Look Inside Your Web Browser
instructor: Mr. Curt Minich

A. General Computer Security Issues

1. If your computer is online (through a modem or network connection), it is susceptible to online dangers such as viruses, espionage, etc. There is no way to ensure the total security of your PC unless you do not connect it to the Internet. Many devious and criminal hacking tools are available for criminals to break the insecure nature of Windows 95/98. Few home computers use the Windows NT operating system which is a bit more secure.

2. When you first set up your Windows computer you were probably prompted to enter your name and even address information. That information is tied to your computer and could be accessed by others through your Internet connection. View the Control Panel/System and Control Panel/Internet settings to verify and/or change this information.

3. Virus' are a general security concern. Even if your computer is NOT connected to the Internet, you can still be in danger of virus infecting your computer through floppy disks and even CD-ROM's. If the floppy or CD-ROM was purchased from a legitimate company, it probably is safe. But if someone loaned you a personal floppy or CD-ROM, you should scan it with a virus detection program such as McAfee or Norton. You are at a much greater risk of virus infecting your machine through e-mail attachments (see below).

B. General Internet Security Issues
1. When you log on to your Internet Service Provider (ISP) whether you pay that company or it provides "free" service (such as your employer or a university), you should realize that everything you do is probably being recorded in a log. Every e-mail message that you send and receive could very easily be copied to an ISP's storage drive and every Web page URL address that you visit is likely stored in a log. This information probably would never be accessed by a human being but in the future, if for example the FBI had a search warrant, it probably could easily be searched by a computer program to check the Web sites that you have visited.

2. Everytime that you log onto the Internet, your computer is given a unique IP (Internet Protocol) address. Your ISP can match that IP address with your user name and password which is probably tied to a credit card or check that you used to pay for your Internet service. These IP addresses are easily traceable by authorities and hackers and can enable others to attempt to infiltrate your computer's hard drive. There are programs (e.g. Satan) that can be used to do so although I have never read or heard of actual cases where this has been done.

C. Security Issues with regard to Web Browsing
1. In most cases you cannot be charged for simply accessing Web sites. Currently the only way a company can legally charge you for anything is to require you to enter a credit card number into an online form and then click a Submit button. There has been a known scam that enticed people into clicking on a certain hyperlink that somehow caused the computers dial-up connection to be dropped and then redialed a long distance fee number (1-900). Those people should have realized that their modem connection was dropped and that it redialed a long phone number. Also, in Japan, there is a pilot program that allows Web site authors to bill a person's phone company for authorized purchases although I am sure those people had to sign up for that payment method. Some Web sites such as the Wall Street Journal, Consumer Reports, and pornography sites charge you a monthly fee through your credit card to access their sites once they have mailed you the password.

2. When you are purchasing goods online you are also required to enter a credit card number. You should ensure that the company is using a secure server on the page where you enter your credit card number. If the company uses a secure server, you will see a closed padlock in the lower left corner of your browser window. If you have an old browser or are surfing through your company's firewall, you may not be able to visit pages on secure servers though. Download the latest version of Netscape or Internet Explorer and buy the items from your home if you have trouble with secure servers.

Amazon.com has sold millions of dollars worth of books and not one case of credit card abuse has been linked to their site. You can generally trust ecommerce on the Web.

3. You have the option to turn Java on or off on your Web browser. Java is a programming language that is used to enhance some Web pages which contain Java applets (programs). It is unlikely if not impossible for a Java virus to infect your computer through a Java applet. I personally enable Java in my browser's preferences. By the way, Javascript, which is not related to Java, is totally safe and can be enabled as well.

4. If you use Internet Explorer (or AOL), you will find security levels under View/Internet Options/Security. The Medium setting is recommended for most people. Choosing these settings will automatically enable/disable things such as Java.

5. Your Internet profile which may contain your name, address, e-mail address and other information can be read by Web pages. For example, when you visit the Web site, www.whitehouse.gov, the government could read your e-mail address from your Internet profile and begin sending you junk mail. Not many Web pages will do this but once your e-mail address has been added to one junk mail list, it will proliferate to others. You can delete or modify your Internet profile by going to your Windows Control Panel (Start/Settings/Control Panel/Internet). If you surf with Netscape, you must delete your e-mail address from the Edit/Preferences/Mail & Groups/Mail Server panel (but you will have to retype it if you use Netscape as your e-mail program.)

D. Your Browser's Cache
1. Web browsers (including Netscape, Internet Explorer, and AOL's browser) use a cache to speed up your Web browsing. When you initially visit a Web page, it takes awhile for all of its contained graphics to individually download. If you visit the same page 20 minutes later, for example, it will load more quickly because your browser knows it can find the graphics to the page in the your computer's memory & hard drive cache. If a cache were not used, no one would be patient enough to surf the Web.

When you close your Internet connection, however, many items (mostly graphics) are left in the cache. If you know where on your hard drive the cache is stored, you can piece together some or all of the Web pages that you (or someone else) recently visited. To do so, use Windows Explorer to visit the browser's cache folder which is usually located in the browser's application folder or in the Windows folder. This technique can be used to determine what your children have been doing on the Internet. However, it is possible for someone to clear the memory cache in Netscape, version 4 (Edit/Preferences/Advanced/Cache) and Internet Explorer, version 4 (View/Internet Options/General). If the cache is always cleared when your child finishes Web surfing, he/she is probably clearing it intentionally.

E. Cookies
1. Cookies are harmless files left on your computer's hard drives by Web site authors of pages that you visited. No one knows why they are called cookies by the way. Anyway, Web sites that ask you for your name or a password or commercial Web sites that aim to give you a pleasant surfing experience will use cookies to enhance your surfing. Virus' cannot be spread by cookies which are small text files.

2. You can view the cookies that have been deposited to the special cookies text file by finding that file. It is located in different places on different computers but you can find yours by using the Start/Find/Files or Folders command. You can view the cookies file by double-clicking it when you find it or opening it with Notepad (Start/Programs/Accessories).

3. You can disable cookies, automatically accept them, or have the browser prompt you when one is attempting to be downloaded. The settings for these options are found in Netscape at Edit/Preferences/Advanced and in Internet Explorer at View/Internet Options/Advanced.

4. Usually someone will not see your credit card number or a Web site password in the cookies file but it is not altogether impossible for a poor Web site author to allow that to happen. View your cookies file to see if any personal information is being compromised.

F. E-mail Filtering
1. All e-mail programs can be set to filter e-mail Basically, to set up a filter you must set rules that the e-mail program follows when it "checks in" incoming e-mail This e-mail can be set to automatically be deposited into your trash can.

2. Generally, virus' can be spread through e-mail attachments. The body of an e-mail message which is just plain text cannot be an e-mail virus. If you open an attachment though you run the risk of being infected.