Privacy on the web
Maybe you're one of the people who thinks that they can't be tracked as you move around between websites. After all, it's anonymous, right? Or you're one of the people who's heard all the stories about tracking and the information collection that goes on 'out there'. Well, this article is not going to teach you how to hide yourself on the web. What this article is going to do is explain what information about yourself must be given out, what is typically given out, what can be given out, and what isn't given out, as well as descriptions of other ways information about yourself can be stolen.
To hide or not to hide?
Like everything in life, there are tradeoffs. You can't hide all information about yourself, but you certainly don't want to divulge everything either. What follows is a brief description of things you absolutely cannot hide without breaking the internet, things there's not much point in hiding, and things you really should hide just for your own protection.
Breaking the internet
You may not realise it, but the web isn't completely anonymous. One of the pieces of information about you that simply cannot be hidden is your computer's IP address, the string of four 3-digit numbers that uniquely identifies your computer on the internet. Without letting other computers know your IP address, no information will ever get back to you; it would be like trying to send mail with no address printed on the envelope.
Your computer's IP address tells people virtually nothing about you. All it allows them to find out is who your ISP is, or if you're surfing from work at a company large enough to have bought their own IP addresses, what company you're working at. If you dial on to the internet with a modem, like the majority of people do, your IP address changes every time you connect anyways. Basically, this is not a big deal. Your ISP can find out who was using a given IP address at a given time, but they don't divulge that information unless somebody shows up with a search warrant or a court order or something equally legal.
The other piece of information that can't be hidden is what page you want to see. This seems kind of obvious - after all, how can the server know what to send you if you can hide the name of the page you're looking for? Again, the web is not psychic.
(Actually, if you use an anonymiser the server you're reading pages from only sees the anonymiser's IP address, but the anonymiser still has to know your IP address to pass the page on. Some people are just so paranoid.)
What's the point of it?
There are a few pieces of information that there's really no point in hiding unless you're really paranoid.
The 'referer', or the page you were at just one step before the current page, can be hidden. There's not much point, though, and really, it doesn't tell the server much about you, just about the page that linked to them that you came from. The only exception is if you came from a search engine - the referer includes the words you searched for to find their page. Normally these are fairly generic but occasionally I've seen some pretty strange search words that found one of my pages. I suppose in that case you could make the argument that the referer tells something about you.
Your browser's 'user-agent' string, basically an identifier with the name and version of your browser and operating system, is another. Some browsers will allow you to change the user-agent to whatever you want, or even a blank string. Netscape and MSIE don't, however. One example of a user-agent is "Mozilla/3.01Gold (Macintosh; I; 68K)". Mozilla is Netscape; 3.01Gold is the version. In the brackets, 68K and Macintosh tell that the operating system is a fairly old Mac. Similarly, "Mozilla/4.77 [en] (X11; U; Linux 2.2.19 i586)" is Netscape 4.77 for X11 on Linux 2.2.19 running on a Pentium of some sort. (Both of these examples came out of my webserver's log files)
There's not all that much point in changing your user-agent, but if you want to, there's no reason you shouldn't. One very good advert- and cookie-blocking program also rewrites your user-agent to the macintosh example I gave above, no matter what browser you use. Some silly web programs use the user-agent to determine things, like if your browser can support full security. Actually asking the browser what it can or can't support is a much better method, because the silly web programmers who depend on the user-agent to tell them such information generally only put the 'big two' (Netscape and MSIE) in their test.
Trust? On the internet?
There are some things that you really should keep private. For example, when you're downloading a program, the file is often on an FTP (File Transfer Protocol) server and not the web server. Your web browser connects to the FTP server 'anonymously' - actually with the username 'anonymous' and your email address as a password.
Back when the internet was young and trusting, this was not a big deal. Spammers hadn't discovered the internet yet, so people were more than happy to give out their email, and even posted their telephone number and mailing address on their websites. Giving an anonymous FTP site your email address was considered part of internet etiquette. Unfortunately, that didn't last.
Likewise, any information such as your full name, mailing address, phone number, anything that can identify you or help a complete stranger find you in the phone book, should not be posted where complete strangers can find it. This isn't to say that you can't share any personal information - for example, I have no problem telling people about things I like and dislike, what my hobbies are, the fact that I have two cats and a boyfriend. But I don't ever give any more geographical information than what city I'm in (if you're in a really small town you might not even want to do that) and I never give out my last name.
And, obviously, don't give out your credit card number, (social insurance/social security/whatever your country uses) number, bank account number, and other similar things. If you're shopping online, and the store has a secure server and a secure page for you to give them your credit card number (look for the closed padlock - an open padlock means it's not secure) then it's up to you: do you trust this company to not only not give out your credit card number and personal information, but do you also trust them to have competent staff protecting their computer from attackers trying to steal your credit card number?
