The term leak test, or leaktest, has become a popular buzzword among the security cognoscenti in the last couple of years. It’s in the news, it’s in the comparison charts, but what does it really mean? Why should regular PC users be concerned with leaktests and their implications in their day-to-day computer activity? How do leaktest results help you when it comes to choosing a robust security product?

These are just a few of the questions this article aims to answer. After reading this material, you’ll have all the information you need to understand leak tests and interpret their results.

What is a leaktest?

A leaktest is a tool or a set of procedures that attempts to determine a security product’s ability to prevent outbound data breaches that are designed to steal or compromise your personal information. As the name implies, leaktests are used to find out if a security product reliably protects your data against accidental or deliberate transmission through security barriers, often called data leak prevention.

Leaktests have been in existence since the appearance of the first personal firewall products more than five years ago, and their main objective has been to test the firewall’s ability to prevent unwanted applications from “phoning home” or otherwise communicating data across the Internet without the user’s consent. Leaktests have recently evolved into a broader category that includes tests using the simulated termination of a security product’s operation, controlling advanced program interactions, and other complex technologies that hackers might use to target personal information stored on users’ PCs.

If a product passes a certain leaktest, it means that the product has successfully blocked a would-be attack that’s based on a specific intrusion technique. There are many techniques known to be in use by hackers, and a robust security program should be ready to detect and rebuff all of them. New techniques are constantly being created by miscreants to get hold of personal data, so vendors of security products are constantly developing countermeasures to ensure their customers are properly protected.

When Windows XP came out in 2001, a number of malicious programs, like Trojans and spyware, already existed that could easily steal valuable user data such as login credentials or credit card information and transfer them to unauthorized third parties. In an effort to stop these breaches, security firms came up with firewall solutions that would block network activity initiated by malevolent applications by denying them outbound network access. To test firewalls’ performance, security professionals developed special tools that emulated attacks; these tools checked if the firewall was able to block such attacks from connecting by asking users to decide whether the activity should be permitted. These first leaktests were quite primitive, but they managed to expose significant deficiencies in certain firewall products.

The first leaktests used simple methods such as file name spoofing or running a trusted application with additional parameters that instructed it to send a certain text string to a target location with the goal of fooling the firewall into seeing the application as a trusted activity acting on its own behalf and consequently allowing this transfer. The earliest well-known leaktest was GRC’s Steve Gibson’s “Leak Test”, which simulated an attack in which a malicious application would rename itself to Internet Explorer (a legitimate Internet-enabled application) and determine whether the firewall was able to detect this change.

Much has changed since those days, and today’s leaktests are way more sophisticated, using advanced interaction mechanisms and network properties to simulate the data mining capabilities typical of today’s malware.

Leaktests examine the proactive protection capabilities of security solutions, checking how they respond to a particular intrusion technique, or attack vector. This is very different from the process used to examine antivirus solutions, where tests are used to determine whether a solution is resistant to a specific malware sample.

Techniques employed by leaktests

Leaktests are too varied to fall into convenient classifications for their operations, and most are based on different techniques for testing security products. These techniques are constantly evolving and improving, and the more leaketsts exist, the more rigorously security solutions are tested.

To generalize, leaktests will try to emulate one of the following techniques:

• Impersonating a legitimate application installed on a computer or leveraging its access credentials to send information to the Internet (i.e., spoofing, trusted application launch with special parameters)
• Interacting with a legitimate application using embedded Windows controls such as OLE Automation or DDE requests
• Modifying active applications in memory, attaching malicious components to benign applications – for example, component injection, direct memory patching, creation of malicious threads
• Using trusted network services and protocols to send unauthorized data in the hope that the firewall will miss the unconventional activity; such activities might include false DNS requests, BITS service exploitation, or lax ICMP filtering
• Installing a new network adapter driver through which to route data
• Disrupting or disabling the protective functions of an installed security application
• Initiating system shutdown to check if the firewall monitors the activity of untrusted processes through to its completion
• Intercepting keystrokes

Synopsys: program interactivity

The majority of leaktests were designed for Windows XP which, unlike Vista, does not verify a program’s permissions to interact with other installed programs or perform any other activity from the list above if the user has Administrator privileges. This situation creates the potential for exploitation, as any malicious program can piggy-back on a trusted, legitimate program as a means of carrying out targeted attacks. Gone are the days when malware would attempt to steal user data itself; now, it would use a legitimate application’s network access credentials with the firewall to transmit data. Security solutions need to be able to not only detect malicious programs, but be prepared to monitor the integrity of legitimate applications and the use of network resources for the advanced leak techniques used by malware.

