can understand. Regardless of one’s level of technical expertise, everyone should use this book’s nontechnical, family-based approach toward internet safety. Of course, technological discussions cannot be completely avoided when dealing with computers. In the few instances where technical vocabulary and procedures are needed, explanations will be provided in layman terms.
Safety & Privacy The primary focus of this book is the safety issue, which includes privacy. The objective is to build awareness about the realities of the 1
The word internet will be not be capitalized in this book, as per the explanation on page 28 of Click, Click, Who’s There? 1
Introduction – Before We Begin
dangers of the internet and to suggest solutions to reduce the risks. Book 1 of this series, Click, Click, Who’s There? 2 developed a solid foundation for parents and families to make strong, balanced decisions about online usage. Now, whatever safety measures you adopt from this book can be firmly placed upon that foundation. Although this book does stand alone, references to Book 1 will be made throughout the upcoming chapters. Therefore, reading Book 1 may strengthen your understanding and empower your decision-making process. Many excellent books are available that provide thorough and detailed instructions on installing and configuring safe software options for your computer. These books are invaluable resources, and you should consider purchasing one or more of them. Several recommendations are made in the resource section of this book. (Note: The author and publisher have not partnered with any vendors. Recommendations for books, software, or other resources are not a result of partnerships, payments, or endorsements.) So why not just recommend the other books and end this book here? Answer: time and technology. Time:
The books generally are 250-350 pages. A family with great intentions reads the first two or three chapters. Then the challenge of finding the time for another 200 pages tucks the book onto a dusty shelf. The instructions are well-written, but nonetheless, they require time to sit at the computer and follow along. Time is required to comparison shop for products, run the installation, configure the software, and learn to use the device.
Technology: For those non-technical users who do find the time, once seated at a computer, they often get lost. Their computer screen may not look like the instructions. One easilymissed keystroke sends them in a different direction. Conflicts with incompatible software cause confusion. People become frustrated or run out of time. Granted, time and technology are not obstacles for everyone. But in today’s “Sound Bite Nation,” brought on by increased decision-making and time-consuming demands, we require answers that are short, fast, 2
Click, Click, Who’s There? Koh, LHK Publishing, LLC, 2004. 2
Introduction – Before We Begin
and concise. Your family’s safety deserves more than short and fast. Realistically, though, most families will be more willing and able to initially handle a “sound bite” solution, particularly if the solution is in terms they already understand. Therefore, families are more apt to read a shorter, non-technical book and begin taking simple but effective steps toward family safety and privacy. The goal is have you do something, rather than nothing.
Format of the Book The book is divided into three sections: Part I:
Children
Part II: Family
Deals with the most common issues regarding online dangers and our children. Addresses family privacy and security.
Part III: Guidelines to Get Started
Provides action steps to get started, a summary of tips, and technical instructions.
A resource section is included at the end of the book. The world wide web is exactly that – world-wide. There are numerous risks of global proportions. A volume of encyclopedias would be required to address every single online danger, issue, or risk that faces our children and families today. If every topic were discussed, the overwhelming nature would probably push you into that time and frustration trap. Therefore, this book covers only some of the most pressing issues. The awareness, solutions, and tools provided should enable you to build a strong protection grid for your child and family. As you approach other issues and as new dangers surface, you should be better able to handle and address them with more confidence. Full protection online requires some technical action. If you implement all the non-technical suggestions in the book, you will indeed have taken great leaps toward protecting your family. However, technical aspects cannot be ignored. Therefore, technical actions will be sprinkled throughout the book and included in Chapter 9. These technical options may also fall prey to the “here today, gone tomorrow” nature of technology. However, every piece of technical information 3
Introduction – Before We Begin
you gain will help you build a higher level of understanding about technology, which in turn will make learning new solutions easier. Following the format of Book 1: ~ Your child is addressed in the singular tense. Although you may have many children, every single child is important, and each one deserves to be considered individually. ~ In Book 1, each child was referenced as a “she.” In fairness to the genders, in this book, each child is referenced as a “he.” This does not suggest that boys or girls are more or less vulnerable to any danger. Gender does not dictate safety or security. ~ Key messages are placed in a box to emphasize importance and to provide a quick reference in the future. ~ Analogies are used to help today’s generation of parents relate technology to something they already know. ~ We do acknowledge the technology industry for developing great inventions, advancements, and conveniences. Technology has had an immeasurable, positive impact on our lives. Everyone should be able to use and reap the benefits of technology. This book is helping you to do just that while avoiding the dangers. ~ Quotations are slightly modified and not fully cited due to privacy requests from victimized families. Many stories shared in this book are actually a combination of multiple accounts heard on a common theme. This grouping approach is used to avoid identifying any individual family and to make the point that these stories are not single situations that only happen to one person. ~ Acronyms are used for humorous reasons, but also for awareness purposes. Children use acronyms for fun and for short cuts. They also use them for disguising messages from adult eyes. For example, POS - Parents Over Shoulder; CTN - Can’t Talk Now; PAN - Parents are Nearby.
4
Introduction – Before We Begin
Now, using the analogy of the airplane from Book 1: Obey the Captain’s sign and buckle your seat belt as you travel through this book. The journey may be a bit bumpy at times, but the information will help you get to your destination . . . safely.
5
Part I Child Safety
“I had no idea! Why didn’t anyone tell me this before?”
~
The internet means your child now has access to the world . . . and the world has access to your child.
Chapter 1 – Online Strangers
CHAPTER 1
Online Strangers “How did this happen to my child? She is a bright honor student and would never do anything like this.” 3 Your child being abducted by a stranger may be the greatest fear you have about your child being online. Yet, when asked whether they think their child is in danger while online, many families have responded, “Yes, children are at risk, but not my child because . . .” Every because statement turned out to be false for the children who have been victimized. In fact, many innocent, good children may be in the process of being set up right now.
The Misconception Why do parents think their child is not susceptible to the dangers of the online world? Could it be a lack of information about the realities of the internet? Since today’s adults did not grow up with the internet, how can we truly wrap our brains around the concept that a piece of metal and circuitry sitting on a table is an open portal to the world? That abstract concept is even difficult for some technical experts to conceive. Do you really understand that 888 million4 strangers have access to your child while he is sitting in the comfort of your own home? Another reason for the “not my child” response is that many believe the problems with online strangers only happen once in a blue moon because people do not read about it every day in the paper or see it 3
From the mom of a victimized teenager.
4
Internet Usage Statistics – The Big Picture, . Miniwatts International, Ltd., 2005. This is a usage estimate for 2005. Keep in mind most statistics regarding the internet are rough estimates, since there is no centralized system of counting or tracking every user or activity online. Statistics are based only on reported cases. 9
Chapter 1 – Online Strangers
every day on the news. But a lack of media coverage does not mean a lack of occurrence. Recently, the FBI’s Top Ten Most Wanted list included three internet child predators. The National Center for Missing & Exploited Children (NCMEC) published a list of headlines for 49 out of 50 states.5 The NCMEC also reports: “Online child sexual exploitation is a serious problem. Approximately 1 in 5 children is sexually solicited online.” 6 The report is based on a study performed in the year 2000. Now, five years later, there has been a 146% growth in the usage of the internet.7 The current (May 2005) estimate of online users is 888 million. This means that five years ago there were an estimated 361 million users. The NCMEC has not yet released an updated study, but as the saying goes, you do the math. Or forget the math. One in five children is shocking enough. The FBI reports under the heading “Crimes Against Children” that: “On-line child pornography and child sexual exploitation are the largest crimes against children problems confronting the FBI.” 8 The magnitude of the problem prompted a specialized and separate initiative by the FBI called the Innocent Images National Initiative (IINI). Reports have stated that online crime against children is growing so rapidly that IINI is the second-largest operation for the FBI,
5
Online Enticement Articles, . National Center for Missing & Exploited Children, 2004. 6
HDOP: Help Delete Online Predators, < http://www.missingkids.com/adcouncil/>. National Center for Missing & Exploited Children, 2005. 7
Internet Usage Statistics – The Big Picture, . Miniwatts International, Ltd., 2005. 8
Today’s FBI Facts and Figures, . Federal Bureau of Investigation, April 2003. 10
Chapter 1 – Online Strangers
second only to September 11 and the terrorism issue. Furthermore, the FBI reports: “Six out of 10 kids online have gotten an e-mail or instant message from a perfect stranger . . . and more than half have written back. One in 33 kids has been aggressively solicited to meet their ‘cyber friend’ in person.” 9 Those statistics may seem surprising. There may seem to be quite a difference between those numbers and what you have heard or have read. The discrepancy exists because children and families who have been victimized generally do not broadcast their personal and painful experiences. In a federal case solved by the FBI, a young girl was kidnapped, molested, and tortured. Understandably, the family declined to discuss specifics of the case with the media. People generally do not like to admit their lack of action, involvement, or knowledge that may have led to such a traumatic ordeal. Today’s adults have a particularly difficult time with this because the internet is new to their generation. With other parenting situations, a lack of involvement can be a successful parenting strategy. For example, when siblings or friends argue, parents often allow them to work out a solution on their own. But this tactic does not work with the internet. A lack of parental involvement creates an open breeding ground for online dangers, magnifies the risks, and increases opportunities for crime.
Online Stranger vs. Online Friend The seemingly obvious solution, then, is to tell your child not to talk to strangers. The “Don’t talk to strangers!” advice works well in the real world, but in the online world, it is not enough.
9
Internet Safety for the Wired Generation, Advice from FBI Cyber Expert Arnold Bell on Protecting Our Children, . Federal Bureau of Investigation, September 1, 2004. 11
Chapter 1 – Online Strangers
Children and adults feel that once they have chatted with an online person for awhile, that person is no longer a stranger. Parents should clearly define for themselves and their family the definition of an online stranger vs. an online friend. Is there a difference? What exactly is a friend? One dictionary defines a friend as “a person whom one knows, likes, and trusts.” 10 How do you know a person that you met online? Someone can claim to have all the same interests as you do, but unless you go out and share those interests, unless you go to a football game together, order the same ice cream flavor at the same time, or watch reruns of Friends in the same room and LOL11 (laugh out loud) simultaneously, how do you know that you truly share the same interests? Typing words on a screen without accountability or proof is easy. How do you even know the true identify of a person you met online? Just because someone sends a picture, is it really a picture of that person? A web cam visual may not even be accurate, as a person can control and tamper with web cams.12 To make the challenge even more difficult, keep in mind that online predators are exactly that. They prey on others, not by accident but by design. Law enforcement agencies profile online predators as welleducated, upper-middle-class citizens who have successful careers. Predators know exactly what they are doing, and their every action is done very purposefully as they gradually and convincingly win the trust of a child. The predator may start out as a stranger but strategically maneuvers to become a friend. How can you tell the difference between an online stranger and an online friend? If we as adults have difficulty telling the difference, how do we expect young, innocent children to decipher the difference? This is not to say that every person met online is a predator or has mal intent. Certainly meeting a real friend online is a possibility. However with statistics like “1 in 5” and “6 out of 10,” as quoted on previous pages, the dangers of meeting someone online cannot be ignored. 10
The American Heritage Dictionary of the English Language, Houghton Mifflin Company, 1976. 11
LOL is an online acronym used in IM, chat rooms, emails. The tremendous irony of using it in this section about friends and trust could not be resisted. 12
In January 2005, a man in Spain was arrested for remotely controlling web cams in homes, amongst other charges. 12
Chapter 1 – Online Strangers
The Online Friend Makes His Move Now your child has an online friend. They have been chatting with each other for quite some time. Your child believes that he knows this person, and a trusting relationship has developed (per the definition of a friend). Your child and this friend have a lot of common interests, or so your child thinks. The next natural step would be to meet the friend in person. Hopefully, by now (or by the time you finish reading this book), every parent will have had the discussion that no face-to-face meeting with online strangers or friends should ever occur without a parent or an approved adult presence. If your child is not of driving age, you may have a greater sense of comfort knowing that he cannot go anywhere without your knowledge or chauffer service. Do not relax yet. Remember that predators are clever. They sometimes appear online as a child of the same age, “I’m only 13, too!” The disguised friend then says, “My dad can pick you up after school.” Some predators outwardly admit they are adults. The adult friend gains trust and gives the child a sense of comfort knowing that “Finally, an adult gets me!” Regardless of the approach, they study the psychology and mentality of their prey and appeal to the needs of the child. The bottom line is that your child is young, loving, curious, and trusting. Predators go after those qualities and know how to manipulate the situation such that “your parents don’t need to know.” A face-to-face encounter such as kidnapping is not the only danger of meeting online friends. Return to the scenario of your child’s online friend to whom he has been talking for some time. Friends share information. You may have instructed your child not to give away personal information on websites or to strangers. But a casual conversation with a friend could easily reveal all kinds of personal information. Online friend:
I’ve got a stupid middle name, Rupert. What’s your middle name?
Your child:
Parker.
Online friend:
Is that like a family name? 13
Chapter 1 – Online Strangers
Your child:
No, just a name my mom liked.
Online friend:
Oh, I thought maybe it was like your mom’s maiden name.
Your child:
No, my mom’s maiden name is Wilson.
Along with his birthday and other personal information, your child may have provided his online friend with enough personal information to hack passwords. How many people use birthdays, mother’s maiden name, or place of birth as passwords? Remember, predators work very strategically and can easily extract that type of information in casual conversation. “But I didn’t tell a stranger where we live or where I go to school. I told my friend.” Now, in addition to the possibility of child abduction, the scope of risks has been widened to include identity theft, access to online accounts, and loss of privacy. Even physical theft is possible. There have been documented cases of this nature: Online friend:
Every summer my family goes to the beach.
Your child:
Really? We do, too.
Online friend:
Really? What beach do you go to?
Your child:
Ocean City, Maryland. We own this deal where we go every third week of June.
Result:
The family’s physical house is robbed during the third week of June.
Solutions Parental involvement is essential and critical. There is no DMV, FAA, FDA, or other centralized law-making safety device for your child on the internet. Some laws have been instituted, but they do not work without parental involvement. Laws do exist to punish a predator, and more and more predators are being caught. But certainly you do not want to wait until your child is violated to let the law take over. 14
Chapter 1 – Online Strangers
You, the parent, are it. You are the safety device and the law-making protection agency for your child’s online life. Every article, book, protection agency, and resource states the same thing: “The best way to guarantee your child’s safety online and have peace of mind is to be an active parent in your child’s online habits.” Safety Monitor – How to Protect Your Kids Online
“The best line of defense: good parenting.” The Complete Idiot’s Guide to Internet Privacy and Security
Under the heading “How AOL Protects Children” “The most important factor . . . is parental consent and control.” America Online® Guide to Internet Safety
“You are the parent.” The Parent’s Guide to Protecting Your Children in Cyberspace
There is no getting around it. There is no avoiding it. So what exactly does parental involvement entail?
You Are More Uhlee The first step is the most important step and is, not surprisingly, a nontechnical step. Ironically, the first step is to step back. Take a step back from technology and look at your child’s whole life. Look at his relative position in terms of experience in this world. Your trusting, curious, loving child has fewer years of experience on this earth than you do. You are more prepared developmentally, psychologically, emotionally, mentally, physically or any other-ally than your child. You are more-ally, which in this book will be written as uhlee. Your child may be a genius or slated to be the future president of Mensa. Perhaps his brilliant technological brain could go head-to-head with Bill Gates’s #1 programmer. Regardless, he is still less uhlee than you are. He has less life experience and development and, therefore, cannot discern as you can. He does not have the knowledge base that only comes from time and experience as you do. His brain is not developed as is an adult’s brain. 15
Chapter 1 – Online Strangers
This gap in development is no secret. Lack of maturity in children has created age-requirement laws for driving, drinking, voting, and going to war. Those laws exist to protect your child until he is ready to handle those events. Poor choices on the internet, from a lack of uhlee, can also affect the rest of your child’s life. Currently, there is no age requirement for the internet or ICE.13 Consequently, a common mistake made by adults today is to allow a child who knows much more about technology to make the decisions about technology. The internet is a portal from your private home into the world and vice versa. You, the adult, must make the decisions that affect your child’s entire life in the realm of the entire world.
Even though your child may know more about technology than you, he does not know more about life. You are more uhlee.
Action Steps The end of each chapter in Part I provides action steps for you to help protect your child. Some action steps are repeated in several chapters because there is an overlap in the safety precautions needed for the different areas. Repetition is also purposely incorporated to emphasize importance. 1. Have the O-S-Es talk with your child. Every parent must have the Online Safety and Ethics (O-S-Es) talk with every child. Much like the Birds and the Bees, there are now the O-S-Es. Note: Pronounce each letter, pluralizing the E. The rhythmic tone and allusion to an already known phrase (Birds and the 13
The AOL website does state that a person must be 13-years-old to use their instant messaging system. How many people are aware of this? Who is enforcing it? How can it be enforced? ICE (instant message, chat rooms, email) is an acronym from Book 1, which denotes the ice cold nature of online communication. 16
Chapter 1 – Online Strangers
Bees) was purposely combined with today’s common use of online acronyms. You are the first generation of parents charged with this new talk that has to be included in the child-rearing process. There are several areas to be covered in the O-S-Es talk, and they will be addressed at the end of each relevant chapter. For this chapter, the O-S-Es talk should include the next three action steps. 2. Create rules. Set up a firm set of rules and discuss them thoroughly with your child. a.
Do not call them “guidelines” as they should not be a soft set of “it would be nice if you would follow these” rules. They need to be clear and firm, and they should carry enforced consequences.
b. As you set up your rules, remember that “Trust is not the issue!”14 Do not wait for something horrifying to happen to your child in order to adopt this principle. The parents of the child who was abducted and abused (mentioned earlier) did not wish to discuss the case publicly. However, what few words they did say included, “No matter how trusting you are . . .” Trust is not the issue. c. Here are some rules to get your list started. More suggestions will be added with each chapter. Add, elaborate, change, or do whatever is necessary to personalize this for your family’s list of rules. Keep the computer in a family room, not in a bedroom. The FBI, Department of Justice, law enforcement agencies, and all online safety advocates strongly recommend keeping a computer in a family room. Do not give out personal information, not to anyone, anywhere. Personal information includes full name, pet 14
From Book 1, Chapter 8: Making Decisions for Your Family. 17
Chapter 1 – Online Strangers
names, parent names, phone numbers, address, age, gender, name of school, passwords, social security numbers, your picture, and any other data that is particular to you or your family. If there is a request for personal information, discuss it with a parent first. Friends online may not be friends. Avoid posting information on websites, including weblogs.15 If anyone contacts you online whom you have not already met face-to-face, inform a parent right away. Anyone means anyone, not just strangers. Don’t be misled by someone who claims to be a friend of a friend, a friend of a relative, or a person you once met awhile ago. Although there is a chance the person is legitimately who he or she claims to be, there is also a chance that he or she is not. If any online friend wants to meet you face-to-face, inform a parent right away. Do not have a meeting with this person, even if he or she has become your best friend, unless your parent (not his or her parent) is present. If an online friend or stranger says anything about not informing your parents, that means you must inform your parents right away. Warning signs include: Don’t tell your parents. Your parents don’t need to know. It’s okay if your parents don’t know. I talked to your parents, and they said it was okay. There’s no reason for your parents to know. I’ll tell them. If anyone online types any words or messages that make you feel the least bit uncomfortable, tell a parent or supervising adult immediately. d. Write, discuss, and sign the rules. Review them frequently, and update them as needed. 15
Weblogs are personal logs on the web. Chapter 3 discusses weblogs in more detail. 18
Chapter 1 – Online Strangers
3. Define online friend vs. stranger. Have a lengthy discussion with your child about online friends. Is there such a thing as an online friend? Some families may wish to call all people “strangers” if they were met online. Other families may want to coin a new word or acronym for a person met online. For example: He is a peemo. (P.M.O. Person Met Online) He is a UFO. (Unknown Friend Online) This one seems to work because the connotation of a UFO is that of the unknown and a bit odd, strange, or suspicious. He is an i-roo. (I.R.U. Identity Really Unknown) If you choose to continue to use the word friend, make sure your child understands the difference between a real-person friend and an online friend. Make sure your child is clear about the possibilities of friends really being dangerous strangers.
If your child is too young to understand that concept, perhaps he is too young to be making friends online.
