Most internet browsers cache what site you last visited and offers that information to the next site you go to. It is called an HTTP Referrer. This information is used for website statistics and demographics. This information could potentially be used for nefarious reasons. The company GRC makes the well known Spinrite hard disk recovery software and security software. According to their site:
“The web’s HTTP protocol was designed with little concern for a web surfer’s privacy and well before aggressive commercial interests decided to track surfers across the web, while storing and compiling any personal information that might leak from their browser.
Information is leaking from web browsers?
Yes, absolutely, and frighteningly so. The often repeated claims that “no user identifiable information is being sent or collected” is just so much nonsense. Those statements are meant to lull trusting and uninformed Internet users into a false sense of privacy and security.
When a web resource is requested from a server, the “Referer” header line provides the requested server with the URL of the web page that requested the item. But if an online web form has just been filled out and submitted using the most common “GET” method, the web surfer’s potentially personal and private data will appear in the URL and it will be sent to any third-party servers, such as advertising, tracking, or web-bug servers, whose resources appear on the form’s submission confirmation page!”
Now some browsers, like Internet Explorer, are supposed to block this HTTP Referrer when you leave a secure site and go to a none secure website, but not all browsers do. Also, your IP address is given to websites so they can track demographics. If you are not using a proxy, firewall or internet security software, this could point directly back to your individual machine. While you are at GRC, it is also a great place to check and see if you have any open ports on your system. Their Shields Up! online program checks to see if your firewall is doing its job and blocking access to your computer. The best you can get is a “True Stealth” rating, which means that your firewall doesn’t give your computer away by responding to general ping or probing requests. If you have open ports, you should check into it.
Daniel W. Dieterle
Interesting article today on the Business-Standard. According to the article, India has surpassed China, Russia and Romania as the richest target for hackers. It would appear that they are falling behind in protecting their systems. India Security expert Vijay Mukhi states:
“Cybercrime is very sophisticated and orchestrated in a manner that can cripple our financial backbone in a day’s time. But we aren’t doing much to address the situation,” he rues.”
As America relies on India more and more and is using India for filling technical positions, especially information technology, can this put the US at risk? Shivarama Krishnan, executive director and partner, PwC states:
“If someone wants to paralyze American banks or the retail sector, India is the best target as most of the maintenance and operational processes are managed out of India. So India’s preparedness will have to be higher.”
Read the rest of the story at http://www.business-standard.com/india/news/india-not-ready-for-cyberwar/384506/.
Just a couple things come to mind thinking about the NY Times article mentioned in the last post.
First of all, how much time do you spend securing your network? Herein lays the problem. American businesses are very busy. To be competitive, we have cut staff, and have very limited budgets. When a new server needs to be put in, it needs to be done quickly. Be it a small business or corporate datacenter, time is money. A corporate server is set up quickly, usually from a checklist and then some sort of security program and anti-virus is installed. The programs are “supposed” to auto update without intervention. Rarely do people go back and make sure that the servers are updating. Anyways, the security program control panel said it sent the updates to the server. On a small business server, many times the server is set up, and locked in a closet. It is set to get security and anti-virus updates automatically, but does it?
Time is the issue. In the NY Times example, the hacker spent 6 hours a day hacking. 6 HOURS! Hackers do not have time limits or budget constraints. They usually go for easy prey, but if your site has something of interest to the hacker, they will spend weeks, months or in the extreme case years to find a way in.
This leads me to my second point. Most secure servers by checklists. If A through Z has been done, the server is secure. Server security is structured and precise. Hackers work out of the box. They don’t follow the rules. There is a lot to do in setting up a server. A random Server 2008 book has almost 1500 pages. That is about the same amount of pages as a Bible. Also, with the huge amount of code in a Microsoft operating system, holes are found very frequently. Usually, only the good guys reveal to Microsoft when an exploit has been found. Foreign hackers guard these exploits and as the article states, hope to use them in the future.
The odds are definitely in the bad guys favor, but with due diligence, we can harden our systems so the casual hacker will bypass our systems and look for easier prey.
Daniel W. Dieterle
Many people use online mail, banking and buy items on the internet now. The biggest question is,”What are some things I can check to increase my safety online?”
There are two ways to browse the internet, regularly and securely. Regular sites have the designation “http://” in front of the www. address, secure/encrypted websites us the “https:// designation.
What is the difference? Regular websites are not encrypted. Any information you enter into them is transfered across the internet in standard readable text. Secure sites encrypt the data you enter before sending it over the internet. This makes it very difficult, if not impossible, for someone to intercept and read this information.
Whenever you are asked to log in to a secure site, whenever you are purchasing items, or checking your financial information, glance up at the address bar and make sure that it says “HTTPS://” in front of the web address instead of “HTTP://” This tells you that your are using a secure site and that your information is being encrypted as it is sent over the internet. Standard sites are not encrypted.
Believe it or not, hackers have found a way to divert your HTTPS:// connections to a standard HTTP:// unencrypted address. So instead of your address bar at the top of internet explorer saying something like https://securebankingfor me.com it will actually say http://securebankingforme.com and your information that you thought was secure could be intercepted.
Oh, one last point, don’t rely on the lock icon that shows up in the address bar when on a secure site, hackers have found a way to duplicate that also. Always check for the “https://”
Daniel W. Dieterle