The W3 conventions form a powerful tool for bringing together a widespread academic community. These conventions will allow current and future software systems to work together harmoniously across different platforms. Software is available, and continually being contributed, to allow information to be presented to a world audience, and read by anyone. If the need arises, restricted access to particular servers can be implemented easily.
– Tim Berners-Lee, et al.; World-Wide Web: An Information Infrastructure for High-Energy Physics; January 1992.
The Internet security section provides information on general Internet security issues. The primary security issue on the web is confidentiality.
Web sites can access a considerable amount of information about you when you visit their pages, as shown for example at the following sites:
- 404 Research Lab Supersleuth
While your computer communicates a lot of technical data when you visit web sites, your browser is built to safeguard your name, email address, and other personal data. The information that web sites can access is described below:
- IP address confidentiality. Web sites can and often do record the IP addresses of visitors. For most dial-up users a new IP address is dynamically assigned every time you sign on, so the most that it reveals about you is the Internet Service Provider that you are using. This is a confidentiality risk only if the service provider provides their logs to others, which is unlikely unless they are under a court order. However, if you use an office computer or a high speed connection where your IP address is permanently assigned, then the address can be used to uniquely identify your machine, and a web site can use this information to track repeat visits.
- Cookies. Cookies are often used to store information on your computer to track your browsing patterns on a particular site.
- Configuration. Web servers can record the operating system you are using, the browser you are using, the plugins you have installed, and the pages you access on their site.
- Previous address. When you click on a web page link, the HTTP protocol sends the URL of the current page to the new page, so the new page can tell where you linked from. The destination web server can capture this information and store it in their logs. If you don’t want a web site to be able to tell where you accessed it from, then you can manually copy and paste the link you want to access into the URL field of your browser and then press return, so there is no sending page to transmit. This feature can also lead to a particular vulnerability when clicking on web page links from a web email service..
- Next address. A site could include code that will tell it which link you choose when you leave the site, so it knows where you are going, although normal links to other sites do not return this sort of information.
If you are concerned about confidentiality risks, you can consider use of an Anonymizer.