Home » Safe Computing Tips » Safe Computing Practices

Safe Web Practices

Posted November 27th, 2007 by Steve

For anyone who has been using the Internet for a while, will come to the conclusion that it is a great place to be. You can chat online, shop online, play online games, read news, watch videos, download music and movies, participate in auctioning, buy and sell stuff on eBay, do your emailing, get online training, etc. The list goes on and on. It can get addictive, if one is not careful. Being a computer professional, I just can't imagine a life without the Internet now, even though I have been through the time when the Internet hasn't come on the scene. I use the Internet daily, just as a non-computer professional does too, I'm sure. Like it or not, it is part of our modern society.

With so much activities going over the Internet, how safe really is it for you and for your family? What kinds of potential risks are there for a user? And what precautions can you take to help protect you and your family in the cyber world? I have compiled a list of practices that hopefully may be of some help to you.

Protecting your privacy online
With millions of users worldwide, you can be sure that there will be people out there somewhere who is working hard attacking your privacy by gathering your personal information. Whether it be hackers or the marketing groups, getting hold of your personal information and profiting from it is big business. Understanding some of the ways how they do this may help you avoid the traps out there.

  • Don't reveal personal information unnecessarily

    As kids growing up, one of the first thing the adults teach you is not talk to strangers. Likewise on the Internet do not reveal any personal information to strangers or friends you have just met. It is easy to make "friends" over the Internet, especially with the explosion of social networks all over the Internet. In real life, are these friends really who they portray themselves to be? Do not share your private information to someone you just met over the Internet. Also be wary of having face-to-face meeting. If you still want to, do it in a highly public place, or even bring along a friend. There are lots of predators out there especially for kids and young adults. Do not be naive about these things, and you will avoid mishaps.

    If you have your own personal website or blog site, avoid posting information like full name, private email address, place of employment, phone number, and street address , etc. Teach your children to get your permission first before they can give out their name, address or other information about themselves or the family, to anyone on the Internet. Make sure they understand the dangers out there, and it wouldn't do any harm to reminder them periodically.


  • Get a separate email account for your personal emails
    Personal emails should be communicated via personal email addresses. Email sent from work accounts is likely to be an open book to their employers. Your boss has a legal right at any time to read any correspondence done in this company provided email account or on your work computer. A copy of any email you send or received via the work email address is usually stored/archived on your employer's server computer. Even if you send emails from home using the work account, it still go through the company's mail server. With so many free email service now available, it is easy to sign up a web-based email account, such as gmail, MSN or yahoo mail (yes, there are many other services other than these three). With such services, you can send or receive your personal mail without going through your company's mail server, hence protecting your privacy.

  • Keep a clean personal email address
    It is a good practice to keep your personal email address as private as possible, using it only with known trusted individuals. Use secondary email address(es when emailing to unknown parties; posting to newsgroups, mailing lists, chat rooms and other public spaces on the Internet. Email addresses that are posted in public spaces like forums, newsgroups, mailing list can be easily targeted by spammers and added to their list of targets. If your public "secondary address gets spammed enough to become annoying, you simply terminate it and start a new one. If you are "required" to give an email address to register with a site (and the address will not be used to receive some kind of access code they send you), you can use "someuser@example.com". (example.com is a reserved site, set up by the Internet standards to be used as an example that will never accidentally coincide with anyone's real e-mail address.)

  • Check out the password system on new websites

    Make it a habit that whenever you sign up with a new website, be sure to test out its password system to determine whether passwords are encrypted on their database. If the passwords are stored in plain text in the database, it is a big potential risk that whoever have access to the database from that company will also be able to see all the passwords on file in plain text. If you are one of those who out of convenience, recycle your username and password (using the same on different websites), you may be in for a rude surprise.

    To test whether the site has password encryption in place, always choose a temporary password when signing up for a new site. After you have successfully registered yourself, click the "forgot my password" link (most site provide this), and see how they handle this situation. A good site will either send you a temporary random password to your email address or email you a link to go to reset your password. If the site sends you your original password in the email, that only says that the site does not use password encryption or uses poor encryption method. Once you are satisfied that the site properly encrypts your password for storage, you can then proceed to change that original temporary password to something you can remember better.


