Académique Documents
Professionnel Documents
Culture Documents
It is the year 2010, and your car is hooked up to the Internet. As you
drive, you receive updates and instructions that reflect changing traffic conditions
monitored by video cameras and satellites. Your mechanic is able to monitor your
engine remotely and alert you if there are signs of a problem. Your entire home music
collection is available on the car stereo.
But these conveniences come at a price. Your insurance company also
tracks your movements, making sure you obey all speed limits. You receive endless
personalized advertisements for the businesses that you drive past. The police have
noticed that you often drive through a bad part of town and have started a file on you.
This scenario is entirely plausible, and the technology is already available
or soon will be. But will it actually happen? Is invasion of privacy the unavoidable
consequence of technological progress?
Hundreds of today's emerging technologies have privacy implications,
and many of them, such as wireless data communications, have already become cheap
enough to be used on a large scale. Once these technologies become commonplace, it
will be nearly impossible to change them. For this reason, taking measures to protect
privacy should be high on the agenda of societies throughout the world.
Why should we care about a possible loss of privacy? What are some
of the potential impacts when our privacy is breached? What data trails does a
person create in modern society? How important is the Internet, with its booming
demand for online shopping and its free flow of information, to these concerns? What
steps can individuals take to control access to data regarding their personal lives and
thus protect their privacy?
In the modern world privacy issues constantly arise with the collection
and dissemination of digitized personal data. This data, the computerized transfer of
information by a myriad of devices, has become a routine part of our lives. We
exchange this type of data when withdrawing money from an automated teller
machine (ATM), borrowing a book from the library, or sending electronic mail (email)
on the Internet. Computers also affect our lives in a thousand indirect ways: the bills
we get in the mail, the logistical systems that get groceries into the store, telephone
networks, and more.
To understand the privacy issues that information technology can raise,
it is important to understand what computers are and how they are designed.
Information technology originated in military and business environments as a way of
automating existing practices, such as calculating missile trajectories and scheduling
factory operations. As the technology matured, companies such as International
Business Machines Corporation (IBM) shaped modern software engineering by drawing
on the methods of industrial automation and the language of bureaucracy. The
computerized files that are the focus of privacy concerns today are directly descended
from the paper files of the past.
Page 1 of 94
Internet security and privacy
Streams of Data
Page 2 of 94
Internet security and privacy
result, the dangers are hard to measure, and few organizations have adequate
incentives to take the necessary precautions.
Even when security is tight, the most significant dangers to privacy
derive from uses of personal information that are consciously chosen. Flows of
personal data that are initiated for one purpose are often used for other purposes later
on. The most important of these secondary uses of personal information involve the
merger of databases from different sources. Records of your supermarket purchases,
for example, will be more valuable to marketers if they can be merged with
demographic information about your background and lifestyle. By combining the data
you generate at the supermarket with, for example, information gleaned from your
credit card purchases—where you buy your clothes, rent your videos, and go out to
eat—a well-defined profile of your personal tastes could be developed and used for
future marketing.
In order to merge different databases, however, each database must use
the same identifier (a number that has been assigned uniquely to you). In the United
States, the identifier most often used is the social security number (SSN). A recent
congressional initiative to require states to link social security numbers with driver's
licenses, designed to help control illegal immigration, was put on hold in November
1998 after significant citizen outcry. Privacy advocates oppose the creation of a
national identification card in the United States, which would allow databases to be
merged on a large scale.
On the other hand, no major privacy problems arise from aggregate
data—statistical trends that are calculated from thousands of individual records. There
are many benefits to this type of information, from deducing the causes of illness to
analyzing what types of products are most in demand. This type of personal data
collection means that people are more likely to be alerted to a public health problem,
and it is more likely that the book you want will be in stock and the sweater you like
will come in your favorite colors.
Page 3 of 94
Internet security and privacy
find themselves receiving letters from the PBM telling them when and how to take their
medication, enrolling them in a special program, or informing them that they have
been switched to a lower-cost prescription. PCS Health Systems, a PBM owned by the
giant drug maker Eli Lilly and Company, covers 56 million people and has a total of 1.5
billion individual prescriptions in its database. Although most people assume that this
information is confidential, in fact the companies can use the information with few legal
restraints.
In addition to intrusive marketing and general concerns about medical
privacy, employees face particular risks if medical records are available to their
employers. There are many accounts of employees that have been reassigned or fired
when supervisors learned of a medical condition by accessing medical records. People
suffering from acquired immune deficiency syndrome (AIDS) can suffer particular harm
if their medical status is disclosed, but even employees seeing a therapist for
depression or another mental condition can face repercussions if their treatment is
disclosed. Although definitive data are hard to come by, a 1996 study by David
Linowes, a professor of political economy at the University of Illinois, showed that one-
third of Fortune 500 companies responding to a survey had utilized individual medical
records in making job-related decisions.
A particularly pertinent example of how personal data can be seriously
misused came in 1997 when a 36-year-old U.S. Navy sailor was threatened with
expulsion from the military because he was linked with an America Online (AOL)
personal profile that said he was homosexual. Timothy R. McVeigh (no relation to the
convicted Oklahoma City bomber) had filled out the AOL profile indicating he was gay
using only the name Tim. But naval investigators found the profile and obtained
McVeigh's full name from AOL's customer service department, in apparent violation of
AOL's own written privacy policies. McVeigh sued the Navy and won a settlement in
June 1998 that allowed him to retire with full benefits and an undisclosed sum. AOL
admitted it made a mistake and agreed to pay an undisclosed sum in damages. AOL
also vowed to conduct employee training on privacy issues.
Inadequate protection of private information can even threaten personal
safety. An actor named Rebecca Schaeffer was killed in 1989 by a deranged fan who
obtained her address through a private investigator. To get the address, the
investigator had simply called the California Department of Motor Vehicles. After this
incident California passed laws restricting access to its motor vehicle records, but of
course this is just one source of personal data. Women escaping from domestic
violence are particularly vulnerable, and must go to great lengths to prevent their
assailant from using public records or illicitly obtained private data to track their hiding
places.
Internet Privacy
Page 4 of 94
Internet security and privacy
this sense, the Web's current architecture is inherently friendly to privacy, although
this situation could easily change as that architecture evolves.
However, some Web sites require registration before a user can access
the site, potentially leading to sales pitches and other appeals. Sites targeted at
children have come under particular scrutiny for collecting detailed personal data from
naïve users. The Web can seem like an innocuous, friendly place, but the site you
furnish with your credit card number could be based in a country where U.S. fraud
laws do not apply. An organization such as the nonprofit consortium TRUSTe can
certify a site's privacy policy, but this approach is relatively new and still unproven.
Privacy Solutions
Page 5 of 94
Internet security and privacy
At the Crossroads
The spread of information technology has made the world a less private
place. Computers that may be used to invade personal privacy can also be used to
protect it. The Internet might have the potential to become an omnipresent network of
surveillance, but it is already a worldwide forum for education, debate, and advocacy
on privacy issues.
Nothing is set in stone at this point—everything depends on the choices
that society makes over the next few years. Technologists can choose to incorporate
privacy protection in future devices and systems. Consumers can choose to educate
themselves, to assert their rights, and to become activists for sensible privacy
protection. Policy makers can explore the combinations of measures that can protect
privacy or can undermine it. If we so choose, we can enjoy the benefits of new
information technologies while also preserving privacy.
Page 6 of 94
Internet security and privacy
Page 7 of 94
Internet security and privacy
TABLE OF CONTENTS
I. OVERVIEW
II. WHAT MAKES THE INTERNET DIFFERENT?
A. Increased Data Creation and Collection
B. The Globalization of Information and Communications
C. Lack of Centralized Control Mechanisms
III. WHAT DO WE MEAN BY PRIVACY? AND HOW IS IT BEING ERODED?
A. The Expectation of Anonymity
B. The Expectation of Fairness and Control Over Personal Information
C. The Expectation of Confidentiality
IV. WHERE DO WE GO FROM HERE?
A. Maintain a Consistent Level of Privacy Protection for Communications and
Information Regardless of Where They are Stored
B. Raise the Legal Protections Afforded to Transactional Data When it is
Collected
C. Encourage Technologies that Limit the Collection of Personally Identifiable
Data
D. Establish Rules and Implement Technologies That Give Individuals Control
Over Personal Information During Commercial Interactions
E. Create a Privacy Protection Entity to Provide Expertise and Institutional
Memory, a Forum for Privacy Research, and a Source of Policy
Recommendations on Privacy Issues
F. We Must Question Our Tendency to Rely on Government as the Central and
Sometimes Sole Protector of Privacy
V.CONCLUSION
I. OVERVIEW
Page 8 of 94
Internet security and privacy
Page 9 of 94
Internet security and privacy
Page 10 of 94
Internet security and privacy
Page 11 of 94
Internet security and privacy
sites for the purpose of customizing content and advertising. The surreptitious
collection of information about individual's activities, across multiple Web sites enabled
through some "cookie" implementations, gained the attention of Internet users,
technicians, and policy makers.[ 15 ] Companies, such as Doubleclick, use this detailed
transactional information to provide targeted online advertising. Others, such as
Adfinity, combine these "mouse-droppings" or "click-stream data" with personal
information collected from other sources into fully identifiable profiles of the
individual's online and offline behavior.
The increased data collection enabled by the Internet and electronic
commerce are part of a larger phenomena--the growing market in personal
information. As one reporter stated: ―Let's face it: Companies are fascinated by me. ―
Okay, maybe not me personally, but "me"--the consumer--collectively. I
possess something nearly as valuable as spendable cash: information about myself.
Before they can get to "me" to buy something, they need to know a lot about me: how
old I am, how much I make, who I voted for, what I eat, wear, drive think or do. [ 16 ]
Evidence of the growing market for detailed "personal profiles" of
individuals is rampant on the Internet. Be it personalized search engines and "portals,"
the pervasive use of "cookies" and other sticky bits of data that Web sites store on
visitors' computers to aid the site in personalizing and targeting content and
advertising, or the recent move by Intel to stamp each computer--and once the
individual using the computer releases information, each individual--with a unique and
traceable identity in cyberspace. The business communities rapacious appetite for
information is all too apparent. Last August, some of the largest commercial sites on
the World Wide Web announced that they would feed information about their
customers' reading, shopping, and entertainment habits into a system developed by a
Massachusetts company that was already tracking the moves of more than thirty
million Internet users, recording where they go on the Internet and what they read,
often without the users' knowledge.[ 17 ] In a sense, the system does what direct mail
companies have done for years. But Internet based systems can be more precise,
determining not only which magazines you subscribe to, but also which articles you
read. More recently stories about "free" computers, valued at approximately $999,
provided to individuals in exchange for detailed information about themselves and their
families and permission to track their Internet usage, provide some indication of the
value placed by a section of the business community on personal information and the
lengths to which they will go to solicit it.[ 18 ]
While the private sector uses of personal information generated by use
of the Internet have been scrutinized by the public and the press, the governments
interest in and use of it has received less attention. But governments are interested in
this data too. As the Federal Trade Commission revealed in its report to Congress on
the Individual Reference Service Industry ("Look-up Services"), the government is a
major customer of personal information about us .[ 19 ] While marketing information is
not the fodder for "look-up services," it too is attractive to the government. A battle
being waged today, over the "location" information available through many cellular
networks, foreshadows the larger privacy considerations lurking in the vast data
generated by individuals' use of the Internet.[ 20 ] In the course of processing calls,
many wireless communications systems collect information about the cell site and
location of the person making or receiving a call. Location information may be captured
when the phone is merely on, even if it is not handling a call .[ 21 ] Both government
and the private sector have their eye on this location information. While the
government seeks to build added surveillance features into the network and ensure
their access to the increasingly detailed data it captures, the private sector is
considering how to use this new form of information. A company in Japan is
Page 12 of 94
Internet security and privacy
experimenting with a World Wide Web site that allows anyone to locate a phone, and
the person carrying it, by merely typing in the phone number .[ 22 ] As one reporter
put it: "Cellular telephones, long associated with untethered freedom, are becoming
silent leashes."[ 23 ]
Now we head to the register. In the physical world, individuals can
choose to purchase goods and services with a variety of payment mechanisms, the
most common being cash, check, bank card, credit card, and a prepaid stored value
mechanism, such as a travelers check or smart- card. Individuals can, and often do,
pay by cash.[ 24 ] An individual's choice of payment mechanism impacts on her
privacy. The amount of personal information generated and collected varies from
theoretically none in a cash transaction to identity, item or service purchased,
merchant, and date and time in a credit transaction. Similarly, the list of parties who
have access to personal data can range from the individual and the merchant in a cash
transaction, to the merchant, affiliated issuer, transaction processor, credit card
company, and individual in a credit card transaction. In general, cash provides the
most privacy protection during financial transactions in the offline world .[ 25 ] It is
fungible, largely untraceable, and because its value is inherent and irrefutable, it
requires no additional assurance of authenticity which often drives the collection of
identity information.
