Wired! Philippines All about Internet in the Philippines



Don't be exposed! Surf safely

By S (mabelle@msc.net.ph)

Privacy on the Internet has been the hot issue in the last several months or so. It is now a global concern and countries are now taking steps in either protecting or advancing privacy on the Internet.

In a recent issue of Keith Dawson's Tasty Bits from the Technology Front , it was reported that several countries in the European Union are moving one by one into liberalizing their encryption laws. This is the EU's reply to the potential threats posed by the National Security Agency's Echelon system, an electronic global surveillance network monitoring all civilian electronic communications, thus invading civilians' privacy. In Germany, moves towards exporting German encryption products have been taken.

The Internet has always been vulnerable to hacks, thiefs or snoops. Just about anyone with a computer, a modem and some knowledge on hacking can get into another person's computer and obtain information. Even though you may have nothing to hide, you still need to protect your privacy.

Let's start with your e-mail. Don't ever think that only your intended e-mail recipient is the only one who gets to read your message. E-mail is like sending a postcard -- no envelopes -- so the mailman who delivers the postcard could read whatever it is that you've written on it. Same principle with e-mail. This time, the postman is your ISP's system operator/administrator. You might contend that with the large volume of e-mail that passes through your ISP's system operator, it is very unlikely that your every e-mail would be read and snooped on. Besides, most sysops are too busy to look at each piece of e-mail that goes by him, right? Well, you have a point there but there's no harm in protecting sensitive data, such as confidential business ducuments or contracts and credit card number, whenever and if ever you intend to send them through e-mail.

Which leads us to using encryption for e-mail security. For example, you're about a thousand miles from your wife doing some business stuff and you get an e-mail from her asking you for your credit card number because she saw this kitchen appliance and she needs to buy it right away. So what do you do? Yes, you can phone her but suppose your cell phone's run out of battery and the only immediate option is for you to send the information through e-mail? Sensitive information such as credit card numbers should always be sent over a secure server. In case your server is not secure, you can still protect yourself by using encryption programs. PGP or Pretty Good Privacy is one of the best encryption programs around and it's free. It works with various operating systems and e-mail programs. For a beginner's guide guide to encryption and PGP, check out http://thegate.gamers.org/~tony/pgp.html.

Other security programs are detailed below:

Kerberos, an authentication system used to protect unsecurity networks. (http://www.pdc.kth.se/kth-krb)

MIME Object Security Services or MOSS, An extension of Multi-purpose Internet Mail Extensions (MIME) that provides authentication, integrity and confidentiality of an email message. (http://mlarchive.ima.com/pem-dev/1995/0379.html)

RIPEM or Riordan's Internet Privacy Enhanced Mail, improves the security of email by verifying the authenticity of the message sender among other things. (http://www.cs.indiana.edu/ripem/dir.html)

Speaking about credits cards, especially when you're going to use them in shopping online or buying/ordering stuff straight off the Net, the main rule here is: Send your credit card information only through a secure server. Secure servers works with your browser. If a site is secure, your browser will automatically encrypt any data that leaves your computer. The data will then be decoded once it gets to its destination. In Netscape browsers, a secure site will show a solid key in the righ bottom corner of the browser. Internet Explorer, on the other hand, will show a padlock.

Another way for you to maintain your privacy is by keeping your e-mail address private. One time or another you've gotten those chain letters, "get rich quick" e-mails, and promos and you might've wondered how on earth they got a hold of your e-mail address. Well, most likely they got a hold of your e-mail address off the Net. Some bulk mailers scan Internet mailing lists. If you're signed up in several mailing lists and the list owner hasn't blocked the list, just about any one can retrieve subscribers' names. If your mailing list is in LISTSERV, you can have the option of hiding your subscriber information. By sending the command "SET CONCEAL" to the mailing list address you used to subscribe, LISTSERV will hide your address. Also, to prevent yourself from getting spammed, only give your e-mail address to people you know and trust. It would also help if you would also inform them not to send you forwarded mails or junk mails. Finally, if all of these fail, the next time you get e-mails from the people who've been abusing your mailbox, put them in your blocked list. Your e-mail client should have a block sender function.

When you surf the Web, you can also try using a generic address or pseudonyms if you want to keep your privacy. There may be instances when you want to send an e-mail message using your browser but you don't want your real e-mail address to be revealed. You can pose as a different person with a different e-mail address by "lying" to your browser. To do this, go to the Options or Properties menu of your browser and type in a fictitious e-mail address on the set-up screen. This doesn't guarantee though that you'll have complete anonymity but if you're dodging automated or bulk mailers, this should do the trick. As for those Web forms that ask for your name before you can enter, you can type in any name. They'll never know you didn't use your real name anyways.

Lastly, if you want your conversations or messages to be truly private, there are anonymous remailers that privatize your e-mails. The principle here is that you send your message through a remailer. The remailer then removes or strip out all your identity and assigns you an anonymous ID. Only then will your e-mail message be forwarded to your intended recipient. The other person can only be able to talk or communicate with you by sending his or her reply through the remailer. If you want to know more about anonymous e-mail as well as links to remailer sites you can use, you can go to http://www.andrebacard.com/remail.html.


Articles in WIRED! Philippines are copyrighted by the authors.
WIRED! Philippines is a monthly online magazine published and hosted by KabayanCentral.com
Copyright 1999 KabayanCentral.com. All rights reserved.