Visit our sponsors
Aprilaire Humidifiers
Honeywell Air Purifiers
Real Estate Jobs
BlindandDrapery.com
The Best Made Window Treatments
You'll Ever Own
Network Security
Should you care?
By Daniel Eaton
If you are the least bit net savvy, you most likely have encountered secured network connections. These network connections are commonly referred to as secure socket layer (SSL). To over simplify, a private connection is established between your machine an the server you are connected to. Most of the time, the company will let you aware of that connection. You can tell if you have a secure connection. On the Netscape browser you will find an icon of a key in the lower left hand of of the screen. If the key is broken, the connection is unsecured and someone can eavesdrop on the conversation that you are having with the server. If the key is whole you have a secure connection. Someone may indeed still be listening, however the information is coded in a manner that what they see is intelligible code. Microsoft on the other hand has a lock. If the lock is closed you have a secure connection. If the lock is open, you do not.
Secure connection is generally a good thing, however it is only good at the precise time that you are talking with a secure server. What happens after that? That is the question. Follow this typical scenario. You visit a e-commerce web site and it appears like they know what they are doing. It looks reputable and you have not heard any bad press about the company. You found something that you would like to purchase. You connect to their server and the key is intact and you feel comfortable in submitting then your credit card number and other personal information. You did the right thing. It was a secure connection to a reputable company. But what happens AFTER you press the SUBMIT button. That's a good question that no one is willing to answer in their company privacy/security statement.
Ok, you pressed submit and the company now has sensitive information about you. What happens NEXT. The information may reside on the server waiting for some subsequent action. If the information is on the server, ANYONE with administrator privileges can READ the file and SEE your sensitive information. Hmmm. Do you trust the systems administrator for that company? Do you even know their name?
Another alternative is that the company may merely be an aggregator and then e-mail your information to another company. Once again, anyone with Administrator privileges can read your information, not to mention that the system may burp and send your information to someone who should never see the information in the first place. OOPS. I periodically receive loan applications that were faxed to in error of some careless secretary. E-mail is fair game. It is the policy of major corporations that the company 'owns' the e-mail and has the right to read any e-mail that comes to or through their electronic mail servers.
Do you still feel safe?
There are ways to protect your information from prying eyes. One such method is called Pretty Good Privacy, PGP for short. It is a method to encrypt your information so ONLY the intended recipient can see it, no matter if it came by a file, or through the electronic e-mail system at America Online. Although not entirely foolproof, PGP will protect your information from the majority. Anyone with a enough time, access to a super computer, and with enough knowledge could possibly break the code. I don't know of many people with a Cray super computer in their rec. room other than some powerful gentlemen at the Pentagon.
So here's the $64,000 question. How do you know what measures the company has taken to protect your personal information? You might ask, but they most likely will not tell you because they know their vulnerability. Check out the companies statement on privacy and security before you press that submit button. I cannot cite any specific instances that some used the information that they gathered covertly, but the threat does exist and can be exploited by the dark side.
Why should you care? If you are just surfing the Internet you most likely don't need to. If you are going to purchase something online with a credit card you should. If you are going to do something as sophisticated as applying for a home loan online, you should be as certain as you can.
Many companies are in a rush to get their services online and in their rush they can miss some of these important details. If you are uncertain of the business practices of the company, shop somewhere else or do business the old fashioned way, go to their retail store or shop by mail. Didn't I read something about a mailman?