|Date: Thu, 11 Mar 2004
Subject: very good anti hacking advice from Tom Bearden
Yes, if one is active on the internet and does not have spyware defense on one's computer, one seriously needs it these days. For one added benefit, it will almost 100% eliminate the silly but nefarious "pop-ups" that are so rampant these days, and that literally drive one up the wall otherwise.
I personally use Spy Sweeper, which has proven ideal for my own needs. I'm behind a hardware router, a firewall (Black Ice), intensive antivirus checking (Two Norton suites), and intensive spyware checking (Spy Sweeper). And when I installed Spy Sweeper and did the first system sweep, I really got a shock. My computer was in fact infested with a dozen or more very sophisticated spies, plus many dozens of the standard nondamaging but irritating type. The program found and eliminated them immediately, and by continuously checking in the background these days it has very successfully fended off most of them since. But one has to do a sweep check of one's system for spies, periodically, the same way one has to do a sweep check for viruses etc. One also has to continually download and install spysearch updates, similarly to the way one does for antivirus software updates.
And by the way, it isn't only the "bad guys" who are into everyone's computers these days. Some other "legitimate" folks are into very wide spying on the net, which can be very surprising. Much of this is legal under some new laws and regulations, and some of it is illegal because of the identity of the folks not authorized but doing it anyway. These folks also continuously scan the net (sorta like a continuous set of google searches) for certain words or arrangements of words. Simply repeating a news item with these word combinations can sometimes attract some very strong and undue attention from these surreptitious folks. Since I use such words of interest frequently, obviously my machine became a favorite target. About three years ago, the main Bell South technical internet engineer, charged with action against hacking and external interference, did take on a task to root out some of these piranhas attacking my machine, and he did the job, much to my relief. He also was tied into the "superhacker" community, and had no great problem in doing that job. These days, many large companies actually hire superhackers of their own, since they have found that for some things that is the only way to have parity with, or hopefully an advantage over, the criminal hacker community.
Further, many of the viruses and Trojans etc. are now made deliberately by counter-information warfare specialists in foreign nations. In essence, there are miniature "information wars" or "information war games" of sorts going on continuously, where each "side" continually tries out its techniques etc. against the other side, etc. Sorta like young fellows these days having gone ga-ga over paint gun wargames. A strange kind of information "cold war" is thus ongoing, partially in dead seriousness and partially as some kind of "gaming".
Fortunately a good spyware program is also continually updated, so one can keep it up to date for a small annual subscription fee.
Nothing gives 100% defense, but sufficient barriers and determined updating as well as persistent checking can get one to 99.99% or so. It is also absolutely mandatory that one keep frequently downloading and installing security updates from Microsoft etc. and/or the other major software manufacturers. There are certain websites, e.g., where experts will freely examine the security of one's system for open ports, etc. and give one a direct report on their examination results. The very Microsoft software itself also has serious exploitable loopholes, which Microsoft is now giving very urgent attention to, after taking lots of flack on their rather sloppy security programming initially. To their credit, Microsoft seems to now be strongly searching, finding, and fixing these bugs as rapidly as it can. However, Microsoft also gets lots of inappropriate flack because of things like 3rd party drivers etc. which do not properly mesh with Microsoft's software and cause lots of bugs and crashes of the fundamental Microsoft software, to prevent undue damage to that primary system software. Much of the crashing of Windows, e.g., is actually due to bad drivers and ancillary programs from other manufacturers, etc. rather than to the modern Microsoft software with applied changes and updates.
Also, at one time after destruction of two hard drives, and continuing massive attacks, I had to request informal "back channel" help from some real superhackers (the good guys who love the art with a passion but also thoroughly detest those weasels who misuse it to damage computers and private property such as files, etc.) That was a real education. What many of those "supercats" can do in and on computers, has not yet been written in the textbooks and will not be for some years. They very kindly and very graciously did solve a formidable problem I had, and in record time. I refused to ask what really happened to the attacking consortium of computers. For my purposes, those hostile machines and their hacking simply disappeared from any further attacking of my machine.
If a "particularly tough" problem does arrive, most substantial universities have formal or informal groups who study the art of computer hacking in more depth, and there are usually some of these groups who do come to the assistance of others as needed. The best part is that they also have informal but direct contact with the real "superhackers", some of whom are never mentioned anywhere in any publication, but who are literally living legends in that "underground" world. And so a rather nebulous but real pipeline does exist whereby with some sustained and persistent effort one can request and get assistance from the real world experts, if such a critical need arises.
In *****'s case, the real "spooks" might mess with direct computer hacking a bit, since legally they will have all the "back doors" used in building the software itself. But for real sustained work they will just establish a site down the road from him a bit, where they will detect all his targeted computer's emanations by Tempest techniques (standard practice in the EM countermeasures game). So they will have computers and a team there, where on a computer screen there continually appears a direct imaging and duplicate of the targeted computer's functioning, as Myron works, with good accuracy. In that case, they simply read what one writes as soon as one writes it, and record it as desired. Much of that is automated to a high degree. Several other foreign nations -- particularly the Russian FSS/KGB and some former iron curtain countries -- use these Tempest techniques also.
The real mess is usually made by those brilliant but misguided idiots who get their jollies from penetrating and damaging private computers and files slyly. There what is really needed are some much more stringent criminal laws and much stronger law enforcement. One cannot go down the street attacking and mutilating private parked cars with impunity, and one should not be allowed to also attack and damage private computers and their information with near impunity. One cannot design and build bombs to destroy cars and buses, and one should also not be allowed to willy-nilly build viruses and trojans etc. to degrade and misuse targeted systems and persons.