Resources for the global digital safety training community.
Put the following terms on a flipchart and ask participants to define them, writing answers where correct or providing clarifications as needed. All of them will be addressed before the session concludes:
Ask participants to describe how software is developed (or to guess, if they aren’t sure). Explain that software is written by development teams consisting of programmers, designers, and other specialist roles, depending on the project - also:
While it is being built, an application goes through alpha and beta versions (early versions/draft versions) which are not released to the public, but are tested internally. With open source software, the testing may be a carried out by a community of volunteers to test software. When problems are found, testers alert the developers – they file “bugs”.
Ask participants what software on their PC receives updates. See what gets listed or left out. Some examples to get the list going include:
As you work through the list, see what other examples participants can think of and contribute - add these, and see how long you can get the list to be.
Vulnerabilities discovered in software are a major problem for governments and companies, and for individuals, too. They are tracked by people who want to protect themselves as well as by people who want to exploit them – hackers. Show on screen the most recent records listed at:
Highlight the number of total vulnerabilities published (for example, over 31,000 on Exploit Database and 66,000 on the US National Vulnerability Database as of Dec 2014).
When you install software or update it, you are making a change to your computer. Operating systems have a way of warning users before they allow software to make changes.
When downloading an application, try to get it from the developer’s official website. That gives you the best chance of avoiding fake versions that may contain viruses and other malware.
If participants use download aggregators like download.com, filehippo.com or others, suggest that they find the vendor’s websites to get original software. Using Google instead of less well known search engines should bring up the vendor’s website within the top search results.
Give several software examples including a mixture of free and paid software, and ask participants to tell you how to obtain it. Good examples include: Firefox, Skype, NitroPDF, Office, PortLocker, CCleaner, Photoshop.
Some software can be unwittingly installed by users while installing other, free applications. Free software distributors earn revenue by leading their users to install additional applications during the installation process.
Show the Add or Remove Programs dialogue box in Windows, or the Applications folder on Mac OS X. Review the list and see if there is odd-sounding or unknown software (you could pre-install unwanted software in advance as a demonstration). Show how uninstallation can be done from this window.
Explain that plugins that get installed into a browser may compromise the security of their online activity and accounts. Open up Firefox and/or Chrome and access the Extensions or Plug-ins page and review for unknown or odd-sounding extensions. Show how to delete and de-activate plugins from this page.
Explain that this is a class of software recognized by anti-virus as software that may have been unintentionally installed by users. The following anti-virus applications can scan for so-called PUPs (potentially unwanted applications):
Ask participants to list some of the most desired software which is both a) commercial and b) not free of charge (e.g. Windows, Microsoft Office and Photoshop.) Point out that these are frequently pirated due to cost, but that piracy brings certain risks:
Open a browser and navigate Osalt (http://www.osalt.com). Present free and open source software as an alternative to the dangers of piracy. For instance:
For commercial (paid) software platforms, human rights activists and their organizations may be eligible to receive free, or heavily discounted, versions of commercial software:
Users may be frustrated when trying to update software if they live in a country blacklisted from receiving ’software exports’ from countries like the United States, or where ISPs are instructed to block downloads from certain sites. If this is the case, users can use circumvention tools to access the original sources for software. Refer to training content on Anonymity and Circumvention here on LevelUp.
Use of circumvention technology or encryption is not allowed in some countries. Please review the laws for your country before attempting to use.