Presentation is loading. Please wait.

Presentation is loading. Please wait.

The World-Wide Web. Why we care? How much of your personal info was released to the Internet each time you view a Web page? How much of your personal.

Similar presentations


Presentation on theme: "The World-Wide Web. Why we care? How much of your personal info was released to the Internet each time you view a Web page? How much of your personal."— Presentation transcript:

1 The World-Wide Web

2 Why we care? How much of your personal info was released to the Internet each time you view a Web page? How much of your personal info was released to the Internet each time you view a Web page? How secure your personal (credit card) info is moved from your browser to the Web server? How secure your personal (credit card) info is moved from your browser to the Web server?

3 How info is transmitted? Uniform Resource Locator (URL) Uniform Resource Locator (URL) http://www.cs.uofs.edu/~bi/2005f-html/cil102/chap-sum.html Hypertext Transfer Protocol Domain name of the Web server Directory path Web page

4 How info is transmitted? Forms using the GET method Forms using the GET method –Your shipping address –In the webpage, <FORM … METHOD=“GET” … –Your address is displayed publicly http://www.some.com/shop.php?name=‘smith’... http://www.some.com/shop.php?name=‘smith’... –Anyone over your shoulder can read it –Since using the GET method is determined by the Web server, there is nothing you can do to avoid it

5 How info is transmitted? Forms using the POST method Forms using the POST method –Your shipping address –In the webpage, <FORM … METHOD=“POST” … –Your address is NOT displayed publicly –This does NOT mean it is safe.

6 What info is transmitted? Each time you access the Web, the browser sends the following to the Web server Each time you access the Web, the browser sends the following to the Web server –The IP address of your machine Often it can identify your town or ISP Often it can identify your town or ISP –The web server’s IP address –The OS you use on your machine –The browser you use Goto Goto http://www.cs.grinnell.edu/~walker/fluency-book/web-info.php http://www.cs.grinnell.edu/~walker/fluency-book/web-info.phphttp://www.cs.grinnell.edu/~walker/fluency-book/web-info.php to see how much info is sent to the Web server

7 What are Cookies? Have you ever gone to a website that seemed to remember you? Have you ever gone to a website that seemed to remember you? Websites use cookies to store info about you on your own computer Websites use cookies to store info about you on your own computer –When you visit such a website, it stores info as cookies (that appear as files) on your computer –Next you visit the same website, your browser sends over all the cookies stored by that website What info is stored in cookies? What info is stored in cookies? –In theory, anything the website wants to –Normally, it is about how you used the website –A website could store your id, password, etc in cookies if it has that info.

8 What are Cookies? The positive side of cookies The positive side of cookies –A Web server can use cookies to streamline and personalize your interactions with it –A browser is supposed to send cookies only to the Web server who stored them. The negative side of cookies The negative side of cookies –Companies may use cookies to store info for other purposes without your permission –There are ways for a Web server to get cookies that were stored by other Web servers.

9 What defenses against Cookies For the website you visit, especially, those websites you need to register, check: For the website you visit, especially, those websites you need to register, check: –How will the company use the info you supply? –Will the company share info with others? –Can you limit access of other to this info? –What protections are in place to keep this info?

10 What defenses against Cookies If you use a computer at work or school, cookies would be stored on school or company’s computer: If you use a computer at work or school, cookies would be stored on school or company’s computer: –System administrators or managers may read your cookies files View your organization’s privacy policy View your organization’s privacy policy –Technicians may inadvertently access your cookies, when your computer was sent for repair, for example. –Best way to protect yourself, delete cookies. Almost every browser has a function you can use to delete cookies. Almost every browser has a function you can use to delete cookies.

11 How secure is info during transmission When you use the Internet, all data you put on the network is visible to computers on the same Ethernet, as discussed in the Network chapter. When you use the Internet, all data you put on the network is visible to computers on the same Ethernet, as discussed in the Network chapter. When your data need to be passed from one segment to another segment of the network, the intermediate computers can read your data. When your data need to be passed from one segment to another segment of the network, the intermediate computers can read your data. Thus, info is not secure at all when transmitted on the Internet. Thus, info is not secure at all when transmitted on the Internet.

12 How secure is info during transmission One way to protect yourself is encrypt info that you want to be confidential One way to protect yourself is encrypt info that you want to be confidential –When data is encrypted, it can still be copied or intercepted by other computers, however, they would not know what it means. –When a good encryption is used, it may take years, decades to break the code When shopping (or passing private info) on the Web, make sure the website uses HTTPS protocol. When shopping (or passing private info) on the Web, make sure the website uses HTTPS protocol. –HTTPS: Secure HTTP, which asks the browser to encrypt the data before it is transmitted and the server decrypts data upon receiving.

13 How can one get credit card # online? If you don’t use encryption when you send your credit card number (via email, or the Web) on the Internet, someone may intercept the data and get the card number. If you don’t use encryption when you send your credit card number (via email, or the Web) on the Internet, someone may intercept the data and get the card number. –Encrypt your email and use HTTPS Someone may install a keyboard sniffer, a spyware, to record every key stroke, and the sniffer sends credit card # to an accomplice site. Someone may install a keyboard sniffer, a spyware, to record every key stroke, and the sniffer sends credit card # to an accomplice site. –Remove spyware from your computer Credit card companies and companies that have your credit card info may not have that info securely protected. Hackers may steal info from those companies’ computers. Credit card companies and companies that have your credit card info may not have that info securely protected. Hackers may steal info from those companies’ computers.

14 How can online companies defraud me? If the online company (a website) is not a real company or it engages in unethical practices, you may be charged but never receive the merchandise or overcharged. If the online company (a website) is not a real company or it engages in unethical practices, you may be charged but never receive the merchandise or overcharged. It is very hard to recover the charges over the Internet. It is very hard to recover the charges over the Internet. To protect yourself, only deal with companies with well-established reputation, like amazon.com, etc. To protect yourself, only deal with companies with well-established reputation, like amazon.com, etc.

15 Terminology Cookies Cookies Decryption Decryption Encryption Encryption Form Form Secure HTTP Secure HTTP Uniform Resource Locator (URL) Uniform Resource Locator (URL)


Download ppt "The World-Wide Web. Why we care? How much of your personal info was released to the Internet each time you view a Web page? How much of your personal."

Similar presentations


Ads by Google