4. Enforce the rules. Enforce the rules by checking your child’s online activity. This is probably the most difficult part. You need to be involved in your child’s online life. The parents of children who have been victimized also thought, “Not my child.” Their children were trustworthy and smart. They were all good kids. The mother of a victimized daughter gives you advice, “. . . check it, check it and double-check . . .” 16 “It” refers to the online activity of your child. This is one of those times when you might want to learn from someone else’s traumatic experience, rather than having to experience it yourself. 16
From an article in the Washington Post, January 6, 2002 page C01, by Tom Jackman. Although the story was publicized, the title of the article is purposely withheld. 19
Chapter 1 – Online Strangers
The advice to “check it” is not a trust issue. Young children are impressionable and trusting. They possess a natural quality of innocence. Predators rely on those same qualities. This is no coincidence. Your involvement by checking is to protect your child, not to mistrust him. How do you check? One way is to use monitoring software. The use of such software does cause a debate about trust, privacy, and feasibility. Chapter 3 is dedicated to the topic of monitoring software. 5. Use technology. Buy any or all protection devices available. If necessary, hire someone to help you purchase, install, and use them. (See Action Steps in Chapter 3.) a. Use parental controls provided by your ISP, such as filtering all children’s email through a parent’s email box first. (See Chapter 9, page 132 for more information and a definition of ISP.) b. If your child uses instant messaging, go over all settings with him. Only people on his buddy list should be able to contact him, and you should know every person on his buddy list. Delete all profile information. Chapter 9 explains this process. 6. Set limits. To sail safely (see Book 1, page 52), place rules, time limits, and/or age limits on ICE and internet usage. Here is a sample chart that you can use. Place your age requirements in the age column and then write the number of minutes allowed per day or week for each activity. Remember that 0 minutes is an option for any category at any age, especially for chat rooms.
Age Email
IM
Chat Sail with parent Sail without parent room in the room in the room
8 11 14 20
Chapter 1 – Online Strangers
7. Be the parent. If your twelve-year-old child said, “What’s the big deal, Mom? Let me go to the keg party,” you would know what the big deal was. You have a strong conviction and understanding. You have years of knowledge and wisdom that allow you to stand firmly on your parenting decision. But what happens when your child says, “Mom, let me . . . online . . . every one does it . . . what’s the big deal?” Where are those years of experience, knowledge, and wisdom about the internet? They do not exist. Yet after reading this book, you know there are dangers. Your child knows there are dangers. The internet tends to mask the dangers behind the harmless metal box of circuitry. You may not be able to detect the dangers with your five senses, but they are real. If you are having a difficult time finding firm footing, you can always use the mantra: “Because I’m the parent.” Whatever parenting style you use to keep your child safe from drugs, alcohol, firearms, or strangers on the street, use those same convictions. Stick to it for your child’s sake. Do not be afraid to be firm about your child’s safety. Recall from Book 1 that “Everyone is doing it” or “Everyone has it” are not justifiable reasons to allow your child to be exposed to risk. Still there may be parents who cannot find that firm footing because their children know so much more than they do about technology. Ironically, there are some technically-expert parents who have not had the Online Safety & Ethics talk with their children because they do not think it is necessary since the parents are indeed technologically savvy. For both sets of parents and everyone in between, this book will give you more firm footing and will provide more reasons for you to take action and get involved in your child’s online life. 8. Learn from others. Listen to and heed the advice from people who have “been there, done that.”
21
Chapter 1 – Online Strangers
Advice from Victims and Criminals From the mother of a victimized daughter who was kidnapped and molested: “No matter how you feel about your child or how trusting you are that what’s going on is innocent, check it, check it and double-check it or don’t have [the Internet] at all.” 17 From a 15-year-old victimized girl: To parents: “Know who your kids are with . . . watch them when they’re online . . . make sure you know where else your child might be using a computer; at a friend’s house, library, or school . . . listen to your feelings.” To kids: “Don’t give out any addresses, don’t agree to meet anyone, don’t believe everything you hear and see – they may be telling you that they’re 15, 14, or 12, but they’re actually probably 30, 40, or 50 years old . . Don’t think that they can’t come to your house, because they can!” To both: “[Predators] catch [teenagers] at their weakest moment, and they prey on that.” 18 From a 35-year-old convicted predator serving twelve years in jail: “Just watch [your children] 24 hours a day if you have to, just to make sure they're safe, because it's definitely a dangerous world out there [on] the internet.” 19 17
See previous footnote.
18
Collier, Anne. Amy’s Story, . National Center for Missing & Exploited Children, 2004. In this instance identifying information has already been changed to protect the family. 19
Your Child Could Be An Internet Victim in Minutes; Convicted Predator Warns Parents to Keep Eye on Children, . NBC10.com, 2003. 22
Chapter 1 – Online Strangers
Closing Remarks Why wait to be a statistic to do something about it?
Cyberspace does not discriminate against race, color, religion, socioeconomic status, or gender. We are all on the same side of the tracks in cyberspace. Every single child online is at risk. None of the victimized families thought it would happen to them. The most effective way to reduce the risk is through parental involvement.
The more control you have, the less control others have.
There are legitimate, young, fun acquaintances that can be met online. Healthy, long-lasting relationships can be made. As the parent, you need to decide whether it is worth the risk. In balancing the scale, if the risks outweigh the benefits, then either remove the potential danger or minimize the risks by implementing the action steps. Then your child can enjoy the advantages of the internet in a safer setting.
23
Chapter 2 – Cyber Bullying
CHAPTER 2
Cyber Bullying “What’s the big deal? Some kids are just too sensitive. If they don’t like it, tell them to not read the email or to ignore the message.” This defensive response from a ironically magnifies the fact that bullying has resulted in children schools, being expelled, being significantly, committing suicide.
group of eleven-year-old children the behavior is a big deal. Cyber changing schools, dropping out of named in civil suits, and, most
~ Nearly 80% of children surveyed said that they have read or spread gossip online.20 ~ Of 3,000 children surveyed, 50% said they or someone they know have been victims or perpetrators of cyber bullying.21 ~ In a poll of 200 students, 98% said they had been a victim or perpetrator, or had a friend who was a victim or perpetrator.22 When at least 50% and as much as 98% of children are somehow involved, the “What’s the big deal?” or “Just ignore it” arguments do not justify or substantiate a defense. Cyber bullying is a serious problem that has generated thousands of articles, headlines, solutionoriented groups, and other such responses. As the popularity of the internet has escalated, so has online bullying. 20
Meadows, Bergal, Helling, Odell, Piligian, Howard, Lopez, Atlas, Hochberg. “The Web: The Bully’s New Playground” People, March 14, 2005, Time, Inc., 2005. 21
Swartz, Jon “Schoolyard bullies get nastier online” USA Today, March 6, 2005, USA Today, 2005. Also . 22
Swartz, Jon “Schoolyard bullies get nastier online” USA Today, March 6, 2005, USA Today, 2005. Also . 25
Chapter 2 – Cyber Bullying
What is Cyber Bullying? Simply stated, cyber bullying (also called online bullying) is a method of bullying using electronic formats. Unkind, harmful, and threatening messages and rumors are spread through text messaging, video messaging, instant messaging, chat rooms, email, and website postings and polling.
Cyber Bullying vs. Old-fashioned Bullying Kids have been bullied throughout the generations. Some say to just let kids be kids. There are books written about bullying as a part of the natural cycle of maturity and growth for children. Some researchers equate it to the biological instinct of flexing of the muscles, marking territory, or proving one’s masculinity. But the research was conducted and the books were written long before cyber bullying came into existence. How is online bullying any different? What are the researchers saying now? It is too early for conclusive, long-term data because the phenomenon of online bullying has only just begun, yet again placing today’s generation of adults and children into the guinea pig category. You probably are familiar with the traits of old-fashioned bullying. When you were a child, you may have seen or heard classmates being bullied. There was the occasional bullying on the playground or in the hallways. The bullied child might have feared the two or three mean kids, but he could run away when he saw them coming. Luckily, adults were usually nearby to help reduce the occurrences or ward off the behavior. At least a child could rely on the safety of his home to get away from the bullies. None of that holds true for cyber bullying. Constant, not occasional The occasional playground bullying is exacerbated online, as a child can be bullied 24/7 through “always on” electronic formats. No escape A child cannot get away from cyber bullying, even in the safety of his own home. “There is no escape from it,” said a child who was cyber 26
Chapter 2 – Cyber Bullying
bullied.23 How does a child know that an email or an IM will contain a harsh message until he reads it? At an age where peer pressure and acceptance is of critical importance, is it realistic to tell a child to just ignore a website that spreads embarrassing rumors about him? A child cannot simply ignore how everyone at school is avoiding him because of wide-spread rumors. More wide-spread coverage In traditional bullying, a few kids on the playground or in the hallways might witness a child being teased. With electronic formats, particularly with website postings, the teased child is potentially exposed to the whole world. Website bullies often link the bullying web page to many other sites, including other school sites. Then they massively distribute the website link via email. Terrorized by more methods There are many methods of electronic communication, hence many methods of being bullied, including emails, instant messages, chat rooms, cell phones, handheld devices, and websites. Terrorized by greater numbers To make matters worse, in cyberspace there are many more than two or three mean bullies. On the playground, the number of bullies is limited because the bully has to see the reaction and pain of his/her victim. A playground bully realizes there could be witnesses and the chances of being caught are high. But online, there are no witnesses, little to no chance of being caught, no accountability, and no pain to be seen. The normally very good child who would never be a playground bully is much more susceptible and tempted to hide behind the virtual wall of cyberspace and say things he would never say face-to-face. Why not? There are no immediate, apparent consequences. Even the good kids adopt bullying behavior Countless parents have said, “My child would never do that.” Quite possibly, those parents are right. Their child probably would never be mean to anyone face-to-face. But what about online? Today’s adults have never had the experience of temptation or known the ease of cyber 23
Jones, Dawn. Cyber bullying on the rise, . ABC Inc., WJRT-TV Inc., 2005. 27
Chapter 2 – Cyber Bullying
bullying as a child. The accessibility and anonymity make it very easy for all kids to get involved. The good kids who get involved are not mean kids. They may not even have malicious intentions behind their actions. Since they do not see a victim’s reaction, they may feel they are merely playing a game. But the game is causing real pain. The recipient of such harsh words has no way of knowing whether the intent is real or just a game. Stronger, more tormenting messages Written words can be more powerful and more damaging than verbal words. The intensity and permanence of the written word are not to be taken lightly. Furthermore, because of the ability to hide behind the virtual wall of cyberspace, children feel falsely empowered to write things they would never verbalize. Perhaps cyber bullying is a misnomer. Only the teasing portion of the word “bully” seems to fit the definition. The factors of the environment, repetition, temptation, consistency, potency, coverage, seriousness, and consequences do not fit the word “bully” as we know it. Even the cowardly nature of online bullying does not coincide with our understanding of a bully. Bullies used to be bigger or stronger than their victims. Physical size is no longer a factor. Is there any word or phrase that encompasses all these new characteristics? What term would you use to represent this online behavior?
Being Bullied Today’s adults have never had a childhood experience of the horror of being terrorized 24/7 by multiple electronic methods, as well as by peers at school. Try for a moment to place yourself in the sensitive preadolescent and adolescent stages. Imagine receiving constant vicious, tormenting e-mails and nasty, threatening attacks24 from not only peers, but also classmates who were once your friends. Here are a few summaries of real stories:25 24
“Vicious, tormenting . . . nasty, threatening attacks” may appear to be strong words, but these are words used by actual victims. 25
These incidences were compiled from a number of stories that were similar in nature, in order to avoid specifically identifying any one victim. 28
Chapter 2 – Cyber Bullying
~ An elementary school girl received a message from a group of peers, “Why don’t you just go kill yourself? Nobody likes you anyway.” ~ A ten-year-old read this message from a group of her former friends, “We’re going to get you. Watch your back in the halls.” ~ A pre-adolescent teen was bullied with, “If I find you, I will beat you up.” ~ A fifteen-year-old girl received hundreds of emails, all calling her a very humiliating, well-known sexual term. ~ An adolescent girl was the subject of an embarrassing rumor, spread through text messaging, stating that the girl had contracted a contagious disease. ~ Pictures were taken in the locker room using cell phones and then distributed via email. ~ A website contained rumors of a sexual nature about a specific person. The site was accessible to anyone and had an open invitation for adding remarks. The site was also linked to many other websites for greater access by even more peers. ~ A website was created with a hit list. Imagine seeing your name on the hit list. Every child is susceptible to online bullying, even the popular kids. Bullying used to be a method to pick on children who were different – wore glasses, were overweight, or were ethnically different. But online bullying includes everyone, as it covers such realms as boyfriends, homework, wardrobe, or simple jealousy.
Children Do Not Admit to Being Bullied Reported cases of online bullying represent a small percentage of actual cases because more often than not, a child will not tell anyone that he is being bullied online because: 29
Chapter 2 – Cyber Bullying
~
If a victim reports the incident, the bully may come back after him.
~
A parent’s reaction might be to remove internet privileges.
~
Being bullied is embarrassing, and admitting to it may seem like a sign of weakness.
~
A child may not know the identity of the bullies and might think there is nothing that can be done.
Whatever the reason, no one should have to suffer emotional anguish alone. There is no conclusive, long-term data yet on the effects of 24/7 harassment by more than just a few mean bullies. But life experience alone tells us that the results cannot be positive, especially on a young, impressionable, developing child, who is not as uhlee as an adult.
Being the Bully In one study, over 40% of students claimed to have been a victim of cyber bullying. If 40 out of 100 students are being bullied, how many students are doing the bullying? Finding an accurate study would be difficult because no one would willingly admit guilt. In previously mentioned studies, students indicated that they are somehow involved or know of someone that is involved in cyber bullying. Students were willing to lump themselves into the safety of a broader group, but not outwardly admit direct guilt. It seems rather evident that for every victimized child, there is more than one bully. The fifteen-year-old (previous example) received hundreds of emails. The ten-year-old girl was attacked by a group of her former friends. Who are these perpetrators? How did they become that way? As mentioned earlier, even good kids adopt bullying behavior. There are many cases of honor students who were caught bullying, much to the parents’ surprise. The ability to hide, the lack of accountability, and the unseen reactions make bullying simple and tempting. Most children 30
Chapter 2 – Cyber Bullying
do not start out with truly malicious intent. In actual cases when children were caught, their responses included: “It was a game.” “I did it to impress my friends.” “I never thought I would be caught.” “Everyone’s doing it. It’s no big deal.” A normally well-mannered, adolescent boy was being taken to the police station for questioning about his online bullying. Suddenly, he broke down sobbing. The online game was never real. Now, for the first time, reality hit him face-to-face.
Solutions Here we go again, parents! Every parent needs to have the O-S-Es (Online Safety and Ethics) talk with every child before a child goes online, while a child is online, and after a child is online. Children need to learn appropriate online behavior, consequences, and realities. How are they ever going to learn if no one teaches them? Children need to be taught online manners, just as they are taught everyday manners. Parents tell their children to be nice. They also model polite behavior in daily life by opening doors for other people and saying “Thank you” to someone who opens a door for them. But how many parents have ever modeled online behavior? Have you talked to your child about the power of the written word? Has your child seen some of the hurtful and harmful messages sent online? Does your child understand the impact of those words? As the pioneering parents of this internet generation, you have to devote the same effort to teaching your child online manners and ethics as you do toward teaching your child everyday manners and ethics.
31
Chapter 2 – Cyber Bullying
Action Steps 1. Apply all the basic rules. The same general rules for a safe and healthy online life apply, such as: (For a full list, see Chapter 8.) Keep the computer in a family room. Limit online time. Discuss distribution of personal information. Do not share passwords. Remember, nothing online is private. Anything can be tracked. 2. Install monitoring software. This is an important issue that warrants an entire chapter to itself. Chapter 3 provides a full discussion on monitoring software. The mere existence of monitoring software will contribute greatly to the prevention of cyber bullying. When children know that every word of online activity is tracked, saved, or documented, they are more apt to make the best decisions and less likely to give in to temptation. 3. Prevent perpetrator tendencies. Add this to your O-S-Es talk from Chapter 1:
Do Unto Others as You Would Have Others Do Unto You
The golden rule applies to online life, too. This is probably the most difficult concept to grasp. Adults need to understand and subscribe to applying the golden rule to online activity in order to successfully pass the message along to children. Bullying only occurs if adults allow it to occur. Here are some points to cover with your child:
32
Chapter 2 – Cyber Bullying
The internet is not a hiding place. Do not hide behind the anonymity or the false security of the internet. Nothing online is private or secret. Any form of communication can be tracked. Never write anything that you would not say to someone face-toface. Saying mean things online is cowardly. Reread words to make sure they cannot be misread. If there is any doubt, reword it or do not send it. How would you feel if you received the exact same message you are about to send? Written words are very powerful and can cause greater harm than you intended. Written words are permanent and can be saved. Why do you think someone would write mean things? What does one gain from it? What are the consequences of writing hurtful messages? 4. Prevent victimization. Add these points to your O-S-Es talk: Develop a trusting relationship: “Trust is not the issue” means that having a trusting child is not a protective or preventative device. However, trust is the issue in that a child needs to trust his parents. Develop a relationship where your child feels secure that he can report activities to you without the fear of overreaction or unnecessary removal of internet privileges. Develop a safe haven: Let your child know that even if he receives anonymous messages, something can be done to help him. No one should ever have to suffer alone.
33
Chapter 2 – Cyber Bullying
Set instant messaging options: If your child uses instant messaging, he should only allow for people on his buddy list to contact him. (See Chapter 9: Technical Instructions.) Utilize technological options. See Chapter 9 for information on parental controls and filtering email. Chapter 3 is dedicated to the topic of monitoring software. Stop it before it begins. Make it clear to your child that if he receives any communication that has words or messages that cause him to be uncomfortable, angry, or mad, he should not respond to the message. Oftentimes cyber bullying can be nipped in the bud if a child does not respond. He needs to tell an adult right away and save the communication in case the bullying does continue. Go over the next section with your child, even if he has not been bullied. The information will reinforce the prevention of perpetrator tendencies and victimization.
What to Do If Your Child Is Bullied Be your child’s greatest supporter. If you followed the advice above, your child should inform you if he receives a bullying message. You want to be sure that your child knows to tell an adult right way because an adult can better assess the situation. Make it clear to your child that regardless of the content of a message, he has not done anything wrong. No one deserves to be bullied. Be careful not to act or overreact in a manner that would sever the trust your child has in you. Do not reply to any messages. Explain to your child never to reply to any message that makes him uncomfortable in any way, especially a bullying message. This is easier said than done. Children and adults have a natural reaction to defend themselves. But in this case, defending oneself is giving up control and giving in to the bully, who wants and expects a reaction. If there is no reaction, then the bully receives no desired results and does not gain power over a victim. Some resources have suggested that a child tell a bully to stop sending 34
Chapter 2 – Cyber Bullying
messages. However, a “stop it” message is feedback, confirming to the bully that the victim has received the message. Document everything. Print and save all emails, instant messages, and chat room conversations. If the bullying is occurring via cell phone, save all text messages. Write down the time, date, and messages. If there is a website, print the website. If possible, have your child inform you when a message arrives so that you can print and save it for him. Your child should not have to read or be exposed to these messages. Inform your Internet Service Provider (ISP). Contact your ISP or the vendor of your cell phone service. Document your communication to them as well. Inform your local police. If the bullying is of a serious nature involving threats of violence, extortion, sexual exploitation, or any crime, contact the police. Inform the parents of the bully. Depending on the nature of the bullying, you may want to inform the parents of the bully (if known) with documented evidence. If a problem is serious, consult the authorities first for their advice. “The parents of students who are doing the bullying may be liable for the emotional damages caused by their child to another child. If the cyber bully’s parents know what is going on (or had received a letter of complaint), they have ‘knowledge and notice’ of harmful activity. The parents are paying for the telephone bill and internet charges into their home – they are legally responsible for the acts of their children while on the computer and in their care. Parents can be sued for damages.” 26
26
High, Brenda. Suggestions for Parents When Dealing With Bullying, . Bully Police USA, no copyright date cited. 35
Chapter 2 – Cyber Bullying
Inform the school. Schools cannot be directly responsible for actions that occur outside of the school hours or campus. However, even though cyber bullying may occur in the evenings, much of the activity spills over into the school day. For example, threats to “beat you up” at school become a school issue. If any bullying is done during school hours or from school equipment, the school definitely needs to be notified. Most schools have policies in place about the proper use of technology and consequent penalties for inappropriate use. Many school districts and states are now adopting policies on bullying. Change your child’s email address and screen names. Make sure your child tells only his closest friends his new information. Or allow your child to use your email address until the problem is resolved. Stop using ICE. If necessary, have your child stop using ICE until the problem is resolved.