In the online environment, the digital equivalent of cash has not yet
achieved widespread use. Most online purchases are made with credit cards, which
identify the individual and facilitate the collection of purchasing data. The lack of a
cash equivalent in the online world, and its reduced use in the physical world, will
seriously alter the privacy of individuals' financial dealings.[ 26 ]
For example, consider the differences between an auction/yard sale in
the physical world and Ebay, the premiere auction/classified listing/yard sale on the
World Wide Web. Attendees at a traditional auction while physically present do not
reveal who they are prior to participation. At Ebay, prior to bidding individuals must
provide a name, home address, phone number and e-mail address. The differences
between the information collected to support a similar activity in these two
environments to some degree reveals the increased emphasis placed on knowing the
identity of the individual with whom you are interacting where the payment mechanism
is less secure than what cash affords. The translation of cash, the most privacy
protective of payment mechanisms, into an online equivalent, is a pressing privacy
issue.[ 27 ] Without it we will quickly move from a world of cash-based anonymity to
one of full identification and increased tracking of individuals' purchases .[ 28 ]
Page 13 of 94
Internet security and privacy
Page 14 of 94
Internet security and privacy
boss to monitor her messages. If she is using her home computer, her privacy is still
not fully assured.
While United States law provides e-mail the same legal protection as a
first class letter, the technology leaves unencrypted e-mail as vulnerable as a postcard.
Compared to a letter, an e-mail message travels in a relatively unpredictable and
unregulated environment. As it travels through the network, e-mail is handled by
many independent entities: in comparison, a letter is handled only by the United
States Postal Service. To further complicate matters, the e-mail message may be
routed, depending upon traffic patterns, overseas and back, even if it is a purely
domestic communication. While the message may effortlessly flow from nation to
nation, the statutory privacy protections stop at the border. In addition, unlike the
phone or postal systems, the Internet does not have central points of control. While
the decentralized nature of the Internet allows it to cope with problems and failures in
any given computer network, by simply routing in another direction, it also provides
ample opportunities for those seeking to capture confidential communications .[ 39 ]
The rogue action or policy of a single computer network can compromise the
confidentiality of information.
But e-mail is just one example, today our diaries, our medical records,
our communications, and confidential documents are more likely to be out in the
network than under our bed. This has drastic consequences for our privacy--as
information moves further out onto the network our existing statutory framework
provides less and less protection.
It's useful to look at the weak state of privacy protections for other
personal papers and records. Individuals traditionally kept their diaries under their
mattress, in the bottom drawer of their dresser, or at their writing table. Situated
within the four walls of the home, these private papers are protected by the Fourth
Amendment. With the advent of home computers, individual diaries moved to the
desktop and the hard drive. Writers, poets, and average citizens quickly took
advantage of computers to manage and transcribe their important records and
thoughts. Similarly, pictures moved from the photo album to the CD-ROM.
Today, network computing allows individuals to rent space outside their
home to store personal files and personal World Wide Web pages. The information has
remained the same. A diary is a diary is a diary. But storing those personal thoughts
and reflections on a remote server eliminates many of the privacy protections they
were afforded when they were under the bed or on the hard drive. Rather than the
Fourth Amendment protections--including a warrant based on probable cause, judicial
oversight, and notice--the individual's recorded thoughts may be obtained from the
service provider through a mere court order with no notice to the individual at all.
The weak state of privacy protection is evident in the business setting
too. Let's look at medical records. Hospitals, their affiliated clinics, and physicians are
using intranets to enable the sharing of patient, clinical, financial, and administrative
data. Built on Internet technologies and protocols, the private networks link the
hospital's information system, to pharmacy and laboratory systems, transcription
systems, doctor and clinic offices and others. The United States government is
contemplating the development of a federal government-wide computer-based patient
record system.[ 40 ] According to news reports, the Internet and World Wide Web-
based interfaces are under consideration .[ 41 ] The private sector is moving to
integrate network computing into a sensitive area of our lives, the doctor's office .[ 42 ]
As computing comes to medicine, the detailed records of individuals'
health continue to move not just out of our homes, but out of our doctor's offices.
While the use of network technology promises to bring information to the fingertips of
Page 15 of 94
Internet security and privacy
medical providers when they need it most, and greatly ease billing, prescription refills,
and insurance preauthorizations, it raises privacy concerns.
In the absence of comprehensive federal legislation to protect patient
privacy, the legal protections afforded medical records may vary greatly depending
upon how the network is structured, where data is stored, and how long it is kept. If
records are housed on the computer of an individual doctor then access to that data
will be governed by the Fourth Amendment.[ 43 ] Law enforcement would be required
to serve the doctor with a warrant or subpoena and the doctor would receive notice
and have the chance to halt an inappropriate search. Under federal law, the patient
however, would receive no notice and have no opportunity to contest the production of
the records. When information is in transit between a doctor and a hospital through a
network, law enforcement's access is governed by the warrant requirements of The
Electronic Communications Privacy Act of 1986 ("ECPA"); and, neither doctor nor
patient receive prior or contemporaneous notice. If the records are stored on a server
leased from a service provider, the protections are unclear. They may be accessible by
mere subpoena. If they are covered by the "remote computing" provisions of ECPA this
would severely undermine privacy in the digital age .[ 44 ]
The confidentiality of our sensitive information is challenged by a legal
framework that hinges protections on who maintains the information, how the network
is structured, where data is stored, and how long it is kept. As our wallets become "e-
wallets" housed somewhere out on the Internet rather than in our back-pockets, and
as our public institutions, businesses, and even cultural institutions find homes online,
the confidentiality of our communications, papers, and information is at risk of
compromise.
It is clear that our existing legal framework did not envision the
pervasive role information technology would play in our daily lives. Nor did it envision
a world where the private sector would collect and use information at the level it does
today. Our legal framework for protecting individual privacy in electronic
communications while built upon constitutional principles and statutory protections,
reflects the technical and social "givens" of specific moments in history. From a belief
that the government's collection and use of information about individuals' activities and
communications was the only threat to individual privacy and that a solid wall
separated the data held by the private and public sector; to the notion that the
Internet would be used primarily for a narrow slice of activities and that private and
public spaces were easily demarcated, these vestiges of a pre-Internet, pre-networked
world, stress our existing privacy framework.
Crafting proper privacy protections in the electronic realm has always
been a complex endeavor. It requires a keen awareness of not only changes in
technology, but also changes in how the technology is used by citizens, and how those
changes are pushing at the edges of existing laws. From time to time these changes
require us to reexamine our fabric of privacy protections. The issues raised in this
article indicate that it is time for such a review.
The Internet has changed the quantity and quality of data available
about individuals' lives, but unfortunately our business practices, norms, and laws
have not progressed to ensure individuals' privacy. At the outset, there are six areas
where we must step up our activities to strengthen privacy protections. Clear proposals
can be attached to some, while at this time others require further consideration.
Page 16 of 94
Internet security and privacy
Page 17 of 94
Internet security and privacy
Even our communications are vulnerable under today's law. Under the
existing legal framework, the same e-mail message would be afforded different privacy
protections depending on whether it was sought: while on the individual's computer; in
transmission; unread in storage for less than 180 days; or, read but left on the service
provider's server. The differences in protection afforded e-mail depending on whether
it is captured in transmission, accessed in storage while unread, or accessed in storage
after it has been read seem unwarranted, for the communication and individuals'
expectations of privacy remain the same. In an era where e-mail is more commonly
accessed as a stored record than through an interception, the concepts developed for
governmental access to business records in the relatively static, paper-based
environment are an ill-fit and provide weak protections for individual privacy. It is time
to provide a framework that reflects individuals' expectations.
Page 18 of 94
Internet security and privacy
Law is only one tool for protecting privacy. In this global, decentralized
medium, we must promote applications of technology that limit the collection of
transactional information that can be tied to individuals.[ 64 ] Some tools developed to
protect privacy by limiting the disclosure, or cloaking it, of information likely to reveal
identity, or decoupling this identity information from the individual's actions and
communications, exploit the decentralized and open nature of the Internet.[ 65 ] For
example, Crowds provides anonymity to individuals surfing the Web by mingling their
requests for access to Web sites with those of others.[ 66 ] By routing Web site access
requests in a series of unpredictable paths, the identity of the requester is hidden.
Similarly, Onion Routing uses the decentralized nature of the Internet coupled with
public key encryption to provide privacy protections for Internet communications.[ 67
] Communications are passed through a series of routers before reaching the recip-
ient. Resembling an onion, the message is encircled in a series of lay-ers. Each router
is able to peel one layer of the onion enabling it to learn the next stop in the messages
path. Passing messages in this fashion protects an individual's identity by obfuscating
the originator and recipient of the message from points in the network. These technical
advances, if adopted by users, can provide protections for privacy.
Of particular importance are payment mechanisms that preserve
anonymity. By using cash, individuals can engage in many daily transactions without
revealing their identity. Depending on the design choices we make, the online
environment could wipe out the expectation of privacy that the physical world's cash
purchase provides or the technology of electronic payments could preserve privacy.
Similarly, digital certificates, if guided by privacy concerns, could be designed to limit
the instances in which identity is used as a broad substitute for specific traits or
abilities.
A number of companies have attempted to craft cash-like payment
mechanisms.[ 68 ] Digicash is a frequently mentioned payment mechanism that
provides cash-like anonymity to individual users.[ 69 ] Digicash relies on blind digital
signatures, a cryptographic technique, to prevent the bank, or other money issuer, and
merchant from linking the individual's identity to specific transactions.[ 70 ] Blind
signatures provide the merchant with the ability to determine the value and establish
the authenticity of the payment while shielding the individual's identity. The bank,
while privy to information about the user's identity, and able to deduct the appropriate
sum from the individual's account, is incapable of tying the particulars of a transaction
to the individual.[ 71 ]
Page 19 of 94
Internet security and privacy
Page 20 of 94
Internet security and privacy
protection arenas, and will continue to rage. Advocates often take the position that
self-regulation is inadequate due to both a lack of enforcement and the absence of
legal redress to harmed individuals. Industry tends to strongly favor self-regulation,
stating that it results in workable, market-based solutions while placing minimal
burdens on affected companies. These positions, while in tension, have both accurately
described the self-regulatory process. A close look at the enactment of federal privacy
legislation over the years reveals that the battle itself, with all its sound and fury, is
the path to legislation.
Historically, for privacy legislation to garner the support of at least a
section of the industry, which is generally critical to successful legislative efforts, it
must build upon the work of some industry members--typically binding bad actors to
the rules being followed by industry leaders--or, be critically tied to the viability of a
business service or product as with the Video Privacy Protection Act and the Electronic
Communications Privacy Act.[ 76 ]
Today, the dialogue over assuring privacy on the Internet and in
electronic commerce is well situated for a successful legislative effort. Privacy-aware
companies are seeking to develop and implement self-regulatory programs. Surveys
have shown that the viability of online commerce depends upon the existence of real
protections for consumers' privacy. Similar to the development of early privacy laws,
some industry actors have led the way crafting self-regulatory policies that are the
prototype for subsequent legislation supported by self-regulated players who for
reasons of public trust, liability, and/or government concern want to bind bad industry
actors.
Advocates of both self-regulation and legislation each have a vested
interest in exploring and resolving the hard issues. Questions of what is personally
identifiable information in the context of the Internet, what does access require, and
what is the appropriate way to police and provide remedies in this environment must
all be explored. The work of the Online Privacy Alliance to develop principles to protect
children's privacy became a starting point for the recently passed Children's Online
Privacy Protection Act.[ 77 ] The collective desire to provide privacy protections that
protect individuals' privacy, and encourage them to participate in the online
environment, provides the common ground for the development of sound policies and
enforcement strategies in the coming year.
The work outlined above, and the state of privacy today, all weigh in
favor of creating a privacy entity within the federal government. The existing approach
has hindered the development of sound policy and failed to keep pace with changes in
technology. The United States needs an independent voice empowered with the scope,
expertise, and authority to guide public policy. Such an entity has important roles to
play on both domestic and international fronts. It would serve as the forum for
collaboration with other governments, the public interest community, and the business
community.
There are a myriad of functions an entity charged with promoting privacy
could perform. Unfortunately, the debate over the scope and power of such an agency
or office has consistently stymied attempts to create one. As in many areas, the
perfect has been the enemy of the good. At this junction, foremost on this entity's
agenda should be developing and articulating a comprehensive vision of privacy
protection for the United States, and coordinating efforts to advance it in both the
Page 21 of 94
Internet security and privacy
public and private sector. The emergence of the Internet and other advanced
technologies require us to reflect, study, adapt, and apply existing privacy principles
and at times develop new ones. Without expertise and devoted resources this task will
not be undertaken.
To function well, such an entity should have the ability to:
1. monitor and evaluate developments in information technology with respect to
their implications for personal privacy;
2. conduct research, hold hearings, and issue reports on privacy issues in both
the public and private sector;
3. develop and recommend public policy appropriate for specific types of
personal information systems;
4. comment upon government and private sector proposals that impact on
privacy;
5. review agency activities under the Privacy Act;
6. participate in government proposals that impact on privacy .[ 78 ]
The level of 1) public concern; 2) agency activity; 3) private sector
investment; and 4) non-governmental organization focus on individual privacy, cry out
for the formation of an entity able to comprehensively and effectively address privacy
issues.