Tradeoff: wordy alerts versus looser control

Thousands of internal interactions occur on a PC every hour. Of course, only a fraction of these are malicious. So if the firewall monitors and prompts the user regarding each operation, the user will be bombarded with alerts, making it impossible to do anything productive on the computer. As a solution to this limitation, security vendors have implemented a mechanism that “memorizes” a user’s response to a particular event so that, next time this event occurs, the previous input will be used to handle the event, and no alert is displayed. Additionally, vendors of leading security solutions such as Outpost Security Suite Pro, Kaspersky Internet Security and Comodo Firewall use online databases to automatically designate permissions for the majority of Windows applications, so the decisions are made in the background, without interrupting the user’s normal PC use. Windows Vista, with its new User Account Control (UAC) functionality, has made significant progress in stemming illegal or unauthorized activity. It does this by lowering the privileges until the user has allowed a particular operation by okaying the UAC’s foreground prompt. Unfortunately the responses given cannot be memorized, so the alert window displays start up again, frustrating the user once more.

Other vendors, such as Symantec and ESET, have chosen to control fewer events on the user’s computer, reducing the number of prompts displayed to the user. The downside of this approach is that the level of monitoring is reduced, resulting in less control over activities and the potential for some techniques actively being used in malware could bypass the protection. It’s no wonder, then, that these solutions fare quite poorly in group tests. Time will show who has the better approach, but considering that malware is becoming more sophisticated, an effective security solution really needs to control the maximum number of events on a computer, and require less user interaction.

Leaktest usage

Leaktests are safe applications designed to verify if a firewall is able to prevent an attack that uses different techniques to steal data. Leaktests can be downloaded from the Internet and executed on a user’s machine. If the security solution displays an alert when the test is run, it means that the solution successfully detected the leaktest activity and would most likely be able to deter real-world attacks based on the technique used in the leaktest.

Although successfully passing a leaktest doesn’t always mean the security solution is bullet-proof, it essentially means that it will do its best to protect a user in case a real attack strikes.

Interpretation of results

There are specialist organizations that carry out leak testing, the most active of which are Matousec Transparent Security and Firewall Leak Tester. They have vast information resources and update their leaktesting results whenever new security products come out or when updated leaktests are released. As a rule of thumb, the closer a security program to an absolute pass score of 100 percent, the more resistant to malware attack it is.

Leaktests versus other testing mechanisms

As noted earlier, leaktests test how well a security solution is equipped to combat malware that uses different intrusion techniques to bypass outbound protection. Leaktests are technique-centric, as opposed to virus testing, which is largely signature-oriented. Leaktests verify the potential of a solution to deter unknown attacks without the use of a particular threat signature.

The benefits of leaktests

It is hard to overestimate the contribution leaktests make to the security community. Leaktests are the primary techniques used to test whether a security product is capable of keeping unknown malware at bay by restricting its activity within the software environment of a PC. Leaktests have a practical value to the end user; many product reviews are complemented by leaktest results, which should give you a good indication of how well a security product is able to keep you safe from today’s widespread anonymous threats.

Conclusion

We hope this article has shed some light on the concept of leaktests and their relevance in testing the ability of a security product to prevent unauthorized outbound data leakage. Leaktests serve as a practical and effective tool in measuring the quality and scope of protection against the kinds of advanced breaches that are used to carry out actual attacks.

Over the summer, I started thinking about why people think about security the way they do, and what might be causing people to make elementary mistakes when securing their computers. I’m not talking about the choice of products or the measures they take to keep their computers secure, but rather what is fundamentally flawed in the way they think about security. As I found out during conversations with people as I travelled around Europe, most users’ security knowledge is far from what I, as a so-called ’security expert’, might consider adequate. As I delved deeper into the subject, I discovered that quite a large number of users have completely wrong ideas and misconceptions about how to tackle security issues. These conversations prompted me to write this article in an attempt to correct the most common myths and misconceptions.

