Chapter 1 2 : How Private are Web Interactions?
Why we care? <ul><li>How much of your personal info was released to the Internet each time you view a Web page? </li></ul>...
How info is transmitted? <ul><li>Uniform Resource Locator (URL) </li></ul><ul><li>http :// www.cs.uofs.edu /~bi/2005f-html...
How info is transmitted? <ul><li>Forms using the GET method </li></ul><ul><ul><li>Your shipping address </li></ul></ul><ul...
How info is transmitted? <ul><li>Forms using the POST method </li></ul><ul><ul><li>Your shipping address </li></ul></ul><u...
What info is transmitted? <ul><li>Each time you access the Web, the browser sends the following to the Web server </li></u...
What are Cookies? <ul><li>Have you ever gone to a website that seemed to remember you? </li></ul><ul><li>Websites use cook...
What are Cookies? <ul><li>The positive side of cookies </li></ul><ul><ul><li>A Web server can use cookies to streamline an...
What defenses against Cookies <ul><li>For the website you visit, especially, those websites you need to register, check: <...
What defenses against Cookies <ul><li>If you use a computer at work or school, cookies would be stored on school or compan...
How secure is info during transmission <ul><li>When you use the Internet, all data you put on the network is visible to co...
How secure is info during transmission <ul><li>One way to protect yourself is to encrypt info that you want to be confiden...
How can one get credit card # online? <ul><li>If you don’t use encryption when you send your credit card number (via email...
How can online companies defraud me? <ul><li>If the online company (a website) is not a real company or it engages in unet...
How can I secure my private computer files? <ul><li>Install a firewall to restrict ports that can be used for Internet com...
Does keeping a computer online comprise its security? <ul><li>Operating systems and other programs are quite complex, and ...
Summary – chapter 12 <ul><li>When you surf to a Web page, information is sent to the site that you surf to about you, incl...
Summary (Continued) <ul><li>Cookies can be beneficial by customizing your experience at that site and making things easy. ...
Summary (Concluded) <ul><li>If your computer is connected to the internet, there is a chance that outsiders can gain acces...
Terminology <ul><li>Cookies </li></ul><ul><li>Decryption </li></ul><ul><li>Encryption </li></ul><ul><li>Form </li></ul><ul...
Upcoming SlideShare
Loading in …5
×

Chapter 12 Slide Show

506 views
406 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
506
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Chapter 12 Slide Show