Closing Remarks An honor student enrolled in a private school was expelled for cyber bullying. Despite the documented evidence, his mother was in true, utter disbelief and tried to get the decision repealed. She could not grasp how her very honorable, loving son was capable of such action. She was right. He was not capable of such action in the world as she knew it. But she did not understand the cyber world. The child did not understand the game turned real phenomenon. Every chapter carries the same message: Cyber space is a new world. Today’s adults have the most difficult job faced by parents – raising children in an unknown world. Do not allow unsubstantiated cries by less uhlee children to dictate your actions. Unjustified statements of “everyone does it” should not determine the level of safety you will provide for your family. Do empower yourself with this information and knowledge. Choose to create a safe and healthy internet life for your child.
36
Chapter 3 – Monitoring Software
CHAPTER 3
Monitoring Software “After one day of using monitoring software, her father yanked that computer out of her room so fast . . .” “No worries,” said Dad, who was a technology expert. Dad reminded mom that their teenage daughter was an honor student with impeccable manners. He thought that she deserved to have a computer in her room. Her technological savvy and strong common sense would keep her safe and out of trouble. Mom was not as secure in the decision. The debate went on for weeks. To settle the dispute, they agreed to install monitoring software on their daughter’s computer. Dad knew this would dispel mom’s fears. Mom hoped dad was right. Mom reported, “After one day of using monitoring software, her father yanked that computer out of her room so fast . . . To this day, he will not tell me what he found!” But the father did admit that he was completely shocked. He could not believe this same perfectly wonderful daughter in the tangible world could be engaging in such behavior in the online world.
Direct From the Heart: My Personal Perspective The approach of this book has been to encourage families to use their own values to make their personal decisions about technology. When it comes to the use of monitoring software, the same holds true: Each family will make its own choice. However, unlike the other areas, monitoring software will be addressed with my personal perspective and my personal choices coming through loud and clear. In this chapter, I have to share the passion instilled in me from the distress and pleas of other families. Withholding such information would be committing a great injustice.
37
Chapter 3 – Monitoring Software
Since the writing of the first book, even I have learned the hard way that the “To Be or Not To Be”27 analogy of making a decision may not apply to the decision about monitoring software. With the first book published, I traveled around a great deal with book-signing sessions and seminars. I heard hundreds of stories, all leading to one conclusion: monitoring software is a must.
What is Monitoring Software? Monitoring software is a program that helps you to monitor everything your child does on the computer. The program captures the activity for you to view later, so you do not have to be in the room every moment your child is online. Different packages allow for various monitoring activities: Capture all sent and received emails Capture all instant messaging and chat room conversations Record all websites visited Record offline activity Record all downloading activity Log all keystrokes Filter/block websites Operate in stealth mode
“I Object!” While some families embrace the idea whole-heartedly, other families have objected to the use of monitoring software. The most common objections are: 1. I trust my child. He is a good kid. He would not do anything wrong. 2. Isn’t that an invasion of privacy? 3. What message am I telling my child here?
27
From Book 1, Chapter 6: Knowledge Group 2: Know the Question. 38
Chapter 3 – Monitoring Software
4. I wouldn’t even know how to install it or monitor it. 5. Who has the time? 6. My child is very young. I don’t need to worry about this yet. 7. My child will figure out how to work around it. 8. No one else has it. 9. You are paranoid. It’s not that big a deal. 10. Why should I? They are all valid objections based on what most parents know and how most parents may have been raised - without the internet. However, they are not valid based on today’s internet-based world. Here’s why . . .
Why is it a Must? If only I could get 100 of the families who have shared stories with me to stand in front of you and tell their stories, then you would know. You would see the shock in their faces, the disbelief in their eyes, and the “How could this happen?” oscillation of their heads. You would hear first-hand why monitoring software is a must. But of course, hearing directly from these families is improbable since families do not like to publicize the humiliation and hurt. At the same time, they want to help others. To resolve this conflict, I have combined stories that follow a theme in order not to pinpoint one family while still sharing enough with you to relay the message.
The Mary-Jane Story “I happened to find an email on my child’s computer from her ‘best friend’ online. The email was horribly mean, calling my daughter awful names and saying things that were not true. I asked my daughter about it.” 39
Chapter 3 – Monitoring Software
Mom:
“Honey, why didn’t you tell me about this email?”
Daughter: “Oh, Mom. I didn’t tell you because it’s not a big deal. She’s just mad at me because I stole her things.” Mom:
“You did what?”
Daughter: “Mom, don’t worry. I didn’t do anything wrong. It’s just about that online game, you know about it. It’s the one where you earn points and then buy stuff. But none of it’s real. It’s just make believe stuff we do online. I didn’t really steal anything real.” The mom knew about the website. She had previously checked it out herself. Jane had met a few friends and had developed a relationship with them over time. Mary, the best friend, and Jane had recently swapped passwords. “My daughter decided to be clever and get on Mary’s account and take Mary’s points and items. I know it was wrong of Jane, and I know poor Mary was very hurt. I think this is just a lesson about friendship, trust, and life that we all learn at some point and is not specific to the online world. But the part that is disturbing to me is that my daughter would never do that to one of her classmates, to her ‘real friends,’ as she puts it. She had no regard for Mary’s feelings whatsoever. It was as though Mary was not a real person.” But Mary is a real person. If Mary’s parents saw the harsh, ugly words that Mary wrote, they, too, would be rather disturbed. The point of this seemingly harmless event is that although no real crime was committed, both children were engaging in activities that they would never normally do. “My child would never do that” is a statement that may be true about the real world, but what basis or background does anyone have to know if that holds true in the online world? Children are curious, tempted, and less uhlee about the reality that exists on the other end of the computer. This is clearly seen in these true stories: 40
Chapter 3 – Monitoring Software
~ The child who hacked into the Pentagon never thought he would be caught, and he was “disturbed” that he was caught. ~ When the thirteen-year-old boy was being taken to the police station for cyber bullying charges, he suddenly broke down sobbing because none of it was real until that moment. ~ The child who had attempted online sabotage only did it to impress his friends, not with mal intention. ~ When a child engaged in $800,000 worth of stock manipulation, do you think he had any idea of what that did to the affected stock holders? ~ How could the child who controlled an FAA tower (from his computer at home) even imagine the panic at the airport? The Mary-Jane story exemplifies the lack of comprehension of the realities of online life. We are placing our children into a world of opportunities. Is it realistic to expect a child with a lack of life experience, who is less uhlee, to control curiosity and the temptation at his finger tips? There is no other situation where we leave a child completely unsupervised. Why should the internet be any different? The internet should be even more supervised and protected because the exposure and possible dangers are much greater than with a single, tangible life situation. Parents do not leave hundreds of adult magazines spread across the house and tell their child, “Now, do not even glance at that magazine cover, much less look inside.” Children are not dropped at the Cinema 12, where 10 of the movies are X-rated, with the instructions, “Now, there are no employees inside the theater, but I expect you not to go into an X-rated movie.” Of course, such a cinema does not even exist, which is a statement in itself. No one drops off a child by himself in a place full of millions of strangers and merely says, “Be good. Don’t talk to strangers. See you in a couple of hours.” Monitoring software is a must, not because of a lack of trust, but because of a lack of protection devices in the worldwide environment where we allow our less uhlee children to play. 41
Chapter 3 – Monitoring Software
Monitoring software is not about trust. The use of such software should be viewed as a way of helping your child avoid an unprecedented amount of temptation. Your child’s awareness that you can read every online communication is enough to help him make the best decisions. Just like on the playground, children are less likely to bully when an adult is nearby.
Why do you require adult supervision on a playground filled with children, but not in a world filled with strangers?
Monitoring software is an adult presence, a gentle reminder for children to use the same ethics and behavior online as they would in person.
Stealth Mode? I am recommending that monitoring software be used as an adult presence. Since you may not be able to personally supervise every moment your child is online, then your child should be fully aware that the software is installed. The purpose is to help your child make the best choices, not to catch your child doing something wrong. My viewpoint is that monitoring software is a proactive measure, not a reactive device. Therefore, I do not recommend stealth mode, which means using the software secretly without your child’s knowledge of its existence. Another reason for avoiding stealth mode is that your ultimate goal is to develop a healthy online life for your child. Remember that children who have been approached by strangers or bullied by many do not tell an adult because they are afraid they will lose their online privileges. You want to develop a relationship in which your child feels safe coming to you with any possible online red flags. Tell your child that the purpose of the monitoring software is to help him, but you still want him to come to you with any questionable communication that he may receive. Let him come to you before you find any questionable activity. “My second-grade daughter is only allowed to go to certain mom-approved websites. She accidentally clicked on a link that 42
Chapter 3 – Monitoring Software
took her to another (harmless) website. She immediately ran and reported it to me. Of course, while smiling on the inside, I simply said to her, ‘That’s great that you told me. Make sure you tell your father when he gets home because he will find out about it later when he checks. You want him to know it was an accident.’ She told Daddy, and all is fine.” They are developing good habits for their daughter, and they have developed a relationship that will help the daughter have a safe online life. Having such a relationship is also wise because, realistically, many parents will not have the time to check every keystroke to and from a child. Indeed, the idea is not so much that you will check every online session, but rather that you can check it. Most parents I know who use the software only check occasionally and then make simple, positive remarks about their findings to let the child know that they are aware. Your choice to use monitoring software openly as a gentle adult presence for your child or to use it in stealth mode will be up to your family values and the nature of your child. The use of such software should not entirely replace your involvement as a parent. Your personal involvement is still equally important as a role model, as a more uhlee perspective, as a guide, and, most importantly, as a parent.
What About My Child’s Privacy? “You’re going to monitor everything I do? That’s an invasion of my privacy!” Children in middle school and upper school will generally argue the privacy point. Many moms have empathized with their children’s need for privacy by comparing this situation to a diary. “I would have died if my parents read my diary! I can’t do that to my daughter.” Today’s adults have only our pre-internet history and upbringing as a basis of comparison. But comparing a diary to online activity is like comparing a map of the world to a trip around the world. They are not 43
Chapter 3 – Monitoring Software
the same. A girl wrote her deepest secrets and thoughts in her diary. She wrote things that she would not normally say out loud or perhaps not share with others. But a diary is strictly between the girl and the paper on which it is written; the internet is not. “I can’t believe what I found! My daughter actually, for whatever reason, printed out her instant message conversation with an online buddy, and I found it in her drawer. I had no idea my daughter was so upset. She talked about running away, and the friend was supporting her!” As children, many of us have been so mad at our parents we have wanted to run away. The feeling that “parents just don’t understand” is not unusual. Writing about it in our diaries is not unusual. But getting direct feedback from a diary encouraging you to run away is unusual. The privacy of a one-way diary is not the same as the interactive online world. “I’m worried about my young daughter. She has this online friend who is a boy. I checked it out. I spoke with his mom. He is indeed an eleven-year-old boy who attends a good, private school. But I think they are experimenting and discussing a lot of sexual things online. What do I do? I know my eleven-yearold daughter is not ready for that type of discussion. When I asked her, she cried, ‘Mom, this is a private conversation!’ ” In the child’s eyes, it is a private conversation. But it is not like the private phone conversations you had with your friends when you were a child. When you were eleven-years-old, did you have such graphic and open phone conversations with boys about sex? Probably not. The ease of hiding behind the virtual internet wall knocks the word “privacy” right out of the ball park.
Monitoring software is not an invasion of privacy. It is a method of protection.
44
Chapter 3 – Monitoring Software
The internet is a wide-open gateway to the world that allows anything and everything to occur. If you are not going to use monitoring software, what protection devices will you use?
More Reasons The stories up to now have been about your child’s privacy and behavioral issues regarding his friends. That is only the tip of the iceberg. Beneath the surface lies an even larger mass of dangers – the risks to child safety and family privacy, as discussed in Chapters 1, 2, 4, and 7: ~
How would monitoring software help with these statistics from Chapter 1? Approximately 1 in 5 children is sexually solicited online. One in 33 kids has been aggressively solicited to meet a cyber friend in person. Six out of 10 kids online have gotten an e-mail or instant message from a perfect stranger . . . and more than half have written back.
~ How would monitoring software help with the problems with ICE (instant messaging, chat rooms, email)? Examine just one of the issues: instant messaging. In the summer of 2005, an article entitled “The Sorry State of IM” had the subheading “Keep a sharp eye on your buddy list: IM and p-to-p threats are headed through the roof.” The story states that in one year, IM threats have increased by 2,747 percent.28 ~ Could monitoring software play a role in helping to reduce the chances of early exposure to inappropriate materials? (Chapter 4.) 28
As reported by the IMLogic Threat Center, a global consortium that provides threat detection and protection for IM and peer-to-peer applications. Article reference: Francis, Bob. The Sorry State of IM, July 8, 2005, InfoWorld Media Group, 2005. 45
Chapter 3 – Monitoring Software
~ What about children who use credit cards online? Parents are liable. Many children do not yet even grasp the concept of income vs. debt, much less that someone has to pay the credit card bill. ~ Would monitoring software curb your child’s tendency to join in on cyber bullying? Would it protect him from bullies if the bullies knew that everything they were typing was being tracked, saved, and read? ~ What about personal information? You would know when personal information slipped out to cyber friends or jeopardized family privacy and identity theft (covered in Chapter 7).
More on Personal Information The state of technology is changing the state of personal privacy. Ironically, while technology increases security, it also increases the loss of privacy. Grocery store and drug store loyalty or value cards (swiped to receive discounts at that store) are analyzing and selling your personal buying preferences. Some rental cars now are equipped with tracking devices. Your location is easily identified through your cell phone. These issues about personal privacy are growing exponentially and are beyond the scope of this book. The message here is that you still have a great deal of control and choice about the personal information that is purposely placed online. There are a countless number of ways that children may intentionally or unintentionally publicize personal information. Here are two examples in the realm of possibilities. A Kid’s Website A website that is specifically designed for children provides a platform for fun and educational activities, including an adult-supervised kid’s chat room. Parental permission is required for a child to participate on the website. A parent must print a form, sign it, and then fax or mail the form. There is no way of verifying whether a parent actually signed and sent in the form, or whether a child did. Also, an adult could easily portray himself as a child. Assuming a real parent consented for a real 46
Chapter 3 – Monitoring Software
child to participate, the parent may feel that the website is a safe place for a child since it is a “Kid’s Website.” The website is fun and does have educational value. One of the activities allows children to post a personal webpage on the site. Creating a web page and posting it on the internet gives a child a sense of learning and a feeling of great accomplishment. However, over 80% of them contained a picture of the child and personal information, including name, age, or city where he lives. These pages are accessible by the whole world. Since the parent consented, the child may see no harm in posting his picture and personal information. “Mom signed the form, which means it must be ok.” This is just one example of many instances where personal information could be innocently revealed. If you saw the personal information on your monitoring software, you could remove the picture and specific identifying information from the website. The Latest Fad From a woman who attended my internet safety seminar: “The first time you said ‘Blogging,’ I thought you said, ‘Clogging,’ you know, like wooden shoes from Holland! But I couldn’t figure out what wooden shoes had to do with internet safety! What is blogging?” Blog is short for web log. A blog is a personal journal posted to the world. Blogging has become the newest rave, especially amongst teenagers, because it provides a platform for expression. Here is a comprehensive, yet clear definition from Blogger: “A blog is a personal diary. A daily pulpit. A collaborative space . . . Your own private thoughts. Memos to the world. Your blog is whatever you want it to be. There are millions of them, in all shapes and sizes, and there are no real rules. In simple terms, a blog is a web site, where you write stuff on an ongoing basis . . . visitors can read what's new. Then they comment on it or link to it or email you.” 29 29
What’s a blog? < http://www.blogger.com/tour_start.g> Google, 2005. 47
Chapter 3 – Monitoring Software
Personal thoughts, personal information, and “stuff” are being posted to the world for all to see, including predators. Options to email, respond, and interact magnify the exposure. Why is it suddenly okay to post your whole inner being onto a worldwide platform? Who says you should, and who says that doing so is a good thing? The birth of blogs has led to even cooler things to do on the web, which, per the norm, have created more areas of danger and concern. You may never have heard of a blog, and you may never hear about the next five online fads. It is difficult to keep up with the latest fads as they appear almost daily. But you must be aware if the latest fad is exposing, risking, or identifying your child to the world. If you cannot keep up with every trend as it comes and goes, you can at least monitor activity to see if personal information is being placed online or if any potentially dangerous exchanges are occurring. Additionally, the presence of monitoring software is the gentle reminder for your child to avoid being pulled into the latest craze just because, especially if it risks his safety.
Location of Computer “Now that I have monitoring software on my child’s computer, does this mean it is safe for him to have a computer in his room?” Why? Why are people so stuck on allowing a child to have a computer in his room? There is no research stating that a computer in a bedroom is helpful or advantageous. What is the educational, developmental, or life-long benefit? All agencies, groups, and studies advise against computers in bedrooms. If you still are on the fence about this decision, use the MVP Scale in Book 1, Chapter 8: Making Decisions for Your Family. What is the value of having a computer in the bedroom? What are the risks? Too much time? Hackability? Accountability? Are there unknown risks? An Unknown Risk In early 2005, a man was arrested for, among many things, controlling web cams. (A web cam is the eyeball-shaped camera that usually sits on top of a computer and provides live footage of your family.) He 48
Chapter 3 – Monitoring Software
could remotely turn on web cams around the world from his computer in Spain, unbeknownst to the web cam owner. Many adults have a computer in their bedroom with web cams. Although this man was arrested, the software he used is available in about 200 different varieties. Two important messages come from this story: 1. If you have a web cam, when you are not using, unplug it! 2. In weighing out the benefits and risks of having a computer in the bedroom, this is one risk of which you may not even have been aware. What other risks could there be?
Solutions Make a decision. Although I strongly advocate the use of monitoring software, you may still have some reservations. Apply the decisionmaking scale (Book 1) based on your family values to this decision. Write down the risks and the benefits, and make the best decision for your family. Then, apply the decision. If you choose not to use monitoring software, what will you do to protect your child? If you choose to use monitoring software, the next three steps are straightforward.
Action Steps 1. Buy the software. The resource section in this book lists some suggested software packages. Different packages provide varying levels of protection, customization, and monitoring. Choose the package which best fits your MVPs.30 You could also talk to families who currently utilize the software or consult some of the experts as listed in the next step.
30
From Book 1: Morals, Values, Principles and Most Valuable Person, your child. 49
Chapter 3 – Monitoring Software
2. Install the software. If you are among the smaller group who had the opportunity to become computer literate as an adult, then you know exactly what to do. If you are like many parents who are unsure of how to install and utilize the software, here are some options: Ask your child. If your child is old enough and technologically literate, ask your child to install the software and show you how to use it. Utilize your child’s talents. Have him teach you. The key here is not to share the password. Do not use an obvious password. Hire an expert. If your child is not old enough or if you are uncomfortable with using your child as a resource, hire someone. You pay for someone to come out and install your home security system. If you pay for someone to protect your house from the one-in-amillion stranger who may approach your house, then paying for someone to protect your child from 888 million strangers and a world of possible dangers should be even more important. You pay for child safety seats for your car, for bike helmets, and for babysitters to watch your child when you are gone. How is this any different? Whom can you hire? Look up Computer Service and Repair in the yellow pages. Look up Computer Training in the yellow pages and ask them if they provide any one-on-one training. Call computer retail stores like Best Buy, Office Depot, or Circuit City. They often have a computer department that provides that type of service. Contact your community college. Many of the computer instructors at community colleges work on a consultant basis.
50
Chapter 3 – Monitoring Software
Find a local school’s technology staff member. Teachers often do consulting work as well. Ask your spouse or friends if they have anyone at their place of employment who does consulting work. Ask your child for some ideas. You would be amazed at how resourceful children can be. 3. Use the software. Once you are set up and ready to use it, create a schedule for yourself. Remember, the key ingredient of the program is that its mere existence will help your child make the best decisions online. However, eventually if your child realizes you never check it, then the purpose has been defeated. For those adults who are not as comfortable with the computer, checking the usage on a regular basis is even more necessary. The more often you perform a task, the easier it becomes. If you only check once a month, then each month the task may seem tedious and time-consuming. If you glance at the usage report once a week (or more often), eventually the process will take only a matter of minutes. Once in a while, make a casual, positive comment to your child about your findings. This will remind your child that you are indeed checking and will help to develop a healthy relationship.
There is no reason why you should not be involved in your child’s online life, just as you are involved in his everyday life.
