Saturday, August 12, 2006

Online Security follow-up

As a follow-up to my presentation on Monday, here are a few resources you might find useful:

Additional mitigations and protections that I didn't mention in class are:

  • Automatic warnings. These are the type of security warnings you see in your Web browser as well as the Google signs mentioned in the above article.
  • Cookie software. There are some software programs you can get that will make cookies more secure. One removes cookies from the typical location on your hard drive and stores them on removable media that you can separate from the computer. Another moves cookies to an alternate location on your hard drive and encrypts them to prevent hacking.
  • Alternative e-mail. Nym servers (short for anonymous servers) obscure the origins of e-mail messages you send using a mapping scheme and various remailers (servers that remove header information, containing the origins of the e-mail, before forwarding along). Or, many people create "throw-away" e-mail accounts with Yahoo, Hotmail, or other free e-mail software and do not tie any personally-identifiable information to that account. They then use that account to access risky Web sites.
  • Vigilance/Acceptance. Two sides of the same, coin, you, as a Web user, can be super-vigilant about where and when you enter your information. You may miss out on some Web conveniences and opportunities, but you can be more sure your information is safe online. Alternatively, you can accept that some amount of your private information will be made public and this is the cost of using the Internet.

To this last point, bearcat's has a blog post talking about the fact that PII is already out there and may be more so in the future. If people begin to receive value for their PII, the "acceptance" path above may gain momentum.

posted by cyndy at 11:52 AM