The first web-published book, on 2000-01-07.

Internet > Security Issues >

Internet Confidentiality & Privacy

The Internet provides little assurance of privacy or confidentiality. The use of firewalls, anonymizers, and encryption can help mitigate the risks. Major considerations to keep in mind are discussed below.

Silent communications. There are thousands of rogue actors and infected computers probing machines across the Internet at any given second. These bad apples are almost certainly trying to get control of your machine through any security fault or unpatched module they can find. Fortunately, their communications are fairly straightforward to trap, since by definition they are unsolicited -- it is easy to tell the difference between a packet from a website you just accessed from a probe from some site you never heard of before. The technological solution to this threat is called a "firewall", a program that monitors all communications and traps all illicit packets. Most operating systems now come with a firewall preinstalled. However, some, such as the Windows firewall, only block suspect incoming communications, leaving completely open access to the Internet from your machine. This is a barn-door sized hole that is eagerly used by almost every program you have on your computer to contact the home company for all sorts of reasons ranging from automatic checking for updates to transmission of usage metric data for their own proprietary purposes. The solution to this is a third party firewall that protects both incoming and outgoing communications. The free version of ZoneAlarm is widely used.

Surfing leaves tracks. There is little privacy or confidentiality on the Internet. Websites can track your surfing on their site by IP address and related system information, including system names and Internet network addresses that often uniquely identify your computer. Search engines generally record your queries together with your computer identification, building up a profile of your interests over time. To minimize these threats, you can turn your default browser settings to exclude cookies, since they can be used to build up detailed profiles of your surfing patterns over time (advertising sites with presence on many sites can even use cookies to track your surfing patterns across different sites). You can also use networked or single-point anonymizers to obscure all your computer's local identifying information and obtain the maximum available Internet privacy.

Posting is public. When you post anything to a public Internet newsgroup, mailing list, or chat room, you generally give up the rights to the content and any expectation of privacy or confidentiality. In most countries, anything you post to a public space can be saved, archived, duplicated, distributed, and published, even years later, by anyone in the same way as a photograph taken in a public space like a city park. If you have ever posted anything to the newsgroups, you might find it interesting to search them now for the email address you used at the time, which is one reason you should disguise your email address when posting to the Usenet newsgroups.

Personal data is cross-referenced. If you give a site personal data like an email address, home address, phone number, birth date, or credit card number, be aware that the information can be easily cross referenced by a range of large service companies to assemble a detailed database of your buying habits, surfing patterns, and interests. And it usually is. If you do give a site personal information, it is a good idea to first read their Internet privacy policy to see how confidential they promise to keep it.

Tap, tap. Without speculating on who or why, Internet communications interception is technically easy to do at any of the perhaps five and twenty-five routers through which your packets are switched on the way to their destination. Software taps are easy to add. Direct physical interception through tapping into copper network cable near a house or in a switching station is straightforward with inexpensive equipment, and enables an eavesdropper to copy all of the traffic that passes over the line. Radio frequency interception of the traffic on copper lines is possible. Tapping into fiber optic line is more difficult, usually requiring a high angle bend to get a bit of light leakage, but is also technically possible. Encryption is the only sure solution.

Governments can do anything. Many national governments are large enough with enough resources that they can and do intercept Internet communications. However, because of the volume of information if for no other reason, you can be reasonably assured that no-one is taking the time to look at your specific Internet packets unless you are connected to an investigation.

The bottom line is that you have little privacy or confidentiality on the Internet, and unless your communications are encrypted and/or anonymized, you should assume they can be read by others. At the same time you need to make a realistic threat assessment depending on what you are doing -- how much do you (or others) really care?

Resources. The following references provide additional information:

  • RFC 3924; F. Baker; B. Foster; C. Sharp; Cisco Architecture for Lawful Intercept in IP Networks; October 2004.
__