Security on the Net: A Guide to Common Issues

With more and more people pouring onto the Net daily, many of them uninitiated in the behind the scenes workings of most Internet systems, there is a growing sense of disquiet regarding the level of security that exists.

The Internet represents fantastic opportunities for increasing your productivity, expanding your horizons, and enhancing your ability to communicate and manage information. But there are some essential concepts you should at least be familiar with, and security is one of them. An informed user is the best defense against unauthorized activity.

Also, for many people conducting business on the Internet today, there is a real need to educate their visitors and customers about various security issues, to make them more comfortable using the Internet in their daily lives. Therefore, we have developed and made available for anyone to use on their website a complete Special Report which explains common security issues. To receive the expanded version of this article, mailto:Guide6@WorldWideGuide.com ; feel free to use the report on your website (please cite us as the copyright holder, and provide a courtesy link to our website at http://www.worldwideguide.com/ )

Essentially, there are three separate issues relating to security on the Internet:

  1. Internet Commerce Security (credit card security)
  2. Personal Information Security (related to use of 'cookies')
  3. System and Data Integrity Security (Virus protection)

Some people would also include the issue of preventing their children from viewing undesirable content on the Net in this subject heading, but in my opinion, that subject is not a security issue, but a matter of personal taste and parental control. There are plenty of software solutions available to permit parents to filter the content obtainable by their children. For more information on this subject, visit

http://guide-p.infoseek.com/Internet_content_filters

 

Let's start be discussing the most obvious concern of consumers just starting to explore the many possibilities in Cyberspace: using Credit Cards to make purchases.

Credit Card Security on the Net

First of all, understand that there secure ways to use credit cards on the Internet, and there are insecure ways (what do you know, just like in the real world!).

When shopping on the Net, never submit your credit card number in a fill-out form field unless you are using one of the following options:

Secure Servers How can you tell if you are using a Secure Server? In Netscape Navigator (the most popular browser, in terms of number of people using it), a broken gray key in the lower left hand corner of the frame is typically present during most sessions. When you are on a Secure Server site, this key changes to a blue, unbroken key. Also, a blue border appears on the top edge of the frame.

In Microsoft Internet Explorer, the signal that you are on a Secure Server is a padlock located in the lower right hand corner.

In either case, the site your are on, represented by the URL in the address box at the top of the screen, should start with https:\\ instead of http:\\ . The 's' is, of course, for a Secured Server.

Credit Card Proxies Credit Card Proxies are systems which have been established to give you greater control over your data integrity. They offer you a single point of contact for giving out your credit card, instead of having to give it out to every website you visit and from which you make purchases. They are all slightly different, very effective, and highly recommended for anyone concerned about this issue.

First Virtual : http://www.fv.com/

The First Virtual system is designed for low- to medium-priced sales of 'soft' items, such as computer software, data or information purchases, and other types of intangible merchandise that can be delivered over the Internet. This system is not designed to be used for 'hard' item sales, such as mopeds, desks, or bound books.

DigiCash : http://www.digicash.nl/

DigiCash is a unique currency system, operating like a 'gas tank' that can be 'filled' with purchasing power. In this system, you purchase "CyberBucks" from any bank that belongs to the DigiCash system, using either your credit card, or wire transfer.

CyberCash : http://www.cybercash.com/

CyberCash, a system promoted by the CyberCash Corporation, also uses specialized software on the merchant and customer's sides of the connections to provide for secure payments across the Internet.

SET

SET, or Secure Electronic Transaction protocol, is a developing open standard for processing of credit card transactions over the Internet, created jointly by Netscape, Microsoft, Visa and Mastercard.

Personal Information Security

Another area for debate involves security for personal information. Many people are concerned about privacy issues, and there are numerous urban legends about unscrupulous companies invading a web surfer's computer, and extracting all kinds of personal data from their hard drives. These stories are highly exaggerated and often false. The truth is that many companies use a technology called 'cookies' to enhance your interaction with them via their website. And this use of technology is almost universally benign.

Cookies are files which are created on your system to store information about a relationship that you have initiated with someone (or someplace) on the Web. The type of information is varied - it could be as simple as your name and password used to enter a restricted site, or it could be a complete demographic file that you completed when ordering something from a website.

It's important to note what cookies can and can not do. To begin with, cookies can only provide information of two kinds; either personal information that YOU provided to the website on your last visit, or website information that the website owner knows, such as which ads you saw on your last visit. This session information is by far the most prevalent use for cookies on the Internet today.

A cookie can not examine other files on your computer, and provide other information contained on your system. They are NOT able to locate and pass on your credit card information, your e-mail address, or the steamy letter you wrote to your significant other during that business trip out of town last summer! Note that a cookie might have your credit card number and e-mail address - IF you entered that information on a form at someone's website. That's the only way personal information can get into a cookie.

Cookies can not deliver viruses to your PC, or deliver programs that sneak in and operate themselves without your knowledge (sometimes referred to as Trojan Horse programs).

A cookie can not track all the sites you visited in a session, although it can track all the pages you visited on a particular website.

If you are interested in further control of cookies, you will probably want to check out ZDNet's CookieMaster, or Cookie Pal, both located at http://www.hotfiles.com/ , and both available for free download (Pal is $15 if you decide to keep it, Master is free regardless).

Both of these excellent utilities give you even greater control and access to information about cookies which are flying at your computer from many of the sites you visit online.

 

Virus Protection

What are computer viruses? How concerned should you be that you will 'catch' one while surfing the Net, and that it will destroy your computer system, and everything on it? What steps should you take to ensure that you are protected from the possible effects of a computer virus?

A virus is a malicious piece of programming which someone with too much time on their hands has written and released into the computer environment, either through online means, such as bulletin boards, or through hard media, such as infected disks. The virus code replicates itself wherever it can and then delivers its 'payload', which can range from the amusing (pop-up messages or pictures that ostensibly do no harm), to the wicked, such as re-formatting your hard drive, erasing all data therein.

What specifically should you do to protect yourself from the possibility of a computer virus? Whether you are connected to the Internet or not, you should protect your system and your work from viruses, to prevent their spread. Here are some simple, common steps everyone should take:

1. Backup all of your essential programs and data files onto protected media, such as tape drives or ZIP(r) disks. This simple act alone eliminates 99% of the threat of any virus, which is destruction or alteration of your data. VIRUSES CAN NOT DESTROY HARDWARE, i.e., 'break' your modem, your keyboard, or your hard drive. They can only affect SOFTWARE, including data files. Scheduled backups protect your data against virus activity.

2. Obtain and install a commercial or shareware Anti Virus Protection Software package, and update it regularly. There are multiple 'brands' of virus protection available. Picking one suitable for your needs is a matter of research and personal taste. Visit www.yahoo.com, and search for "virus" in the "Computer Software" section. Or visit
http://www.yahoo.com/Computers_and_Internet/
Software/Reviews/%20Individual/System_Utilities/Utilities/Anti_Virus/

for links to reviews of popular anti virus programs.

3. Only download software from sites you know and trust.

4. Scan all floppy disks before using them on your computer. Don't assume that your best friend won't infect you when he sends you a data file on disk - he may be unaware that he has the virus.

5. Don't repeat virus warnings without first consulting an expert with no vested interest in the spread of viruses, such as Rob Rosenberger's excellent site at http://kumite.com/myths/ .

The bottom line is that computer viruses are real, but can be easily protected against with a sensible approach such as the one outlined above. When weighed against the many benefits of being a member of the Internet community, the real or imagined threats of viruses shrink to insignificance.