  1. 1. Chapter 1 2 : How Private are Web Interactions?
  2. 2. Why we care? <ul><li>How much of your personal info was released to the Internet each time you view a Web page? </li></ul><ul><li>How secure is your personal (credit card) info when moved from your browser to the Web server? </li></ul>
  3. 3. How info is transmitted? <ul><li>Uniform Resource Locator (URL) </li></ul><ul><li>http :// www.cs.uofs.edu /~bi/2005f-html/cil102 / chap-sum.html </li></ul>Hypertext Transfer Protocol Domain name of the Web server Directory path Web page
  4. 4. How info is transmitted? <ul><li>Forms using the GET method </li></ul><ul><ul><li>Your shipping address </li></ul></ul><ul><ul><li>In the webpage, <FORM … METHOD=“GET” … </li></ul></ul><ul><ul><li>Your address is displayed publicly </li></ul></ul><ul><ul><ul><li>http://www.some.com/shop.php?name=‘smith’... </li></ul></ul></ul><ul><ul><li>Anyone over your shoulder can read it </li></ul></ul><ul><ul><li>Since using the GET method is determined by the Web server, there is nothing you can do to avoid it </li></ul></ul>
  5. 5. How info is transmitted? <ul><li>Forms using the POST method </li></ul><ul><ul><li>Your shipping address </li></ul></ul><ul><ul><li>In the webpage, <FORM … METHOD=“POST” … </li></ul></ul><ul><ul><li>Your address is NOT displayed publicly </li></ul></ul><ul><ul><li>This does NOT mean it is safe. </li></ul></ul>
  6. 6. What info is transmitted? <ul><li>Each time you access the Web, the browser sends the following to the Web server </li></ul><ul><ul><li>The IP address of your machine </li></ul></ul><ul><ul><ul><li>Often it can identify your town or ISP </li></ul></ul></ul><ul><ul><li>The web server’s IP address </li></ul></ul><ul><ul><li>The OS you use on your machine </li></ul></ul><ul><ul><li>The browser you use </li></ul></ul><ul><li>Goto </li></ul><ul><li>http://www.cs.grinnell.edu/~walker/fluency-book/web-info.php </li></ul><ul><li>to see how much info is sent to the Web server </li></ul>
  7. 7. What are Cookies? <ul><li>Have you ever gone to a website that seemed to remember you? </li></ul><ul><li>Websites use cookies to store info about you on your own computer </li></ul><ul><ul><li>When you visit such a website, it stores info as cookies ( that appear as files ) on your computer </li></ul></ul><ul><ul><li>Next you visit the same website, your browser sends over all the cookies stored by that website </li></ul></ul><ul><li>What info is stored in cookies? </li></ul><ul><ul><li>In theory, anything the website wants to </li></ul></ul><ul><ul><li>Normally, it is about how you used the website </li></ul></ul><ul><ul><li>A website could store your id, password, etc in cookies if it has that info. </li></ul></ul>
  8. 8. What are Cookies? <ul><li>The positive side of cookies </li></ul><ul><ul><li>A Web server can use cookies to streamline and personalize your interactions with it </li></ul></ul><ul><ul><li>A browser is supposed to send cookies only to the Web server who stored them. </li></ul></ul><ul><li>The negative side of cookies </li></ul><ul><ul><li>Companies may use cookies to store info for other purposes without your permission </li></ul></ul><ul><ul><li>There are ways for a Web server to get cookies that were stored by other Web servers. </li></ul></ul>
  9. 9. What defenses against Cookies <ul><li>For the website you visit, especially, those websites you need to register, check: </li></ul><ul><ul><li>How will the company use the info you supply? </li></ul></ul><ul><ul><li>Will the company share info with others? </li></ul></ul><ul><ul><li>Can you limit access of other to this info? </li></ul></ul><ul><ul><li>What protections are in place to keep this info? </li></ul></ul>
  10. 10. What defenses against Cookies <ul><li>If you use a computer at work or school, cookies would be stored on school or company’s computer: </li></ul><ul><ul><li>System administrators or managers may read your cookies files </li></ul></ul><ul><ul><ul><li>View your organization’s privacy policy </li></ul></ul></ul><ul><ul><li>Technicians may inadvertently access your cookies, when your computer was sent for repair, for example. </li></ul></ul><ul><ul><li>Best way to protect yourself, delete cookies. </li></ul></ul><ul><ul><ul><li>Almost every browser has a function you can use to delete cookies. </li></ul></ul></ul>
  11. 11. How secure is info during transmission <ul><li>When you use the Internet, all data you put on the network is visible to computers on the same Ethernet, as discussed in Ch 8. </li></ul><ul><li>When your data need to be passed from one segment to another segment of the network, the intermediate computers can read your data. </li></ul><ul><li>Thus, info is not secure at all when transmitted on the Internet. </li></ul>
  12. 12. How secure is info during transmission <ul><li>One way to protect yourself is to encrypt info that you want to be confidential </li></ul><ul><ul><li>When data is encrypted, it can still be copied or intercepted by other computers, however, they would not know what it means. </li></ul></ul><ul><ul><li>When a good encryption is used, it may take years, decades to break the code </li></ul></ul><ul><li>When shopping (or passing private info) on the Web, make sure the website uses HTTPS protocol. </li></ul><ul><ul><li>HTTPS: Secure HTTP, which asks the browser to encrypt the data before it is transmitted and the server decrypts data upon receiving. </li></ul></ul>
  13. 13. How can one get credit card # online? <ul><li>If you don’t use encryption when you send your credit card number (via email, or the Web) on the Internet, someone may intercept the data and get the card number. </li></ul><ul><ul><li>Encrypt your email and use HTTPS </li></ul></ul><ul><li>Someone may install a keyboard sniffer, a spyware, to record every key stroke, and the sniffer sends credit card # to an accomplice site. </li></ul><ul><ul><li>Remove spyware from your computer </li></ul></ul><ul><li>Credit card companies and companies that have your credit card info may not have that info securely protected. Hackers may steal info from those companies’ computers. </li></ul>
  14. 14. How can online companies defraud me? <ul><li>If the online company (a website) is not a real company or it engages in unethical practices, you may be charged but never receive the merchandise or overcharged. </li></ul><ul><li>It is very hard to recover the charges over the Internet. </li></ul><ul><li>To protect yourself, only deal with companies with well-established reputation, like amazon.com, etc. </li></ul>
  15. 15. How can I secure my private computer files? <ul><li>Install a firewall to restrict ports that can be used for Internet communications to your computer </li></ul><ul><li>Require users of computer to have an account and password. </li></ul><ul><li>Use anti-virus software to check all incoming materials (through email, ftp, webpages) for virus and spyware. </li></ul><ul><li>Carefully monitor new programs, games and other files you bring into your system. Some programs may be vulnerable to security breaches. </li></ul><ul><li>If the operating system supports file permissions, keep your private files accessible to you only. </li></ul>
  16. 16. Does keeping a computer online comprise its security? <ul><li>Operating systems and other programs are quite complex, and thus prone to containing errors that in turn could create vulnerability. </li></ul><ul><ul><li>Software vendors monitor their products and release updates to resolve security risks and other errors. </li></ul></ul><ul><ul><li>Thus, make sure install those updates on your computer. </li></ul></ul><ul><ul><ul><li>Configure your Windows XP to download updates from Microsoft and install them on a regularly basis. </li></ul></ul></ul><ul><li>Use password, encryption, etc to protect your wireless network from unauthorized access. </li></ul>
  17. 17. Summary – chapter 12 <ul><li>When you surf to a Web page, information is sent to the site that you surf to about you, including but not limited to, your Web address, Operating System, Browser, time of day. </li></ul><ul><li>The Web page you surf to can also set cookies on your machine. </li></ul>
  18. 18. Summary (Continued) <ul><li>Cookies can be beneficial by customizing your experience at that site and making things easy. But </li></ul><ul><li>Cookies can also pass information about you to third parties including info about other places you surf. </li></ul><ul><li>Anything that you do on the Web can be traced and intercepted. </li></ul><ul><li>https is an encrypted secure protocol for browsing and should be used for all transactions which need to be secure. </li></ul>
  19. 19. Summary (Concluded) <ul><li>If your computer is connected to the internet, there is a chance that outsiders can gain access to your computer. </li></ul><ul><li>You should use a Firewall, anti-virus, password protection, and spy ware detectors to protect yourself. </li></ul>
  20. 20. Terminology <ul><li>Cookies </li></ul><ul><li>Decryption </li></ul><ul><li>Encryption </li></ul><ul><li>Form </li></ul><ul><li>Secure HTTP </li></ul><ul><li>Uniform Resource Locator (URL) </li></ul>

×