March 12, 2007 (Computerworld) -- The punchline to an old cartoon is "On the Internet, nobody knows you're a dog," but these days, that's no longer true.
It's easier than ever for the government, Web sites and private businesses to track exactly what you do online, know where you've visited, and build up comprehensive profiles about your likes, dislikes and private habits.
And with the federal government increasingly demanding online records from sites such as Google and others, your online privacy is even more endangered.
But you don't need to be a victim. There are things you can do to keep your surfing habits anonymous and protect your online privacy. So read on to find out how to keep your privacy to yourself when you use the Internet, without spending a penny.
What they know about you
Whenever you surf the Web, you leave yourself open to being snooped upon by Web sites. They can track your online travels, know what operating system and browser you're running, find out your machine name, uncover the last sites you've visited, examine your history list, delve into your cache, examine your IP address and use that to learn basic information about you such as your geographic location and more. To a great extent, your Internet life is an open book when you visit.
Sites use a variety of techniques to gather and collate this information, but the two most basic are examining your IP address and placing cookies on your PC. Matching your IP address with your cookies makes it easier for them to create personal profiles.
If you'd like to see what kind of information sites can gather about you, head to these two sites, which peer into your browser and report what they find.
Privacy Analysis of Your Internet Connection gathers and displays basic information, such as your operating system, screen resolution, what site you previously visited, general system setup and so on.
BrowserSpy delves even deeper into your system and even reports on whether you have certain software on your system, such as RealPlayer and Adobe Acrobat, including version information.
Here's some of the information Web sites can find out about you, as reported by the Privacy Analysis of Your Internet Connection site.
Wednesday, March 14, 2007
Tuesday, March 6, 2007
How dangerous is Skype?
March 06, 2007 (Computerworld) -- There's been a lot information -- and misinformation -- available about whether Skype is dangerous to corporate networks and individual users. How dangerous is it? In this article, I'll separate the truth from the myths when it comes to Skype vulnerabilities.
Understanding Skype's basic architecture
Skype is a peer-to-peer (P2P) application, meaning that users connect to one another directly and not through a central server for communication. Skype initially uses Internet-based servers to authenticate users when they log in and to track their status, but when a "chat" or instant message, "voice call" or "file transfer" is initiated, the parties involved in the communication do so in a P2P direct connection. If one or both of the users are behind a typical corporate Network Address Translation (NAT) firewall, the communication can be relayed through a Supernode because a direct P2P can't be established behind a NAT. In the case of a file transfer, you will see a message indicating your transfer is being relayed.
One of security professionals' primary concerns about Skype are it's so easy for a Skype client to find a way around a secure corporate firewall configuration. Skype does this by using ports 80 and 443, which are open in most firewalls to allow Web browsing. In addition, Skype may reroute traffic if the initial port assigned during the Skype installation isn't available. This makes blocking Skype at a firewall more difficult since the ports Skype uses can change as needed.
Skype also encrypts each communication with a unique AES 25-bit encryption key, meaning each communication will use a different key each time you communicate, making eavesdropping communications almost impossible.
One more thing to keep in mind about Skype security is its Supernodes, which route Skype traffic. A Supernode is a computer with a specific configuration that must have a direct connection to the Internet and can't be behind a firewall using NAT. And they must have a "real" public routable IP address. Beyond those restrictions, these Supernodes can be any Skype user computer that meets the minimum hardware and configuration requirements.
There's a lot more you can learn about Skype's security architecture. For details, visit the Skype Security Resource Center.
Understanding Skype's basic architecture
Skype is a peer-to-peer (P2P) application, meaning that users connect to one another directly and not through a central server for communication. Skype initially uses Internet-based servers to authenticate users when they log in and to track their status, but when a "chat" or instant message, "voice call" or "file transfer" is initiated, the parties involved in the communication do so in a P2P direct connection. If one or both of the users are behind a typical corporate Network Address Translation (NAT) firewall, the communication can be relayed through a Supernode because a direct P2P can't be established behind a NAT. In the case of a file transfer, you will see a message indicating your transfer is being relayed.
One of security professionals' primary concerns about Skype are it's so easy for a Skype client to find a way around a secure corporate firewall configuration. Skype does this by using ports 80 and 443, which are open in most firewalls to allow Web browsing. In addition, Skype may reroute traffic if the initial port assigned during the Skype installation isn't available. This makes blocking Skype at a firewall more difficult since the ports Skype uses can change as needed.
Skype also encrypts each communication with a unique AES 25-bit encryption key, meaning each communication will use a different key each time you communicate, making eavesdropping communications almost impossible.
One more thing to keep in mind about Skype security is its Supernodes, which route Skype traffic. A Supernode is a computer with a specific configuration that must have a direct connection to the Internet and can't be behind a firewall using NAT. And they must have a "real" public routable IP address. Beyond those restrictions, these Supernodes can be any Skype user computer that meets the minimum hardware and configuration requirements.
There's a lot more you can learn about Skype's security architecture. For details, visit the Skype Security Resource Center.
Subscribe to:
Comments (Atom)