Myth #1:
I will be perfectly safe if I get the best security software and keep it up-to-date, - that’s all I need to do

It’s true that use of reliable software to shore up your computer’s defenses is vital, but before that comes careful and intelligent use of your computer to prevent security incidents in the first place. It is a truism that the weakest element in the security chain is the computer user himself. In my view, relying on security software alone is like relying on car’s crash test results to ensure that you’ll be unscathed after a major wreck. But I think we would all agree that it’s better to drive safely, wear a seatbelt, and obey the speed limit. The same applies to security: you need all the safety systems, but if you don’t adhere to basic standards of safe conduct, you put your computer at unnecessary risk. So think before you open unknown files or email attachments, or react to spam and phishing attempts - these are most likely designed to undermine your security. Also, don’t forget to install latest Windows and programs updates to keep you safe from known vulnerabilities found in vendors’ products. Remember, no matter how strong your preferred security program is, it will have one of the following weaknesses:

1. Your anti-virus can’t recognize every virus in existence and is consequently not equipped to provide complete protection. A variety of factors contribute to this, including reliance on virus signatures and heuristics — based instruments — that struggle with the detection of different and ever-changing virus behaviors.
2. Your firewall or HIPS may have one or more of the following weaknesses. Both MAY exhibit delayed reactions to a security incident. Both can sometimes miss an unwanted/illegitimate operation simply because these solutions cannot detect every possible type of system/network operation. Leak tests, no matter how theoretical their scenarios might be, serve as a good (but not perfect) indicator of a solution’s protective thoroughness. These systems may also fail to activate when it’s most needed – when a new attack strikes.
   Rootkits and system interceptors that remain invisible to the operating system and the majority of security programs can be used to hide the presence of a malware payload. Rootkits are being increasingly adopted by hackers to mask malware operations such as spam, botnets and Denial of Service (DoS) attacks.
3. Security software sometimes interferes with normal operation of a PC, impacts its performance or displays alerts and action prompts that might be confusing for a normal person to respond to. It can also block WiFi connectivity or report false positives that may accidentally delete a legitimate file.
4. Some security programs require that, once infected, manual remediation be used to undo the changes brought by malware – a task beyond the ability of most normal computer users.
5. Your security program turns out to not be the trusted software you thought it was but instead is a rogue program that only advertises a promise to protect.
6. Antispam and antiphishing solutions produce a high number of false positives, and phishing sites are so short-lived that, by the time a security company issues a security update to block the domain, the location has already harvested its share of stolen IDs and financial data and moved on.

Myth #2:
Why would I be hacked? I’m small fry, I’m not interesting to hackers

People do a lot of different things on the Internet, and sometimes they expose personal data. An average internet user is vulnerable to these kinds of threats:

• Theft of personal or financial data. We shop, we enter our credit card numbers and other personal details. This creates risk and the data could be abused if you’re using an unprotected PC. A keylogger could be silently monitoring your keystrokes and capturing everything that you type on your PC; later, it will communicate this information to the hacker who sent it out hunting. If you shop and the channel of communication (i.e. the web browser traffic) is not encrypted, everything that you send over the Internet is vulnerable to being copied and used without your knowledge. Your log-in passwords, email and social network accounts can also be hijacked in a similar way. Using both known and new techniques, a sophisticated hacker can eavesdrop on your Internet sessions using what’s called "man-in-the-middle" techniques to intercept and later exploit seized data. To protect yourself from such threats, it’s vital that you use a robust firewall and ensure traffic is transmitted over an encrypted route.

And that’s not all.

• Botnet infections, where the victim’s computer and Internet bandwidth are hijacked and used to harm other Internet users. Botnets are responsible for spewing out spam or phishing attacks that look like they come from the victim’s computer, and may also be used to conduct distributed Denial of Service attacks on legitimate organizations and take control of the organization’s website.
• Hackers are always on the lookout for a vulnerable PC on the network. Once found, these PCs are earmarked for later use for nefarious purposes. By using special tools to probe for exploitable machines, a hacker doesn’t target a specific host, but rather, thousands of poorly protected computers that can be amassed in a matter of minutes.

Myth #3:
My company uses a gateway firewall, so I have nothing to worry about

Gateway firewalls, if properly configured, provide solid perimeter protection for your company. Malicious inbound data will be blocked and hackers probably will not be able to break into your PC. But outbound data can still leave your computer, meaning passwords, financial data stored on hard drives, and other critical resources will still be accessible to attackers. Plus, being protected from outside doesn’t necessarily mean you’re safe from hackers inside your company’s borders. You could be inadvertently attacked by a colleague who’s become a victim of, say, an Internet worm that spreads by sending itself to all contacts listed in someone’s address book.