Nosy browser add-ons
Of course, there's more ways for information about you to get out than just the ones mentioned above. The two sections, things you must give out and things there's no point in hiding, both only list things that your web browser gives out as part of its primary job of getting and displaying web pages for you. Your browser, and many plugins for your browser, can deliberately or inadvertantly let information about you slip.
Cookies
Cookies aren't the huge evil thing they're often made out to be. They can be actually quite useful - saving such things as a username and password for a site you're a member of, for example, or allowing a site to remember how you liked to read it (especially sites that allow you to change how they're displayed).
On the other hand, cookies, misused, can let somebody collect an awful lot of information about you.
A cookie is basically a tiny file that a website stores on your computer. When the website sets the cookie, one of the pieces of information it includes is where the cookie came from. This must be the originating site's address, and it must have at least two dots in it; this prevents somebody at whatever.com setting a cookie for .com - allowing any .com address to access the cookie. whatever.com must set the cookie for .whatever.com or www.whatever.com. Usually, a cookie contains a bunch of gibberish which is actually a code that the server uses to look you up in their database such as how you prefer to view the site, if they allow you to change it. For example, all of those customisable portal sites, such as my.yahoo.com, couldn't possibly store all of the information about what items and headlines you want to see on your page in a cookie, so they store an ID code in the cookie and all of the other information in their database.
You can get cookies for sites you don't realise you're visiting, however. The most common example of this is the adverts on the top of most web pages. The advert sets a cookie for the company that serves the banner. Now how can it do that? A cookie can only be set for the server the page comes from, right? Yes, but the advert itself, the image, comes from a different server. And with the image comes a cookie, set for the ad server. Now, web advert companies tend to provide adverts to a lot of different pages. And for each of those pages you visit, your browser requests the banner from the ad server, and cheerfully sends along the cookie you picked up at a different site. After a while, the advert company starts to be able to notice patterns in the types of sites that you visit, and can target their advertising to you - and be able to say to the companies that advertise with them that they can guarantee that people who are interested in topics x, y, and z will see their adverts, therefore charging higher advertising fees.
A lot of people don't see a problem with targeted adverts. After all, if it's something you might be interested in it's a good thing to see, right? Well, that, in itself, isn't the problem. What is the problem, though, is when that information gets matched up with your personal contact information. And it can happen. There was a big stink a while back when doubleclick.net, one of the biggest ad servers out there, bought out Abacus, a data-collection agency that works with mail-order catalogue companies. They intended to merge the personal information, such as your name and address and what you purchased with the (up to that point) mostly anonymous information about what types of sites you visited and what you were interested in reading about online.
What you probably want to do is selectively block cookies. There are a couple of choices for this: use a browser that allows you to block and allow cookies from sites you specify, such as Mozilla or Opera; install a cookie- and advert-blocking program such as the Internet Junkbuster or Guidescope (for a description of the differences between Junkbuster and Guidescope, see this page); or (most annoying) tell your browser to ask you before setting a cookie. That last option will surprise you with how many cookies you can pick up from just one site.
Javascript
For the most part, javascript is merely a bloody nuisance. There are, however, a couple of things you have to watch out for.
Javascript in email has no purpose. Turn it off. One of the things it can do - and keep in mind that this is not a bug, this is a planned and documented feature, the details of which can be found in nearly any introductory javascript book - is track the contents of an email, any changes, and the people it was sent to, and send that information back to the original sender. This is called "Email Wiretapping". Basically, if you get an HTML email with this little javascript program embedded in it, it can wrap up the entire contents of the email, along with any email addresses, such as those of the people you forward it to, and send that to an email address possibly a program on a web server. Every single time it is read. By every person you forwarded it to or replied to. Fun, eh?
Javascript in a web browser can make your browser do things it shouldn't, and is aggravated by bugs in the browser. One exploit last year (2000) in Internet Explorer involved any web page being able to use javascript to request any cookie at all and read the contents. Not a good thing when that cookie contains your username and password to a site. There have been numerous other bugs in javascript, and I'm sure there will be many more in the future. The bugs have allowed things such as: reading your bookmarks, pulling a file from your hard drive and sending it to anywhere on the internet; finding out your email password; viewing your browser's history to find out what pages you've been to recently; and 'spying' on the page loaded in a different frame.
I mostly turn off javascript in my browser because it's a bloody nuisance, and I've found that it 'fixes' a lot more sites than it 'breaks'. Did you know that you can be rid of those vile pop-up adverts simply by turning off javascript?
ActiveX
ActiveX is a gaping security and privacy hole. Basically, an ActiveX control - usually a 'smart' button or something in its most innocuous form - has the ability to do anything at all to your computer, from grabbing files containing all of your banking information (if you keep that on your computer, ie with Quicken) to formatting the hard drive to installing a virus on your computer to grabbing your network username and password. The ActiveX idea of security is to have you decide whether or not the ActiveX program should run. Since the vast majority of people aren't programmers and hence can't tell what an ActiveX program will do just by looking at it, many ActiveX programs are 'signed'. If you get right down to it, all this really means is that if the ActiveX program nukes your computer, you know who to blame. If you remember or wrote down the information on paper and not in a file on your computer. How reassuring.