In July, Vice President Gore announced the Administration's intent to
appoint an individual to oversee and coordinate the governments privacy activities as
part of the "Electronic Bill of Rights."[ 79 ] While the duties and powers of this
individual are unclear, the announcement signals the Administration's recognition that
privacy is an issue of growing importance and one that the Administration must play a
role in coordinating. As of publication, no appointment has been made.
Page 22 of 94
Internet security and privacy
privacy protection framework, for they can provide protection across the global and
decentralized Internet where law or self-regulation may fail us.
V. CONCLUSION
http://www.cdt.org/publications/lawreview/1999nova.shtml
Page 23 of 94
Internet security and privacy
This document gives home users an overview of the security risks and
countermeasures associated with Internet connectivity, especially in the context of
―always-on‖ or broadband access services (such as cable modems and DSL). However,
much of the content is also relevant to traditional dial-up users (users who connect to
the Internet using a modem).
I. Computer security
A. What is computer security?
B. Why should I care about computer security?
C. Who would want to break into my computer at home?
D. How easy is it to break into my computer?
II. Technology
A. What does "broadband" mean?
B. What is cable modem access?
C. What is DSL access?
D. How are broadband services different from traditional dial-up services?
E. How is broadband access different from the network I use at work?
F. What is a protocol?
G. What is IP?
H. What is an IP address?
I. What are static and dynamic addressing?
J. What is NAT?
K. What are TCP and UDP ports?
L. What is a firewall?
M. What does antivirus software do?
III. Computer security risks to home users
A. What is at risk?
B. Intentional misuse of your computer
1. Trojan horse programs
2. Back door and remote administration programs
3. Denial of service
4. Being an intermediary for another attack
5. Unprotected Windows shares
6. Mobile code (Java, JavaScript, and ActiveX)
7. Cross-site scripting
8. Email spoofing
9. Email-borne viruses
10. Hidden file extensions
11. Chat clients
12. Packet sniffing
C. Accidents and other risks
1. Disk failure
2. Power failure and surges
Page 24 of 94
Internet security and privacy
3. Physical theft
IV. Actions home users can take to protect their computer systems
1. Consult your system support personnel if you work from home
2. Use virus protection software
3. Use a firewall
4. Don’t open unknown email attachments
5. Don’t run programs of unknown origin
6. Disable hidden filename extensions
7. Keep all applications (including your operating system) patched
8. Turn off your computer or disconnect from the network when not in use
9. Disable Java, JavaScript, and ActiveX if possible
10. Disable scripting features in email programs
11. Make regular backups of critical data
12. Make a boot disk in case your computer is damaged or compromised
I. Computer security
A. What is computer security?
Page 25 of 94
Internet security and privacy
II. Technology
experience somewhat slower network access during periods of peak demand, and
may be more susceptible to risks such as packet sniffing and unprotected windows
shares than users with other types of connectivity. (See the "Computer security risks
to home users" section of this document.)
Dial-up Broadband
Page 27 of 94
Internet security and privacy
Relative
Low High
connection speed
ISP-provided
Little or none Little or none
security
F. What is a protocol?
G. What is IP?
http://www.faqs.org/faqs/internet/tcp-ip/tcp-ip-faq/part1/
and
http://www.faqs.org/faqs/internet/tcp-ip/tcp-ip-faq/part2/
H. What is an IP address?
Page 28 of 94
Internet security and privacy
J. What is NAT?
Page 29 of 94
Internet security and privacy
across the Internet, TCP and UDP allow individual applications (also known as
"services") on those computers to talk to each other.
In the same way that a telephone number or physical mail box might be
associated with more than one person, a computer might have multiple applications
(e.g. email, file services, web services) running on the same IP address. Ports allow a
computer to differentiate services such as email data from web data. A port is simply a
number associated with each application that uniquely identifies that service on that
computer. Both TCP and UDP use ports to identify services. Some common port
numbers are 80 for web (HTTP), 25 for email (SMTP), and 53 for Dmain Name System
(DNS).
L. What is a firewall?
Both types of firewall allow the user to define access policies for inbound
connections to the computers they are protecting. Many also provide the ability to
control what services (ports) the protected computers are able to access on the
Internet (outbound access). Most firewalls intended for home use come with pre-
configured security policies from which the user chooses, and some allow the user to
customize these policies for their specific needs.
More information on firewalls can be found in the Additional resources
section of this document.
Page 30 of 94
Internet security and privacy
These concepts apply to home Internet users just as much as they would
to any corporate or government network. You probably wouldn't let a stranger look
through your important documents. In the same way, you may want to keep the tasks
you perform on your computer confidential, whether it's tracking your investments or
sending email messages to family and friends. Also, you should have some assurance
that the information you enter into your computer remains intact and is available when
you need it.
Some security risks arise from the possibility of intentional misuse of
your computer by intruders via the Internet. Others are risks that you would face even
if you weren't connected to the Internet (e.g. hard disk failures, theft, power outages).
The bad news is that you probably cannot plan for every possible risk. The good news
is that you can take some simple steps to reduce the chance that you'll be affected by
the most common threats -- and some of those steps help with both the intentional
and accidental risks you're likely to face.
Before we get to what you can do to protect your computer or home
network, let’s take a closer look at some of these risks.
Trojan horse programs are a common way for intruders to trick you
(sometimes referred to as "social engineering") into installing "back door" programs.
These can allow intruders easy access to your computer without your knowledge,
Page 31 of 94
Internet security and privacy
change your system configurations, or infect your computer with a computer virus.
More information about Trojan horses can be found in the following document.
http://www.cert.org/advisories/CA-1999-02.html
3. Denial of service
http://www.cert.org/advisories/CA-2000-01.html
http://www.cert.org/archive/pdf/DoS_trends.pdf
Page 32 of 94
Internet security and privacy
There have been reports of problems with "mobile code" (e.g. Java,
JavaScript, and ActiveX). These are programming languages that let web developers
write code that is executed by your web browser. Although the code is generally
useful, it can be used by intruders to gather information (such as which web sites you
visit) or to run malicious code on your computer. It is possible to disable Java,
JavaScript, and ActiveX in your web browser. We recommend that you do so if you are
browsing web sites that you are not familiar with or do not trust.
Also be aware of the risks involved in the use of mobile code within email
programs. Many email programs use the same code as web browsers to display HTML.
Thus, vulnerabilities that affect Java, JavaScript, and ActiveX are often applicable to
email as well as web pages.
More information on malicious code is available in
http://www.cert.org/tech_tips/malicious_code_FAQ.html
More information on ActiveX security is available in
http://www.cert.org/archive/pdf/activeX_report.pdf
7. Cross-site scripting
8. Email spoofing
Page 33 of 94
Internet security and privacy
Note that while service providers may occasionally request that you
change your password, they usually will not specify what you should change it to.
Also, most legitimate service providers would never ask you to send them any
password information via email. If you suspect that you may have received a spoofed
email from someone with malicious intent, you should contact your service provider's
support personnel immediately.
W32/Sircam -- http://www.cert.org/advisories/CA-2001-22.html
W32/Goner -- http://www.cert.org/incident_notes/IN-2001-15.html
The files attached to the email messages sent by these viruses may
appear to be harmless text (.txt), MPEG (.mpg), AVI (.avi) or other file types when in
fact the file is a malicious script or executable (.vbs or .exe, for example). For further
Page 34 of 94
Internet security and privacy
information about these and other viruses, please visit the sites listed on our Computer
Virus Resource page: http://www.cert.org/other_sources/viruses.html
12.Packet sniffing
1. Disk failure
Page 35 of 94
Internet security and privacy
3. Physical Theft
Page 36 of 94
Internet security and privacy
Recommendations
3. Use a firewall
Before opening any email attachments, be sure you know the source of
the attachment. It is not enough that the mail originated from an address you
recognize. The Melissa virus spread precisely because it originated from a familiar
address. Malicious code might be distributed in amusing or enticing programs.
If you must open an attachment before you can verify the source, we
suggest the following procedure:
1. be sure your virus definitions are up-to-date (see "Use virus protection
software" above)
2. save the file to your hard disk
3. scan the file using your antivirus software
4. open the file
Page 37 of 94
Internet security and privacy
8. Turn off your computer or disconnect from the network when not in use
Turn off your computer or disconnect its Ethernet interface when you are
not using it. An intruder cannot attack your computer if it is powered off or otherwise
completely disconnected from the network.
Page 38 of 94
Internet security and privacy
Because many email programs use the same code as web browsers to
display HTML, vulnerabilities that affect ActiveX, Java, and JavaScript are often
applicable to email as well as web pages. Therefore, in addition to disabling scripting
features in web browsers (see "Disable Java, JavaScript, and ActiveX if possible",
above), we recommend that users also disable these features in their email programs.
Appendix
This section contains links to references and additional resources related to this
document.
References
Page 39 of 94
Internet security and privacy
CERT Advisories
CA-1999-02: Trojan Horses
http://www.cert.org/advisories/CA-1999-02.html
CA-1999-04: Melissa Macro Virus
http://www.cert.org/advisories/CA-1999-04.html
CA-2000-01: Denial-of-Service Developments
http://www.cert.org/advisories/CA-2000-01.html
CA-2000-02: Malicious HTML Tags Embedded in Client Web Requests
http://www.cert.org/advisories/CA-2000-02.html
CA-2001-22: W32/Sircam Malicious Code
http://www.cert.org/advisories/CA-2001-22.html
Page 40 of 94
Internet security and privacy
Additional resources
Page 41 of 94
Internet security and privacy
http://www.mycrypto.net/
Encryption
Security and privacy have long been important issues forming the
basis of numerous democracies around the world. In the digital age, securing personal
information and ensuring privacy pose to be issues of paramount concern. At first
glance, one might find it gratifying that an online website greets the person by their
first name, sends them emails when goods of their taste are added, or recommends
goods services based on their demographic profile, previous visits, etc. An astute
surfer though will also see the privacy drawbacks in such services. Who else is being
provided this information? Is there a way to ensure the security of this information?
What happens with the information if the company meets financial diffuculties and has
to liquidate its assets? Where does all that "private information" go?
Many studies over the last few years have suggested that a majority of
consumers are concerned about when, what and how their personal information is
being collected, how this information is being used and whether it is being protected.
They want to know whether the information is being sold or shared with others, and if
so with whom and for what purposes. They also want to have control over their privacy
in today's digital age where strides in telecommunicaiton, storage and software
technologies have made monitoring a person's activities effortless.
The Internet, once a research tool has grown into a mammoth
educational, entertainment and commercial implementation. The advent of commerce
on the Internet exposed the lack of security over this public network. The incorporation
of encryption (especially strong 128 bit encryption) into Internet browsers and web
servers quelled this concern to a certain extent. There was still the matter of storing
the information sent over the Internet in a safe manner. Firewalls and encryption
Page 42 of 94
Internet security and privacy
software evolved to ensure that the computers and data on the Internet were safer.
What can be done regarding these important issues? Part of the solution
is to secure important data - more specifically, using strong encryption. Educating end
users and corporations on the use of email and file encryption software, data
encryption during transmission using VPNs, password encryption on public interfaces
and use of encryption software like PGP, F-Secure and 128 bit version of IE/NS will
lead us closer to the end goal of a safer Internet.
The growth of the worldwide Internet user base and with Internet based
transactions believed to reach well over a trillion dollars in the next three years, it
makes sense for the parties involved to secure the Internet. Haphazard handling of
financial and personal information can lead to the Internet being constantly associated
with fraud and privacy abuses instead of being a viable commerce medium.
http://www.mycrypto.net/
History of Encryption
Users of Encryption
Page 43 of 94
Internet security and privacy
http://www.mycrypto.net/encryption/why_encrypt.html
The concept behind encryption is quite simple - make the data unlegible
for everyone else except those specified. This is done using cyrptography - the study of
sending 'messages' in a secret form so that only those authorized to receive the
'message' be able to read it.
The easy part of encryption is applying a mathematical function to the
plaintext and converting it to an ecrypted cipher. The harder part is to ensure that the
people who are supposed to decipher this message can do so with ease, yet only those
authorised are able to decipher it. We of-course also have to establish the legitimacy of
the mathematical function used to make sure that it is sufficiently complex and
mathmatically sound to give us a high degree of safety.
The essential concept underlying all automated and computer security
application is cyptography. The two ways of going about this process are conventional
(or symmetric) encryption and public key (or asymmetic) encryption.
Featured articles:
A Primer on Public Key Encryption
by Charles C. Mann.
Introduction to Cryptography
by Peter Meyer.
http://www.mycrypto.net/encryption/how_encryption_works.html
Page 44 of 94
Internet security and privacy
key of 6, it becomes "6 120 120 6 18 66 ." (Nobody would actually use this cipher,
though; all the resulting numbers are divisible by the key, which gives it away.) Cipher
algorithms and cipher keys are like door locks and door keys. All the locks from a given
company may work in the same way, but all the keys will be different.
