Personal (Nontechnical) Web Security

Websecurity Credit : kevindean

May be the communication between two people at two different domains (time or space) started with the paintings on the stones by our very first ancestors. Today’s complicated communication networks are way matured; yet they need to be improved to cope with growing demand. While communication networks started to become more complicated, the “end of trust era” began. With the advent of telecommunication, web and all other media, the problem turned into a global crisis; which did not hit us bad enough yet. In this article I will discuss some growing issues, controversies, and our rights.

No More “Bourne Identity”

Identity theft and Identity cloning has become more common recent days. A retired ex-army officer, whom I know, advised me to shred all my important documents. From his experience he said, he will take a maximum of 60 days to find any one’s complete bio-data just by going through the garbage bin. However, the situation is even worse when it comes to the web. For an expert hacker, it is matter of few hours to few days to figure out a person’s complete bio-data. With popularity of social networking sites and web 2.0, and 3.0, it is becoming easier. A recent study shows that only by postal code, gender and birthday it is possible to uniquely identify more than 87% individuals in North America. Any single piece of additional information significantly increases the number.

“password” is My Password

The number of incidents of password hacking is growing very fast. There are few different popular ways to hack any password. Detailed information on them is out of the scope of this article. Most of the users account usually gets hacked for the following reasons:

a) Poor password. Usually poor passwords are subject to brute force attack- specially if the user has a password which can be found in any decent dictionary or is just combination of few buttons (i.e: how many of you had ‘asdfghjkl’, “123456″ or simply the word “password” as your password?)

b) Over curiosity (about others) or greed (prize, money)- can lead a user to a trap set by a hacker. For example, in a common msn hack, a user receives a message from his/her good and trusted friend saying “Here is your pics… (some url)” or similar kind of message and the user clicks the link as s/he trusts the friend. Then while launching the page, it shows a similar page of hotmail/live and asks for the user name password. Rest is history. We all now know what happened.

c) Insecure Apps in Social Networking Sites: Popular social networking sites, which allow you to install applications, a user by installing malicious applications, which is using a loop hole of the website itself, can expose his/her user information, and/or personal critical information (with the user’s permission).

Think Before You Post:

Apparently online is the property of the whole world. Every country has its’ share on it. Few countries invoke few rules and regulation over the internet usage, rest does not have any well-defined law. Countering the crimes take place over the web is thus very difficult in most part of the world. Besides, there are some gray areas as well. If a user posts anything on a public site, s/he becomes responsible for that regardless of his/her “not-being-serious” mood.

Besides, the materials (such as pictures, videos) might be copied into different places with wrong message. Once just for fun I was googling some of my school friend’s names. Search result for one of my friends displayed me couple of urls. Surprisingly few of them were disturbing sites- where the individual’s innocent image appeared with wrong message. With the progress of web 3.0, that specific page was linked to few other disturbing sites and made it popular in the search result.

Sorry, You Are not Excused!

Stupidity is never an excuse. Any mistake is done can’t be undone. However, with time a person can be healed. It is always better to prevent than cure. As the communication media is getting complicated every day, the excuse of not knowing some thing is very understandable. Specially for young teenagers (lack of knowledge and interest, and impatience of learning in the most of cases). In one of my blog posts, a teenager was complaining about how his parents are not allowing him to open up a facebook account; and how he feels left out during conversations his friends have about facebook. I have seen facebook groups where users have posted very vulgar contents, and they are surviving for months before facebook authority finds a report filed. I am not suggesting that facebook does not have any policy against them, but for a growing company like them, it is not always easy to maintain the scale of their own growth.

We all know google does business with our personal information. Recently google has released google dashboard, where you can see all the records google kept against your gmail account. Even though they does not publish all information, at this time, this kind of approach is very welcome. There are other data warehouse giants who has information about a lot of users- and those information are crucial for any business. If you have noticed, after reading any mail in gmail box, when you go back to your inbox, on the top and side, you will see advertisement related to the topic you just read the e-mail. So, some one else is reading your private information too.

“Privacy” is the joke of 21st century. The definitions of different legal terms are explained differently as soon as a big corporations start using them. There are similar activities used to be considered as illegal when they were conducted by individuals who are better known as “hackers” in pop culture. I don’t think you would like a hacker to get your personal information; so there is no reason for you to give away your personal information to big corporations, who can use your data in wrong direction.

The ultimate question of this article would be to ask at this dawn of the “end of  trust era” how far we can go by not exposing ourselves by choice?