Security On The Internet

by Bob Seidel

Continuing to answer my wife's questions about Internet security from last week, let's now get into the security aspects of the Internet.

Since most web pages on the WWW (World Wide Web) are static, there is usually very little harm in accessing any web page - you are merely viewing a presentation that someone has created. But, hold on, there are some complications.

First of all, there are things called Java Applets and ActiveX controls. There are little programs that the web page designer puts into the web page to give it enhanced graphics or interaction with you. These are usually benign, but there are known cases of rogue applets or controls. The best way to handle these situations is to install a software firewall, such as Norton Personal Firewall (or Norton Internet Security, which also contains the virus checker), or Zone Alarm. If you set these up properly, they will ask you what to do whenever an applet or control is used in a web page you are reading. If you expect and trust the website, go ahead - otherwise opt out.

Web pages also spy on you in various ways. The primary is to create something called "cookies", which are small pieces of information that can be stored about you and used later. For example, if you buy a science fiction DVD, they may store a cookie that says you like SF DVDs and prompt you later to buy more. Norton Personal Firewall can also manage cookies, and there are lots of other cookie managers available.

Another thing to avoid doing is giving out any personal information on a web page that you don't want to. If you are ordering products on the Web you may supply your credit card number and other information pertinent to ordering if the site is secure (look for the locked padlock icon towards the bottom of the window). But there is no need, for example, for a website to request your social security number (SSN).

E-mail is fairly secure, but again you should never put anything in an e-mail that you would not want somebody (besides the intended receiver) to read. Certainly I would not put in any important personal information such as your SSN. E-mail can in theory be intercepted and also you may sometimes slip and send an e-mail to a larger distribution list than you intended; this can often be very embarrassing!

Chat groups and instant messaging have by far the most potential for exposing your security. Be aware of what chat groups you use and avoid any conversation that starts to get personal or ask for unneeded information. You may think you are chatting with your new online friend from Kentucky, but that actually turns out to be someone entirely different. My personal advice would be to ignore chat groups and open invitation instant messaging - only chat with people you know (friends or relatives, etc.) and avoid the open chat rooms.

Newsgroups are not much of a security issue, providing that as above you do not put on any personal information. But newsgroups do expose your e-mail ID to the world; they are the source of most of the spam e-mail that occurs - i.e. they get your email ID from public newsgroups that you use. You may want to use an alternative e-mail ID when accessing newsgroups, or scramble your ID in such a way that someone viewing it will unscramble it easily, but a computer program mailer would not. For example, instead of using mom@myhome.net you would use mom@REMOVETHISmyhome.net.

Like anything else in life, a little common sense goes a long way.

(Bob Seidel is a local computer consultant in the Southport / Oak Island area. You can visit his website at www.bobseidel.com or e-mail him at bsc@bobseidel.com).