Luckily, ActiveX only works on one browser on one operating system. Unluckily, that is the browser and operating system with the highest use: Microsoft Internet Explorer on Microsoft Windows. Change one of those two items, and ActiveX on the web won't be able to hurt you. If you download and install ActiveX controls yourself, though, they can still get you.
Web Bugs
As far as web bugs go, don't think insects, think those little tiny microphones spies use to listen in on conversations. Web bugs are generally invisible or 1x1 pixel (ie, one dot on your computer monitor) images. They can be found in web pages, providing information about what pages you visit in much the same way as advertising banners do - with cookies set from some other server. The thing is, unlike ad banners, you can't see them. Web bugs can also be found in HTML emails, especially spam. Normally, the sender of an email can't tell when or if you opened it; however, with a web bug planted in an HTML email, your mail reader (if it understands HTML, as most of the popular ones do) will quite cheerfully request that invisible image from the spammer's web server. When the bug is requested, the spammer now knows several things, first and most undesirable: that email address is active and read by a person.
Stopping web bugs is as simple as turning off HTML rendering in your mail client, or disconnecting from the internet before you read your email. Turning off HTML will make some of your email lose its formatting, but quite frankly very, very few messages even need any formatting at all.
VBS
VBS, or Visual Basic Script, is a variant of Visual Basic and VBA (Visual Basic for Applications - the language the Melissa macro virus was written in). Like its cousins, it can make Microsoft programs sing and dance and generally do things you don't want them to do. Do you remember putting your name, address and telephone number into any MS Office program? Are you sure of that? I know MS Word insisted that I enter that information every time I started it up at the last place I worked.
Even people who know enough not to run attachments they're sent via email aren't protected if they use MSOutlook, because Outlook will automatically open attachments for you, in an attempt to be helpful.
To stop VBS from finding things in your computer, the simplest and most effective method is to never use Outlook. Use any other email program. Eudora is a very nice one, reasonably small and easy to use. You can do a web search for other email clients.
Other browser plugins
There are several browser plugins that can grab information about you without you knowing it, and many of them are packaged as 'cute' little enhancements such as "Comet cursor", which allows some websites to change your mouse pointer to something related to the site while you're there. Real Networks, the makers of RealAudio and RealDownload and a few other things that automatically launch when you download sound files and the like, made their programs "phone home" with information about what you listened to (RealAudio or RealJukebox) or downloaded (RealDownload). They denied it at first. They claim it is fixed and doesn't do it anymore.
Other peeking programs
There are a lot of other programs that send information about you out onto the internet. They are generally known by the name 'spyware'. These programs will typically install more than they let on, and won't fully uninstall when you tell them to. The sneakier ones wait until you connect to the internet to try to send their info "home", so you don't notice them. The more blatant ones will sometimes try to connect even if you aren't using the internet, triggering the "Dial-up Networking" in Windows - and if you've told it to save your password and auto-dial, it will successfully connect even if you're not sitting at your computer.
Avoiding spyware can be tricky, especially since a lot of spyware is packaged with programs that appeal to people. Your first line of defence is to check the lists of known spyware before you install any program - and this isn't limited to programs that you download off the internet. There have been reports of games, sometimes children's games, bought in a store that install spyware.
If you decide to install a program that is known spyware, or if you happen to install one that is but isn't known yet, there's still one more line of defence. Removing spyware is very difficult; unless you know what you're doing, it's not really worth the effort because some of the files are hidden with critical system files. What you can do, however, is stop them from communicating back "home". Install Zone Alarm, the only personal firewall that I'm aware of that stops not only outside connections from reaching into your computer, but also unauthorised inside connections from reaching out. When a program tries to reach out to the internet, Zone Alarm will ask you if you want to allow it. You can permanently authorise your web browser, permanently ban spyware, and temporarily authorise or ban other programs on a case-by-case basis.
...and non-programs
Programs aren't the only privacy hole in the internet. Some of the most damaging security holes are exploited using what's called "Social Engineering". It takes little in the way of computer skills and decent acting or bluffing skills.
Some of the more common breakins using social engineering involve phoning somebody at a company and posing as one of the IT staff, asking for the person's username and password so some maintenance work can be done on the account; phoning a company's IT staff and posing as an employee who forgot his username and password; and, notoriously on AOL, emailing accounts and asking for their passwords so some maintenance work can be done to the account.
You should never have to give the administrator your password. They can do whatever they need to without it anyhow. Basically, if somebody contacts you, whether it's over the phone or via email, and asks for your password, don't give it to them.
![[Attribution required]](../images/cc-by.gif)
![[No derivative works]](../images/cc-nd.gif)