Closing Remarks My recommendation for monitoring software as a must has come out of numerous conversations with families and from countless stories in the news. Online life is different from any form of existence that we have known. We cannot let the unknown dictate how we raise our children. 51
Chapter 3 – Monitoring Software
Twenty years from now, people may look back at us and say, “What were they thinking . . . allowing those innocent, susceptible children to be exposed to the world with no protection?” Perhaps twenty years from now the laws and society will have caught up, and all children will be able to benefit from the wonders of the internet with minimized risks. Until then, you are your child’s only protective device. What are you going to do? Analogize this to something you know. Air bags, seat belts, bike helmets, and age limits for buying cigarettes came after the fact, meaning it took a great number of victims to open our eyes to the need for safety and protection. I believe that monitoring software will be greatly changed and improved and perhaps become part of the natural weave of the internet, after the fact. Why wait to be a statistic?
Reviewing the ten objections: 1. I trust my child. He is a good kid. He would not do anything wrong. Trust is not the issue. How do we know how children act online vs. in real life? 2. Isn’t that an invasion of privacy? The internet cannot be compared to a diary. Your child is writing in an interactive, worldwide forum that provides feedback. A diary may be private, but the internet is not. You know what goes on with your child in your community. Why would you not want to know what goes on with him in the world? 3. What message am I telling my child here? I love you. I care about you. I want to protect you, especially when you are exposed to 888 million strangers.
52
Chapter 3 – Monitoring Software
4. I wouldn’t even know how to install it or monitor it. This objection is addressed in the Action Steps. Is paying a consultant worth protecting your child from 888 million strangers and a world of possible dangers? 5. Who has the time? You do not have to check every single communication written. If scheduled and performed regularly, the process could take just a few minutes a week. The investment is well worth the return. 6. My child is very young. I don’t need to worry about this yet. Instill good habits when he is young. You may not need to install the software right now if your child is only ninemonths-old, but start becoming aware and in tune with technology now. Then as your child ages, keeping up with technology becomes easier. There is software for babies as young as nine months.31 If technology is pushing nine-month-old babies, it is never too early to start thinking or planning for the safety of your child’s online life. 7. My child will figure out how to work around it. Not necessarily. But if he can and does try, why is he trying to work around it? If he is not guilty of anything, why should the software bother him since it is there to protect him? Have a conversation with your child. Set rules and consequences. Be the parent. 8. No one else has it. Why not? Ask people why they do not have it. Do they even know monitoring software exists? Are they truly 31
Why? Who says that software for nine-month-old babies is beneficial? (Book 1, Chapter 5: Knowledge Group 1: Know the Source.) 53
Chapter 3 – Monitoring Software
aware of the online environment, the statistics, the dangers, and the realities? Do they have different values from you? Do they use any of these ten objections? 9. You are paranoid. It’s not that big a deal. Yes, I may seem paranoid to those adults who do not see that children online are exposed to a world where anyone can hide behind a wall. Children who are less uhlee than adults also may think I am paranoid. Lastly, I appear paranoid to anyone who has not seen, heard, and read countless heart-breaking stories. Ask any victimized family, who never thought it could happen to them, if I am paranoid.
I am willing to take risks, but I am not willing to unnecessarily risk a child’s life when there is so much that can be done to protect him. Are you?
10. Why should I? Why shouldn’t you?
The more control your family has, the less control strangers have.
If you still feel you do not need monitoring software, then that is indeed your decision. At least I know that I have shared my thoughts with you. Part I of this book started with the quote, “I had no idea. Why didn’t you tell me this before?” When those words were spoken to me, I realized I did not want anyone ever to say those words again. Consider yourself “told.”
54
Chapter 4 – Exposure to Unsuitable Material
CHAPTER 4
Exposure to Unsuitable Material 90% of children ages 8 to 16 have viewed porn online, mostly while doing homework.32 Do you allow your child to browse freely and unsupervised through the pornographic section of a video or magazine store? Do you leave adult magazines scattered all over your house in direct view? Most parents probably protect their children from early exposure to sexual material. Why? Did parents read volumes of research about the dangers and risks of exposing young children to such materials? Did parents see hundreds of news stories about related incidences of children who view adultrelated media? Probably not. Today’s parents learned from their parents, who learned from their parents, to protect their children from early exposure to sexual material. Parents almost intuitively know that children should not be exposed to this type of content. Or perhaps parents know to protect their children because of the number of laws and policies that are enforced in this area. The motion picture industry rates movies with X and R, not only to inform parents of adult content, but also to prohibit children from such movies. The magazine industry must cover the front of adult magazines and uphold the 18-years-of-age requirement. The television broadcasting industry has implemented a rating system and does not run X-rated shows on public broadcasting stations. All of these measures have been put in place for your child’s safety. Now the internet introduces a new avenue of pornographic opportunity. How is the pornography on the internet any different from movies and magazines? The content may be similar, but the accessibility is not even comparable. The internet is available 24/7 in your home. Two-
32
Internet Pornography Statistics, . Internet Filter Review, TopTenReviews, Inc. 2003-2005. 55
Chapter 4 – Exposure to Unsuitable Material
thirds of the revenue generated online is sex-related,33 providing an increased probability of accidental or intentional viewing of a pornographic site. There is no one standing at the counter of the internet to determine if your child is 18-years-old. Although some sites ask the “Are you 18?” question, there is no way of enforcing a true response. Furthermore, not all sites ask the question. You, the parent, are the only one at the counter who can verify age. Chances are you cannot be standing over your child’s shoulder every moment he is online. So how are you going to play the role of the person at the counter? For some, the answer is to use internet filtering software or parental controls. But other parents feel that filtering software goes against their parenting style of teaching children the “right way.” Yet other adults wonder if there is a “right way” in this very different environment that is purposely saturated with sexual material. Concerned citizens and lawmakers made a concerted effort to pass laws to help protect children, but their attempts failed. (See Book 1, Chapter 7: Knowledge Group 3: Know the Environment, page 46 regarding the Child Online Protection Act.) Other efforts include the establishment of an .xxx domain where pornography website names will end with .xxx to help parents, children, and web filters recognize such sites. On the surface, the concept seems plausible. But many affected sites will not comply (as the use of .xxx would be voluntary), and the adult entertainment industry does not stand behind the idea. Studies have been performed and strategies have been introduced, such as “Youth, Pornography, and the Internet” 34 and “Nontechnical Strategies to Reduce Children’s Exposure to Inappropriate Material on the Internet.” 35 Discussions and recommendations range from the need for 33
Supreme Court keeps Net porn law on ice, . Declan McCullagh, CNET News.com, June 29, 2004. 34
Dick Thornburgh and Herbert S. Lin, Editors. “Youth, Pornography, and the Internet,” Computer Science and Telecommunications Board National Resource Council, National Academy Press, 2002. 35
Joah Iannotta, Editor. “Nontechnical Strategies to Reduce Children’s Exposure to Inappropriate Material on the Internet,” Computer Science and Telecommunications Board National Resource Council, National Academy Press, 2002. 56
Chapter 4 – Exposure to Unsuitable Material
industry leaders to work cohesively in website development to the need for educational outreach to families. The rapid appearance of the internet has studies revisiting the impact of exposure to sexually explicit material. Much of the consensus is that the “research base for understanding the impact of sexually explicit material on children is not extensive” because “ethical and legal considerations limit experiments” that “might place participants at risk.” 36
What Does This All Mean? The prominent existence of studies, debate, concern, and a search for solutions should be a flag to parents that online pornography is an issue that needs to be addressed. Society, researchers, and laws are not ignoring it, but rather are in the midst of a very involved process. In the meantime, who is left to protect your child? You. As you consider the risks of early exposure to inappropriate material, three types of occurrences should be addressed: Curiosity. Children are naturally curious. How do you handle their curiosity with adult magazines, X-rated movies, and such temptations? Will curiosity online be any different? Will you handle it differently? Can curiosity in the virtual world and the physical world be handled in the same way? Intentional action. Children who have gone beyond the curious state may intentionally want to view more material. How do you feel about intentional action? What will your action and discussion with your child include to cover this area? Accidental exposure. Children will be accidentally exposed to unsuitable material online unless controls are in place. This may occur through innocent surfing, unsolicited emails, or even
36
Dick Thornburgh and Herbert S. Lin, Editors. “Youth, Pornography, and the Internet, Computer Science and Telecommunications Board National Resource Council,” National Academy Press, 2002. pgs 143-144. 57
Chapter 4 – Exposure to Unsuitable Material
predators pursuing your child. The most common ways people have accidentally reached pornographic content on the internet are: 37 Pop-up windows: Misrepresented links: Misspelled URLs: Auto links within emails:
55% 52% 48% 23%
An estimated 2.5 billion emails per day are pornographic.
Solutions Choose the best solution that works for your family, based on your MVPs.38 MVP = Morals, Values, Principles MVP = Most Valuable Person How can your family best benefit from technology while preserving your morals, values, and principles? Once you have weighed out the benefits and risks based on your MVPs, you will probably choose one of the following: Do Nothing This may be your family’s choice, based on your MVPs. The choice is 100% yours as to how much protection you provide for your child. Use Filtering Software Filtering software made its general debut in the mid-to-late 1990’s. Its arrival brought about a strong debate over the “trust” issue. 37
These statistics came from varying sources as cited by Internet Pornography,
. National Coalition for
the Protection of Children & Families, <no date cited>. Though the article does not clearly report this, it appears that the percentages do not equal 100 because one respondent accidentally reaches a pornography sites in more than one way. 38
From Book 1, Chapter 8: Making Decisions for Your Family. 58
Chapter 4 – Exposure to Unsuitable Material
“I don’t need to install filtering software because I trust my child.” “I am instilling integrity, honesty, and trust in my children. Visiting pornography sites on the internet should be no different. What kind of conflicting message am I sending if I place filtering software on the computer? Aren’t I saying, ‘I don’t trust you’?” While arguments like those are understandable and can stand firm in the concrete, physical world, parents started to learn that such arguments do not necessarily apply to the online world. Parents of the best, most loving children, started to realize that even a trustworthy child had no control over pornographic pop-ups.39 An innocent child could go to www.whitehouse.com, thinking he was going to read about our President, but end up in a pornographic site. Note: From 1997-2004, www.whitehouse.com (and more than 100 derivations of it) brought many well-meaning internet users to an adult-only site. The official government site is www.whitehouse.gov. According to some reports, in 2004 the owner of the adult-only site decided to sell the misleading website names to protect his son, who was about to start school. Many adult-only sites are purposely named very closely to popular names and sites. A school teacher was demonstrating on the large screen, to her fourth grade class, how to use several different wellknown search engines. She accidentally typed one incorrect letter, and an adult-only site appeared. After a number of these accidental incidences by teachers and students, the school subscribed to filtering software. The online world is not the same as the physical world. Today’s adults are learning this concept for the first time. In the physical world, millions of strangers are not constantly popping up sexual materials in 39
Some efforts have been put in place to reduce such occurrences, but they still occur because of the difficult task of enforcing, catching, or eliminating the existence of pornographic pop-ups or pop-ups that lead to such sites. 59
Chapter 4 – Exposure to Unsuitable Material
front of your child’s eyes. While channel flipping, your child will not accidentally flip to an adult-only station, and two-thirds of the revenuegenerating stations programmed on your television are not sex-related, as on the internet. Trust is not the issue because you cannot trust that your child will never accidentally type in one wrong letter in his whole life. Trusting your child has nothing to do with pop-ups or websites that surreptitiously direct him to other sites. Natural curiosity may lead your child to perhaps seeing one or two magazines. In your mind, is there a difference between curiously glancing at a few magazine photos versus seeing hundreds of pictures every day? Use Rules, Conversations, or Other Solutions If filtering software does not align with your family MVPs, yet you do not want to be passive and do nothing, then perhaps you will develop a set of rules, as discussed in the next section.
Action Steps 1. Use filtering software. If you decide that filtering software may be an option for your family, there are many excellent programs available. Each program has varying levels of controls. Over the years, the amount of flexibility and ability to tailor programs have increased to serve many different family needs and age ranges. Here is a list of some of the variables and controls for different programs. Set the number of hours a child can be online. Set the time of a day a child can be online. Choose a standard set of disallowed categories, web pages, or keywords. Select from a standard set of disallowed categories, web pages, or keywords. Edit a standard set of disallowed categories, web pages, or keywords. Create your own set of disallowed categories, web pages, or keywords. Completely override the filtering. 60
Chapter 4 – Exposure to Unsuitable Material
Prevent email, chat room, or instant messaging usage. Control email, chat room, or instant messaging usage (e.g., email only to a selected list; have all email sent and received through a parent email address first). Monitor email, chat room, or instant messaging usage. Monitor visited website addresses. Use the package with or without a child’s knowledge. The resource section provides a list of several filtering software options. You may not even need to purchase software, as many ISPs (internet service providers) provide free parental controls as part of their package. When the internet started becoming more affordable and more accessible to families, most ISPs did not offer parental controls as they do now. This change in service and free product availability is yet more evidence of the need for parental involvement in children’s online activity. Today’s parents are not the only ones having to learn as we go. The technology industry is doing the same. This learning curve reinforces the guinea pig and pioneer concept. We are the pioneering parental generation. Our children are the guinea pigs. How much of a guinea pig are you willing to allow your child to be? 40 2. Use rules, conversations, or other solutions. Be interactive with your child who is interactive with the world. a. Develop a set of rules about sailing through the world wide web. For example, if you come across inappropriate material, close the window at once and inform an adult. (See Chapter 8 for more tips.) b. Be sure to define “inappropriate material.” Whether or not your child will report such incidences is up to you, the rule, the consequences, and the enforcement.
40
Healy, Jane. Failure to Connect: How Computers Affect Our Children's Minds and What We Can Do About It. Touchstone, 1998. 61
Chapter 4 – Exposure to Unsuitable Material
c. Write, discuss, and sign the rules. Review them frequently, and update them as needed. d. Add this to your O-S-Es talk. 3. Check to see where your computer has been. If your own personal curiosity has kicked in and you wonder if unsuitable material has been accessed on your computer, you can always check the history and the list of temporary internet files. These will not indicate whether the site has been reached accidentally or intentionally. Multiple pages under one site name may indicate intentional action. There are some children who know how to delete history for this very reason. Fewer children may think to delete temporary internet files. For instructions on how to view history or temporary files, see Chapter 9.
Closing Remarks This chapter seems to be heavy on internet filtering and sparse on the other options. The reason is intentional.
62
Part II Family Safety
“If your new firewall can block application-layer threats, do you need an intrusion detection system? Should you choose a rulesbased IDS, or one that uses anomaly detection to flag zero-day attacks? And when should you consider host-based security measures, or a specialized application security solution?” 41
What?!
41
Grimes, Roger. Security landscapes shift as technologies combine, . IDG Network, 2005.
Chapter 5 – Family in the “New” Wizard of Oz
CHAPTER 5
Family in the “New” Wizard of Oz Phishing, viruses, and spam, oh my! We’re not in Kansas anymore . . . Indeed, we are not in the black and white Kansas. We are now even beyond the colorful Land of Oz. When The Wizard of Oz was released, the use of color was leading-edge technology. Society has progressed way beyond simply adding color to television. Today’s methods have significantly transformed media, motion pictures, and video/digital systems. Yes, Toto, that technology tornado called the internet has swooshed through and created a whole new world – a world now available to everyone at a click of the mouse. Luckily, there are some things that have not changed and some things that may not change. For example, you can hold on to any of your treasured keepsake items and maintain your family values and integrity. But when it comes to methods, do not expect your previous techniques always to apply to the new world of the internet. For example, as mentioned earlier, you cannot simply say, “Don’t talk to strangers,” when talking about the internet. Your favorite nursery rhymes may not even apply! Humpty Dumpty sat on a wall. Humpty Dumpty had a great fall. All the king's horses and all the king's men Couldn't put Humpty together again! With technology, they certainly could have put Humpty back together again! So perhaps a more accurate version would include elements and vocabulary from the new world: Hackers & phishers broke the firewall. Innocent users had a great fall. All the trojan horses and all the spam mail Attacked the computers and caused them to fail! 65
Chapter 5 – Family in the “New” Wizard of Oz
Or perhaps new rhymes will develop. (Pronounce the acronyms written in upper case letters by stating the letter. For example, LOL is L. O. L, not “loll.”) A Poem by C.S. Lingo (CyberSpace Lingo) Browsers, Servers, ISP, Encryption, Crawler, Steganography, Download, Protocol, Pop Ups, too What’s the symbol for “I’m ignoring you”? A simple click begins an EXE, And a webpage can embed a cookie. You might LOL when you’re in IM Or roflmao, if you know that acronym. Is your webpage in HTML? What dot is your URL? Is it dot gov, dot com, dot org, or dot net? What about emoticons and netiquette? Have you decompressed or defragged lately? Do you know Google, Norton, and McAfee? G2G cuz POS. CUL and BFF. (Gotta’ go - parents over shoulder42) (See you later - best friends forever) Cookies are no longer just a dessert. Spam is more than just canned luncheon meat. A mouse does not eat cheese, nor is it chased by a cat. Fishing (phishing) catches much more than just sea life. Viruses, worms, backdoors, and other commonly known words all have new meanings, too. Everything is changing, not just vocabulary. Look at the shift in the nature of top news stories. 42
An interesting note: In a survey, only 5% of parents recognized POS, a highly used acronym by teenagers while instant messaging. Source: Internet Pornography, . National Coalition for the Protection of Children & Families, <no date cited>. 66
Chapter 5 – Family in the “New” Wizard of Oz
The Headlines Have Changed Dorothy only needs to pick up a newspaper to have confirmation that indeed things are different, times have changed. The news is filled with stories about cyber crime, cyber ethics, and cyber nuisances. On page 93 of Book 1, several headlines were shared to give you the sense and feeling of new types of crime. Here is an updated list, sampling just a few headlines43 from the past six months, organized in a manner to easily identify underlying themes. Data Loss Headlines Latest Loss of Personal Information: MCI Bank Loses Sensitive Data Carnegie Mellon Discloses Possible Data Breach LexisNexis Discloses More Data Losses Another week, another few million confidential records lost44 Identity Theft Headlines U. of Mississippi Web Page Showed Personal Data Lawsuits Target Phishers Liberty Alliance Addresses ID Theft Colleges Learn about Identity Theft from an Identity Thief Students Show Ease of Identity Theft Thief Grabs Laptop and 100,000 Identities Phishing Scams Rise Exponentially Security Headlines (closely related to data loss and identity theft) IT Leaders Urge Increased Cybersecurity FBI Thwarted Computer Attacks Feds Look to Add Controls to Computer Systems GAO Says DHS Unprepared for Cybersecurity Valdosta Investigates Security Breach Pentagon Hacker Arrested, Faces Extradition 43
Most of these headlines, except those as indicated, were extracted from the Edupage listserv newsletter, which is a service of EDUCAUSE, a nonprofit association. Edupage collects articles from major media sources such as the New York Times, Wired News, Federal Computer Week, and the Wall Street Journal. 44
Francis, Bob. “Another week, another few million confidential records lost,” InfoWorld, InfoWorld Media Group, June 13, 2005. 67
Chapter 5 – Family in the “New” Wizard of Oz
The existence of exponentially-growing cybercrime brings up the question about ethics – why are even the good people so easily tempted to commit crimes online, when they never would do such a crime in the real, physical world? Unethical online behavior is starting at a young age (e.g., cyber bullying) and is hemorrhaging into teenage and adult life. Here are just a few headlines about teenagers online. Headlines Depicting Unethical Activity Students Sued for Selling Guidebooks Online Applying Old Scams to New Technologies Hacker Exposes Admissions Records Harvard Rejects Applicants Who Peeked Apple Sues Harvard Student British Officials Address Phone Cheating Student Shuts Down Blog After Threat from Singapore Juvenile Sentenced for Releasing Worm That Attacked . . . 45 Within the unethical activity realm is the copyright issue, which warrants a full category by itself. Hundreds of headlines about the copyright topic can be found on any given day. The websites for the Recording Industry Association of America (RIAA) and the Motion Picture Association of America (MPAA) are filled with copyright information, issues, and breaches.46 The overwhelming problem of copyright infringement, once again, exemplifies our left in the dust state, as we struggle to learn how to best adopt and adapt. Why do offenders seem to disregard the felony status of this crime? Is it because of the simplicity of copying with just a few clicks of a mouse? Is that justifiable reasoning? Or could it be because the chances of getting caught are slim? What ever happened to “The integrity and character of a person is how one acts when no one is looking”? Would you or your child normally commit a felony without a thought? Copyright Headlines Does Google Face Copyright Troubles? U.S. Strengthens Copyright Law Movie Industry Continues Antipiracy Campaign 45
Computer Crime and Intellectual Property Section, . U.S. Department of Justice, 2005. 46
The RIAA website is www.RIAA.org. The MPAA website is www.MPAA.org. 68
Chapter 5 – Family in the “New” Wizard of Oz
Judge Rejects RIAA's Expedited Subpoenas Judge Rejects Copyright Challenge Conspirators Head to Prison Music Industry Steps Up Lawsuits British ISPs Told to Turn Over File Traders There is no chicken-and-egg question here. In this case, the internet most definitely came before adults were ready, able, and educated to handle its arrival, which is reflected in the headlines about copyright breaches and other unethical acts. The overwhelming amount of questionable activity can be grouped into many more categories. One area which plagues almost every person online is the category known to some as nuisances. For example, SPAM,47 pop-ups, spyware, and adware are viewed more as a nuisance than a security threat. However, their annoyance is so bothersome that some may feel the word nuisance is probably too meek a description. Others have even promoted these irritants to a security-threat status (to be discussed later). Spam & Spyware Headlines Spam Fighters Form New Coalition Spreading Spyware through an Affiliate Program House Takes Two Steps Against Spyware Antispam Blacklist Targets 900,000 Spitzer Files Suit Against Marketing Firm for Spyware FTC Takes Bold Spyware Actions48 University of Calgary Offers Course on Spam, Spyware Texas Targets Notorious Spammers FTC Calls for an End to New Antispyware Legislation Judge Hits Spammers with $1 Billion Fine Guilty Plea Rejected by Judge in Spam Charge Those examples are just a sketch of a small sampling of the problems and concerns. Viruses and other major scams are not even reflected in the sampling (but will be addressed later).