Myth #4:
I only visit "good" places on the web, I never visit objectionable or adult sites. So I am safe from threats that spread over the Internet

If you’re being truthful, I’d say you’re in a low-risk group. However, there are some things to keep in mind as you surf around legitimate websites:

• Sections of legitimate sites can be hijacked as easily as adult sites, and bad content placed on them temporarily until the problem is detected by the site’s operators. This happened to the Bank of India’s website not too long ago. Additionally, legitimate sites often incorporate Flash animations and JavaScript code that may be vulnerable and open up a backdoor to your computer. And last but not least, cross-site scripting (XSS) vulnerabilities may be employed by attackers to capture your logon session. You can read about XSS in greater detail here.

Myth #5:
If I connect to a credible WiFi provider like British Telecom at the airport, my Internet connection is protected

We’ve covered the secure use of WiFi extensively in other articles, but it seems the message still has not fully got through to people. If you use an unencrypted wireless signal, regardless of the network provider, even a novice intruder can easily read what you send or receive over the network, so don’t ever take the risk and post anything confidential over a public WiFi connection.

Conclusion

Well, I hope this "back to school" article has served to remind you that, whatever protection you have on your machine, security still begins and ends with not taking unnecessary risks while you’re online. It’s a lesson every Internet user needs to learn.

There are some areas of computer security over which a user has almost no control; from involuntary exposure to software vulnerability exploits to hijacked DNS servers that divert visitors to infective locations, there is little that a user alone can do to avoid becoming a victim.

These challenges - as well as a multitude of others - require action by software vendors to design less vulnerable products and by responsible authorities to deploy an Internet infrastructure that’s less vulnerable to abuse - or at least enable fast mitigation when flaws are found.

The same principle can be applied to cross site scripting attacks. This type of web compromise cannot be solved by individual Web users alone but should be the responsibility of web application and browser developers. However, it appears this level of prevention won’t be available for some time, so it’s important to recognize the impact of cross site scripting vulnerabilities and minimize inadvertent exposure wherever possible. That’s the topic of this article.

What is cross-site scripting?

A script is a set of machine language commands processed on a user’s computer or by a web server. Cross-site scripting (XSS) vulnerabilities occur when scripts originating on one website (usually a malicious site) are permitted to interact with the content of another website, or an HTML page stored locally – hence the term “cross-site”. Unlike other types of attack, the perpetrators of cross-site scripting attacks use vulnerable servers as an intermediary to stage attacks on visitors to compromised websites; they do this by forcing the user’s browser to run the scripts placed on those vulnerable web servers.

XSS vulnerabilities first appeared at the turn of the century, when a number of security experts reported concerns over the potential use of JavaScript code with malicious intent in a cross-boundary attack.

In an XSS attack, after the script has been executed on the user’s PC, it starts issuing commands and remotely controlling the behavior of the target browser window in such a way that it appears the user is performing these actions himself. The script may execute locally on the user’s computer or lie dormant on the web server, attacking other users as they access this page.

The problem with XSS is so significant because, as a result of an XSS exploit, the script takes control of the victim’s web session while the attack is carried out in the background, leaving no footprint behind and thus making it extremely hard to detect.

In order for XSS attacks to succeed, certain criteria must be met: the use of flawed browser software that does not validate the script’s origins and permissions, or poorly-written Web server code that does not exercise proper validation routines. Social engineering is also widely used to lure victims into clicking the link containing the malicious script.

To give an idea of the scale of the problem, it is estimated that more than half of all websites today have XSS holes, and XSS flaws account for more than 80 percent of all documented web vulnerabilities. Almost every well-known web portal has been compromised by XSS attacks at some time - the likes of Google, MSN, Facebook and other prominent sites have experienced XSS exploits first-hand.

Different types of XSS

There are currently three types of cross-site scripting vulnerabilities:

• Local, or Type 0, XSS, where the problem exists in the client-side script of a web page. To exploit the vulnerability, an attacker constructs a web page with malicious JavaScript code in it and sends potential victims a link to it (via email, IM, etc.). Once the link has been clicked, the script executes and serves up a locally-created vulnerable HTML page which contains JavaScript code that can be run with the the current user’s privileges (most users log on as Administrators). After that, an attacker can gain access to the victim’s local computer, including viewing files and other sensitive data.
• Non-persistent, or Type1, XSS is one of the most common, and involves vulnerabilities of server-side scripts that do not sufficiently validate user input. Non-persistent XSS occurs when a user receives a link with malicious script while logged on to a web site. After the link is clicked and the malicious script executed, it hijacks the user’s session and controls the activity of the page the user is currently on. This type of compromise can be executed in the current browser session only.
• Persistent, or Type2, XSS is the most blatant and dangerous vulnerability because it can affect many users without the use of much social engineering. The vulnerability is in the server-side scripts but can exist for a long time, so it can affect a much greater number of users. It arises when a legitimate server persistently stores portions of malicious scripts placed on it by the hacker and later feeds that code to the visitors’ browsers for the latter to execute.

