On Privacy and Security: Anonymous Web Surfing, Part 1
Despite a number of high-profile attempts by members of various business, civilian and political groups to elevate the discussion on security and privacy, most internet users know very little about these topics.Despite a number of high-profile attempts by members of various business, civilian and political groups to elevate the discussion on security and privacy, most internet users know very little about these topics. Security for most users means buying a virus package from one of the major vendors and hoping the default settings are sufficient protection. Yet the casual approach to security and privacy is just what the “bad guys” are counting on. And who blames them for counting on apathy when it’s so prevalent?
While I wouldn’t go so far as to say that there are any security or privacy methods that are without flaw and perfect solutions, understanding just a little bit about these important issues can help you reduce your liabilities in a significant manner. With that in mind, I felt it might be time to talk about some of the security and privacy tools that are available for internet users. This article will start with a discussion of the privacy problems that come with surfing websites, then next time we’ll look at some solutions for anonymous web surfing. As the series progresses, we’ll cover basic security tools and routines that can help reduce your risks from threats like viruses, trojans, worms, hackers and uninvited surveillance.
Before I jump into this first topic of privacy concerns, understand that internet privacy is a somewhat technical issue. You don’t have to be a software engineer to understand at least the basic principles that I plan to discuss here today, but you do have to possess a mind that is at least somewhat open to receiving technical knowledge. For those of you who might suffer from a slight case of technophobia, all I can offer you are these words: the basic technical concepts that are required for you to properly protect your privacy from unwanted intrusions are only difficult to understand if you make them difficult to understand. If you approach these issues knowing that you can understand them, then your task will be that much easier, your knowledge gained that much more useful, and your privacy endeavors that much more successful. If you find yourself pulling out your hair then you are doing so unnecessarily. Just relax, think about what’s said, and you’ll see that these concepts are hardly advanced or complicated.
To understand how anonymous surfing is possible you first need to understand a little bit about IP addresses. For most of you, this is nothing new. Each surfer who is connected to the internet is assigned an IP address – information that is available to all websites that the surfer visits. For example, let’s assume your ISP is EarthLink. When you connect to the internet, you are assigned that IP address, which might look something like this: 203.14.5.72. Consider it your computer’s home address; it’s a means by which requested information is routed back to you. After all, if there’s no way to identify your computer from everyone else’s computers then how would you expect web pages to find their way onto your screen? It would be like trying to mail a letter without an address.
But while the IP address is a technical necessity for internet use, it also is a potential privacy risk. Let’s say you visit a website and engage in some kind of activity that results in a legal dispute. For the sake of argument, let’s say you posted a copyrighted version of a Michael Jackson song in a public forum. The website where you posted the song can identify the poster, in this case you, by his or her IP address. Of course the IP address alone is just a number and doesn’t provide the website with your name or address, but in theory if a legal dispute arose, your ISP’s records would be subpoenaed, and Earthlink would be able to match the number with a name.
Most of you probably aren’t planning on sharing on public message boards copyrighted works that aren’t yours to share. Yet being in the adult industry, your anonymity might be important to you. Most adult webmasters don’t put up signs declaring what they do for a living. Many choose to keep their heads low to avoid the pains and troubles that would accompany any public knowledge of their employment. And posting copyrighted media isn’t the only way you could get in trouble. You might want to post an anonymous message ripping your experience with a certain corporation, for example. If you can be traced then you are open to charges of libel. American companies are lawsuit happy, after all. In addition to your IP address, the websites that you visit can obtain additional bits of information that you might not want to share: for example, your general physical location (often accurate to the city), your browser and operating system software, and the URL of the website that you were viewing just prior to arriving at the new site. In other words, if you follow a link from BarnYardSluts.com to TheHolyChurch.com, the latter will know that you were engaging in “unsanctioned” activities.
I said before that the websites you visit only have your IP address and can’t place a name with the number, right? Well, that’s only partially true. Ever notice that some websites seem to “remember” you when you return after an absence? This feat is accomplished through the magic of browser “cookies.” You could of course have turned off cookies, but this is unlikely because there are legitimate uses for cookies and turning them off completely can affect the functionality of many websites. A “cookie” is a bit of information, written to a file on your hard drive, which identifies you to a website. Again, when you first arrive at a website all they have is your IP number, right? No name to go along with it. But let’s say you visit a news site that requires registration. Or maybe you visit an auction site and sign up for an account. Whatever. You provide that site – willingly – with certain bits of personal information that might even include your name, your address and your telephone number. The site then tags your “cookies” file with a unique ID. Next time you visit that website it looks at your cookies file, pulls off your ID number and knows exactly who you are… now its operators can put a name with the IP number, and any other information they manage to collect, including the last website you were visiting before you arrived on their site.
So you might read this, feel a bit rebellious and decide that it’s time to turn off cookies in your browser settings. You can do this, of course, but it’s not a practical solution for many of you. That’s because a lot of websites simply won’t operate without cookies. For example, try logging into a Yahoo email account with cookies turned off. You won’t get very far.
At this point you have a pretty good idea of some of the major privacy concerns that face webmasters. The next step is to look at the solutions. And fortunately there are solutions to the problems that I have raised here.
Next week, same bat channel.
Connor Young is Editor-in-Chief of YNOT News. He has been involved with the online adult entertainment business since 1997, and is currently a member of the Board of Directors for the Internet Freedom Association (i-freedom.org); He also serves as Editor-in-Chief of The ADULTWEBMASTER Magazine. Connor can be reached at connor@ynot.com.