47
SPAM is self-promoting advertising material, also known as junk email.
48
Francis, Bob. “FTC takes ‘bold’ spyware action,” InfoWorld, InfoWorld Media Group, March 24, 2005. 69
Chapter 5 – Family in the “New” Wizard of Oz
Solutions You cannot ignore the facts and realities about crime, ethics, and nuisances in cyber space. The next two chapters are devoted to helping you survive in this beyond-Kansas world. The issues, dangers, and problems are too high in number and complexity to properly define and discuss all of them and then to provide solutions for all in a short span of time. Any attempt to cover all possibilities would probably be futile, leaving you with a 300-page dust magnet. Instead, the primary issues will be covered so that you feel enabled to do something, rather than feel overwhelmed and do nothing. There is a considerable amount of overlap in the different threats and nuisances. For example, here is a list of just a few crimes, nuisances, and risks to consider: Cookies Fraud Identity theft/privacy Account and credit card theft Phishing Scams Spam Hackers Spyware/adware
Pedophiles Cyber Stalkers Kidnappers Inappropriate sites Spoofing Viruses Worms Trojan horses Pop-ups
In businesses, there are other concerns such as: Theft of intellectual, proprietary, or any company information Key ghost, wiretapping, back door techniques Misuse, damage of computers and networks Encryption/steganography Wiretapping Exploitation of cell phone calls Denial of Service Sniffers (monitors data traveling over a network) Sabotage Malicious coding Illegal copying and viewing of data and software These topics can be categorized in many different ways. For sake of simplicity, the next two chapters are organized to cover common 70
Chapter 5 – Family in the “New” Wizard of Oz
nuisances and the common privacy risks for families.49 Since technology changes at a blink of an eye, some of this information may be obsolete by the time you start reading this book. As well, new threats and nuisances may be generated in the few hours it takes to finish reading the book. Nonetheless, the more you learn now, the easier it will be to adapt to new challenges as they present themselves.
Closing Remarks The cover page to Part II quoted an article about the need to better protect our computers. The article states that firewalls and virus scanners may no longer be enough. Meantime, some of you may not even have firewalls or virus scanners. The complexity of the quote emphasizes that most of us will not, cannot, and should not be expected to keep up with the high demands of the always-changing, cutting-edge developments. At the same time, we cannot live under a rock and ignore technology. We can, however, make decisions based on family, not based on technology, to maintain the quality of our lives. Although we are not in Kansas anymore, we still have the choice not to allow the internet to bring the world and its strangers into our homes. There’s no place like home. Keep it that way.
49
This book addresses families and not businesses. Each business generally has its own technology department that implements safety and security measures specific to its own business. 71
Chapter 6 – Viruses and More – Beyond a Nuisance
CHAPTER 6
Viruses and More – Beyond a Nuisance “The police showed up at my doorstep, concerned about my daughter’s safety . . . It all started with a computer virus!” An email with a virus was circulating. The message would appear to come from a known friend. When the girl opened the attachment, the virus went into her address book and spread the email from her to all her contacts. The attachment was a plea for help because she was being beaten by her father. Her innocent, naïve, sweet friends told their parents, who called the police. Can you imagine the shock, the fear, and the embarrassment this caused? So how do you know if the email is really from a friend or a result of a virus? “The email came from her best friend, so of course she thought it was safe to open. It wasn’t, and now it has cost us thousands of dollars.” A girl opened the attachment from her friend. The friend did not realize she had forwarded a virus that, in the end, resulted in the family having to buy a new computer. But more than that, important information was lost (no back up!) that caused a financial loss. ~ This chapter covers topics known as nuisances. However, these nuisances can be more than just annoying. Online nuisances are timeconsuming, frustrating, and costly. But similar to the world in which you grew up, nuisances exist. We have learned how to avoid, deal, and live with them. For example, you love to go camping, but you do not love mosquito bites. Those pesky bugs do not stop you from going camping. You learned to use bug repellant. Likewise, do not allow the pesky bugs of the internet to stop you from being online. Learn to use the equivalent of bug repellant. As you read about these common nuisances, you will find the definitions and descriptions are written in simple, layman terms. For 73
Chapter 6 – Viruses and More – Beyond a Nuisance
more in depth and technical detail, consult a technical encyclopedia or dictionary such as those listed in the resource section. The four nuisances covered in this chapter will provide information that can be applied toward other nuisances. In providing solutions, this is the point where technological steps cannot be completely avoided. Still, the primary solutions are mainly non-technical, as is the main message:
Let your family values dictate the use of technology, not vice versa.
Viruses Definition A virus is a program that is purposely written and circulated with mal intent. A virus is not an accident.50 There are many types of viruses and methods of virus attacks, including worms and trojan horses. Virus effects Some viruses are just a nuisance. However most viruses are destructive and can do many things to your computer, such as damage files, erase data, cause havoc on the hard drive, disable the computer’s start up, or create a back door for others to get into your computer. The clean-up process generally is tedious and often requires a new hard drive or even a new computer. At best, virus attacks are time-consuming and frustrating and result in a loss of information. How do you get a virus? Viruses are generally transmitted through attachments to emails, within a downloaded file, or in a file on removable media (e.g., CD, DVD, diskette). Since a virus is programming code, you do not see a virus, but rather you experience its negative effects. 50
Some people confuse a virus with a programming bug. A programming bug is a typo or an error in the code that does not flow with the rest of the program. A bug is generally a mistake that is usually not harmful. A virus is not a mistake. The code is purposely written to execute something that is damaging or, at best, is a nuisance. 74
Chapter 6 – Viruses and More – Beyond a Nuisance
Chances of getting a virus Chances are that every person online has received at least one, if not dozens of viruses by now. This does not mean that you have been infected by the virus. You have to open the infected file to be affected. Some Internet Service Providers (ISPs – the company who provides your internet connection) have virus protection on their servers and do not even allow the virus to reach you. Viruses are widespread and probably more common than the common cold! Solutions – Ways to avoid viruses The technical solution is to use virus protection software, also called anti-virus or virus scan software, among other names. You can purchase this software online or in a retail store. (See the resource section for several options.) If you need assistance with installing this software, refer to the Action Steps in Chapter 3. Virus protection software must be constantly updated. Many packages will automatically set up your computer to check for updates, but you may have to take action to perform the update. Updates are necessary because new viruses are created all the time. In non-technical terms, as new viruses are created and discovered, they are added to the list of known viruses within your virus protection software. Then whenever you run a scan, the software will compare all its known viruses with what is on your computer or about to be placed on your computer. Having virus protection software today is almost like having a lock on your front door or car. As the saying goes, “It’s a no-brainer.” Just like the lock on your car, virus scans are not foolproof. If a new virus just hit the cyber streets and you are an unlucky recipient, your virus protection software may not know about the new virus yet. However, you can overcome that issue by following the non-technical suggestions listed later. Different packages work in varying ways. Some packages will actively search all emails for viruses as emails are sent and received. Your ISP may even have a virus protection device on its end, checking emails before they reach your inbox. This is a convenient service, but you cannot rely on that device alone, as it will not check for viruses received via other methods. Other packages need to be executed or “run” on a regular basis. 75
Chapter 6 – Viruses and More – Beyond a Nuisance
Note: Be aware that virus protection software is a money-making enterprise. This means that not only do you usually have to pay an annual fee for updates, but vendors do not coordinate with each other. A lack of coordination among vendors often results in conflicts. For example, your ISP’s free email virus scan may be in conflict with the package you purchased to check other files. As you start using different protection devices, they may not work well simultaneously. In old-world terms, it is as if you hire three people to help protect your family. One speaks only English, one speaks only Spanish, and the other speaks only Korean. Each does his job well but may not be able to communicate or coordinate with the others. This can cause confusion and frustration. For non-technical readers, the use of a consultant is recommended, as they can work around the conflicts and explain them to you. This is another reason why technical solutions alone are not foolproof and why nontechnical solutions are important. Here are more suggestions, including the important non-technical solutions for the three most common methods of virus transmission. 1. Email is the most common way of spreading viruses, whether intentionally or unintentionally. Viruses are generally embedded in files attached to an email. Once you open an attachment that contains a virus, the virus does its damage to your computer, either right then or later. A virus can also duplicate itself and send the virus to all those listed in your address book, making it appear that you intentionally sent the email. This means that the original email you received, which you thought came from your friend, could have been generated automatically by a virus, unbeknown to your friend. Now the chain carries on as your friends open the virus you just sent. To avoid this common scenario, follow simple guidelines. You know the saying, “Look both ways before crossing.” Now instill in your mind, “Who, Who, & Why?” In other words, do not open an attachment to an email unless you know: Who made the attachment? Who sent the attachment? Why did that person send the attachment? 76
Chapter 6 – Viruses and More – Beyond a Nuisance
If a friend sends a picture of her child and writes a personal note, then indeed it is probably safe. For example: Hey Linda, here is a picture of Jane at two years of age. Lisa Hey Linda, give me some feedback on this letter I wrote to mom whether we’re doing Christmas in D.C. or in Florida. Lisa Hey Linda, it was great seeing you last weekend at the pool. Here are the pictures I took of the kids. The funniest is the one of Jane in the baby pool! Lisa If an email has a generic, non-personalized message and an attachment, it is wiser to assume the attachment is not safe. In these messages below, there is no way for Linda to know if the email really came from Lisa. Check this out! Too funny! You won’t believe this one! Tell me what you think. [no message] Linda should contact Lisa and ask her if she really did send the email. Generic messages or a no-message email can easily be generated by the computer. If you are unsure, ask the question:
Is opening a joke or funny picture worth the possibility of getting a virus?
In the event that Lisa did indeed send the email, but it is something that she did not create (not a picture from her camera or a document that she typed), then comes the question: Who made the attachment? If Lisa says, “It’s a funny picture of a dog in 77
Chapter 6 – Viruses and More – Beyond a Nuisance
sunglasses that someone sent me,” then you need to ask yourself the first question: Is opening a joke or funny picture worth the possibility of getting a virus? This is not to say that every attachment has a virus. It is to say that there is always a risk. Today, as millions of emails circulate, people do not think twice about it. We tend to start rationalizing with “Everyone does it” or “What are the chances?” Many people have taken the risk until they have been infected. The not-just-anuisance recovery efforts have made them realize that the funny picture was not worth the clean-up process. Talk to people who have been infected by a virus, and perhaps your scale will lean more on the side of caution. Email from your bank or other institution If you receive an official-looking email from an account-related institution, verify by phone or by their official website whether the email is true and valid. For example, Internet-America is your ISP, and you receive an email from them that looks or sounds official and has an attachment. Do not open the attachment.
Never simply assume an email is from the person or company from whom it appears to be.
This is a new concept for us. Generally in the past, most phone calls or U.S. Post Office mail came from the person from whom it claimed to be. That is the method of communication to which we are accustomed. But now, scammers and spammers use a technique called spoofing to mislead the recipient by masking the real sender with a spoofed identity. Spoofing is the falsifying of an email header or “from” line to make a message appear to be from someone or somewhere other than the actual source. Your oldworld method of assuming identity does not work in the online world. Spoofing is another coordinate on the new world learning curve. When checking for validity, do not use the phone number or website provided in the email. Use the phone number listed on a 78
Chapter 6 – Viruses and More – Beyond a Nuisance
paper invoice or the website address that you know is the official website. This cautionary measure is covered more in the next chapter under Phishing. 2. Downloading of files, programs, or pictures are other methods of transmitting viruses. Many vendors distribute their programs online. Certainly, it is a great convenience to purchase or obtain an item online rather than going to a store. There is nothing wrong with downloading programs or files (legally), but before downloading anything, ask yourself some primary questions: ~ Is this a trusted source? If it is a well-known vendor and you are paying for a product, chances are much better that it is a safe download, virus free. ~ Why are you downloading this? Do you need it? Or were you enticed to download it? If the download is legally free, and you were simply enticed to do it, be particularly wary of the source. ~ Is the item you are about to download worth the risk of getting a virus? Is it just a funny commercial? Is there any real necessity for it? Decide on the benefit vs. the risk. ~ If you do download a file, you should save it to the hard drive rather than opening or installing it directly from the web. If it contains a virus, the virus will not infect your computer until the file is opened, activated, or installed. You can then run a virus scan on the file before opening or installing it. But remember, your virus scan is only as accurate as your last update, and every possible virus is not known until it has contaminated someone first. The bottom line: always assess the benefit and the risk. Are you just doing it because “everyone else does it,” or is there a need? Downloading is a great option and an extremely convenient method, but just like gasoline and other conveniences, it does come with its dangers. You know not to light a match near gasoline. Now you know not to download anything and everything just because it is there, just because everyone does it, or just because you can. 79
Chapter 6 – Viruses and More – Beyond a Nuisance
People who make, plant, and purposely spread viruses do so with mal intent, and they find clever ways to do it. They created the just because rationale and hope you will do it just because.
3. Removable media is a third common carrier and transmitter of viruses. Removable media refers to devices that can be moved and shared from computer to computer, such as a CD, DVD, or diskette. When someone copies a file onto a disk, that person may be copying a virus as well. This means that a good friend could unintentionally give you a disk with a virus on it. When inserting a disk into your computer, take the cautionary step to run a virus scan before opening any files on it. The purpose here is not to make you paranoid about every file or program you come across, but rather to instill good habits just as you do in everyday life. Some people wash their hands before they eat. Others lock their doors every night. Now, just get in the habit of scanning and checking for viruses whenever inserting removable media. Virus removal If you have a virus, update and then run your virus protection software. The software can sometimes clean the files and remove the virus. Other times, the damage may be permanent or may need a more extensive repair process. If your virus protection software does not solve the problem, you may need to hire a technician. (Refer to the Action Steps in Chapter 3.)
Spam Definition Spam is Self-Promoting Advertising Material, otherwise known as junk email. How do you get so much spam? There are a number of ways that advertisers (spammers) obtain your email address. These methods are revealed throughout the next several pages. 80
Chapter 6 – Viruses and More – Beyond a Nuisance
Is spam dangerous? Although spam is generally more of a nuisance than a risk, spam can lead to some dangers (e.g., viruses and phishing). Solutions – Ways to reduce spam Here are a few things you can do to help reduce spam. 1. Keep your email address more private. Everyone asks for an email address. On the surface, providing an email address seems harmless. Why not? Giving out your email address to everyone and everything is normal, fine, and what everyone else does. Says who? a. Be more selective about giving out your email address. If you are filling out a form for your child’s school, then yes, providing your email address is a good idea. But when filling out forms for contests or “Win a Free Trip” or any other form, why do they need your email address? Can they just call you? If you truly win a trip or a contest, they will leave a message. Email addresses are often sold to other advertisers. If there is no real, valid reason (like your child’s school) for providing your email address, why do it? The purpose of many contests and free online memberships is to get your email address for advertising use. b. If you do give your email address (online or on paper), read all fine print carefully. There is often a line that says that your email address will be shared or that it will be used for other purposes. Generally you have to take action by placing or removing a check mark from a box to indicate, “No, don’t share my email address.” No action generally means consent to share your information. 2. Create a “miscellaneous mail” email address. Sometimes businesses have drawings for free services or meals, and free is worth it to you. Or perhaps you just want to include your email address on every form you fill out. If that is the case, then create a miscellaneous (a.k.a. junk) email address. For example, use one of the internet email services, the free ones available through the internet to anyone (e.g., Yahoo, MSN, 81
Chapter 6 – Viruses and More – Beyond a Nuisance
Hotmail, Juno). Create an account and use that email address for all the miscellaneous forms and items that you feel compelled to fill out. Use your personal email just for friends, family, and official family business. 3. Do not reply to spammers. That says it all – do not reply to spammers. Do not ask them to stop spamming you. Some spam mail will arrive with an “unsubscribe” option. In many cases, the unsubscribe attempt should work. In other cases, it does not work. You will need to sort through the thousands of spam mail to find which ones provide an unsubscribe option, then execute the option, and wonder if it will work. Is all that effort worth your time? 4. Use anti-spam software. Start with your ISP. They may have free options to help filter out spam. There are also other software packages that can be purchased. (See the resource section.) Here is an example of an excellent anti-spam service that is free and part of an ISP’s package.51 The user has many choices for setting the level of spam. All incoming email goes into one of three places: The Inbox: You receive emails into your inbox only from those people who are in your address book. Known Spam: All junk mail that is known to be junk mail automatically goes into this folder. You can choose to look at it, delete it, or have it automatically deleted and never see it. Suspect: Email messages that are not yet known as real spam nor are from people in your address book are placed into this folder. These emails reside on the ISP server and not on your computer, which is a great virus protection feature. You can choose to view these emails (in case a friend who is not 51
This anti-spam setup is from EarthLink’s Total Access and is just one example of many excellent services. 82
Chapter 6 – Viruses and More – Beyond a Nuisance
in your address book does send you something), or you can choose to have the computer tell you when it is indeed from a friend or trusted source! Then you never need to see spam mail, unless you choose to do so. 5. Don’t be fooled. By now, you have heard the saying, “Don’t believe everything on the internet.” The advice applies to more than just informational websites. Spammers and scammers use all types of clever methods to create a false front in order to mislead you. Be wise about the internet. Do not assume everything you hear or read is true. An example that fooled many people is the Do Not Email Registry scam. Most people know about the Federal Trade Commission’s (FTC) Do Not Call Registry. The FTC created a solution for families who were overwhelmed by telemarketing phone calls. It took a number of years before this solution was created. Now Congress is very aware of the problems with electronic SPAM. In attempts to find a solution, a Do Not Email Registry was proposed. A study was performed and the resulting report basically said that, at this time, a Do Not Email Registry would not provide the needed solution and that other options needed to be studied. Nonetheless, spammers created a Do Not Email Registry that looked very similar to FTC’s official National Do Not Call Registry website. Unfortunately, those who registered gave their email address to a “Do Email Me” list. This example of “do not believe everything online” also reminds us that the internet’s unprecedented growth rate has Congress and laws in a reactionary mode. Legislation is having a difficult time keeping up with the speed of technology. In the meantime, you have to be the discerning eye that protects your family. Today’s adults are the first generation to learn online discernment skills. Apply your current knowledge base to the online scenario. How? You do not believe every word of every commercial on television. You do not go running out to buy every single product 83
Chapter 6 – Viruses and More – Beyond a Nuisance
advertised in a magazine. Instead, you decide which products will benefit your family. Likewise, online, you have to make the best decisions based on your family and not get swept up in the misleading mayhem.
With television, the FCC regulates junk, lies, and blatant trickery. There is no such regulating body for the internet.
While we are on the subject of the National Do Not Call Registry, a rumor has been spread via email for several years about cell phone number databases being released to telemarketers. The rumor caused such panic and upset that the FTC placed an official notice on its website that the rumor is untrue. How did everyone hear about this rumor? Through distribution debris. 6. Stop participating in distribution debris (DD). That says it all – stop participating in distribution debris. What is distribution debris? DD is a nuisance that disguises itself as useful information or a funny joke. But in reality, it not only adds to the volume of email circulated, but also serves as a source for spammers, scammers, and viruses. DD is so widespread that it has a section all its own.
