1 / 15

The World-Wide Web

The World-Wide Web. Why we care?. How much of your personal info was released to the Internet each time you view a Web page? How secure your personal (credit card) info is moved from your browser to the Web server?. How info is transmitted?. Uniform Resource Locator (URL)

kotter
Download Presentation

The World-Wide Web

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The World-Wide Web

  2. Why we care? • How much of your personal info was released to the Internet each time you view a Web page? • How secure your personal (credit card) info is moved from your browser to the Web server?

  3. How info is transmitted? • Uniform Resource Locator (URL) http://www.cs.uofs.edu/~bi/2005f-html/cil102/chap-sum.html Hypertext Transfer Protocol Directory path Domain name of the Web server Web page

  4. How info is transmitted? • Forms using the GET method • Your shipping address • In the webpage, <FORM … METHOD=“GET” … • Your address is displayed publicly • http://www.some.com/shop.php?name=‘smith’... • Anyone over your shoulder can read it • Since using the GET method is determined by the Web server, there is nothing you can do to avoid it

  5. How info is transmitted? • Forms using the POST method • Your shipping address • In the webpage, <FORM … METHOD=“POST” … • Your address is NOT displayed publicly • This does NOT mean it is safe.

  6. What info is transmitted? • Each time you access the Web, the browser sends the following to the Web server • The IP address of your machine • Often it can identify your town or ISP • The web server’s IP address • The OS you use on your machine • The browser you use • Goto http://www.cs.grinnell.edu/~walker/fluency-book/web-info.php to see how much info is sent to the Web server

  7. What are Cookies? • Have you ever gone to a website that seemed to remember you? • Websites use cookies to store info about you on your own computer • When you visit such a website, it stores info as cookies (that appear as files) on your computer • Next you visit the same website, your browser sends over all the cookies stored by that website • What info is stored in cookies? • In theory, anything the website wants to • Normally, it is about how you used the website • A website could store your id, password, etc in cookies if it has that info.

  8. What are Cookies? • The positive side of cookies • A Web server can use cookies to streamline and personalize your interactions with it • A browser is supposed to send cookies only to the Web server who stored them. • The negative side of cookies • Companies may use cookies to store info for other purposes without your permission • There are ways for a Web server to get cookies that were stored by other Web servers.

  9. What defenses against Cookies • For the website you visit, especially, those websites you need to register, check: • How will the company use the info you supply? • Will the company share info with others? • Can you limit access of other to this info? • What protections are in place to keep this info?

  10. What defenses against Cookies • If you use a computer at work or school, cookies would be stored on school or company’s computer: • System administrators or managers may read your cookies files • View your organization’s privacy policy • Technicians may inadvertently access your cookies, when your computer was sent for repair, for example. • Best way to protect yourself, delete cookies. • Almost every browser has a function you can use to delete cookies.

  11. How secure is info during transmission • When you use the Internet, all data you put on the network is visible to computers on the same Ethernet, as discussed in the Network chapter. • When your data need to be passed from one segment to another segment of the network, the intermediate computers can read your data. • Thus, info is not secure at all when transmitted on the Internet.

  12. How secure is info during transmission • One way to protect yourself is encrypt info that you want to be confidential • When data is encrypted, it can still be copied or intercepted by other computers, however, they would not know what it means. • When a good encryption is used, it may take years, decades to break the code • When shopping (or passing private info) on the Web, make sure the website uses HTTPS protocol. • HTTPS: Secure HTTP, which asks the browser to encrypt the data before it is transmitted and the server decrypts data upon receiving.

  13. How can one get credit card # online? • If you don’t use encryption when you send your credit card number (via email, or the Web) on the Internet, someone may intercept the data and get the card number. • Encrypt your email and use HTTPS • Someone may install a keyboard sniffer, a spyware, to record every key stroke, and the sniffer sends credit card # to an accomplice site. • Remove spyware from your computer • Credit card companies and companies that have your credit card info may not have that info securely protected. Hackers may steal info from those companies’ computers.

  14. How can online companies defraud me? • If the online company (a website) is not a real company or it engages in unethical practices, you may be charged but never receive the merchandise or overcharged. • It is very hard to recover the charges over the Internet. • To protect yourself, only deal with companies with well-established reputation, like amazon.com, etc.

  15. Cookies Decryption Encryption Form Secure HTTP Uniform Resource Locator (URL) Terminology

More Related