What the perpetrators are after

Most attacks target session cookies – files loaded onto users’ machines by the web sites they connect to. Cookies are easy mechanisms for identification on the site, so once the perpetrators get hold of your cookie files, they can impersonate you and act on your behalf. Cookies are transferred to attackers by the commands in the script.

What victims can lose

As a result of successful exploitation of an XSS hole, victims may lose important data and be exposed to ID theft. Once your session has been hijacked, the “script masters” can perform any activity that a legitimate owner of the compromised account can do - read and delete emails, perform financial transactions and credit payments, create postings on social networking sites - just about anything the legitimate user is authorized to do.

What makes XSS attacks possible?

XSS attacks happen for two reasons: sloppy programming and haphazardly-created website engines that do not filter user input. Either of these situations can enable a malicious user to insert a piece of a JavaScript code in, for instance, a search field; the server would return a results page along with the original search query, which could be interpreted by the client software as executable code. So it’s important that web developers create code that filters user input and translates certain characters used in JavaScript into plain text, not executable commands.

Another contributing factor to XSS vulnerability is the use of outdated web browsers that don’t apply the necessary security policies when processing (parsing) code coming from different sources.

How can users protect themselves?

While developers carry much of the blame for the majority of XSS attacks, there is still something a web user can do to minimize vulnerability. The key element is preventing client-side code from being sent to the browser by untrusted websites. Internet Explorer users can do this by raising their security slider to “High” in the Security tab, restricting the ability of any potentially malicious code on any website to run, and specifying a list of sites that are still allowed to run code. Firefox users can use the NoScript addon to block JavaScript and only allow it on sites specified in the exclusion list, as it is the case for IE. Another option would be to increase the Privacy setting in IE so that no permanent cookies are stored by the browser, and to specify a set of exclusions.

Another useful habit to get into is to always log off from a web session when it’s completed, and to open unknown links only after the user has left the site (the cookie file is removed from local storage and no attack is possible).

It’s also important to keep your browser and Windows up to-date so that any past vulnerabilities won’t apply to leave you vulnerable.

Summary

XSS attacks arise because of errors in web code that does not sufficiently check user input for malicious executable code. Vulnerability is avoided if potentially-malicious data that a user submits to a server is extracted and returned as plain text (non-executable) data. While we wait for a solution from web application developers, there are actions users can take to minimize their exposure to XSS: logging off from a session before clicking and following any links, disabling JavaScript code for unknown sites, using the latest versions of web browsers. And lastly, continue to follow the ‘rules of the web’ - don’t open links from strangers and don’t trust contacts you don’t know.

The testing methodology was quite straightforward: disabling all signature-related scanners, running the test malware sample and tracking how each product managed to prevent activation of malware after system restarted. All prompts were given the “block action” response, and the tools used for testing were Sysinternals Autoruns and Process Explorer.

Click the corresponding video file to see the products in action.

		Video 1 - Product in action: Outpost Security Suite Pro View Video
		Video 2 – Product in action: ESET Smart Security View Video
		Video 3 – Product in action: Kaspersky Internet Security 7.0 View Video

The target recipient possesses the unique decryption key which enables to decipher encrypted data and thus arrive at the original content. If someone manages to get hold of the unique decryption key, he/she can read that data as well. That’s why it’s important to keep the key in secure, tightly guarded location.

According to some estimates, more than thirty percent of US web traffic is taken up by users interacting on social networks like Facebook, Myspace and LinkedIn. Social networks (SN) can be fun and useful places to be when you want to hang out with your friends online, meet new colleagues, discuss a news event or engage in hot-button debate. The primary benefit of social networking is that it connects people with common interests or occupations and provides an easy way to share information, opinions, photos, videos, and just about everything else.

But there are also drawbacks to the open environments that constitute social networking. As you may have guessed from the title, the dark side of social networking is the focus of today’s article.

