A simple rule to follow in life is that you NEVER give
out personal information to strangers. But many people forget this rule
when they cruise the web. People think that the person they
encounter online is somewhere far away and that they will never meet so how
can it be dangerous to just pass out those personal details? In some
online services like America Online for example, users can fill in a
"Personal Profile" where they are invited to give their name, age, marital
status and where they come from. Many users fill this in honestly and in
good faith, forgetting that they have now made their personal details
available to 400 millions of human beings, all of whom are strangers :-(
Let's add that the whole society moves (very quickly) towards a "bee-world",
where everybody will know everything you do. Dear internaut, unfortunately all the data you are disseminating around
are being collected and used to get your exact profile... this is
already happening everywhere on the planet... Cyberocracy, as some call it,
is getting nearer... they trace us every time we use credit cards, every time you
buy in a supermarket with the so called "advantage" cards (why do you think they give
them out and ask you to use them, duh?), every time we make a search or simply visit places on the
web or email a usenet group
It is probably possible to know exactly (not that I care particularly)
how much toilet paper YOU consume in a week, how much beer will be
buyed next month from all the people living in your street... how many
searches you have made on AltaVista for alt.lick.my.shoe postings...
nothing is private any more... that is, unless you defend yourself.
In cyberspace "verbal" is all you have. It
follows therefore that you can only know someone about 30% if you know them
only on live chat or through email. The other 70% of your understanding
cannot develop until you can both hear the other person's voice and see
them in real life. Remember also that when your friend sends you a photo
of him, you have no way of verifying that the photo is indeed him... all the
photos of mine that are on my other "avatar" pages (see the
counter measures page) are false, and
some are QUITE different from me
There is no code of honor protecting people's privacy on the Internet.
Each user should therefore take appropriate steps to protect privacy
online. Consider the following tips to protect your privacy online before
a problem develops.
1) Consider a gender-neutral email address
(that's your username,
handle AND common identity on the web)
2) Choose a good account password and change it regularly
The best passwords don't spell anything and don't follow a logical pattern.
If your chosen username, for example is "wizard" then you are making it
easy for someone to break into your account if you choose "spell", "wand",
"cat", or even "abracadabra" as your access password. Make your password
at least 7 letters long, throw numbers inside
And never tell ANYone else
what it is
3) Edit your online profile
Get familiar with "Finger" which is a way of looking up your username and
domain and obtaining information about you from what is called your Plan
file. Try out your own email address with Finger and see what comes up. If
you don't like what you see - change it! You may need to edit your "Plan"
file to remove personal information. Remember - anything you can find out
about yourself, anybody else can find out about you. Keep personal
information online to an absolute minimum
You can try a finger search on yourself by going to one of the following
sites on the WWW:
http://www.rickman.com/finger.html
http://www-bprc.mps.ohio-state.edu/cgi-bin/finger.pl
4) Review your email signature and email headers
What does your email signature say about you? Your email sig. is added to
every piece of email you send. Check yours (send yourself some email and
then look at the headers at the top and the signature at the bottom), and
make sure it does not give away your home telephone number or any other
personal details. If your email sig. reads "Jane Doe - Boston's finest!"
then a cyberstalker can now look in the Boston telephone directories and
see how many Jane Does are listed. And what if there are only two listed?
Check also how your email headers read. Part of your headers you can
configure yourself - make sure that you do not reveal too much about
yourself, unless you do not care, like me :-D
5) Consider using an anonymous remailer (or email alias service) to
post messages to the Usenet
You can also draw unwelcome attention to yourself if you post messages to
newsgroups on the Usenet - by posting such material you are also posting
your email address. Consider using an anonymous remailer so that you can
post anonymously to the Usenet, particularly if you are getting into a
heated debate about a controversial subject. The other reason for using an
anonymous remailer when posting to the Usenet is that although posts are
deleted from the News server after a short period of time, posts are
archived, which means anyone at a later date can read all the posts you
ever made, by using a Usenet search engine, e.g. Deja News at
http://www.deja,news.com
To read about anon remailers visit:
http://www.well.com/user/abacard/remail.html
6) Consider using an anonymous web browser
Consider browsing the WWW by going through an anonymous Web browsing
service. This will make it impossible for your web-surfing to be logged
by Websites (which IS currently done), so no one will be able to pick up
any information on you. You can find this service, together with an FAQ at:
http://www.anonymizer.com/
7) Consider using encryption to authenticate your email messages
By using an encryption program like PGP (Pretty Good Privacy) you can
verify your email so that you cannot be impersonated. PGP signing your
email does not change the whole thing into code but adds a code at the
bottom that indicates the email has been scanned and verified as yours. If
someone forges your email or tampers with it, then when your recipient
checks the PGP sig with what's known as your "Public Key" it will show that
the email is no longer genuinely yours.
PGP is a difficult program to learn but is very valuable for authentication
of email. You can read about it at:
http://www.well.com/user/abacard/pgp.html
8) Discuss your safety and privacy requirements with your Internet
Service Provider and enlist their help and advice
Don't be afraid to discuss these issues with your Internet Provider. You
are paying them good money to use their service, and you have a right to
assistance. Find out how seriously they take personal safety online.
If you are not
satisfied, consider moving. Shop around - there are some very responsible
companies out there. You might also like to establish if your ISP keeps an
online directory of all clients on their FTP site. If they do and your
name is up there, ask them to remove it for safety reasons. If they
refuse, perhaps you should choose another ISP...
9) Learn your technology
Everyone was a beginner once, but it is up to you if you choose to remain
one. Work out what you need to know and then find out where to
learn it. This may take the form of joining classes, reading books,
reading internet FAQs (Frequently Asked Questions) and talking to experts
in #help channels on IRC. Remember knowledge is power and ignorance is
weakness
In IRC make sure you know how to set up flood protection, and if you don't
wish to receive ctcp commands, toggle them off. Make sure also that your
DCC is not on "auto get". If DCC is set to auto receive files then you can
be sent files while logged in without your consent. Turn on your
timestamping option also, so all logs have the times automatically
recorded
As soon as you are logged onto IRC, turn your logger/text capture ON - This
is important so that you keep a record of each IRC session. If there are
no problems then you can always trash the log later, but if you have a
problem you may wish to keep the evidence
page no more supported, follow this link to enemy.htm instead.