Distribution Debris How many times have you received an email as one recipient on a list of many people? In other words, your name is on a distribution list. You may even have your own distribution list. When you receive a funny joke or a helpful hint, you forward it to fifty people on your list. Why do you do that? You care about your friends. You want to share a funny joke, or you want to share this important information that you received. Did you know that you are being used for the kindness and softness of your heart? Definition Distribution debris is the non-essential email that is spread through distribution lists. 84
Chapter 6 – Viruses and More – Beyond a Nuisance
Description Here are some of the most common types of distribution debris.52 Jokes Funny pictures, comics, commercials Virus Warning - Hoax Warnings about trojans, viruses, and other malicious code that do not really exist, e.g., Good Times Warning, WTC Survivor Virus False Warnings (Urban Myths) - Hoax Warnings and stories about bad things happening to people and animals that never really happened, e.g., spider in the toilet, needle in movie theater seat. But then does this give people ideas? Give Away - Hoax Stories about give-aways by large companies, e.g., send this on and some big company will send you a lot of money, clothes, a free vacation Sympathy Letters and Requests to Help Someone - Hoax Requests for help or sympathy for someone who has a problem or had an accident, e.g., little girl dying of leukemia, cocaine baby, beaten child, missing child Traditional Chain Letters Traditional chain letters that threaten bad luck or claim good luck – also closely related to receiving money in the future if . . . Threat Chain Letters Mail that threatens to hurt you, your computer, or someone else if you do not pass on the message Scare Chain Letters Bad things that happen – especially to women 52
Many of these categories and descriptions were extracted from the Department of Energy’s website . Office of the Chief Information Officer & Office of Cyber Security, Computer Incident Advisory Capability. 85
Chapter 6 – Viruses and More – Beyond a Nuisance
Scam Chain Letters Messages that appear to be from a legitimate company but are not Helpful Hints Seemingly helpful hints, e.g., female safety tips, cell phones at gas stations Most of these emails are hoaxes, lies, or embellishments of a partial truth. Truly this is all a fascinating and interesting phenomenon. At the very least, you should be aware of the manipulation of human kindness and emotion. The sympathy letters truly pull at the heart strings. How can you resist a letter that begins with such lines as: “If you delete this ... you seriously don't have a heart.” “I'm 11 years old. My mommy worked on the 20th floor in the World Trade Tower.” “You guys . . . this isn't a chain letter, but a choice for all of us to save a little girl that's going to die.” Those are actual first lines of hoax emails that have been circulated in the distribution debris. Is it all “debris”? What about some of the stories that could be true? If you are unsure of the validity of a story, check it out before forwarding it. Here are three common stories that floated around the internet:53
Cell Phones at Gas Stations Imagine the number of people you know that have cell phones and go to a gas station. This rumored warning stated that you should not use your cell phone at a gas station because it could cause a fire or explosion. This rumor was researched, and the results stated: 53
Also from Department of Energy website as stated in previous footnote. 86
Chapter 6 – Viruses and More – Beyond a Nuisance
The rules for safe refueling from the Petroleum Equipment Institute's website are: Turn Off Engine Don't Smoke Never Re-enter Your Vehicle Note there is no mention of cell phones. In fact, the Institute explicitly says, “PEI has not documented any cases of cellular phones causing fires at gas stations . . .” Another possibility is that pulling the plastic phone out of a pocket creates static electricity which could discharge and make a spark. Of course, this applies to any plastic objects that you might pull out of a pocket. Static charging such as this is the reason you should not re-enter your vehicle while refueling. Any form of static electricity may be an issue. Cells phones are not the issue.
Helpful Hints for Women in Parking Lots What about the helpful hints for women, especially the hints that make complete sense. Did you see the email that had advice from a self-defense expert about how women should protect themselves in a parking lot? Truly the information seemed helpful and valid. What is the harm in sharing possible life-saving information with your friends and family? The answer is included below under Solutions.
Woman Pulled Over By Unmarked Police Car Dial #77 or *677 The email begins, “This is an actual true story and not one of those Internet stories that are passed on and on.” The story claims that a woman was being pulled over by an unmarked police car. She dialed #77 to contact the State Police who identified the man as a “bad guy.” This story is not provable as true or untrue. The police have no 87
Chapter 6 – Viruses and More – Beyond a Nuisance
record of the actual occurrence, and the story never ran in the news. Each state has a different # or * number to reach the State Police by cell phone, so #77 does not work nationwide.
Distribution debris downsides Distribution debris is seemingly harmless, but does have downsides. ~
DD is clutter and generally junk mail that takes up a lot of time and space.
~
DD is a method of obtaining email addresses (spam).
~
DD can and does contain scams.
~
DD can cause unnecessary panic.
~
DD spreads rumors.
~
DD is a method of spreading viruses.
~
DD occurs with such frequency that a user begins to think nothing of it, lowers his guard, and then gets hit by a virus.
~ DD could give an unethical person some bad ideas. Solutions: Ways to reduce distribution debris Knowing the number of hoaxes and scams being spread through DD, ask yourself:
What value does sending and receiving emails via a distribution list bring to my life?
Do not accept DD just because everyone does it. If you choose not to fall into the DD cycle, draft a statement that you send to anyone who sends you DD. For example: 88
Chapter 6 – Viruses and More – Beyond a Nuisance
Please take me off your distribution list for forwarding these types of emails. I appreciate your wanting to share this information with me. If you think it is of value and importance for me, please send it to me individually and not on a distribution list. Thank you for your understanding. Likewise, if you feel information is good and valid, such as parking lot safety for women, then cut and paste it into a personalized email and send it to each of your friends individually. Of course, one of your friends could forward your email (with your email address in it) via a distribution list. When is it worth it?
If you are unsure of the validity of a story, check it out before forwarding it. If it is not worth the time to check for validity, perhaps it is not worth forwarding.
Here is the best non-technical perspective: What about the amount of time spent on the computer? What else could you be doing with your time instead of reading and forwarding hundreds of hoaxes and distribution debris? Get some fresh air. Join a kickball team. Spend time with your family. The possibilities are endless.
Pop-Ups & Other Advertising Definition A pop-up window is generally an advertisement that pops up onto your computer screen when you are on the internet. There are pop-up windows that are not advertisements. For example, if you are looking at a pair of shoes online and you want to see a larger image, then you click on the image. A pop-up window will appear, showing a larger image of the shoes. Likewise, forms often are generated as pop-up windows. Purpose The purpose of pop-up advertisements is to generate revenue. Recall from Book 1 that the internet is a revenue-generating device, “a money89
Chapter 6 – Viruses and More – Beyond a Nuisance
making enterprise . . . not just a nice, free resource for people to use.” 54 There is nothing illegal or immoral about using pop-up technology for advertising, except perhaps when the advertisement is adult-related. Then the pop-up becomes more than just bothersome; it becomes a problem for families with children. Solution: Ways to eliminate pop-ups Eliminating pop-up windows is very simple and common through the use of pop-up blocker software, which is very accessible today. Many ISPs offer free pop-up blocker software or you can purchase pop-up blocker software. (See the resource section.) Some website search engines include it for free. Microsoft Windows now comes with a free pop-up blocker option. In situations when you need a pop-up window (such as for forms or enlargements of product photos), the software gives you the control to dictate when you want a window to pop open. Generally, holding the CTRL key (or ALT key) on the keyboard while clicking on the link will allow a pop-up to appear. You can also specify a list of websites for which pop-ups should be allowed. Earlier, virus protection software was called a no-brainer and compared to a lock on the front door. Pop-up blocker software is the door itself. Beyond Pop-Ups Since the internet is a revenue-generating device, and the use of pop-up blocker software is now commonplace, the money makers will consistently create new devices to overcome the blocker obstacle. The key point in all of the issues dealing with the internet is that it is almost like a ping-pong game: Advertisers: Anti-ad software: Advertisers: Anti-ad software: Advertisers:
create a technology to advertise combats that technology create a newer method to advertise combats the newer method create yet another method
. . . and so on. This ping-pong game also applies to virus makers, bad guys, and other bothersome online tactics. The good news is that this back-and-forth 54
Book 1, Chapter 8: Making Decisions for Your Family, page 60. 90
Chapter 6 – Viruses and More – Beyond a Nuisance
competition keeps us pushing forward in finding new designs and approaches, which may lead to other advancements in life, medicine, or conveniences. The not-so-good news is that we, as users of the internet, will constantly need to be dealing with this issue, continually purchasing or finding the latest blocker or anti-whatever software available. For example, pop-ups have now worn out their welcome. New forms of advertising are taking their place, such as fly-in, slide-in, flash-in, pop-under, and messenger ads.
Closing Remarks With the vastness of technology, it would be impossible to list every online nuisance. With the fast-paced progression of technology, by the time you read this book, there may be a dozen more new nuisances. The basic theme in this chapter is the same as in all the chapters:
The more control you have, the less control others have.
The internet has been referenced as a hurricane that whirled into existence. You may be sitting in the eye of the hurricane, which seems calm and harmless, but everyone knows what lurks beyond the eye. Use the internet without being swept up in the storm.
91
Chapter 7 – Protecting Your Privacy
CHAPTER 7
Protecting Your Privacy “Nothing online is private, period!” A common reaction to that statement is something along the lines of “You’re just paranoid and causing unnecessary anxiety, fear, and panic.” Is it paranoia or necessary caution? Compare this to a commonly known topic such as CPR. Why do people take a CPR (cardio pulmonary resuscitation) course? Perhaps the course is required for their jobs. Why, then, would employers require it? Do you think employers are just paranoid, or could it be because everyone knows that heart disease and cardiac arrests are a real threat? Since heart disease is the number one killer in adults (according to the American Red Cross and American Heart Association), courses in CPR teach how to prevent and recognize signs of a heart attack, as well as CPR skills. People embrace the information in the CPR courses. Society has generated no-fat, low-fat, and low-cholesterol options. No one believes that the reduced-fat butter or CPR courses are causing anxiety, fear, or panic. Why is discussing privacy and dangers online any different? Why is “You’re just paranoid!” a typical response? Could it be because the internet is still too new that most people have not heard enough horrifying headlines, yet? Or perhaps it is because there is no centralized effort like the American Red Cross to broadcast awareness about the internet. The exact reasons are unclear, but one clear fact is that there are numerous stories about online safety and privacy. Go to a social gathering and ask, “Have you heard any stories about internet safety and privacy issues?” Then sit back and listen.
Online Privacy: An Oxymoron Online privacy might be an oxymoron. In Chapter 5, data loss and identity theft headlines confirm the lack of privacy with electronic information. In addition to those headlines, in Spring 2005, a large, 93
Chapter 7 – Protecting Your Privacy
well-known corporation lost data with personal information on 600,000 people. An investment group lost data containing information on 200,000 clients. Potentially 40 million credit and debit card accounts were exposed by an intruder. How many more headlines will it take? Nothing online is private, period! Even if you do not use the internet, you do have personal information such as your address, account numbers, and social security number that are electronically stored and connected to the world in some fashion. Your personal or credit card information could have been exposed in the stories from Spring 2005. But other than living in a hole, there is not much you can do to control that. An electronically stored life is just the nature of society and business in today’s world. In the CPR analogy, there are certain factors that increase the risk of heart disease that you cannot control, such as gender, heredity, and age. But there are factors like diet, exercise, smoking, stress, and life style that you can control to reduce the risk. Apply that model to online privacy: there are some factors that you cannot control, but there are many steps you can take to help protect your privacy.
Controllable Risks to Privacy Take control of the factors within your power. You have a lot more control than you may realize. This section will help you start taking control of some of the most common types of online privacy intrusions. Each topic could generate an entire chapter by itself, but an allinclusive handbook on how to protect your privacy online might elicit the “Now I’m so overwhelmed, I will do nothing” syndrome. Since the goal is for you to do something, simple technical steps and nontechnical steps are given for you to develop a strong foundation and a first line of defense. When you find the time and are ready to take on more technical solutions, then you are ready for the 250-350 page technical books. But for now, something is exponentially better than nothing.
94
Chapter 7 – Protecting Your Privacy
Cookies People are always interacting with websites. Users type in preferences, user names, choices, etc. A website server does not remember every live interaction with every single visitor. Instead your choices, information, and interactions with a website are stored on your computer in a cookie. When you interact with a website, the website’s server looks at your cookie on your computer to remember or see your preferences. Definition A cookie is a file placed on your hard drive that contains your information and preferences. The cookie is created and accessed by a website when you interact with the website. Purpose Cookies are not really a direct danger or a direct invasion of privacy. They were designed to be a convenience. In some cases, cookies are a necessity. For example, cookies are needed for online shopping or the use of web-based email services such as Yahoo. As a convenience, cookies can generate your patterns and habits to advertisers, who then can tailor advertisements to your preferences. For example, if you always surf sports pages, eventually cookies may generate enough consistency for advertisers to start placing sports-related ads on websites that you visit. This can be viewed as a convenience both for you and for advertisers. Why Do Cookies Matter? Since cookies store information on your computer rather than steal information, what is the risk in regard to privacy? Although the intention and use of cookies are to benefit the user, the fact is that thousands of servers on the other side of the world are reaching down into your computer to set and to read stored information. Realize that personal information and personal preferences are being tracked. With all types of nefarious hacking methods available, why would you unnecessarily increase the amount of personal information you make available to the world? You cannot avoid cookies on some sites, but you can avoid them on many sites. In going with the family values theme, how much personal 95
Chapter 7 – Protecting Your Privacy
information are you willing to broadcast out to the world? Suppose you are walking through a mall and every store owner pops his head out and asks you such questions as, “What’s your name? What’s your address? What’s your favorite color? How many kids do you have?” Will you be willing to tell every store owner all your preferences and information? Probably not. You do not want every advertiser to know all about you. But if you want to buy a gift from a certain store for your four-year-old daughter and have the gift mailed to you, then yes, you may be willing to give your information to that store owner. Use the same discretionary methods while online. How? Control your cookies. Solution: Cookie Control You should have control over who is setting and polling information from your computer. Why would you blindly allow just anyone to have your personal control? Most browsers have options that allow you to control cookies. Each browser (e.g., Netscape Navigator, Internet Explorer, Mozilla Firefox) has its own options and methods. If you do not know how to access and set the cookie control options for your browser, consult the help menu, a hired expert, or your technologically savvy child or friend. Since the concept of cookie control is generally the same, an example of cookie control may provide significant help for you to navigate through your own browser. Chapter 9 has detailed information on how to control your cookies with Microsoft Internet Explorer, Version 6. As you go through cookie control, you will notice that the browser gives you these options: Block cookies that do not have a compact privacy policy. Block cookies that use personally identifiable information without your explicit consent The existence of options about no privacy policy, personally identifiable information, and without your consent should indicate an even more pressing reason to control cookies.
96
Chapter 7 – Protecting Your Privacy
Controlling your cookies is just one simple step to help eliminate the amount of personal information you make available to the world, therefore reducing the risk of privacy breaches.
Spyware and Adware Definition Adware basically results in advertisements that appear on your computer through different avenues such as pop-up windows or banner ads. Much like cookies, adware can profile your surfing behavior, preferences, and shopping habits in order to customize ads. While adware primarily generates many pop-up windows and advertisements, spyware takes adware a step further. Although under the guise of customizing ads for you, spyware gathers personal information, often without your knowledge. Spyware is intrusive and is not simply placing cookies on your computer. It can record your keystrokes, history, passwords, or other private information. Although the privacy policies may state that identifying data collected from your computer will remain anonymous, the bottom line is that you are (probably unknowingly) sending personal information out into the world. While some people use adware and spyware synonymously, the more technical definitions clearly give them separate meanings. To simplify the difference, adware is a nuisance while spyware is a breach of privacy. Both are tracking your personal habits. However, at the current time, neither is illegal. Congress is deliberating over the legality and methods of spyware. Until legislation provides privacy protection, you need to control how much personal information you are willing to broadcast into the world. How do you get adware or spyware on your computer? Chances are very high that right now you have spyware on your computer (unless you have been using spyware detector software). Adware and spyware are generally attached to free software or free applications. When you download free software or a free application, often you are agreeing to allow adware or spyware also to be placed on your computer. People who develop software need to be paid. Instead of charging the customer, the developer creates a relationship with a vendor. The vendor pays the developer to use the software as an 97
Chapter 7 – Protecting Your Privacy
avenue to attach adware or spyware on the users’ computers. In other words, free software is paid for by advertisers, much as free TV shows are paid for by advertisers. But the comparison stops there. Television advertisements can only appear on your television screen. They cannot track or monitor your personal actions. You know when there is an advertisement on the television. You may not know when advertisers are tracking your online interactions. The good news is that when you download free software, there is generally an End User License Agreement (EULA) which states that by accepting this agreement, you are allowing for adware/spyware to be placed on your computer. However most people do not take the time to read the long, fine print before clicking “I Accept.” The other good news is that there is spyware detection software available, often free from your ISP. The bad news is that when you remove the adware or spyware from your computer, the free software that accompanied it may no longer function, or the spyware will reappear each time you launch the free software. Spyware Symptoms Some symptoms of spyware include a slow-down in your computer speed, an excessive number of pop-up ads, frequent computer crashes, and a redirection of websites. Redirection occurs when you want to go to one website, but are taken to a completely unrelated website. Solutions Here are three suggested steps: 1. Before downloading any free application or software, read the EULA. Make the decision: Is revealing personal information worth having this software? If your answer is “Yes,” then utilize some type of spyware protection software (step #3). 2. Set up family rules about downloading. This is particularly important for families with teenagers, as teenagers commonly download music, games, and videos. a. Make sure every family member is aware of the risks associated with downloading, both the virus risk and the spyware risk. 98
Chapter 7 – Protecting Your Privacy
b. Downloading “just because it is free” is not a valid reason to download. The software may be free of an upfront financial cost, but it may not be free in terms of the cost to your privacy. In the future, there could be a large financial cost. c. Have a family discussion on the factors that make downloading worth it. Or require every EULA to be printed and read before deciding to “Accept.” 3. Use spyware detection/protection software. Find out from your ISP if they provide spyware protection software. There are free software downloads available.55 Be sure to read the EULA! The two most important steps of using this software are: a. Run the application often. b. Update the application often. As with most software, the more often you run and update the package, the easier and quicker the process becomes. If the process is still too time-consuming and technical for you, then decide if free is worth the privacy risk.
Phishing: Identify Theft at Risk Identify (ID) theft is an issue that affects everyone, not just online users. ID theft can result from offline, everyday transactions and/or online usage. The resources listed in the back of this book include invaluable sites on how to avoid and report identity theft. Definitely take the time to look at the expert advice from the FBI, Department of Justice, and related groups. This section specifically covers the topic of phishing, as phishing has become an extremely successful way for the bad guys to get your personal information online.
55
Go to www.download.com for free anti-spyware packages. The website also contains more information about spyware. Did this thought occur to you: Would spyware protection software that is FREE have spyware or adware attached to it? Read the EULA. 99
Chapter 7 – Protecting Your Privacy
Definition Phishing is a method for the bad guys to fish for your personal information. A phisher will spoof an email address from an account institution such as your bank, ISP, credit card company, utility company, or any company that holds personal information such as name, address, telephone number, user name, passwords, or account numbers. Spoof means to make it appear that the email is officially from your account holder. Just by looking at the return email address, you have no idea if the email is real or spoofed. To make discernment even more difficult, the subject line usually says such things as:56 Update Your Account Your Account is About to Expire You Account is About to be Suspended Security Update Unauthorized Access! Verification Needed Resubmit: Urgent Requirement Billing Error Your Membership will be Canceled Warning Message A natural reaction is to go to the website to update your information or to find out more. When you visit the website, the web address looks authentic, and the webpage looks like the official website. But it is not. How can you tell the difference? Generally, you cannot tell the difference just by looking at the website. Therefore, thousands of users innocently provide their account numbers and update their personal information, passwords, and usernames. They have just given away their identity in the process. Solutions 1. Never respond to an email request for new or updated personal information. Official account holders generally do not ask you to update information in such a manner. Nor do they use urgent or threatening tones in their correspondence.