Basic guidelines

Registering with a social network

When you first sign up, you’re required to provide your real name and a valid email address that your future account will be associated with (your email address is usually used as your username for the SN). Make it a rule to choose at least a six-character strong password for your account. Also remember that passwords for your registration email address and SN login should be different, so that in the unfortunate event your account is compromised, you can always reset the password by using your email to restore your SN credentials; this presumes that the perpetrator cannot access your email inbox and read incoming messages.

Minimizing vulnerability exposure

Whereas Windows is your offline desktop platform that you can manage and secure to the best of your knowledge or expertise, your online social networking platform resides on remote servers over which you have no control; your SN identity and activities are only as well-protected as the underlying SN engine.

So, it is up to you to protect yourself – we suggest following these ‘safe practices’:

• Use the latest browser software and install Windows Updates as soon as they become available.
• Use a firewall to protect your system against unknown threats; use up-to-date antivirus to block known threats and intrusion prevention software to alert you to potentially dangerous activities on your computer.
• Do not download, open or respond to content published or sent by unknown people. There has recently been a virus outbreak in the Russian portion of an SN that resulted from unwary users clicking on a reference to a fake image file that led to the activation of a virus that then wiped user data from the affected computers.
• Remember that SN is still in its infancy: the engines are still immature and the platforms are vulnerable to determined attackers. Reports of faulty SN code appear regularly in the media, and you cannot rely on the integrity and non-disclosure of your personal details due to multiple weaknesses in SN systems. Cross-scripting errors (XSS) enabling attackers to view restricted sections of user data have affected almost every SN site, much like the way spyware targeted Windows systems that had not been patched with SP2 back in 2003.
• The 3rd party applications (widgets) that Facebook and Myspace offer as additional downloads are even more problematic. These programs are not tested for compatibility or security defects, so be sure you understand exactly what you are installing when you choose to use one of these applications.
• Don’t access your online profile from public computers – such actions are fraught with additional risk because of the potential for theft or malware compromise. Your log-in details might be stored in a local cache and later extracted and used to illegally access your profile, or the computer may be infected with keylogger that will silently capture any piece of information, including log-ins and dialog sessions, and relay this data to unauthorized third parties.

Privacy precautions

Do not disclose sensitive information – ever!

A recent British survey revealed that more than half the SN users interviewed publish contact details and private details in their online profiles, making them the easy targets to ID thieves and other miscreants.

Due to the open nature of the Internet and the fact that your account can be hijacked, coupled with the vulnerabilities of SN platforms, you should NEVER publish any sensitive information about yourself, like your home address, Social Security or cell phone numbers. And don’t post anything that could backfire against you, like videos of your student parties, or anything else that you wouldn’t want a prospective employer to see.

Prevent anonymous users from viewing your profile

By making your profile private, you limit access to your online profile only to friends and people you know.

Authorize and add as friends only people you know

The smaller your inner circle of friends, the more private your online profile is.

Never trust online-only acquaintances

It’s important to keep in mind that people and their identities are not always what they claim to be, and you should not blindly trust people that you meet online. Don’t meet these people in real life except in very public, safe places, and you must strive to avoid any other physical contact with them.

You may have heard the dramatic story of a girl committing suicide after her online date supposedly let her down, whereas in fact the cheating partner was the mother of a teenager who didn’t want her son to date the girl. If she had been a little less trusting of what she read online, she would probably be alive today.

Favor sites that use encryption

Facebook, for example, encrypts your interactive sessions, whereas Myspace hasn’t yet followed suit. Encryption garbles data in transit so that no-one can read intercepted information, protecting your passwords and other information from outsiders.

Report abuse

Should you encounter cases of spam, harassment, stalking or other intrusions into your private life, you should report such incidents to the people responsible for proper conduct on the social networking site. Consult the FAQ or Contact Us section to find specific contact information.

Don’t access SNs from your workplace

Research indicates that half of the workforce access SNs during the workday, reducing productivity and distracting from work-related issues. Such activities may also be in violation of your employer’s “appropriate Internet use” policies.

Summary

Social networks are growing in scope and number of subscribers. People use it for business, personal and leisure contacts. It’s important to remember that the information you provide about yourself is easily available even if you designate your online profile as “private”, so never publish any information about yourself that can be used to hurt you. Remember, employing safe internet usage practices, common sense and knowledge is the best protection online.

On the other hand, if a user is logged on as Restricted User, for instance, he is not allowed to make critical modifications to the system and run vulnerable services. This limits the impact of possible malware if it’s started from the limited account.

Users can designate/change account properties from the Control Panel’s User Accounts menu by clicking “Change my account type”.