Public-key cryptography is often said to be important because messages
enciphered by it are "unbreakable"—that is, people can't randomly try out possible
keys and break the cipher, even with powerful computers that try thousands of keys a
second. (This assumes that the key has been properly chosen; even the best algorithm
will be compromised if the key is something easily guessable.) In fact, though, many
types of crypto algorithms are effectively unbreakable. What public-key does—its
significant innovation—is to simplify drastically the problem of controlling the keys.
In non-public-key crypto systems, controlling the keys is a constant
source of trouble. Cryptographic textbooks usually illustrate the difficulty by referring
to three mythical people named Alice, Bob, and Eve. In these examples, Alice spends
her days sending secret messages to Bob; Eve, as her name indicates, tries to
eavesdrop on those messages by obtaining the key. Because Eve might succeed at any
time, the key must be changed frequently. In practice this cannot be easily
accomplished. When Alice sends a new key to Bob, she must ensure that Eve doesn't
read the message and thus learn the new key. The obvious way to prevent
eavesdropping is to use the old key (the key that Alice wants to replace) to encrypt the
message containing the new key (the key that Alice wants Bob to employ in the
future). But Alice can't do this if there is a chance that Eve knows the old key. Alice
could rely on a special backup key that she uses only to encrypt new keys, but
presumably this key, too, would need to be changed. Problems multiply when Alice
wants to send messages to other people. Obviously, Alice shouldn't use the key she
uses to encrypt messages to Bob to communicate with other people—she doesn't want
one compromised key to reveal everything. But managing the keys for a large group is
an administrative horror; a hundred-user network needs 4,950 separate keys, all of
which need regular changing. In the 1980s, Schneier says, U.S. Navy ships had to
store so many keys to communicate with other vessels that the paper records were
loaded aboard with forklifts.
Public-key encryption makes key-management much easier. It was
invented in 1976 by two Stanford mathematicians, Whitfield Diffie and Martin Hellman.
Their discovery can be phrased simply: enciphering schemes should be asymmetric.
For thousands of years all ciphers were symmetric—the key for encrypting a message
was identical to the key for decrypting it, but used, so to speak, in reverse. To change
"5 100 100 5 15 55" or "6 120 120 6 18 66 " back into "attack," for instance, one
simply reverses the encryption by dividing the numbers with the key, instead of
multiplying them, and then replaces the numbers with their equivalent letters. Thus
sender and receiver must both have the key, and must both keep it secret. The
symmetry, Diffie and Hellman realized, is the origin of the key-management problem.
The solution is to have an encrypting key that is different from the decrypting key—
one key to encipher a message, and another, different key to decipher it. With an
asymmetric cipher, Alice could send encrypted messages to Bob without providing him
with a secret key. In fact, Alice could send him a secret message even if she had never
before communicated with him in any way.
"If this sounds ridiculous, it should," Schneier wrote in Secrets and Lies
(2001). "It sounds impossible. If you were to survey the world's cryptographers in
1975, they would all have told you it was impossible." One year later, Diffie and
Hellman showed that it was possible, after all. (Later the British Secret Service
revealed that it had invented these techniques before Diffie and Hellman, but kept
them secret—and apparently did nothing with them.)
Page 45 of 94
Internet security and privacy
Page 46 of 94
Internet security and privacy
Introduction to Cryptography
Page 47 of 94
Internet security and privacy
Page 48 of 94
Internet security and privacy
always relative to the task it is intended to accomplish and the conditions under which
it will be used. A theoretically secure system becomes insecure if used by people who
write their encryption keys on pieces of paper which they stick to their computer
terminals.
In general a cryptosystem can never be shown to be completely secure
in practice, in the sense that without knowledge of the decryption key it is impossible
to recover the plaintext with real-world computing power in less than, say, a thousand
years. There is one cryptosystem known as the one-time pad, which is absolutely
secure, but in practice it is cumbersome and the key can be used only once without
compromising the security of the system.
In some cases it is possible to show that cracking a cryptosystem is
equivalent to solving some particular mathematical problem, e.g. the problem of
factoring large numbers ("large" here means numbers with several hundred decimal
digits). If many mathematicians working for many years have been unable to solve a
problem then this is a reason to regard a cryptosystem based on it as secure.
However, there is no guarantee that a solution to the mathematical problem may not
be found tomorrow, in which case the security of the cryptosystem would disappear
overnight (or at least, as soon as word got around).
In the case of PGP and other encryption software such as RIPEM which
rely on an asymmetric encryption algorithm known as the RSA Algorithm, it is widely
believed that these are secure if and only if the problem of factoring large numbers is
insoluble (that is, computationally infeasible in real time). Yet recently a claim has
been made, but has not been confirmed, that a method of cryptanalysis of the RSA
Algorithm has been found which does not depend on a general solution to the problem
of factor ing large numbers. A poster to the Usenet newsgroup sci.crypt (Francis
Barrett) has remarked:
Although factoring is believed to be hard, and factoring breaks RSA,
breaking RSA does not simplify factoring. Trivial non-factoring methods of breaking
RSA could therefore exist. Whether this paper [by William H. Payne] is legitimate
remains to be seen, but it is certainly not beyond the realm of possiblity.
Some have claimed that PGP is the most secure encryption program
available for PCs, a claim that does not withstand critical examination. Given two
encryption programs, each of which generates random-looking ciphertext, how does
one decide that one of them is "more secure" than the other - even if full details of the
encryption algorithms are known? Short of breaking one of the systems there is no
clear answer. If one cannot provide criteria for determining when one program is more
secure than another then it does not make sense to ask which is the most secure.
Brute force attacks upon a cryptosystem (a brute force attack involves
trying every possible key to decrypt some ciphertext until finding one that works) can
be compared since the average time required by a brute force attack is half the
number of possible keys multiplied by the time required to test each key (by using it to
decrypt the ciphertext and seeing whether anything intelligible results). It is true that
if the size of the key space associated with a cryptosystem is small (e.g. 2^16 =
65,536) then the cryptosystem is vulnerable to a brute force attack. But if a
cryptosystem has a large key space (e.g. the key space associated with Dolphin
Encrypt, whose size is about 10^109) then a brute force attack is not feasible and so
any weakness in the system, if it exists, must be sought elsewhere.
Some may wonder: When trying to decrypt an encoded message by
brute force, how does a computer know when it has succeeded? The answer is that in
a brute force attack one tries one key after another, and if a key is incorrect the
"decryption" will normally be garbage, i.e. will look like random bytes. There are
statistical tests for randomness that can easily distinguish random bytes from natural
Page 49 of 94
Internet security and privacy
language, so if the output does not appear like garbage then it is probably the
plaintext, or at least is flagged for closer inspection. Randomness tests will distinguish
between garbage and natural language text regardless of what the natural language is.
More sensitive tests may actually be able to detect which natural language, since
natural language texts in different languages have different statistical qualities.
In general, the security of a cryptosystem can only be measured by its
resistance to actual attempts to break it in practice. Those that have been broken are
obviously insecure. (There are several commercially available PC encryption packages
that have been broken; see for example the articles by Kochanski in the bibliography
at the end of this article.) Those that have resisted the attentions of many
cryptanalysts for many years may be deemed secure, at least until better methods of
cryptanalysis are invented.
In the case of DES there has long been widespread suspicion that the
National Security Agency influenced its designers at IBM so that it was strong enough
to withstand most attacks but not strong enough to withstand the NSA computers.
The original design submitted by IBM permitted all 16 x 48 = 768 bits of
key used in the 16 rounds to be selected independently. A U.S. Senate Select
Committee ascertained in 1977 that the U.S. National Security Agency (NSA) was
instrumental in reducing the DES secret key to 56 bits that are each used many times,
although this had previously been denied by IBM ... (Massey, p.541.)
But the best attempts by cryptanalysts over the years have produced
only meager results (in particular, the demonstration of Adi Shamir that cryptanalysis
of DES ciphertext, in the simplest DES mode (electronic code book), can be done with
somewhat less effort than that required for a brute force attack). But recently a new
method of DES cryptanalysis has been proposed which involves the use of parallel
processing (using many computers simultaneously), and it now seems clear that for a
few million dollars a computer can be built which can crack DES ciphertext in a few
hours. Since NSA has practically unlimited funding and has the largest concentration of
computing power and mathematical talent in the world, it is likely that NSA possesses
the ability to decrypt DES ciphertext fairly easily.
NSA has, of course, never affirmed or denied their ability to crack DES.
(NSA also means Never Say Anything.) However, the absence of publication of a
demonstration that a particular cryptosystem has been cracked is no proof that it
hasn't. Anyone who discovered a way to crack DES, RSA, etc., could make a lot more
money by quietly providing a decryption service than by telling the world about his
discovery. In fact if he did announce it people would quickly stop using that
cryptosystem and he would have few clients.
When selecting a cryptosystem, or cryptographic software, you should
first consider what you want it to accomplish. There are numerous (legitimate) reasons
why you might wish to conceal information, for example:
Companies often possess data files on employees which are confidential,
such as medical records, salary records, etc. Employees will feel safer knowing that
these files are encrypted and are not accessible to casual inspection by data entry
clerks (who may be bribed to obtain information on someone). Individuals may share
working space with others, of whose honor they are not entirely sure, and may wish to
make certain that in their absence no-one will find anything by snooping about in their
hard disk. A company may wish to transfer sensitive business information between
sites such as branch offices. Or it may wish to send confidential information (for
example, a negotiating position, operating procedures or proprietary data) to an agent
in the field (perhaps abroad). If the information is encrypted before transmission then
one does not have to worry about it being intercepted since if this happens the
encrypted data is incomprehensible (without the encryption key).
Page 50 of 94
Internet security and privacy
Page 51 of 94
Internet security and privacy
You call her and give her your public key - the one used to perform encryption. Alice
writes a passionate love letter, encrypts it with your public key and sends it to you.
You decrypt it with your private key. If your other girlfriend Cheryl intercepts this then
there is no way she can decrypt it because the public key (assumed to be known to
everyone and thus to her) is no good for decryption. Decryption can only be performed
with the private key, which only you know (unless Cheryl finds it written on a piece of
paper in the top drawer of the dresser under your socks).
A public key cryptosystem relies on some mathematical procedure to
generate the public and private keys. The mathematical nature of these systems
usually allows the security of the system to be measured by the difficulty of solving
some mathematical problem. There are numerous public key cryptosystems, the most
well known being the one based on the RSA Algorithm (which is patented by its
inventors, Rivest, Shamir and Adelman), which, as noted above, relies for its security
on the difficulty of factoring large numbers. There are other public key systems
available for licensing for commercial use, such as the LUC public key system (from
LUC Encryption Technology, Sierra Madre, CA), and one developed by the computer
manufacturer Next, Inc.
Public key cryptography has applications beyond the classical one of
hiding information. As a consequence of the encryption key and the decryption key
being different, public key cryptography makes possible digital signatures (for
authentification of documents) and digital forms of such activities as simultaneous
contract signing. Digital cash is also an idea which builds on the use of an asymmetric
cryptosystem.
Although public key cryptography in theory solves the problem of secure
key exchange, it does in general have a couple of disadvantages compared to
asymmetric (or secret) key systems. The first is speed. Generally public key systems,
such as PGP, are much slower than secret key systems, and so may be suitable for
encrypting small amounts of data, such as messages sent by email, but are not
suitable for bulk encryption, where it may be required to encrypt megabytes of data.
Secret key systems can be very fast (especially if implemented by instructions hard-
coded into chips rather than running in a computer's memory). The more complex
such a system is the slower it tends to be, but even complex systems are generally of
acceptable speed. For example, Dolphin Encrypt will encrypt and decrypt at about 30
Kb/sec on a 80486 PC running at 50 Mhz (equivalent to 1 megabyte in 35 seconds),
which is fast enough for most people.
The second disadvantage of public key systems is that there is a problem
of key validation. If you wish to send encrypted data to a person, Fred, say, and you
have obtained what is claimed to be Fred's public key, how do you know it really is
Fred's public key? What if a third party, Jack, were to publish a public key in Fred's
name? If Jack works for a U.S. intelligence or law enforcement agency and can monitor
communications channels used by Fred then he can intercept encrypted data sent to
Fred, including any message you send to him, and can then decrypt it (since he has
the corresponding private key). If Jack were really sneaky, and knew Fred's real public
key, he could re-encrypt your message to Fred using the real public key (perhaps after
altering your message in ways you might not approve of) and deliver it to Fred as if it
had come directly from you. Fred would then decrypt it with his private key and read a
message which he assumes is from you, but which may in fact be quite different from
what you sent. In theory Jack could sit in the middle of an assumed two-way email
correspondence between you and Fred, read everything each of you send to the other,
and pass to each of you faked messages saying anything he wanted you to believe was
from the other.