56
To see a list of spoofed phishing instances, see . 100
Chapter 7 – Protecting Your Privacy
2. If you think that there is a chance that the request is legitimate: a. Pull out an invoice or statement or look at your physical card. Call the customer service number to verify whether the request is legitimate. b. Do not call a phone number that is on the potentially fraudulent website. c. Go to the website that you know as being the official website, and contact the institution. d. Many financial institutions and major account holders have a “Verify Website” link on their official website. This link will provide verification that a website is legitimate. The link often includes a list of fraudulent phisher website addresses. e. Many financial institutions and major account holders have a “Fraudulent Email” link on their official website. The link lists known fraudulent emails that phishers have circulated. You can check to see if the email you received is on the list. If the email is not on the list, do not assume the email is legitimate. Do contact your institution for verification. The existence of “Verify Website” and “Fraudulent Email” links should be a red flag to you that phishing is very common. If you do come across a phishing attempt that is not already listed, report the fraudulent activity to the corresponding institution. 3. If there is an attachment, do not open the attachment without caution. First, follow the steps in #2 above to ensure the validity of the email. Run a virus scan on the attachment before opening it. 4. There are some toolbars available that will stop you from visiting any known phishing/scam websites. (See Spam Filters listed under Protection Software in the resource section.) 5. For greater, in-depth information on phishing, visit the website for the Anti-Phishing Working Group as listed in the resource section under Identity Theft. 101
Chapter 7 – Protecting Your Privacy
Shopping Online Definition Shopping online is purchasing items using the internet, generally requiring the use of a credit card. There are also other online payment options. However, the other options usually play the role of a broker who, in the end, requires online credit card information. The Benefit Shopping online is a convenience that saves you time by eliminating the drive to and from a store. You are also spared from the crowds and the lines, particularly during the holidays. Gifts can be shipped directly to the recipients, saving you the trip to the Post Office and packaging the gift. Another benefit is the greater variety available online compared to the limited options of just one physical store or mall. The Risk Do you remember long ago when the credit card companies told you to tear up the carbon paper of your credit card transaction? This was a method of protecting yourself from the small chance that an unethical person might go through the trash can and pull card numbers off the carbon paper. The same type of risk exists with online transactions, except now the risk is not just one unethical person. The risk is the 888 million people online. Luckily not all 888 million people are unethical hackers. What if only 1% were unethical? That would mean you need to protect yourself from 8.8 million potentially unethical people. Admittedly, even this may be an exaggeration. But the point is that you must be aware of the risk. Just because shopping is available online does not mean it is 100% safe or 100% trustworthy. You must ask yourself the question: Is the convenience of shopping online worth the risk? If the answer is yes, then are you willing to take the added steps to reduce the risks? Solutions These are simple, non-technical, first-line defense options you should consider when shopping online. 1. Shop online at reputable stores such as well-known national chains or franchises, or shop on websites recommended by friends or 102
Chapter 7 – Protecting Your Privacy
colleagues who have used the sites without issues. Arbitrary websites that you have encountered using a search engine may not be real or may not be reliable. Remember, do not believe everything you read on the internet. There is no internet police or centralized control center. There are no license requirements or agencies to verify online business legitimacy. 2. At a minimum, be sure the website is certified as a secure website. Secure websites are generally indicated by a little yellow padlock at the bottom right-hand side of a webpage:
The web address generally begins with https:// to indicate that it is a secure site. Any financial transactions should occur on a secure website. If the website is not secure, do not use it. Transacting on a secure site is definitely an important requirement for reducing risk. However, ask any hacker if anything online is “unhackable.” 3. Use one specific credit card for online shopping. Obtain a credit card with a low credit limit and use it strictly for online transactions. Keep a pad of paper by your computer and write down each online purchase as you wait for it to process. Later, checking the invoice with your logged entries will be simple. Pay the balance off monthly. If you cannot pay the balance monthly, you could consider transferring the balance to another card that holds a higher credit line. Transfer the funds via the telephone or U.S. mail, not via the internet. Having a low credit line will help you in the event that your credit card number is stolen. Yes, you will still have to dispute the charges, which is time consuming and frustrating, but at least the potential number of charges will be less than if you have a higher credit limit. Also if your number is stolen, you can easily cancel the card and still have your other cards for other uses. Some credit card companies offer a single-use number, known as a “virtual credit card.” You use your current credit card for an online transaction, but your credit card issuer gives you a substitute account number to enter online. The purpose of this service is to 103
Chapter 7 – Protecting Your Privacy
provide a safer means for online shopping and to help prevent online fraud. Although the service has been available for about six years, its popularity and use has not grown as expected, and some credit card companies have discontinued offering the service. However, after the exposure of 40 million account numbers as mentioned earlier, credit card issuers did report an increase in use of this service. (Contact your credit card company for more information.) 4. Do not set up an account with an online vendor. If you use a vendor frequently, it is a great convenience to keep your address and credit card information on file. But is that convenience worth the risk? You have your name, address, and credit card information on a computer that is attached to the world. In light of the headlines of lost and stolen data in Chapter 5, think twice before setting up an account. If a website requires an account, they should give you the option as to whether or not to keep the credit card number on file. If you do not have that option, reconsider your choices. 5. Do not use your ATM/Visa card for online transactions. An ATM/Visa card is connected directly to your checking and savings account. Credit card charges can be disputed, but it is not a simple process. On the average, those who have unauthorized charges or problems with online vendors do incur some type of loss in either time or money or both.
Fraud and Scams Fraud and scams online may not be a direct cause of privacy loss, but certainly are avenues for privacy invasion. This chapter discusses fraud and scams because of the serious nature of internet fraud and the millions of dollars lost. Internet fraud has grown in such monumental proportions that the FBI and National White Collar Crime Center partnered together to form the Internet Fraud Complaint Center (IFCC) also known as the Internet 104
Chapter 7 – Protecting Your Privacy
Crime Complaint Center. Each year the center compiles an annual report. For the year 2004, there was a 66.6% increase in complaints over 2003, with the total loss from reported fraud at $68.14 million. Keep in mind that those statistics are only based on reported cases. There is no accurate guess as to how many cases go unreported. “Internet auction fraud was by far the most reported offense.” 57 Other types of fraud include credit card fraud, non-delivered merchandise, investment fraud, identity theft, the Nigerian letter58 fraud, and other similar email scams. Sadly, scammers have used national issues such as the passing of the Pope, the tsunami tragedy, and Hurricane Katrina to misleadingly solicit funds. How do you know if an appeal to the heartstrings is real or not? How do you avoid being scammed or falling into a fraudulent scheme? Solution: Avoiding Fraud and Scam 1. Develop a discerning, informed perspective. “If it seems too good to be true, then it is.” Apply that idiom to the online world. On the other hand, “innocent until proven guilty” does not apply to the online world. 2. Follow the family values perspective which says that you should use the internet as a resource and a tool that benefits you and your family. In other words, be proactive. You choose and use the internet for your needs. Do not let others (spam/scam emails, fraudulent letters or websites) make you react. Human nature makes us curious. Scammers know that and prey upon it. 3. Use avenues that you are 100% sure are true. For example, after great national tragedies like Hurricane Katrina, if you want to donate, do so through the American Red Cross. If the passing of the Pope sparked interest or compassion in your heart, contact your local church. At the very least, before responding to an unknown source, research the website or person by looking up listed scams 57
IC3 Annual Internet Fraud Report. January 1, 2004 - December 31, 2004 Internet Fraud Complaint Center 58
For further information on these types of internet fraud, see the IFCC website: . 105
Chapter 7 – Protecting Your Privacy
on the FBI website, the DOE website, or other such official locations.59 If it is not worth your time to investigate, perhaps it is not worth responding to an unknown source. 4. Since internet auction is by far the most reported offense, consider the risk vs. benefit before bidding online. If the benefit of online auction outweighs the risk for you, consider the payment method. Are you giving away your credit card number to a stranger? Are you using an online payment service that keeps your credit card number on file, hence online? Can you use a money order or a cashier’s check? Yes, a trip to the bank means less convenience, but it also means more security. Which is more important to you? 5. The FBI has an excellent website on how to avoid internet fraud. This website is listed under Child & Family Safety in the resource section. The information on that site is invaluable.
Online Banking If you choose to use online options for banking, credit card tracking, and other such personal financial transactions, you must utilize protection devices. 1. Be sure to read all the security and process requirements from your bank or financial institution. Use all of the recommended security requirements and follow all of their advice for avoiding fraud. Banks are starting to provide anti-spoofing and anti-phishing programs. Use them. 2. Make sure you control your cookies. 3. Update and scan regularly for adware, spyware, and viruses. 4. Monitor your account frequently to detect any unusual activity or fraud at the earliest stage.
59
These websites are all listed through footnotes and in the resource section. 106
Chapter 7 – Protecting Your Privacy
5. Use passwords that are difficult to guess. Do not use passwords with birth dates, maiden names, children’s names, or any other such easy-to-guess information. 6. Change passwords often. Some define “often” as every three months. Others define “often” as once or twice a month. Define “often” to the level that makes you feel secure. 7. Be particularly wary about possible phishing attempts. If you use online banking or other online financial services, do not automatically respond to an email about your account. DO verify the validity. It may be more prudent to always first assume an email is a fraudulent phishing attempt – fake until proven real.
Other There are many other topics related to the subject of privacy and financial protection. Of particular importance are the concerns in Part I of this book that integrally relate to this topic of family privacy. For example: Instant Messaging Recall from Chapter 3 that in the past year, there was a 2,747 percent growth rate in IM threats, which include hacking, viruses, and phishing attacks. New Devices What about the technology that controlled webcams in homes (story in Chapter 3). If there are over 200 software packages available that allow a person on the other side of the world to turn on your webcam and observe your home, what else is available? Children and Credit Cards Since there is no way of verifying who is entering credit card information into a computer, children can and do use credit cards online without parental knowledge. Besides the issue of parental liability for children’s use of credit cards, what about the issue of your credit card number being posted to the world without your knowledge? 107
Chapter 7 – Protecting Your Privacy
“Always on” technology Being connected and powered on 24/7 is the “new way to be” (latest and the greatest) in the new millennium. It is a time-saving convenience. Is the time saved worth being wired 24/7 to the world? Do you have valuable or sensitive information on your computer that is always connected to the world? Currently, Congress has more than twenty bills in the works that deal with identity theft. This number is growing, especially after the highprofile breaches that recently occurred. You may not be able to keep up with all the deliberations. You may not be able to keep up with all the threats to online privacy. But now that you understand the nature of the internet environment, be aware and be wise. Make the best decisions for your family. Most importantly, do make a decision. Do not let others make the decision for you.
Your Front Door Back in the days of Dorothy, a front door was all that was needed, perhaps more for keeping out dust and insects and not necessarily strangers. As time progressed, a front door alone was not enough. People started to lock the front door, add a deadbolt, secure a chain, and install an alarm system. Some people have a dog that barks when a person approaches the house. Protecting your family inside your house is natural. But now you have another front door to consider. Your computer, connected to the internet, is an opened door to your house, your children, and your identity. But it is a front door like you have never known – one that exposes you to 888 million people. Guarding your family from viruses, spam, spyware, pop ups, hackers, predators, pedophiles, inappropriate material, and other upcoming threats needs to be as natural as your front door, the lock, the chain, and the alarm system. Note: In this chapter, firewalls have not yet been discussed. If you keep any personal identifying information or any financial information on your computer, then you should add firewall protection to your list. A firewall stops unauthorized access and potentially dangerous material from entering your computer. 108
Chapter 7 – Protecting Your Privacy
Current versions of Microsoft Windows provide a first-line-ofdefense firewall system. Depending on the nature of your financial and important information on your computer or in your online transactions, you may need to look into other options. (See the resource section for links to more in-depth information on firewalls and firewall protection software.)
Closing Remarks Nothing online is private. Yes, this is the nature of life today, but you still have a choice. Choose to protect your privacy as much as possible. Choose which benefits are worth the risk. You always hear about the latest, greatest, and fastest technology. Advertisements and societal pressure constantly create a perceived need to keep up with the pace. But no one is banging on your family values door, reminding you to allow family values to dictate the use of technology. So, Knock Knock, or in this case, Click Click - here again are your banging reminders: 1. The more control you have, the less control others have. 2. The internet is a money-making device. 3. Use the internet for your family’s benefit. 4. Do not be swept up in the whirlwind nature of the internet. Always stop, pull away from technology, and make a decision based on family values, not on the unsubstantiated reasons that “It is there,” “Everyone does it,” and “It’s not a big deal.” Weigh the risk vs. benefit on your family values scale. These reminders and other points recur throughout this book. The repetition is purposeful to help solidify your ability to:
Allow your family values to dictate the use of technology, not vice versa.
109
Part III Guidelines to Get Started
“I had no idea! Now, thankfully, I do.”
Chapter 8 – How to Get Started
CHAPTER 8
How To Get Started What if you picked up a toy and the instructions included these words: Never Never Don’t Don’t Strangers Uncomfortable Mean Inappropriate Bad language The last line says, “Not recommended for use in a child’s room.” Would you buy that toy? 60 Those words are seen repeatedly in every list of guidelines for internet use for children. You may not have a choice about buying the internet, but you do have a choice in how you use it. The key word is choice. Choose to act now rather than to wait for a distressing situation. Proactive measures are easier, less stressful, less costly, more valuable, and more effective than reactive responses. Taking these proactive steps will exponentially increase the return on not only your technological investment but, more importantly, the investment in your family
Action Steps 1. Approach this task one step at a time so that you do not become overwhelmed and end up putting it aside for the rainy day that never comes. Create small steps and short-term goals. Do not try to tackle the whole gamut at once.
60
From Chapter 7 of Click, Click, Who’s There? 113
Chapter 8 – How to Get Started
2. Write a list, in priority order, as to what you will do. Use the steps below and check off items as they are completed, or create your own list. a. State and write your family’s morals, values, and principles. b. Conduct a family discussion on the areas of this book that pertain to your family. c. Conduct the OSEs talk. (Online Safety & Ethics) d. Create an Internet Use Agreement for your family. Use the Actions Steps and Solutions in each chapter to help create the list. Use the Tips At A Glance listed on the pages that follow. Have each member of the family sign and date the Agreement. Decide on how often the Agreement will be reviewed and revised. Include both rewards and consequences for adhering to the Agreement. e. Implement software protection devices as needed: Monitoring software, pop-up blocker, virus scan, anti-spam software, spyware protection, firewalls. f. Use the technical instructions in Chapter 9 as needed. g. Review the resources listed at the end of this book. Prioritize the top one or two resources for your family. Set a goal to visit those resources. After accomplishing that goal, decide on the next two top priority sites to view. Avoid the temptation to visit them all at once; otherwise, you may become overwhelmed and discontinue your forward momentum. Browse websites with your child. 114
Chapter 8 – How to Get Started
3. Read or reread Book 1: Click, Click, Who’s There? The information in Book 1 will empower you to make the best decisions for your family. 4. Start now.
Tips At A Glance The tips listed below are a combination of the primary guidelines from this book, from many internet safety organizations, and from various major agencies such as the FBI, the Department of Justice, and the National Center for Missing & Exploited Children. The tips are placed into general groups, but many of the categories overlap. All tips should be considered valid for every category. As you read through this list, do approach every tip as an important piece of advice in itself. Be sure also to step back and look at the big picture. Reading all of these tips at once will shed a stronger light on the nature of the world wide web. Use this list in collaboration with all the Action Steps and Solutions throughout this book.
Child Safety Do not respond to messages that make you feel uncomfortable, seem improper, or appear threatening. Do not respond to any messages that use bad language. Tell a parent right away. Do not meet or make plans to meet with anyone you have met on the internet without the presence and knowledge of your parent(s). If someone online says, “Your parents don’t need to know,” that means your parents definitely need to know. You must be the one to tell your parents, not someone else. Do not talk to strangers online. Not everyone is who they say they are. If you receive a communication from a stranger, tell an adult immediately. 115
Chapter 8 – How to Get Started
Do not accept gifts from strangers. Clearly define online strangers and online friends with your family. Close any window immediately if it is an inappropriate site, one that you know your parents would not want you to view. Inform a parent of the accidental incident. Do give your passwords and login/user names to your parents. Do not give your passwords or login/user names to anyone else, not even to your best friend. Do not give any personal information on the web or when using ICE, including: name or any family member’s name address or phone number age, school, or picture social security number credit card numbers, calling card numbers, or any numbers passwords or logins Be careful about anything typed online because nothing on the web is completely private – including email. Remember that not everything that is written online is necessarily right or true. When in doubt, log out.
Netiquette Netiquette is etiquette for the internet, referring to ethical behavior while online. Apply the Golden Rule to online activity: Do unto others as you would have others do unto you. Type only what you would say to a person face-to-face. 116
Chapter 8 – How to Get Started
Do not write mean or inappropriate words. Realize that sarcasm and humor cannot be read and messages can be misunderstood, even with the use of emoticons61 or acronyms. Do not use the internet or ICE to escape live, social interaction with friends. Do not ask other people for their passwords, login/user names, or personal information. Always respect everyone’s privacy online. Never use the computer to snoop, steal, or break into anyone’s information. Never use the computer for any harmful reason. Obey and respect all copyright laws. Copying any pictures, text, ideas, movie clips, software, or music online could be illegal, even if “everyone is doing it.” Before copying or downloading anything from the internet, find out from a teacher, parent, or reliable resource whether you are legally allowed to do so. If you cannot find an answer, do not risk committing a felony. Remember that not everyone is who they claim to be online. not claim to be someone that you are not.
Do
Respect the filtering or monitoring software that has been installed on the computer. Do not buy anything online without a parent’s knowledge and consent. Respect the time and location rules of usage set by your family.
61
Emoticons are symbols created to represent emotions. For example, a person who is winking is represented with this symbol: ;-) 117
Chapter 8 – How to Get Started
Family Keep the computer in an open family area, not in a private room or bedroom. Have time limits per session, per day, and/or per week. Set age-appropriate allowance for instant messaging, chat rooms, email, and the internet. For example, when your child is X-yearsold, he can use instant message for Y number of minutes per day. Recall that AOL’s website states that a person must be 13-years-old to use IM™. Create a policy about downloading. Include such rules as: Do not download any programs or files unless you are certain there is no threat of a virus. Be sure that you are not breaking any copyright rules. Read the EULA before downloading any programs. Select appropriate user names: Choose online names carefully, especially for your child. Do not use actual first names as any part of a screen name. Do not reveal gender. Do not reveal age or date of birth (e.g., Jane1998). Avoid identifying hobbies or interests, as predators can use that information to connect with your child (e.g., SoccerJane). Select passwords wisely: Use passwords that are not easy-to-guess. Do not use maiden names, birthdates, etc. Mix upper and lower case letters and use a number in your password. Do not use the same password for every account you have. Change passwords often. Back up your computer. At a minimum, back up the files that are critical to you.
118
Chapter 8 – How to Get Started
If your computer contains valuable or sensitive information and you have “always on” technology (see Chapter 7), disconnect your house from the world when you are not actively using the internet. Disconnect your webcam when not in use. Remember that everything you read online may not be true. Any offer that's “too good to be true” may be just that. Any heart-felt story or plea for money should be verified. Do not respond to phishing or fraudulent scams. Assume “fake until proven real.” Set up a schedule to update and run each of your protection software packages. Do not open an attachment unless you know Who, Who & Why. (From Chapter 6: Who made it? Who sent it? Why?) Create an Internet Use Agreement.
Parents Be the parent. Be involved in your child’s online life. Know what your child is doing when he is online. Know every login, screen name, username, and password that your child uses. Remember: Knowledge will protect; ignorance can harm. Learn as much as you can about the internet and about safety issues. Set good examples for internet usage. 119
Chapter 8 – How to Get Started
Develop a healthy relationship with your child about online usage. Be sure trust exists on both sides. To gain your child’s trust, avoid overreacting so that your child feels secure about coming to you in any situation. Consider parental controls, email filters, monitoring software, and filtering software. Have rules and consequence. Enforce both. Commend appropriate behavior.
Closing Remarks The opening line of this book is a quote from a victimized parent: “I had no idea! Why didn’t anyone tell me this before?” Part III started with a quote from a mom who heard one of my seminars: “I had no idea! Now, thankfully, I do.”
~ Now, so do you!
From Me, To You Our sound-bite nation pressed into this Information Age makes it very difficult to complete all of our different to-do lists. I hope that the passion in my heart has rubbed off on you in some degree to spark you to complete some, if not all, of your to-do list for your family’s safety on the internet. At the very least, I hope that when something notquite-right occurs, I will be that little person who magically appears upon your shoulder and whispers a reminder into your ear. I hope I am that nagging feeling in the back of your mind. Most of all, I hope that you and your family will enjoy a safe and healthy online life. Sail safely,
120
Chapter 9 – Technical Instructions
CHAPTER 9
Technical Instructions This chapter is designed for the non-technical readers who need a nudge in the technical direction. There are four areas covered in this chapter as referenced in earlier chapters:
Check History and View Temporary Internet Files Set Instant Messaging Options Parental Controls Cookie Control These instructions are for one platform (software package). You may not have the same package or the same version, but the concept is the same. Therefore, you may be able to apply these examples to your platform. If nothing else, reading through the instructions will increase your base of knowledge.
