As of the year 2011, an estimated 65% of the world’s
population are internet
users. And although people are becoming more aware of internet security, how do
you know that someone isn’t watching your browsing patterns? Can you be certain
that your internet session is not being monitored by others on the net? Are you
sure that your personal information is safe? Although, it may be argued that
your browsing patterns and data aren’t worth much, this article will discuss
some of the techniques people use to view your internet usage and what they may
be able to do with that information. Then we will mention some ways to control
your privacy on the net.
What is Internet Privacy?
Internet privacy refers to the privacy of your personal data
on the internet. This can refer to the websites you use, the services you subscribe
to, and the data, photos and media you place in an online environment. Just as
in real life, you don’t want someone watching your every move and listening to
your every word. Although this is reasonable within context for instance you
would not mind if your peers tracked your project research patterns, but you
probably would not be too happy if your boss saw some of your ‘insincere’ comments
about him on your Facebook profile. Some of us feel uncomfortable when someone is watching your screen over your shoulder
especially when you are typing in a password or accessing a personal site. OK,
so the above mentioned examples are more of annoyances and can’t do too much
damage. But what if that data fell into the ‘wrong’ hands.
Implications
Your data can be valuable to quite a few people on the net.
Have you ever wondered why free sites such as Facebook, Twitter and Linked in
are profitable? Marketing companies are always striving to advertise to the
correct market group. With information such as likes, friends, browsing
patterns and other general information which can be acquired from social
websites and data stored on your pc, a profile of your persona can be
generated. For instance, let’s assume you like a few football teams on Facebook,
tweet about your team’s results, browse football websites. A sports based
company can target you and have specific football related adverts popup on your
Facebook page, Google results and everyday websites. Although some people may
argue that this can be convenient. To see just how your browsing data can be
tracked, get the collusion Firefox add-on. I’ve been using the Collusion for some time
and below you can see what data is being shared amongst websites.
 |
| Above is some of the websites that exchanged data information with Google |
 |
| The above image shows the site visits that Twitter is aware of. |
But let’s step it up a notch. Say that websites begin to
filter data based on your personal information. What if your age, political or religious views
start to affect your browsing experience? Your right to information is being
revoked without your knowledge. Still ok? What if your personal comments photos
or browsing sites become a contributing factor to losing your social
status, job, family and friends? There’s a strong possibility that most
people have aspects of their personal life that they want to keep secret. This becomes a major issue when money is
involved. It is a real threat that banking information is being stolen and
money is being embezzled. Is it safe to trust websites without personal data?
How do they do it?
Social websites are usually the source of privacy concerns
because people share so much of their personal information with these websites. So for the
right price, marketing companies can buy your data from these websites. That’s why
sites like Facebook and Twitter are profitable. Another technique of tracking
your data is by looking directly on your personal computer. Whenever, you visit
a website, a small file is saved on your computer functioning as the website’s
personal storage space. This storage file known as a cookie, stores information
about your sessions such as your identity, pages viewed and other general information.
Usually this would help make your browsing experience more convenient, for
example, being able to authenticate you without having to re-login or restore
you’re shopping cart items from your previous session. But these cookies can
also be seen accessed by other websites that you visit and thus be used to
profile you.
One of the more popular and profitable techniques is phishing.
Phishing is a process whereby the victim is fooled into providing their
personal information under the false pretenses that they are making that
information available to a trustworthy source. Phishing scams are usually distributed
via email posing as your personal bank, a service or a friend in need. The
email and sites that are linked to would usually look identical to the original
sites, and people don’t know they are being scammed. Banks have tried
to combat this by implementing SMS authentication where a user receives a code
to their mobile device which authenticates the session. But even this can be circumvented
by scammers.
One of the other techniques reserved for the con artists of
the digital world is social engineering. Social engineering is a scam whereby the
attacker will impersonate a person and gain access to that persons private data
by manipulating external people into thinking that they are interacting with
the victim. Wired.com’s senior writer
Mat Honan was recently a victim of a major
hack whereby the attackers were able to use personal information acquired from
one site and authenticate his account on another site and ultimately wreak havoc
on his digital life. Hackers were able to access his Apple account using
billing information (acquired from a simple whois)
and the last 4 digits of his credit card. The credit card information was acquired
from Amazon whereby the hackers impersonated the victim and took advantage of
some security procedures to acquire the digits. In the space of minutes hackers
had all the information necessary to reset his Google and Twitter accounts as
well as wipe clean his laptop and iPhone.
Although the Apple and Amazon may have not followed policies in place as
they may have ignored some key security questions and other security policies, the
Wired.com staff were able to replicate the hacks after the incident.
Finally, viruses, malware (malicious software) and Trojans are
being developed with the purpose of stealing personal information. Key loggers
are applications that log every single keyboard stroke the user makes. They are
usually installed via Trojans and other malware. Hackers are able to then
review your strokes and identify personal information such as, mobile numbers,
conversations banking details and so on. This is also known as spyware which is
malware that records user information without users consent. The SMS
Authentication can be spoofed by a program that re-routes the traffic to the
hacker’s servers thus functioning normally but instead using the hacker’s system.
How to control your privacy and information
There are a few technique internet users can deploy to help
control the use of their private data as well prevent being victimised.
Don’t disclose personal information unless you can verify
the site. A simple Google search can tell if a site is malicious or not. On a
related note avoid logging into that site using your social network services. This will just give the website more
information on you as well as provide links to your accounts which can be compromised.
Use 2 step authentication techniques or authenticator apps
if possible. These will normally require more information than a password and
take a slightly longer time but they make it more difficult to get access to
your data. Authenticators apps provide a 1 time pin code that expires after use
or a certain time so if someone gets a hold of it, it is fairly useless.
There are browser add-ons available such as PrivacyFix that allows you to view
the data that you are sharing and change it according to your personal preferences.
Another program available for your browser
is Disconnect. This application blocks
tracking cookies from Facebook, Google, Twitter, Digg, and Yahoo as well as
preventing access to browsing or search history from third party sites that you
may visit.
Restrict your privacy settings on your social networks (such
as Facebook).
Also do not accept invites from people you don’t know as they may not have good
intentions.
Keep your operating system, programs and antivirus updated.
New security updates come out daily which prevent data leaks and hacks as well
as identifying Spyware and other malware.
Make sure that when accessing websites requiring personal
data have a security certificate and the correct website address is in the
address bar.
Conclusion
The state of the internet, social media and web trends mean
that privacy has become a fallacy. Most internet providers and governments have
gateways that allow you to access the net. So your data and information will be
visible to someone. You have the ability to control what can be seen and it is
important for people to research and acknowledge the threats of identity theft,
hacks and other attacks associated with personal information.
Further Reading
Very nice post Mr Claudio!
ReplyDeleteMr Fanie... Thank you
ReplyDeleteI've just discovered duckduckgo.com, a search engine with privacy. Nice post.
ReplyDelete