  • Make sure that online forms are secure
    If you need to send private information to a website using the online forms they provide, make it a habit to verify that the site is indeed secure. For example at the login page, online payment form, forms asking for social security numbers, credit card numbers, etc (I'm talking about legitimate websites here, such as your financial institutions, brokerage, etc). To determine whether the site is secure, look at the URL address in the address box in your browser. A non-secure site begins with a http:// whereas a secure site will have a https:// in front of the url. Or in some browsers, they will show a lock icon at the bottom status bar of the browser to symbolize that it is a secure site for that transaction. By secure, we mean that the information that you are transmitted will first be encrypted before it is transmitted over the network (such as the Internet), and be decrypted once it arrives at the destination. Anyone intercepting the information between the source and the destination, will not be able to read it, unlike the non-secure site where the information transmitted will be in plain text.

  • Clear your memory cache after browsing
    What is the memory cache? Every time you browse a website, copies of the pages you visited are stored on a specific area on your hard drive. And this is refer to as the memory cache. The purpose for this is that subsequent visits to the same pages will be loaded from your memory cache, hence making it faster to display on your browser. This is especially true for images and pictures. You can delete these files in the memory cache, simply by going to your Preference section where there is a button for emptying cache. The location of this button depends on which browser you use. In Firefox, it is Tools, Clear Private Data. In Internet Explorer, it is Tools, and Clear History. Since I use Firefox, I'll explain what Clear Private Data does. More than just delete your cache files (which we just talked about), it also delete other information pertaining to your browsing activities, such as your Browsing History, Download History, Cookies, Saved Passwords, and authenticated session. Now these private data could reveal quite a bit about your activities and private information. Therefore deleting them, especially when you use someone else's computer or a public computer, is a habit you should get into.


  • Keep your e-mail private, use encryption!
    You send /receive an email. It should be pretty private, isn't it, afterall it goes from your computer to the recipient on the other end within seconds? Not quite. Firstly your email message must travel from your computer to your own mail server. Then the mail is routed from your mail server to the other party's mail server and finally to the recipient. Even though by count, it is only 3 hops to the recipient. But in reality, your email message could have hop over many other servers on route to its final destinations. Second thing you need to know is email data is sent in plain text (no encryption). That means if I can intercept your mail between your computer and your recipient, then I am able to read your mail without much effort. So if in your email are references to account numbers and password, they can be intercepted by someone who is actively trying to mine information from the network traffic.

    So, if you want to have good privacy, to protect your email from prying eyes, you can encrypt your email message prior to sending and your recipient will need to decrypt the message using the key you gave him/her. Some e-mail programs have encryption features built-in. Or you can use popular encryption software, such as the Pretty Good Privacy (PGP), which is free for non-commercial use. The international version could be downloaded here or for more information here.


  • Periodically delete cookies
    Most websites use cookies to store information related to your visit to their site. Quite often cookies are used to track your online activities for marketing purposes. At other sites, they may store your password in the cookies. If you are concerned about your privacy, then periodically clean/delete your cookies that are stored on your hard drive. All browsers allow you to delete cookies, some do it better than the others.

  • Beware of sites that offer prizes or some sort of reward...
    Usually in exchange for your contact information or other personal details. Some gather this information for direct marketing purposes while others sell it to other marketers. That's how you ended up getting junk mail, whether via email or the regular mail. One common ploy is using sweepstakes and contests to get your information, claiming that they use this to contact you in the event you win the sweepstakes. What you ended up winning is a flood of junk mail arriving at your mailbox.

  • Do not reply to spammers, for any reason at all.

    We are all tired of spam unsolicited emails, and they keep coming. Sometimes it amazes me that no matter how hard I tried to protect my private email address, they still managed to get hold of it to send spam mail. One thing you must not do for any reason at all is to reply to them to ask them to take your address of their mailing list. They usually include that line at the end of their spam mail, that you can remove yourself by replying to the mail with the word REMOVE in the subject line. Some are genuine, such as forum mailing list that you subscribe to. For unsolicited mail, don't do it because doing it will confirm to them that your email address is a "live" one, that is being read by a real person. What follows would be that you find yourself on more spammers' lists in no time. The best way to treat spam mail is deleting them.

    One other thing to make sure is that your email program is not configured in its setting to automatically honor return receipt requests. Again that confirms that your email address is a live one.


‹ Protect Your Laptopup

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
2 + 17 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.