Monday, October 27, 2008

The Internet and YOU series Part 3

     Last time, I talked about ways that you could prevent internet phishing and keep your personal information out of the wrong hands. However, there is also another way of keeping your information safe which mainly applies to using public wifi hotspots. 

     I am sure many of you have, at one point or another, brought a laptop or other device to a public area with wireless internet access (e.g. Starbucks, Barnes and Nobles, airports, hotels, etc.), and proceeded to enjoy free all-can-eat internet to your hearts content. Unfortunately, this freeness comes at a price, your security. 

     You see, when your connected to a public wifi network, your essentially connected to everyone else who is using that hotspot. And one of those people may be using readily available "packet sniffing" software. In essence, this kind of program picks up information that the other computers in the network are sending and receiving. The only way to keep these kinds of programs from reading your information is to jumble all of it up to the point of unreadability then put it back together again when it gets to your computer (kind of like a puzzle that only your computer can solve). You might be asking yourself how in the world you can do that. The answer is actually relatively simple: encryption.

     Not all website have more secure, encrypted versions of their sites, but most sites that deal with sensitive information, such as banks, will automatically have you routed to their secure page. You can usually tell if your in a secure page if a small lock appears next to your address bar in Internet Explorer, which, when clicked on, looks like this: 
Or in Safari, it will look like this (notice the little lock on the top right corner):
If a website that deals with your personal information does not route you to a secure page, you can always try changing the "http" at the beginning of the website address to "https." This will take you to the sites secure page, if it actually has one.

So, that's encryption in a nutshell! 

Happy surfing everyone!

Monday, October 20, 2008

The Internet and YOU series Part 2

     On my last post I discussed the concept of phishing. Today, I'll be explaining a little bit about how you, as a safe internet user, can prevent yourself from getting led into phishing traps and how to keep your information secure.

     The first thing you can do about phishing is to start using a phishing filter. Internet explorer 7 actually has a built in phishing filter. You can activate it by clicking on "tools" then "Phishing Filter" and click on "Turn On Automatic Website Checking...." This filter basically works by comparing the websites you visit with a list of legitimate and illegitimate websites that Microsoft updates on your computer. The only problem with this is that there have been some reports that the filter sometimes doesn't catch every phishing website since the aforementioned list of sites is sometimes not entirely kept up to date. However, this is better than nothing. If nothing else, you should always check the address bar to make sure the site your on matches what the address bar says. For example, if your on Myspace your address bar should always say "http://myspace.com/" if there is anything else before the ".com" it might be a phishing site. If your using Safari on your Mac or PC, there is unfortunately no built in filter. So, you'll just have to check suspicious site either by checking the address of the website your on, or even clearing it through a website called "Phishtank.com." It's actually pretty easy, you just go the website, and paste the address of the suspicious website into the bar with the button that says "Is it a phish?" It has a list of sites that is constantly updated and will tell you if the site is safe or not.

     There's one more option though: getting another browser. Although some people simply use the internet browser that their computer came with (e.g. Internet Explorer or Safari) there are actually many other browsing programs out there. Sometimes, these are referred to as "third-party" programs, since another entity besides the one that made your operating system (Microsoft or Apple) created the program.

     The most popular of these browsers is Mozilla Firefox. Not only is it free, but it is also several times faster and more secure than Internet Explorer and even Safari. Firefox also has a built in phishing filter that actually gets its list of sites from phishtank.com which, as I mentioned is constantly updated (unlike Internet Explorer), and it will automatically notify you when you go into a phishing site!

     So, that is how to keep your sensitive information out of the hands of nasty phishing sites! Unfortunately, this post is already pretty long, so I think I'll leave website encryption for another time. Thanks for reading everyone!

Oh, and happy surfing!!

Monday, October 13, 2008

The Internet and YOU series Part 1


So, instead of linking to a video or article today I thought I would simply explain some basics about the internet, and go through some common terminology that I am probably going to use throughout this blog. 

     The first topic I am going to cover is the one that has the most potential to affect you on a daily basis, and that is internet security. For anyone who has a myspace account or pretty much any social networking account, and especially those who manage their finances online, being safe and secure on the internet is of utmost importance. I have the feeling that most people believe that the worst thing that can happen to you on the internet is getting a virus, and that isn't too serious. Worst case scenario you have to reinstall Windows on your computer (I say windows because for Mac users, viruses are almost non-existent). The truth, however, is that one of the primary concerns on the internet right now is malicious access to your personal information. On myspace, for example, this often comes in the form of phishing. 

     So, lets say your happily myspacing along and you come up to a tantalizing link on a comment your friend sent you! It says something like "hey!! click here to see pictures of me doing craaazzzy stuff!!" and when you click on the link a new myspace window comes up and asks you to re-input your username and password in order to see the pictures of your friend. Sounds perfectly normal right? They're just asking you to confirm that it is actually you and not someone else that is going to view these pictures, right? right???

WRONG

     What has actually happened is that someone has taken over your friend's myspace account in order to send wave after wave of fake comments from it. When you clicked the link it actually took you to a page that looks exactly like myspace(sometimes even with working links) but in reality is a fake website that is meant to record the username and password you put in so that it can gain access to your account.

     This is a typical Phishing scenario. It basically entails anything that pretends to be a legitimate online entity (i.o. website, friend, etc.) in order to gain access to your personal information. This can also include e-mail phishing, which simply sends a fraudulent e-mail asking you for some kind of personal information. Just to tell you how real the threat is, my dad's PayPal account was compromised by this method, and he ended up finding over $1500 of extra spending charged to his credit card! Not good (luckily, PayPal reimbursed him).

     So, on my next blog post, I am going to explain the less obvious methods of preventing phishing(apart from not putting your information in random boxes) and I am hopefully going to begin to touch up on website encryption and packet sniffing. 

Happy surfing everyone!!

Sunday, October 5, 2008

Comcast to Place a Cap on Internet Downloads

This is the way the world ends....


     Ok, maybe a little bit too dramatic, but this is the beginning of an extremely negative trend for internet users everywhere. Comcast, after being sued for throttling the internet speeds of certain clients has decided to put a monthly 250 Gigabyte cap on internet downloads for all of its users. If you exceed the cap for two months Comcast holds the right to cancel your internet subscription.

     Basically, this means that every activity in which you retrieve information from the internet will count towards this 250 Gigabyte cap each month. This includes everything from loading web pages to downloading music from iTunes, to streaming videos from Youtube. 

     Although 250 Gigabytes is probably more than most people will ever use in a month the real problem I see with this is not going to happen now, but in the future. To begin with, people may not use the internet so much now, but a year or so from now, people's use of the internet will have increased exponentially; just as it has for years since the internet first came about. It will be a lot easier to hit that cap. Furthermore, and perhaps much more worrying, is the fact that companies may begin to start metering internet access, or charging you the more you download from the internet. This would be absolutely catastrophic to every business that depends on people visiting their sites on the internet. It will have a domino effect that ultimately destroys the internet as we know it...

     Lets just hope this doesn't happen, but if Comcast doesn't lose money from this decision, then other ISP's will begin to follow this destructive trend. Thats why I am encouraging any who use Comcast internet service to switch to another ISP that doesn't limit your internet usage (i.o. any other service, since there are no others that have put a cap on their usage yet). Personally, I use DSL from ATT, and have been very happy with their service.

Happy surfing everyone!