A recent contributor to sci.crypt (Terry Ritter, 11/29/93) wrote:
Page 52 of 94
Internet security and privacy
When we have a secret-key cipher, we have the serious problem of transporting a key
in absolute secrecy. However, after we do this, we can depend on the cipher providing
its level of technical secrecy as long as the key is not exposed. When we have a public-
key cipher, we apparently have solved the problem of transporting a key. In fact,
however, we have only done so if we ignore the security requirement to validate that
key. Now, clearly, validation must be easier than secure transport, so it can be a big
advantage. But validation is not trivial, and many people do not understand that it is
necessary. When we have a public-key cipher and use an unvalidated key, our
messages could be exposed to a spoofer who has not had to "break" the cipher. The
spoofer has not had to break RSA. The spoofer has not had to break IDEA. Thus,
discussion of the technical strength of RSA and IDEA are insufficient to characterize the
overall strength of such a cipher. In contrast, discussion of the technical strength of a
secret-key cipher *IS* sufficient to characterize the strength of that cipher. Discussion
of the strength of public-key cipher mechanisms is irrelevant without a discussion of
the strength of the public-key validation protocol. Private-key ciphers need no such
protocol, nor any such discussion. And a public-key cipher which includes the required
key-validation protocol can be almost as much trouble as a secret-key cipher which
needs none.
When encryption is used in case (a), to be stored on-site (and
invulnerable to unauthorized access) until there is a need to access that information, a
secret key cryptosystem is clearly preferable, since such a system has the virtue of
speed, and there is no problem of key validation and no problem of key exchange
(since there is no need to transmit the encryption key to anyone other than by face-to-
face communication).
However, many people are still using secret key cryptosystems that are
relatively easy to break since those people don't know any better. For example, the
WordPerfect word processing program allows you to lock the information in a file by
means of a password. In a bad marriage one spouse might think that by locking their
WordPerfect files they can write what they like and not worry that the other spouse
might later use this against them. What the first spouse doesn't know is that there are
programs around that can automatically (and in a few seconds) find the password used
to lock a WordPerfect file.
In fact the WordPerfect encryption method (at least for Versions 5.1 and
earlier) has been shown to be very easy to break. Full descriptions are given in the
articles by Bennett, for Version 4.2, and by Bergen and Caelli, for Version 5.0 (see the
bibliography below).
Another case is the encryption scheme used by Microsoft's word
processing program Word. A method to crack encrypted Word files was published on
Usenet late in 1993, so this method of protecting information is now obsolete. There is
even a company, Access Data Recovery (in Orem, Utah) that sells software that
automatically recovers the passwords used to encrypt data in a number of commercial
software applications, including Lotus 123.
For a cryptosystem to be considered strong it should possess the
following properties (I shall illustrate these by reference to the Dolphin Encrypt file
encryption software):
(i) The security of a strong system resides with the secrecy of the key rather than with
the supposed secrecy of the algorithm. In other words, even if an attacker knows the
full details of the method used to encrypt and to decrypt, this should not allow him to
decrypt the ciphertext if he does not know the key which was used to encrypt it
(although obviously his task is even more difficult if he does not know the method).
The encryption algorithm used in Dolphin Encrypt is defined by the C source code for
the encryption and decryption functions, and this source code is part of a publicly
Page 53 of 94
Internet security and privacy
available C function library (the Dolphin Encryption Library). The method is not secret
and its full details are available for examination to anyone who purchases the library.
(ii) A strong cryptosystem has a large keyspace, that is, there are very many possible
encryption keys. DES is considered by many to be flawed in this respect, because there
are only 2^56 (about 10^17) possible keys. The size of the keyspace associated with
Dolphin Encrypt is about 10^109, due to the fact that keys can be up to 60 characters
in length.
(iii) A strong cryptosystem will produce ciphertext which appears random to all
standard statistical tests. A full discussion of these tests is beyond the scope of an
introductory article such as this on the use of encryption software, but we may
consider one interesting test, the so-called kappa test, otherwise known as the index
of coincidence.
The idea behind this is as follows: Suppose that the elements of the
cipher text are any of the 256 possible bytes (0 through FF). Consider the ciphertext to
be a sequence of bytes (laid out in a row). Now duplicate this sequence and place it
beneath the first (with the first byte of the second sequence below the first byte of the
first sequence). We then have a sequence of pairs of identical bytes. Slide the lower
sequence to the right a certain distance, say, 8 places. Then count how many pairs
there are in which the bytes are identical. If the sequence of bytes were truly random
then we would expect about 1/256 of the pairs to consist of identical bytes, i.e. about
0.39% of them. It is not difficult to write a program which analyzes a file of data,
calculating the indices of coincidence (also known as the kappa value) for multiple
displacement values.
When we run such a program on ordinary English text we obtain values
such as the following ("IC" means "index of coincidence"):
Page 54 of 94
Internet security and privacy
as random then the kappa value should be about 0.39% for each displacement. But
the kappa values for displacements 13 and 14 are significantly higher than the others,
suggesting that the length of the key used in the encryption was either 13 or 14. This
clue led to the decryption of the ciphertext and it turned out that the key length was in
fact 13.
As an example of how non-random some ciphertext produced by
commercial cryptosystems may be it is instructive to consider the proprietary
encryption algorithm used by the Norton Diskreet program. The file named
NORTON.INI, which comes with the Diskreet program, contains 530 bytes and 41
different byte values, including 403 instances of the byte value 0. The non-zero byte
values are dispersed among the zero values. If we encrypt this file using Diskreet's
proprietary encryption method and the key "ABCDEFGHIJ" we obtain a file,
NORTON.SEC, which contains 2048 bytes, including 1015 0-bytes. When we examine
this file with a hex editor we find that it consists of the letters "PNCICRYPT", seven 0-
bytes or 1-bytes, 1024 bytes of apparent gibberish (the ciphertext) and finally 1008 0-
bytes. Suppose we extract the 1024 bytes of ciphertext. There are 229 different byte
values in this ciphertext, so if it really appeared random we would expect the kappa
values to be about 1/229, i.e. about 0.44%. What we find is the following:
Offset IC coincidences 1 0.29% 3 in 1023 2 21.72% 222 in 1022 3
0.69% 7 in 1021 4 1.08% 11 in 1020 5 0.49% 5 in 1019 6 0.20% 2 in 1018 7 0.39%
4 in 1017 8 0.00% 0 in 1016 9 0.79% 8 in 1015 10 0.39% 4 in 1014 11 0.69% 7 in
1013 12 0.69% 7 in 1012 13 0.30% 3 in 1011 14 0.99% 10 in 1010 15 0.20% 2 in
1009 16 0.30% 3 in 1008 17 0.40% 4 in 1007 18 0.20% 2 in 1006 The figure of
21.72% for offset 2 is quite astounding. When we look at the ciphertext with a hex
editor we see that there are many lines which have a byte pattern:
xx yy aa bb aa bb cc dd cc dd ee ff ee ff gg hh gg hh ... that is, in which pairs of bytes
tend to be repeated, for example:
4B 25 4B 25 8D 28 8D 28 2D F8 2D F8 21 AC 21 AC E8 9E E8 9E F2 FC
F2 FC C6 C5 C6 C5 7E 4F 7E 4F B2 8B B2 8B 32 EE 32 EE 25 2C 25 2C A5 32 A5 32 8D
61 8D 61 E5 C1 E5 C1 D4 F7 D4 F7. This explains why sliding the ciphertext against
itself two places to the right produces such a large number of coincidences.
Clearly this ciphertext shows obvious regularities, and appears to be very
far from random. Such regularities are what a cryptanalyst looks for, as a clue to the
encryption method and to the key, and which a good cryptosystem denies him.
In contrast to Diskreet, Dolphin Encrypt encrypts the same file,
NORTON.INI, using the same key, to a file of 450 bytes (in which there are 207
different byte values, implying that the kappa values should be about 0.48% if the
ciphertext is to appear random) with kappa values as follows:
Offset IC coincidences 1 0.45% 2 in 449 2 0.45% 2 in 448 3 0.00% 0 in
447 4 0.45% 2 in 446 5 0.00% 0 in 445 6 0.23% 1 in 444 7 0.45% 2 in 443 8 0.23%
1 in 442 9 0.23% 1 in 441 10 0.23% 1 in 440 11 0.46% 2 in 439 12 0.23% 1 in 438
13 0.23% 1 in 437 14 0.46% 2 in 436 15 0.23% 1 in 435 16 0.69% 3 in 434 17
0.00% 0 in 433 18 0.46% 2 in 432 The essentially discrete distribution of these indices
of coincidence (0.00, 0.23, 0.46, 0.69) are due to the small size of the ciphertext (450
bytes). When we do the same test for a file of Dolphin ciphertext of size 60201 bytes
(in which there are 256 different byte values, implying a desired kappa value of
0.39%) we find:
Offset IC coincidences
1. 0.41% 248 in 60200
2. 0.43% 258 in 60199
3. 0.44% 263 in 60198
4. 0.43% 258 in 60197
Page 55 of 94
Internet security and privacy
Page 56 of 94
Internet security and privacy
C3 D6 87 - 64 EC 2A 5E AD ED D3 9D .9r{....d.*^.... 81 FC 40 CA DF 71 7A 97 - 42
26 FC 65 19 23 C6 08 ..@..qz.B&.e.#.. 76 7B AD CA 0A 71 F5 B2 - 51 DF 21 06 0A D9
0A 0E v{...q..Q.!..... EA 8D EA 14 88 C8 22 69 - B1 38 66 D1 89 DE 00 56 ......"i.8f...
V 0A F7 F6 C4 E9 57 B7 92 - BF E5 1C 58 8B 14 2F B7 .....W.....X../. 01 2F 00 CF 5E
06 69 4D - AD 43 F9 DC 94 ./ .^.iM.C...
The ciphertext produced is quite different even though the keys are
almost the same. In fact, each byte in the first ciphertext block is different from its
corresponding byte in the second ciphertext block.
When attempting to break a cipher this test is often one of the first to be
applied, namely, take some known plaintext and encrypt it with slightly different keys
and compare the resulting ciphertext to see whether a particular change in the key
produces a particular change in the ciphertext. With a strong cipher a change of a
single bit in the key will have a cascading effect, producing large changes in the
resulting ciphertext, as we see above.
As to the increase in size of the ciphertext in this case: Dolphin Encrypt
adds random bytes (a.k.a. garbage) to the ciphertext (this makes crypt- analysis of
the cipher more difficult), so very small files are increased. Larger ciphertext blocks (a
few Kb or more) are usually considerably smaller than the plaintext blocks because the
decrease in size resulting from compression is usually much more than the increase
resulting from interpolation of random bytes.
Selected Bibliography
Page 57 of 94
Internet security and privacy
76(5), 560--577, 1988. ---- and Hellman, M.: "Privacy and authentication: an
introduction to cryptography", IEEE proceedings, 67(3), 397-427, 1979. Feistel, H.:
"Cryptography and Computer Privacy", Scientific American, 228(5), pp. 15-23, 1973.
Flicke, W. F.: War Secrets in the Ether, Volumes 1 & 2, Aegean Park Press. Friedman,
W. F.: Solving German Codes in World War I, Aegean Park Press. ---- and Mendelsohn,
C. J.: The Zimmermann Telegram of 1917 and its Cryptographic Backround, Aegean
Park Press. Gaines, H. F.: Cryptanalysis, Dover, 1956. Garon, G. and Outerbridge, R.:
"DES watch: an examination of the sufficiency of the Data Encryption Standard for
financial institutions in the 1990's", Cryptologia 15(3), 1991, pp. 177-193. Hinsley, F.
H. et al.: British Intelligence in the Second World War, Cambridge U. P., volumes 1 - 4.
---- and Stripp, A. (eds.): Codebreakers: The Inside Story of Bletchley Park, Oxford
U.P., 1993. Held, G.: Top Secret Data Encryption Techniques, Sams Publishing, 1993.
Hellman, M.: "The mathematics of public key cryptography", Scientific American, pp.
130-139, 1979. Kahn, D.: The Codebreakers, Macmillan, 1967. ----: Seizing the
Enigma, Houghton Mifflin, 1991. Kochanski, M.: "A Survey of Data Insecurity
Packages", Cryptologia 11(1), pp. 1-15, 1987. ----: "Another Data Insecurity Package",
Cryptologia 12(3), pp.165-177, July 1988. Konheim, A. G.: Cryptography: A Primer,
John Wiley, 1981. #Kruh, L.: "The Control of Public Cryptography and Freedom of
Speech - A Review", Cryptologia 10(1), January 1986, pp. 2-9. Lysing, H.: Secret
Writing, Dover, 1974. Marotta, M.: The Code Book, Loompanics, 1987. Massey, J.: "An
Introduction to Contemporary Cryptology", IEEE Proceedings, 76(5), pp. 533-549, May
1988. Meyer, C. H., and Matyas, S. M.: Cryptography, John Wiley, 1982. #Pierce, K.
J.: "Public Cryptography, Arms Export Controls, and the First Amendment: A Need for
Legislation", Cornell International Law Journal, Vol. 17, No. 3 (Winter 1984), pp. 197-
236. Rivest, R. L., Shamir, A. and Adelman, L.: "A Method for Obtaining Digital
Signatures and Public-key Cryptosystems," Communications of the ACM, February
1979. Salomaa, A.: Public Key Cryptography, Springer-Verlag, 1990. Schneier, B.:
"Untangling Public Key Cryptography", Dr Dobb's Journal, May 1992, pp. 16-28. ----:
"The IDEA Encryption Algorithm", Dr Dobb's Journal, December 1993, pp. 50-56. ----:
Applied Cryptography, John Wiley & Sons, 1994. Simmons, G. (ed.): Contemporary
Cryptology: the Science of Information Integrity, IEEE Press, 1991. Smith, L. D.:
Cryptography, Dover, 1955. Weber, R. E.: United States Diplomatic Codes and Ciphers
1775-1938, Precedent, 1979. Welsh, D.: Codes and Cryptography, Claredon Press,
1988. Yardley, H. O.: The American Black Chamber, Ballantine 1981.
http://www.mycrypto.net/encryption/cryptography_intro.html
Page 58 of 94
Internet security and privacy
Secret Key - This is the input for the algorithm as the key dictates the
encrypted outcome.