121
Chapter 9 – Technical Instructions
Check History and View Temporary Internet Files Using Microsoft Internet Explorer, Version 6 Referenced in Chapter 4
There are several ways to check where your computer has been. Two methods are listed here.
Check History 1. To check the history of websites recently visited: a. Open the browser (i.e., go online to any website). b. Click on the History icon (Diagram H - 1).
Diagram H - 1
122
Chapter 9 – Technical Instructions
A list of websites will appear (Diagram H - 2). In this instance, the user has been to five different pages within the Department of Justice’s website address: www.cybercrime.gov. If you click on Last Week, you will see all websites visited for the previous six days. Click on any day or folder to view websites visited.
Click on X to close history.
Diagram H - 2
c. When finished reviewing the websites, click on the X to close the history window.
The browser in Diagram H - 2 is set to save the history for the last eight days. The current day is Tuesday. Websites visited on Monday and Today are listed.
123
Chapter 9 – Technical Instructions
2. To change the number of days of history to be saved: a. Click on Tools (Diagram H - 3). b. Click on Internet Options (Diagram H - 3).
Diagram H - 3
c. Change the number of days from 0 – 99 (Diagram H - 4). d. Click on Apply, then OK (Diagram H - 4).
124
Chapter 9 – Technical Instructions
Diagram H - 4
In Diagram H - 4 there is an option to Clear History. Many older children know how to clear history. This option will clear all history of visited sites. Sites can also be deleted individually from the list in Diagram H - 2. More people are aware of deleting history than are aware of deleting Temporary Internet Files. Temporary Internet Files are created in a folder on your computer to store internet pages and pictures as you view them. This is done to help speed up the process of online interaction. Checking these files is a second way to view recently visited site names.
View Temporary Internet Files 1. To view the list of temporary internet files: a. Click on Tools, then Internet Options (Diagram H - 5). 125
Chapter 9 – Technical Instructions
Diagram H - 5
b. Click on Settings (Diagram H - 6).
Diagram H - 6
126
Chapter 9 – Technical Instructions
On the Settings screen (Diagram H - 7), you can increase the size of disk space used to save files. The larger the space, the more files you can save.
Set disk space. Diagram H - 7
c. Click on View Files (Diagram H - 7). When you click on View Files, the screen that appears (Diagram H - 8) may seem a bit confusing at first. If you simply read the main part of the internet address, (see Internet Address column in Diagram H - 8), you can get an idea of the websites that have been recently visited. In the example on the next page, the user has visited Time Warner Cable, Weather, Bell South, US Airways, and Earthlink.
127
Chapter 9 – Technical Instructions
Diagram H – 8
d. If you scroll (drag) the blue bar to the right, you can see when (date and time) the website was visited. e. Click on the X (Diagram H - 8) to exit and then click on Cancel or OK to close previous windows. Checking history and viewing temporary internet files are only two possible methods to see where your computer has been since some or all of the sites can be deleted from either list. Even if you are Sherlock Holmes and dig in further to investigate the dates and times that sites were visited and attempt to identify gaps, you still may not know if some of the sites were deleted. If your child is deleting either History or Temporary Internet Files, there must be a reason. 128
Chapter 9 – Technical Instructions
Set Instant Messaging Options Using America Online® Instant Messenger™ Version 5.9.3861 Referenced in Chapter 1 & 3
Recall the statistics from Chapter 1 about predators and the use of instant messaging. Also recall the 2,747% increase in instant messaging threats from Chapter 3. If you choose to allow your child to have instant messaging, follow these four recommendations: 1. Perform the following steps with your child. 2. Know every person on his buddy list. To view the buddy list, after logging into IM™: a. Click on My AIM (Diagram IM - 1). b. Choose Set up Buddy List and Diagram IM - 2 appears. XYZ’
XYZ
Diagram IM - 1
Diagram IM - 2
129
Chapter 9 – Technical Instructions
c. Review each name on the list (Diagram IM - 2). d. When done, click on Return to Buddy List (Diagram IM - 2). 3. Control who can contact your child. Only users on his buddy list should be able to contact him. This will help prevent strangers, predators, and cyber bullies from contacting your child. Set the preferences to allow only users on his buddy list to contact him. a. Click on My AIM (Diagram IM - 3). b. Choose Edit Options. c. Choose Edit Preferences.
XYZ’
Diagram IM - 3
130
Chapter 9 – Technical Instructions
d. Click on Privacy to view the privacy options (Diagram IM - 4). The Privacy option must be chosen before the rest of screen will resemble Diagram IM - 4. e. Choose Allow only users on my Buddy List. f.
Click on Apply, then OK.
XYZ ’ s
` Diagram IM - 4
4. Keep personal information off the web. a. Do not allow a profile to be set up. Children enjoy creating a profile because it tells people Who I am. But that places personal information into the world. In Diagram IM - 1, notice the option for Edit Profile. Go through that option with your child and make sure there is no information on any of the three profile screens.
131
Chapter 9 – Technical Instructions
b. In Diagram IM - 4, choose the option to allow users to know Nothing about me. c. Your child’s screen name should be carefully chosen. See select appropriate user names in Chapter 8, under the Family section. These four steps are only a thin layer of protection. Just because you have taken these steps does not mean that everything is completely safe. As well, options can be easily changed. Make sure your child understands the reasons for these choices.
Parental Controls Referenced throughout Most Internet Service Providers62 (ISPs) offer free parental controls. Each ISP offers different options. Each option may have varying controls. Here are some general examples: Child-friendly browsers – different types for different ages: Allows parents to choose which websites a child can access. If a child needs to access a blocked site, a parent can allow the site or allow the child to surf on the adult browser with adult supervision. Access limitations Limits children only to specified browsers, so they cannot work around the child-friendly browsers. Child-friendly email Limits the contact list. Specifies whom your child can contact as well as who can contact your child. Specified and limited lists Same as above for instant messaging, email, and chat rooms. Also specifies the chat rooms in which a child can participate. For 62
Your Internet Service Provider (ISP) is generally the company to whom you pay your bill for internet access, e.g. Earthlink, Bell South, AOL, or Time Warner Cable. 132
Chapter 9 – Technical Instructions
example, a parent may choose to allow participation only in chat rooms that are adult supervised 24/7 or allow participation in one or two specifically identified chat rooms. Remember, just because this option is there, does not mean you have to or need to allow your child in a chat room. Time limits Sets time limits for online usage. Time limits can be viewed as a productive tool. Children should be aware of time limits so they can plan, work efficiently, and prioritize their online time, rather than waste time on unessential tasks. Time specifications Specifies days and times as well as length of time that a child can be online. Blocks Blocks strangers, specified websites, attachments, downloading, and other similar features. Email screening Directs all incoming and outgoing email to a parent’s email address for approval. Parents do not have to read everything that comes and goes. Knowing that an email passes through a parent’s email address will help a child make good choices. This feature will also allow parents to use their more uhlee perspective to stop potential dangers. Monitoring software of all online activity Monitors activity much as monitoring software does, as discussed in Chapter 3. If your ISP does not provide the level of parental control you desire, check the resource section under Protection Software. You can also use some of your ISP’s options in conjunction with external software packages.
133
Chapter 9 – Technical Instructions
Cookie Control Using Microsoft Internet Explorer, Version 6 Referenced in Chapter 7
First-Party and Third-Party Cookies Almost every website you visit will set a cookie. Those are called firstparty cookies because the actual website (first-party) that you are visiting is setting the cookie. Third-party cookies come from many other vendors that are not the direct website owners. For example, other advertisers that place ads on the website or have made some type of agreement with that website will set third-party cookies in order to gather information about your surfing habits. Some first-party cookies are required for the website to function properly. Other first-party cookies are not required or necessary. The cookie requirement usually depends on your interaction. For example, if you are ordering items, you will need to allow for cookies, so the website can remember your order and preferences. On weather-related websites, when you set your zip code for your local weather to appear each time you visit the site, you will need cookies. How do you know which websites require first-party cookies in order to operate properly? Experience will tell you. In the meantime, if you block a needed cookie, you can go back and change your choices. Third-party cookies are rarely (if ever) needed for a website to operate properly. The purpose of third-party cookies is to track user habits then customize advertisements in order to generate revenue. There are two ways to control cookies: Automatic and Advanced Automatic Control Set up your browser to automatically allow or disallow for cookies according to your specifications. 1. Open the browser (i.e., go online to any website). 2. Click on Tools (Diagram C - 1). 3. Choose Internet Options. 134
Chapter 9 – Technical Instructions
Diagram C - 1
4. Click on the Privacy tab (Diagram C - 2).
Diagram C - 2
135
Chapter 9 – Technical Instructions
5. You can now move the slider up and down to choose your settings (Diagram C - 3).
Diagram C - 3
The browser in Diagram C - 3 is set on the medium setting. There are six possible settings. The chart on the next page shows the different settings. The descriptions are exactly as written in Microsoft Internet Explorer, Version 6.
136
Chapter 9 – Technical Instructions
Privacy Settings Block All
High
Cookies from all Web sites will be blocked Existing cookies on your computer cannot be read by Web sites Blocks cookies that do not have a compact privacy policy
Blocks cookies that use personally identifiable information without your explicit consent Medium Blocks third-party cookies that do not have a compact High privacy policy Blocks third-party cookies that use personally identifiable information without your explicit consent Blocks first-party cookies that use personally identifiable information without your explicit consent Medium Blocks third-party cookies that do not have a compact privacy policy Blocks third-party cookies that use personally identifiable information without your explicit consent
Low
Accept All
Restricts first-party cookies that use personally identifiable information without your explicit consent Restricts third-party cookies that do not have a compact privacy policy Restricts third-party cookies that use personally identifiable information without your implicit consent All cookies will be saved on this computer Existing cookies on this computer can be read by the Web site that created them
137
Chapter 9 – Technical Instructions
6.
When done, click on Apply and then OK (Diagram C - 4).
Diagram C - 4
Advanced Control Advanced control allows for a slightly different set of options. Consider setting cookies using advanced control, if for no other reason than you will be fascinated to see how many cookies are consistently set on your computer. 1. Follow steps 1-4 under Automatic Handling (on previous pages). 2. Click on Advanced (Diagram C - 5).
Diagram C - 5
138
Chapter 9 – Technical Instructions
3. Choose to Override Automatic Cookie Handling. This step must be done first to allow for the next options (Diagram C - 6). 4. Choose how you want first-party and third-party cookies to be handled, e.g., Prompt & Block (Diagram C - 6). 5. When done, click on OK.
Diagram C - 6
6. You will need to close the final windows: click on Apply and OK as show in Step #6 under Automatic Handling (Diagram C - 4).
Accept - Block - Prompt First-party Cookies: From a usability standpoint, you cannot block all first-party cookies. As described in Chapter 7, some first-party cookies are required for a website to function properly. However, there is also no need to accept all first-party cookies. If chose the option to Prompt (Diagram C - 6), you will prompted with a Privacy Alert window each time a first-party cookie is being set (Diagram C - 7).
139
Chapter 9 – Technical Instructions
Diagram C - 7
When prompted, generally you can block the cookie unless you know you will be interacting with the site using personal options, preferences, or purchasing information. Before choosing Allow or Block, you can also choose to Apply my decision to all cookies from this Web site so that you will not be prompted again for that website. If in doubt, block a cookie. You can always unblock it (instructions to follow). Examples of needed cookies: Yahoo Web Mail: Each time you go to your Yahoo email, Yahoo will need a cookie. You can Allow each time, or you can Apply my decision to all cookies from this Web site and then permanently Allow all Yahoo mail cookies to be set. Weather Website: The same holds true for a weather website that you want to always bring up your local weather according to zip code. Third-party cookies: Unless you want advertisers to know your surfing habits, you can block all third-party cookies per Step #5 under Advanced Control. You may want to select Prompt to see how many third-party cookies are actually set on your computer. This experiment will shed more light on the realities of the internet. After a while, you will find the constant prompting to be bothersome and will want to change the setting to Block all third-party cookies (Diagram C - 8).
140
Chapter 9 – Technical Instructions
Diagram C - 8
How to Change a Decision For general browsing on the web, cookies are typically not needed. If you Apply my decision to all cookies from this Web site and choose Block and later find that you need the cookie, you can reverse your decision. (Generally, if cookies are necessary for proper function, a website will tell you that you must allow cookies.) Before reversing your choice, decide on whether or not you really need the information on that webpage. Is it worth the cookie? 1. Follow steps 1-4 under Automatic Handling (on previous pages). 2. Click on Sites (Diagram C - 9).
141
Chapter 9 – Technical Instructions
Diagram C - 9
3. Choose the blocked site that you want to remove from the list. For example, in Diagram C - 10, the website acefitness.org is set on always block. Click on acefitness.org. 4. Click on Remove. 5. When done, click on OK. 6.
You will return to window in Diagram C - 9. Click on OK.
142
Chapter 9 – Technical Instructions
Diagram C - 10
Closing Remarks Go through these instructions several times. Repetition increases your technological proficiency and helps to make using technology quick and simple.
143
Resources
Read this now . . . Save it for later . . . Save it for life.
Resources Be sure to visit the FBI, the Department of Justice, and the Identity Theft websites listed in this section. You will instantly be educated and significantly more in tune with the internet environment. Today’s families can no longer afford to subscribe to the ostrich syndrome. You may have your head in the sand, but the predators, pedophiles, hackers, scammers, and other strangers have an absolutely clear view of you. Skim through the headings, then prioritize and set goals to visit sites. One day in the future, when you have a need to find out more, you will know to refer back to this list of resources. There are thousands of websites on each topic. This section lists only a few. Ask friends and colleagues for more suggestions. For readers who are not comfortable with the internet (and even those who are), use this opportunity to: 1.
Spend time with your child online.
2.
Have your child teach you the new stuff (technology) while you teach him the old stuff (family values and ethics). This provides him with a sense of pride (being the teacher), responsibility (teaching), and valuable family time.
3.
Learn!
During the research process, all websites listed in footnotes and in this section were active and accessible. If you are unable to access a website: 1.
Check to make sure you typed every character in correctly. Each character must be exact.
2.
Try again later. The website may be temporarily offline.
3.
The website may no longer exist. Not all websites stay online indefinitely. If you have tried the website on several different occasions and it does not work, it is probably no longer active. 147
Resources
Child & Family Safety FBI FBI Headquarters: (202) 324-3000 Innocent Images Initiative: www.fbi.gov/hq/cid/cac/innocent.htm Field Divisions by State: www.fbi.gov/contact/fo/fo.htm Avoiding Fraud: www.fbi.gov/majcases//fraud/internetschemes.htm Cyber Crime Headlines: www.fbi.gov/page2/page2index/cyber.htm FBI Additional Resources: www.fbi.gov/hq/cid/cac/addtnl.htm Parents Guide to Internet Safety: www.fbi.gov/publications/pguide/pguide.htm U.S. Department of Justice Main Number: (202) 514-1026 Cyber Crime: http://www.cybercrime.gov For Parents: www.cybercrime.gov/parents.html Kids Page: www.usdoj.gov/kidspage/index.html Child Exploitation/Obscenity: www.usdoj.gov/criminal/ceos/pressreleases.html Safety Resources: www.usdoj.gov/criminal/ceos/onlinesafety_resources.html National Center For Missing & Exploited Children 1-800-THE-LOST (1-800-843-5678) Report on Online Predator: www.missingkids.com/adcouncil Report a Missing Child: www.missingkids.com Prevention and Action Help: www.cybertipline.com U.S. Department of Energy Office of Cyber Security: www.ciac.org/ciac/index.html Hoaxbusters page: http://hoaxbusters.ciac.org Another hoax page: www.symantec.com/avcenter/hoax.html Cyber Angels Main number: (610) 377-2966 www.cyberangels.org Net Safe Kids www.nap.edu/netsafekids/index.html 148
Resources
Morality in Media, Inc: ObscenityCrimes.org www.obscenitycrimes.org/helpparents.cfm National Cyber Security Alliance Main number: (202) 331-5350 www.staysafeonline.info/home.html Federal Trade Commission on Spam www.ftc.gov/spam
Identity Theft FBI: Preventing ID Theft www.fbi.gov/page2/oct04/preventidt102104.htm Department of Justice: ID Theft and Fraud www.usdoj.gov/criminal/fraud/idtheft.html Anti-Phishing Working Group www.antiphishing.org/index.html Thorough coverage of ID Theft www.spywareguide.com/articles/identity-theft.html
Protection Software These online resources are reviews of different packages. It is important for you to make your own comparison and also to choose the product which best fits your family’s needs. Some families, however, want to forego the review and just want product names. Several packages are listed. These packages were taken from the reviews and are not necessarily being recommended or endorsed by the author or the publisher. The author and publisher have not partnered with any vendors. Recommendations for books, software, or other resources are not a result from partnerships, payments, or endorsements. 149
Resources
Before purchasing any of these items, contact your Internet Service Provider (ISP), the company to whom you pay your bill for internet access. Many ISPs provide free or bundled software for parental controls, spam, scam, spyware, pop-up windows, virus protection, firewalls, and email filtering. Browsers, such as Microsoft Internet Explorer, also have many of these features. For non-technical families, consult your local retail store (e.g., Office Depot, Circuit City, Best Buy) or see the options listed under Action Steps in Chapter 3. Monitoring Software Reviews: www.computer-monitoring.com www.pcmag.com/article2/0,1759,1619184,00.asp http://monitoring-software-review.toptenreviews.com Software: Spector Pro: www.spectorsoft.com Guardian Monitor: www.guardiansoftware.com Spy Agent: www.spy-software-solutions.com/spyagent.htm Spyware Protection Reviews: www.spywareguide.com/index.php www.spyware-reviews.com Free software: www.download.com Pop-up Blocker Software Review: www.filesland.com/software/pop-up-1.html Software: Many ISPs, browsers, and search engines offer free pop-up blocker. Pop-up Stopper: http://www.panicware.com/product_psfree.html Spam Filters Review: http://spam-filter-review.toptenreviews.com
150
Resources
Software: Spam Agent: www.anti-spam-software.com Email Protect: http://spam-filter-review.toptenreviews.com/emailprotectreview.html Internet Filtering Software Reviews: http://kids.getnetwise.org/tools http://internet-filter-review.toptenreviews.com www.filterreview.com/reviews.asp Software: Cyber Sitter: www.cybersitter.com Net Nanny: www.netnanny.com Cyber Patrol: www.cyberpatrol.com Virus Protection & Firewalls Review: http://antivirus-software.6starreviews.com/ Software: Symantec: www.symantec.com McAfee: www.mcafee.com Trend Micro: www.trendmicro.com These sites also provide a free computer security check for known viruses, spyware, and other threats. Scam Blocker A free scam blocker: www.earthlink.net/earthlinktoolbar
Miscellaneous Bullying: www.bullypolice.org Dictionary/Encyclopedia of technical terms: http://en.wikipedia.org/wiki/Main_Page http://whatis.techtarget.com www.pcwebopedia.com 151
Resources
Copyright Office: (202) 707-3000 www.copyright.gov Age-based tips for internet use: www.nap.edu/netsafekids/pro_undage.html#a2
Books Click, Click, Who’s There? Koh, LHK Publishing, LLC 2004. Safety Monitor. Mike Sullivan, Bonus Books, 2002. The Complete Idiot’s Guide to Internet Privacy and Security. Preston Gralla, Pearson Education, Inc., 2002. America Online Guide to Internet Safety. Edward Willett, America Online Press, 2001. The Parent’s Guide to Protecting Your Children in Cyberspace. Parry Aftab, McGraw-Hill, 2000. Kids Online: Protecting Your Children in Cyberspace. Donna Rice Hughes, Fleming H. Revell, 1998.
152
About The Author Koh’s background as both an educator and technology specialist brings a unique perspective to her readers. Since her first love was the classroom, her viewpoint about technology comes from an educational and family-oriented foundation. As a school teacher, Koh has taught in both public and private elementary schools. As a technology training consultant in the 80’s, she was heavily involved in the widespread growth of microcomputers in the business world. She united the two areas of specialty by obtaining a graduate degree in Educational Technology. When Koh became an educational technology specialist, she was constantly approached by parents looking for advice. Her love and concern for families ignited her passion and interest in cyber ethics and cyber safety. Koh has presented papers, facilitated discussions, and provided seminars at conventions such as the National Education Computer Conference, the National Cyber Ethics Conference, and the North Carolina Association of Independent Schools, as well as community colleges, churches, schools, and local groups.
~
Click, Click, Who’s There? Provides a family-based, non- technical foundation for safe sailing.
Click, Click, Who’s Really There? Builds on the foundation of Book 1. Provides specific online safety tips for children and families.