Welcome to the beta of the new saila.com. Send in your bugs.
Stay in the Dark
Beat the System
In 1993, the New Yorker ran a cartoon of a dog sitting at a computer. The punch-line: "On the Internet, nobody knows you're a dog." Anonymity is one of the net's oldest myths; in reality, every time you enter a Web site, you leave your mark. As you jump from site to site, pay your bills online or visit your local portal's personalized Web page, your data shadow grows in size, depth and detail. Here's how it happens, and how you can keep from being exposed.
Server Logs
Every time you access a Web page, the server records your IP address, which is the computer's equivalent of a telephone number. The server log also registers the browser and operating system you're using, how long you spend looking at each page and what links you follow. Further analysis can reveal your city and even your email address and name. Once your OS and IP address are known, your systems' security holes can be exploited by hackers and snoopers.
Your Defence
Services such as the Anonymizer and the Lucent Personalized Web Assistant). The popular Anonymizer service is basically a portal that hides your identity while you surf. For a real wake-up call on how much a Web site administrator can find out about you, go to www.anonymizer.com/snoop.cgi.
Surf Engines
Utilities such as Netscape's What's Related and the Alexa plug-in for Internet Explorer track users from site to site and then suggest similarly themed Web pages for further travel. This click trail can later be merged with cookies and other information to create detailed user profiles. (Netscape and Alexa both say they don't create individual profiles and only use the info on an aggregate basis.)
Your Defence
Disable Netscape's What's Related (consult help files to find out how); for Internet Explorer, you can close the Alexa window, or simply don't download the software.
Registration
The personal details you're asked to provide before entering some sites is a demographic goldmine. Marketers collect most of it from subscriptions to mailing lists and sites, online product orders, software registration and users' personalizations of major portal sites.
Your Defence
Check the site's privacy statement
to ensure it keeps the information confidential. Weigh the benefits of the product or service offered against the potential for future spam.
Cookies
Web sites store bits of information on users' computers inside small text files called cookies. These record your movements around the site and other info that can be used to personalize the content for your future visits. For example, your city might be stored in a cookie by a weather site, so that every time you visit the page, you automatically get your local forecast.
Your Defence
Adjust the browser's preferences to either warn you before you receive cookies or to reject them outright. Check your browser's files to find out how it handles it. Note that doing this may disable certain features on Web sites you visit, and some sites may not even let you enter with cookies turned off.
JavaScript and ActiveX
These Web languages are used to produce dynamic content based on the user's actions, such as changing an image when a cursor moves over it. There is a wide range of security problems associated with Java, JavaScript and ActiveX. Custom-written programs, or scripts, can find out your email address or access the files on your computer. Many holes have been patched, but new ones keep appearing, such as tricking your PC into sending Windows 98 registration info to a Web site.
Your Defence
Download the most recent version of your browser, which will have most of the old security holes patched. Then check for new problems with Internet Explorer and Netscape. Adjust the browser's security settings (see your browser's help files) to disable Java, JavaScript and ActiveX content, but be warned: This could prevent some Web pages from displaying properly.
Forms
Information you enter in Web site text or checkboxes, such as your credit card or bank account number, is supposed to be confidential, but a third party could intercept it by collecting the data as it passes from your browser to the site. The form's contents could also be shared with others by the Web site administrator.
Your Defence
Send confidential information only if you have a 128-bit encrypted browser, which provides the strongest data encryption, and only over a secure Web server, which is indicated by a closed lock or key icon on your browser.
Advertising
Some online ad services use cookies and other information collected from databases to identify the user's location, viewing habits and preferences in order to pitch specific products. Web site owners may also sell information they've collected to other marketers.
Your Defence
Petition advertising and marketing folk to support strong privacy statements, and to join organizations such as the Canadian Marketing Association or Truste—a sort of Better Business Bureau of the Web. Get the Internet Junkbuster Proxy, an application that sets up a wall between your browser and the Web.
Intel's Pentium III
A processor serial number (PSN) is built into every one of Intel's latest chips. Since the number is tied to a single machine, those who learn it can track the owner's movements around the Internet.
Your Defence
Join the boycott of the Pentium III processor. Intel has made it possible to turn off the PSN, but the switch can be turned back on by crackers or an ActiveX program using specific, documented features of the Pentium III embedded software, without the user knowing. Intel's patch can also be accidentally erased when installing other programs.
For more in the way of free privacy tools, visit The Free Site's Anonymous Services.
For info on email privacy, read Ontario's Information and Privacy
Commissioner's report: E-mail Encryption Made Simple