Ciphertext - This is the encrypted or scrambled message produced by
applying the algorithm to the plaintext message using the secret key.
Decryption Algorithm - This is the encryption algorithm in reverse. It
uses the ciphertext, and the secret key to derive the plaintext message.
When using this form of encryption, it is essential that the sender and
receiver have a way to exchange secret keys in a secure manner. If someone knows
the secret key and can figure out the algorithm, communications will be insecure.
There is also the need for a strong encryption algorithm. What this means is that if
someone were to have a ciphertext and a corresponding plaintext message, they would
be unable to determine the encryption algorithm.
There are two methods of breaking conventional/symmetric encryption -
brute force and cryptanalysis. Brute force is just as it sounds; using a method
(computer) to find all possible combinations and eventually determine the plaintext
message. Cryptanalysis is a form of attack that attacks the characteristics of the
algorithm to deduce a specific plaintext or the key used. One would then be able to
figure out the plaintext for all past and future messages that continue to use this
compromised setup.
http://www.mycrypto.net/encryption/private_key_encryption.html
1 556 days
Small Business $10,000 FPGA 12 min.($.08)
($5,000)
Corporate $300,000 FPGA 24 sec. ($.08) 19 days ($5,000)
Page 59 of 94
Internet security and privacy
Department
2
ASIC 0.18 sec. ($.001) 3 hours ($38)
Large Corporation $10M ASIC 0.005 sec.($0.001) 6 min. ($38)
0.0002
Intelligence Agency $300M ASIC 12 sec. ($38)
sec.($0.001)
1976 saw the introduction of a radical new idea into the field of
cryptography. This idea centered around the premise of making the encryption and
decryption keys different - where the knowledge of one key would not allow a person
to find out the other. Public key encryption algorithms are based on the premise that
each sender and recipient has a private key, known only to him/her and a public key,
which can be known by anyone. Each encryption/decryption process requires at least
one public key and one private key. A key is a randomly generated set of numbers/
characters that is used to encrypt/decrypt information.
Page 60 of 94
Internet security and privacy
• The process of encryption begins by converting the text to a pre hash code. This
code is generated using a mathematical formula.
• This pre hash code is encrypted by the software using the senders private key.
The private key would be generated using the algorithm used by the software.
• The encrypted pre hash code and the message are encrypted again using the
sender's private key.
• The next step is for the sender of the message to retrieve the public key of the
person this information is intended for.
• The sender encrypts the secret key with the recipient's public key, so only the
recipient can decrypt it with his/her private key, thus concluding the encryption
process.
1. Lookup the user's public key (e , n ).
2. Make sure that the message M is an integer such that 0 £M £n.
3. Compute, M ^ e C (mod n) where 0 £C £ n.
4. Transmit the integer C.
• The recipient uses his/her private key to decrypt the secret key.
• The recipient uses their private key along with the secret key to decipher the
encrypted pre hash code and the encrypted message.
• The recipient then retrieves the sender's public key. This public key is used to
decrypt the pre hash code and to verify the sender's identity.
• The recipient generates a post hash code from the message. If the post hash code
equals the pre hash code, then this verifies that the message has not been changed
en-route.
1. Use your private key (d , n ).
2. Receive the integer C, where 0 £C £n.
3. Compute, C ^ d R (mod n) where 0 £R £n.
4. R is the original message.
Page 61 of 94
Internet security and privacy
Featured article:
A Primer on Public Key Encryption
by Charles C. Mann.
http://www.mycrypto.net/encryption/public_key_encryption.html
Encryption Algorithms
RSA
In 1977, shortly after the idea of a public key system was proposed,
three mathematicians, Ron Rivest, Adi Shamir and Len Adleman gave a concrete
example of how such a method could be implemented. To honour them, the method
was referred to as the RSA Scheme. The system uses a private and a public key. To
start two large prime numbers are selected and then multiplied together; n=p*q.
If we let f(n) = (p-1) (q-1), and e>1 such that GCD(e, f(n))=1. Here e
will have a fairly large probability of being co-prime to f(n), if n is large enough and e
will be part of the encryption key. If we solve the Linear Diophantine equation; ed
congruent 1 (mod f(n)), for d. The pair of integers (e, n) are the public key and (d, n)
form the private key. Encryption of M can be accomplished by the following
expression; Me = qn + C where 0<= C < n. Decryption would be the inverse of the
encryption and could be expressed as; Cd congruent R (mod n) where 0<= R < n. RSA
is the most popular method for public key encryption and digital signatures today.
DES/3DES
The Data Encryption Standard (DES) was developed and endorsed by the
U.S. government in 1977 as an official standard and forms the basis not only for the
Automatic Teller Machines (ATM) PIN authentication but a variant is also utilized in
UNIX password encryption. DES is a block cipher with 64-bit block size that uses 56-bit
keys. Due to recent advances in computer technology, some experts no longer
consider DES secure against all attacks; since then Triple-DES (3DES) has emerged as
a stronger method. Using standard DES encryption, Triple-DES encrypts data three
times and uses a different key for at least one of the three passes giving it a
cumulative key size of 112-168 bits.
BLOWFISH
IDEA
Page 62 of 94
Internet security and privacy
SEAL
RC4
http://www.mycrypto.net/encryption/crypto_algorithms.html
Page 63 of 94
Internet security and privacy
1 556 days
Small Business $10,000 FPGA 12 min.($.08)
($5,000)
FPGA 24 sec. ($.08) 19 days ($5,000)
Corporate
$300,000
Department 2
ASIC 0.18 sec. ($.001) 3 hours ($38)
Large Corporation $10M ASIC 0.005 sec.($0.001) 6 min. ($38)
0.0002
Intelligence Agency $300M ASIC 12 sec. ($38)
sec.($0.001)
http://www.mycrypto.net/encryption/encryption_crack.html
Encrypted Email
Page 64 of 94
Internet security and privacy
on a private system, which goes directly to a mail server and resides there until it is
retrieved, Internet e-mail bounces from server to server on its way to a recipient. This
makes the transmission channel impossible to secure and provides numerous
opportunities for interception. Here it makes sense to secure the message itself by
using encryption. But private networks are not immune to the need for higher security
and often employ encryption to guarantee the integrity of the message.
Sending plaintext email is like sending a postcard - what type of
information do you disclose when mailing a postcard? When do you consider putting
the letter in an envelope to resist tampering and to protect your privacy? Similarly,
encrypting email is the first step to securing the contents of your message. One of the
most popular methods of email encryption is the use of public key encryption.
The two most widely fielded methods of email encryption are
PGP(http://www.pgpi.org/) (Pretty Good Privacy) and Entrust(http://www.entrust.com/).
The former provides solutions for both individuals and corporations while Entrust
focuses on the larger enterprise based secure messaging solutions. Also availabe to
individual users/small businesses is encrypted email on a web based platform through
Hushmail. This service allows you to send and receive email from their website, never
having to buy any software or have the need for extra infrastructure.
Also available is S/MIME (Secure / Multipurpose Internet Mail Extensions)
- a protocol that adds digital signatures and encryption to Internet MIME messages.
The MIME format allows the body of the message to be text, graphics, audio/video, etc
allowing one to encrypt multiple forms of newsgroup communications.
Encrypted mail enables the 'little guy' to decide how much privacy they
want and when and where they want it. The Tools section has resources one could use
for encrypted and anonymous email.
http://www.mycrypto.net/encryption/secure_email.html
Page 65 of 94
Internet security and privacy
IPSec
http://www.mycrypto.net/encryption/data_vpn.html
Encryption Tools
There are many free and paid encryption tools available on the Internet.
Some better than others, but nonetheless one can setup a secure messaging system
(email encryption), secure transactions (SSL enabled web browsers) and secure
connectivity (VPNs and SSH) on a very small budget. Some of the small
business/individual solutions available include:
Page 66 of 94
Internet security and privacy
FILE ENCRYPTION
Private File - Private File is a fast and easy way to protect yourself and
your company by encrypting your files before sending them. With a simple drag-and-
drop, or a menu point-and-click, your information is safe. And with the strongest
encryption, you can be sure that no one but your desired recipient will be able to use
your information.
F-Secure FileCrypto - developed by Datafellows Corp, this is a long
standing file encryption application that supports strong encryption. Also comes for
Pocket PC.
ShyFile - free and paid versions of a strong encryption application that
lets you create self-executable, encrypted packages.
VPNs
Encryption Resources
Page 67 of 94
Internet security and privacy
http://www.mycrypto.net/encryption/encryption_resources.html
Privacy
Page 68 of 94
Internet security and privacy
watching, the "Thought Police" can practically read your mind, the streets are dirty,
people are packed in ghetto like flats, food is rationed, and there is only one brand of
cigarettes and synthetic vodka. Everyting is owned by "Big Brother" and his face is on
every wall and telescreen - telescreens are much like television sets except the Party
uses them to spy on the people and there is only one propaganda channel. The Party's
agents constantly rewrite history. The official language is "Newspeak" and the society
is dominated by such slogans as "War is Peace", "Freedom is Slavery", "Ignorance is
Strength", etc. There with no free speech, no privacy, no private ownership, not even
freedom of thought.
Though the year 1984 came and passed, at first glance we find ourselves
far from the squalor and hardship professed by Orwell. But, many of his points
regarding the lack of privacy and freedoms are coming true. They might not be as
blatant as in his book, but they are being passed as laws and implemented every day.
It is not just governments around the world that want to gain this control, but
corporations are also looking to gain profits by getting more and more information on
their customers. The questions most often put forward are, 'Is individual privacy
dead?' and 'What is the role of technology as we slip into this type of society?'.
Technology has helped us live longer, more fuller lives but its unchecked applications
are also threatning our privacy. Luckily, we can use technology to protect ourselves as
we go about our daily lives.
A few decades ago, only governments and diplomats used encryption to
secure sensitive information. Today, secure encryption on the Internet is the key to
confidence for people wanting to protect their privacy, or doing business online. E-
Commerce, secure messaging, and virtual private networks are just some of the
applications that rely on encryption to ensure the safety of data. In many companies
that have proprietary or sensitive information, field personnel are required to encrypt
their entire laptops fearing that in the wrong hands this information could cause
millions of dollars in damage.
http://www.mycrypto.net/privacy/george_orwell_1984.html
Internet Privacy
The Internet is a great tool. As it becomes woven into our day to day
fabric, there are many more tasks that can be done on it. It is convinient, most people
in the developed world have access to it. And many organizations/corporations are
providing users with the tools to get stuff done on the Internet. Everyone from
governments (records, applications, taxes), businesses (shopping, services, bill
payments, banking) and individuals (research, communication, entertainment) are
using the Internet to conduct transactions.
But the Internet is a public network. That is, the access routes are for
the most part open to other traffic and users. It is also a medium to obtain
information, legally or not on a wide variety of people and things. So how can we make
sure that the Internet can be used without compromising privacy of the users? A tough
proposition that is getting harder every day. Like or not, websites collect information
about their visitors (cookies, logs). Information that includes how often they visit, what
links they click on, what they buy, etc. If you entered your name, age, or any other
demographic information, there is a good chance that it might be provided to other
firms to sell products/services or for analysis. Many times, the users are unaware of
exactly what is being collected/monitored. What happens to this personal information if
Page 69 of 94
Internet security and privacy
the company has financial diffuculties and has to liquidate its assets? Is this
information a company asset, free to be sold to the highest bidder?
Internet applications like IE/Netscape have not really kept up either.
Privacy issues have been put on the back burner in an effort to compete for market
share which is predominantly based on ease of use and standards. Privacy is that
uncomformable issue that most people wish would go away. There are many other
tools like Anonymizer, McAfee Privacy Services and others that can help users sanitize
their computers and get an upper hand on what information they want on their
computers. These applications allow you to select what personal information you wish
to divulge and how to clean up your computer so as to negate any information or
statistics that might be collected on you while surfing. These tools and a good personal
firewall along with an anti-virus software are essential for every Internet user.
The Internet is also a great tool to learn about increasing your privacy
and securing private information. Check the privacy resources section for some other
excellent links. A book like the Complete Idiot's Guide to Internet Privacy and Security
can also be a valuable resource as an online privacy primer.
http://www.mycrypto.net/privacy/internet_privacy.html
Identity Theft
ONLINE PRIVACY:
• Have you seen your credit report lately? You should check your credit report every 6
months to a year using one of many online credit report services.
• Use services and applications like Anonymizer or McAfee Privacy Services to control
what personal information is divulged to websites.
• Install a good personal firewall (Norton, Black Ice, etc) - here are some firewall
reviews.
• Use a good anti-virus software (Norton, McAfee, etc) and update signatures
regularly - here are some anti-virus reviews.
• Encrypt email communications using services like Hushmail.
• Have more than one email address, use free services like Yahoo!, Hotmail, or Spam
Bully (which has good anti-spam tools) for regular email.
• Upgrade your web browser and operating system to support strong (ie 128 bit +)
encryption.
• Do not divulge private information on the Internet, especially watch where you post
your resumes.
OFFLINE:
Page 70 of 94
Internet security and privacy
• Get a secure mailbox/PO Box - one that won't allow someone to go through your
mail.
• Get an unlisted number and subscribe to caller id.
• Buy a shredder; destroy any and all unwanted documentation before discarding.
• Have access to legal representation to consult about your rights.
• Guard your Social Security Number (SSN).
• Diversify your assets and investments.
• Learn how to protect your customer privacy.
If you are an identity theft victim, contact your local police department ASAP and
implement all of the above suggestions. Check the privacy resources section for some
other excellent links. A good book like Identity Theft can also be a valuable resource as
an online privacy primer.
http://www.mycrypto.net/privacy/identity_theft.html
Privacy Resources
Here are some books with good information on protecting your privacy:
The Electronic Privacy Papers: Documents on the Battle for Privacy in the Age of
Surveillance. A nice change of pace from traditional analysis of algorithms and code,
instead the reader gets to see for him/herself just how the U.S. goverment is applying
them and the legislation on it. While most books on privacy and security issues in
cyberspace simply give accounts of debates on the issues, The Electronic Privacy
Papers documents the war - practically salvo by salvo.
How to be Invisible - This book is a must for anyone serious about protecting their
privacy. Has important information on privacy, asset protection, self-defense,
surveillance and more.
The Offshore Solution - NEVER PAY TAXES AGAIN! Learn why opening offshore bank
accounts might be in your best interest. Teaches you the basics about money.
Invasion of Privacy : How to Protect Yourself in the Digital Age - This book by Michael
Hyatt looks at how the government, industry, individuals, and interest groups have
access to personal information about you and how you can protect your personal
information.
The Internet has thousands of privacy related resources. Here are a few that
cover a broad range of topics:
Personal Firewall Reivew - Learn about some of the many personal firewall programs
available today. Compares them based on features and price.
Online Privacy Tools - Find reviews and comparisons of various online privacy tools and
services that allow somewhat anonymous web surfing.
Anonymous Surfering - Find how to surf the internet and send emails anonymously.
Check your Credit Reports - Have you seen your credit report lately? It should be
checked every 6-12 months to make sure that non-authorized transactions are not
tainting it.
Electronic Frontier Foundation - A special interest group working to make sure that
technology does not over-ride our fundamental rights.
Privacy Rights Clearinghouse - A nonprofit consumer education, research, and
Page 71 of 94
Internet security and privacy
advocacy program.
Hushmail - Web based encrypted email - free and paid versions.
Electronic Privacy Information Center - Looks at the myriad of privacy issues faced in
the digital age.
Privacy.net - Another consumer information organization.
Personal Privacy - A privacy resource with archived articles, newsletters and more.
Andre Bacard's Privacy Page - Lists many privacy related resources.
Protecting Kids on the Internet - Keep your children safe on the Internet.
http://www.mycrypto.net/privacy/privacy_resources.html
Security
• Hacking
• Computer Security
• Operating Systems
• Security Resources
With the rapid growth of the worldwide Internet user base, online
transactions are believed to reach well over a trillion dollars in the next three years.
With stakes this high, it makes sense for all parties involved to secure the Internet.
Haphazard handling of financial and personal information can lead to the Internet
being constantly associated with fraud and privacy abuses instead of being a viable
commerce medium. The goal for higher security starts with the individual user.
The term "hacker" has been around for a while. It originally referred to a
person not well versed with a computer trying different things to accomplish a task. To
hack was to figure out something through sheer trial and error or logical deduction.
Today, a hacker described as a person who breaks into computers for various reasons.
Crackers and script-kiddies are two other more commonly used terms describing those
involved in the break in or disruption of an online service.
Security problems can occur in any networked environment. Many of the
problems are related to the exploitation of the original design of the TCP/IP suite of
internetworking protocols, but the majority are due to configuration or operator errors.
Hackers are not just looking for websites or government computers to hack - utility
grids, emergency information systems, controls for dams and locks, financial
information, inter-banking information, military communications and much more
sensitive information travels on the Internet and other communication networks.
In broad terms, security threats can be classified as active and passive.
ACTIVE HACKING:
Page 72 of 94
Internet security and privacy
between a client and a server and is able to spoof (illegally duplicate) the IP address
and sequence numbers, can attack either machine in several ways. The hacker can
disable one of the machines and take the identity of the other, or the hacker can mimic
either machine and carry on conversations impersonating the other.
A hacker could also attach additional information to a client request and
strip the corresponding additional response from the packet before forwarding the
remaining response to the client's original request. All this while having access to
information that is assumed to be going back and forth between two 'trusted' systems.
Computer viruses and trojans are also examples of active attacks. They can disable
machines or in the case of trojans allow malicious hackers access to senstive
information by creating a back door.
PASSIVE HACKING:
http://www.mycrypto.net/underground/hack.html
Computer Security
Page 73 of 94
Internet security and privacy
applications where the masses would be affected, this is a valid concern. But
biometrics can be very useful if one is trying to control access or verify the identity of a
smaller number of people. This is also advisable due to the error rates currently seen
in biometric systems (~ 0.01%). And the answer to securing data during transmission
is Encryption.
When it comes to personal computers, ensuring security is a more
manageble matter. If you store sensitive material on your home computer you should
consider using an encryption program like PGP or Private File. Any computer that is
connected to a broadband (DSL/Cable/Satellite) connection requires an extra layer of
protection. You should consider either a good personal firewall and/or a firewall router
- the firewall router will also allow you to share your internet connection with other PCs
in your home.
Tyler Hamilton
Page 74 of 94
Internet security and privacy
belief that all security and privacy concerns could be solved through mathematics and
the application of encryption technology.
It's a view he espoused in his classic work Applied Cryptography,
published in 1993. But he had a change of heart in the late 1990s after realizing that
technology is prone to failure and encryption offers no guarantees. This led to his book
Secrets & Lies, published in 2000, which he wrote to "partly correct a mistake" —— his
belief at the time that cryptography was the great "technological equalizer," capable of
giving a person with a cheap computer the same security as the National Security
Agency.
"It's just not true," he wrote. "Cryptography can't do any of that . . .
cryptography doesn't exist in a vacuum." He repeated this message last week in
Toronto, emphasizing the important role that we humans play in this complicated
equation. "Automated security is flawed," he said. "Only humans can react to new
situations and threats."
Take your home. Is locking the doors and windows enough these days
to keep out burglars? A locked door might be a slight deterrence, but once somebody
decides to break through, then what? The same can be said for a home security
system. When the window is broken and the alarm goes off, what's stopping the thief
from taking your stuff? The answer is "people." Somewhere in a security strategy there
must be a human, 24 hours a day, who can be notified of a situation, who can analyze
it, and who can respond accordingly. It may be the owner of the house, aided by a
24/7 home security firm hired to monitor all alarms. The ultimate backup is the local
police or fire department.
It's not enough to try to prevent an attack or break-in. An assumption
should be made that one is possible —— and likely —— turning attention to response.
"What matters at the moment of the attack is who is defending you?" In this regard,
Schneier says there hasn't been much change with respect to the terrorist attacks on
Sept. 11 and promises to beef up security in the aftermath.
"There's a whole lot of smoke and not a lot of actual stuff being done,"
he says. "I've heard a whole lot of rhetoric, a whole lot of companies saying `Buy my
technology and it will magically make you safe again.' "In our society it's very much
give me the pill that will make me better. Give me the technology and make me safer.
We want to go to the store, put down a credit card and buy the answer. And,
unfortunately, the answer is more complicated than that."
Touching on the topic of airline security, he said it won't be facial
recognition software and fancy scanners that will save the day, nor will it be increased
government surveillance, more data-gathering by the FBI or a move to centralize all
government databases. "The two most effective security measure post-9/11 is
reinforcing cockpit doors and teaching the passengers to fight back," he said.
The latter point refers to the passengers on the United Airlines flight that
crashed in Pennsylvania. After learning that two other planes had been hijacked and
crashed into the World Trade Center, they altered their behaviour to meet the
demands of a situation. Normally, passengers are inclined — indeed, they are told — to
remain calm until a hijacked plane is safely landed, which happens most of the time.
This is likely what the passengers of the other three jets were thinking.
Those on the fourth jet adapted, based on new information. "It's a perfect example of
the human consciousness reconfiguring itself live, in real-time to a new threat," said
Schneier. "If that was a software change, it would still be in beta now."
The fourth plane did crash, but the actions of those brave passengers
likely prevented many more deaths. An assumption was made at the time that damage
had already been done. The reaction was to minimize the damage. Network security
needs the same approach. Companies should start thinking less about protecting their
Page 75 of 94
Internet security and privacy
networks 100 per cent of the time, and start thinking more what they would do if their
networks were breached.
"Complex systems are insecure, and that's not going away," said Schneier. (The
Toronto Star)
http://www.mycrypto.net/underground/security_fortress.html
Kevin Poulsen
Uncapping Prometheus
Page 76 of 94
Internet security and privacy
users. The subscriber has to program a DOCSIS configuration file with a special editor,
run their own TFTP server, change their IP address and run an DHCP server that tricks
the modem into pulling the config file from their host. Dedicated hobbyists have
refined the procedure and written tools to automate key portions of it, but pitfalls and
caveats abound.
But that's all about to change, with the pending release of "OneStep," a
user-friendly all-in-one tool that promises to make cable modem uncapping a point-
and-click sport.
The work of a dangerously unemployed U.S. coder who calls himself
"DerEngel," working with a colleague named "Byter", OneStep is described as a 30
megabyte monster of a program that rolls up all the various servers and spoofers
needed to pull off a cable modem hack. It then hides it all behind a pretty interface
with pull-down menus for selecting your service provider, modem make and model,
and even the new speed limit you'd like to put on your modem -- in case you don't
want the full 10 Mbs Ethernet speed.
So far, the beta version is closely held, but few in the uncapping scene
dismiss OneStep as vaporware. DerEngel is already famous as the underground
Prometheus of super-broadband -- the author of several publicly released programs
that automate some of the steps in the uncapping process, and the host of a popular
how-to site and chat system dedicated to uncapping. In an IRC interview, DerEngel
said he plans to release OneStep in late May, and he expects it to open up the arcane
art of uncapping to the masses. "It will be the first program of its kind," says the
coder.
Speed Kills?
http://www.mycrypto.net/underground/cable_modem_hacking.html
Page 77 of 94
Internet security and privacy
Phillip Jen
With the advent of the computer and Internet age, computer security
and Internet safety has suddenly become a major concern for all users. No longer is
your information safe and secure behind locked doors or safe deposit boxes.
Information can be stolen from within your computer system using just a few simple
commands and unscrupulous people can invade your homes or businesses via the
Internet.
Personal computers, commercially available operating systems (that
would be Windows!) and e-mail contain no effective protection against unauthorized
access or theft of your confidential data stored on data disks and hard drives. A clever
(read devious) hacker can read and steal your confidential data while you check your
e-mail or while your are away from your computer. Enormous financial losses through
theft of proprietary information have been reported and are increasing at intolerable
rates. More alarmingly, countless undetected incidences of theft are continuously
occurring and only detected when it is too late.
How then can you protect your data while at lunch, on vacation or
business trips? Answers to these questions are many and involve the most
rudimentary solutions to high tech gadgetry. The following are 9 ways to protect
yourself going from the least practical to best option.
9. Locking your computer within theft secure cabinets or closets is an effective way of
safeguarding your data (I did say rudimentory!). This method is an option only if you
have the energy, time and a safe and secure place to store your computer.
8. You may have the option of removing your hard drive from your personal computer
and taking it with you. This method is very effective in preventing data theft but is
laborious and also places you in danger of accidentally loosing your most prized
information. Further, in today's on- the-go business environment, not many people are
willing to sacrifice their time and energy to remove the hard drive every time they step
away from their desks.
7. You may also take your computer with you. However, similar to the method of
removing your hard drive your may run the risk of loosing your computer.
6. You may also place all your sensitive files onto a floppy disk or other data storage
device (e.g. Jaz, Zip etc.) and take it with you. Again, this method is effective but is
also laborious and is not immune to simple human error such as loosing your disks.
5. A bios lock is effective against intrusion attempts by novices but this method can
easily be bypassed by simple manipulation of hardware.
4. A simple power lock designed to attach to your power source can be used to prevent
data theft. This method may be effective for desktop computers during short trips
away from your desk but it is not the answer for all other battery- powered computers.
3. Computer security programs (software only) are available to prevent unauthorized
access by using a password based security procedure. However, software-based
systems are only effective against break in attempts by novices and can be by-passed
with simple software manipulation.
2. Hardware/software systems are available to protect your computer more securely
than software only systems. They comprise dual security functions of software and a
hardware key that makes unauthorized access more difficult. Nevertheless, these
systems are designed for modest protection from data theft and are most effective for
blocking unauthorized access when you step away from your computer for a short
Page 78 of 94
Internet security and privacy
period of time. These security systems are usually based on a blocking screen format.
Once the system is activated (via password or by removing the smart card or token
from their respective readers) the blocking screen will appear and eliminate the
possibility of unauthorized users accessing data files. These systems are solutions for
moderate security but can be bypassed given enough time alone with the computer.
VirtualGate is one example of this type of security system. For more information go to
http://www.armadillo.com.hk/virtualgate.htm
1. Encryption software and/or crypto-hardware/software systems are very effective
against data theft and are commonly used by financial institutions, governments and
large corporations. This is by far the best solution as it combines many of the
advantages of the previous systems. For more information check out GateKeeper at
http://www.armadillo.com.hk/gatekeeper.htm.
Dr. Phillip Jen Ph.D. Professor at CUHK (Chinese University of Hong Kong)
http://www.mycrypto.net/underground/protection.html
Needless to say, all operating systems are not created equal. None most
popular operating systems of today were developed with secure electronic commerce
in mind.
Unix is the oldest and most widely used networking operating system in
use today. Unix has the advantage of having been hacked and patched by hackers and
crackers for decades. One of the most popular Unix derivatives is Linux, developed by
Linus Torvalds and now maintained by thousands of volunteers and many software
companies. But Linux still has flaws that are being discovered every day. It is
extremely important to monitor these occurances and apply the necessary patched
when they are made available.
Microsoft's Windows platform has seen unprecidented growth as a server
and client platform. Whether it be in the millions of home PCs, on the Internet or on
corporate LANs, its popularity has caught the fancy of many hackers.
Refer to the security resources page for more helpful links and ideas on
securing operating systems.
The CERT(R) Guide to System and Network Security Practices - This book guides you
through the step-by-step process of developing a comprehensive security program.
Auditing and Security: AS/400, NT, UNIX, Networks, and
Disaster Recovery Plans - A one stop shop for those who want to secure their IT
systems. Ideal for sysadmins, IT managers, auditors and CIOs.
Hacking Exposed: Network Security Secrets & Solutions - A good book for those still
learning their way around - takes an offensive approach to hacking and finds
interesting ways to drive home the important points.
Page 79 of 94
Internet security and privacy
Page 80 of 94
Internet security and privacy
http://www.darkreading.com/
For good or ill, these six words were top of mind for security pros -- and hackers -- in
the past year
OK, here they are, in alphabetical order, the six most important words in
IT security in 2008: botnets, cyberwar, downturn, DNS, enablement, and Obama.
That's it. You can go about your business now.
Still here? OK, maybe you want a little explanation as to why these
words were so important in 2008. Geez, you're a hard person to satisfy.
Well, if you must know, 2008 was a year of tectonic shifts in IT security.
The technologies changed, the economy changed, and the role of security changed.
Heck, even the people who make the laws about security changed. You could hardly
swing a dead server without hitting some major security-shifting event, and most of
those events will continue to have repercussions throughout the new year.
Howzzat? Still not enough? Fine. If you need somebody to spell it out for
you, we will. Let's look more closely at the six words and what they meant for security
in the past year.
Botnets
No, botnets weren't new in 2008. (Dang, we've hardly started, and
you're already arguing with us. Do we have to turn this car around and go home?) But
in 2008, botnets emerged as a chief method for delivering unwelcome attacks, from
malware infections to simple spam. In 2008, we saw how big botnets could become.
We started out the year with Storm, a holdover from 2007 that was just
hitting its stride as we began 2008. In the first half, Storm was blamed for a wide
range of crimes, including widespread phishing attacks and illegal pharmaceutical
sales. In the end, Storm became more of an ill wind than a hurricane, but it gave us an
idea of what a "botnet for hire" can do.
The year also brought the resurgence of other botnets, including Kraken
and Srizbi, which both found ways to outdo Storm. The industry also saw how
pervasive botnets had become when, on two occasions, the rugs were pulled out from
under them. The shutdown of two botnet "carrier networks" -- Atrivo and McColo --
made a significant impact on botnet operations, and actually caused temporary
slowdowns in the distribution of spam and malware.
Page 81 of 94
Internet security and privacy
Cyberwar
We know, we know, cyberwar didn't start in 2008. (Doggone it, will you
just sit down and be quiet? You're going to put someone's eye out.) But the attacks by
Russian entities on Estonian government Websites and computers in the spring of 2007
opened a new can of worms that governments and researchers across the world were
wrestling with through much of 2008.
For one thing, the attacks from Russia extended to other former Soviet
republics, including Lithuania and the Republic of Georgia. Such events, along with
ongoing cyberattacks in Iraq and other warring regions, helped demonstrate that
cyberwarfare is becoming as standard-issue for modern armies and terrorist
organizations as guns and grenades. In fact, as the Russia-Georgia conflict proved,
cyberattacks can be a precursor to more tangible military action.
These heated cyberconflicts have led to a wide range of "test" attacks
between governments. China, especially, has been accused of wielding its
cyberweapons against governments across the world, from neighboring Taiwan to sites
in Pennsylvania. The governments of Australia, France, Germany, and the United
Kingdom. have also reported successful attacks from China during the past year or so,
though the Chinese government generally denies any involvement.
Here in the United States, a number of hearings and reports in 2008
warned that the American infrastructure is not ready to defend itself against
sophisticated cyberattacks from other countries. The "big one" didn't come this year,
but some experts say it's only a matter of time.
Downturn
Like every other aspect of business across the globe, IT security has
been affected by the historic economic shifts that have occurred during the past year.
Aside from the obvious re-evaluations of security spending and the predictions of
security market consolidation, perhaps the most game-changing aspect of the
economic downturn is the rapid rise of financially motivated cybercrime.
In a nutshell, experts say, a poor economy brings higher rates of crime;
as the market for legitimate technologies decreases, the market for criminal exploits
increases. These criminal exploits might come from outside the company, or they
might be seen in the form of internal attacks from employees and trading partners.
Both types of attacks increased in 2008.
Most pundits agree that 2008 represents only the beginning of the
increase in cybercrime rates. As long as the economy is in a tailspin, they say, the
instance of computer crime will continue to skyrocket.
DNS
Page 82 of 94
Internet security and privacy
Kaminsky's process for revealing the flaw might have been as important
as the details of the vulnerability itself. For the first time ever, he gathered the major
DNS vendors, revealed the flaw to them simultaneously, and then agreed to try to
keep the details under wraps until they all had a chance to develop and deploy
patches.
The slow rollout of the DNS vulnerability was only partially successful,
but it set a new precedent for disclosure that was later used by other researchers
during the year, as well. And it raised a firestorm of discussion in the security
community as to when vulnerabilities are important enough to merit special disclosure
treatment.
Enablement
It's hard to pinpoint a single event that sparked it, but 2008 was clearly
marked by a new message about IT security: It's no longer about limiting access -- it's
about enabling it. Security vendors and IT managers alike have embraced this
message, setting up the security manager as the guy who sometimes says "yes"
instead of always saying "no."
One company that has been consistently preaching this sermon during
the past year is Palo Alto Networks, a next-generation firewall vendor that promises to
help companies build enforceable security policies by tracking and controlling
application access across the enterprise. However, Palo Alto is far from the only vendor
now using this message: Industry giants such as Symantec, McAfee, and many others
are now using the term "security enablement" broadly in their road maps and product
literature.
What's important about the buzzword is that it reflects a shift in strategy
around IT security. Rather than building perimeters and shoring up defenses, security
departments are now consciously looking for ways that they can give employees
access to more data from more places, without creating additional risk. This shift in
attitude affects everything from security architecture to mobile and remote access, and
may help security managers break down the wall between IT security goals and overall
business goals.
At least, that's the idea we saw in 2008. We'll have to wait until 2009 --
or beyond -- to see whether it has legs.
Obama
The final word that was on everybody's lips -- and everybody's keyboard
-- in 2008 was Barack Obama. (OK, that's two words. Sue us.) The upstart presidential
candidate swept offices and Websites into a storm of discussion throughout the year,
ultimately climaxing in his November victory.
Much of the security discussion focused on the integrity of candidates'
Websites, the rapid rise of spam, phishing, and malware attacks linked to election
news and events, and the vulnerabilities surrounding electronic voting machines.
Obama's rivals, John McCain and Sarah Palin, both suffered hacking incidents.
Now that the elections are over, however, many security experts are
asking more weighty questions about Obama's presidency. A blue-ribbon panel has
already made recommendations on what the new president should do about key
cybersecurity issues. Further questions about new cabinet posts, including a CTO and
Page 83 of 94
Internet security and privacy
cybersecurity czar, also show a growing interest in the new president's initiatives on
cyberwarfare, e-commerce security, personal data protection, and user privacy.
And whether you're Barack Obama or the average IT security manager,
it's clear that 2009 will be at least as eventful as 2008.
Unisys combines encryption and bit-splitting to keep data all in the workgroup
The problem seems simple: How can data be transmitted over a large,
shared network, yet restricted so that only a small group of individuals on the network
can read it?
The possible answers, as most security professionals will tell you, are
anything but simple.
Unisys today took a crack at this complex problem with the introduction
of Stealth Solution for Network, a patented method of encrypting and "bit-splitting"
data into smaller pieces while encrypting them again.
The idea behind Stealth is to allow organizations to restrict the exchange
of sensitive data to a fixed group of individuals who have the keys to encrypt and
decrypt it --without forcing them to use a discrete network. Stealth can be used on an
enterprise network to prevent other groups in the organization from viewing data, or it
can be used over virtual networks or the Internet to help protect sensitive data from
being accessed by outsiders, Unisys says.
Stealth can also be used to keep users from straying outside their secure
communities, Unisys states. By assigning a digital workgroup key to each community
of interest, Stealth can ensure that users cannot access data outside of their assigned
communities, the company says. "Stealth delivers the right information to the right
people at the right time," says Ted Davies, president of Unisys Federal Systems. "Our
government clients have been asking for a security solution like this for years. With
Stealth, we can help them to simplify their networks without sacrificing security, while
delivering significant cost savings."
Initially, the Stealth technology is being targeted at defense and other
government environments, but Unisys says it expects its new approach to catch on in
commercial environments, where retailers, financial institutions, and healthcare
providers are seeking to build "trusted networks" that allow the exchange of data with
less fear of attack by hackers or identity thieves.
Stealth, which was developed in a partnership with security vendor
Security First, has been in development and testing for more than four years, Unisys
says. It encrypts data, "bit-splits" that data into multiple packets as it moves through
the network, and then reassembles the information packets for delivery to authorized
users. These packets are proved secure through the use of certified encryption and
unique bit-level splitting of the encrypted data.
Stealth is a combination of software that resides on users' personal
computers and -- for now -- a Dell 1950 server that manages and provides the
Page 84 of 94
Internet security and privacy
workgroup license keys. Once authorized and granted workgroup keys, users create
peer-to-peer encrypted tunnels vis available networks to share information, Unisys
says.
Unisys isn't giving details on Stealth products or prices yet, but the
company plans a broad rollout next year. The new line will also include Stealth Solution
for Storage Area Networks (SAN), which will extend the encryption and bit-splitting
concept to the SAN environment.
Tough economic times present increased motivation for cybercrime. Experts from
Gotham Digital Science share tactics that companies can use to protect against
security attacks executed by disgruntled or former employees
Page 85 of 94
Internet security and privacy
Notes to Editors
* Earlier this month IBM's ISS X-Force research team identified a 30%
increase in network and web-based security events over the last 120 days, with the
total number rising from 1.8 billion to more than 2.5 billion worldwide per day,
according to data pulled from its managed security services client base of
approximately 3700 clients worldwide.
* According to another December study, "The Global Recession and its
Effect on Work Ethics", by IT security data experts Cyber-Ark Software, more than half
of 600 surveyed office workers from New York's Wall Street, London's Docklands and
Amsterdam, Holland, have already downloaded competitive corporate data and plan to
use the information as a negotiating tool to secure their next post.
* According to the Ponemon Institute's "2007 Annual Study, The Cost of
a Data Breach," the average total cost per data breach is more than $6.3 million to a
US company.
* According to new research from IT services company Vistorm, UK
companies claim to understand the security challenges their businesses face and the
consequences of non-compliance, yet only 48% do anything about it. Of 100 UK
businesses surveyed, 79% of companies knew which of their assets were business-
critical and 91% understood the consequences of non-compliance. It also found that
43% of companies have inadequate security controls in place for protecting mobile
data.
Page 86 of 94
Internet security and privacy
develops tools that solve specific security issues and offers a number of security
training programs for IT professionals. With offices in New York and London, Gotham
Digital Science can seamlessly assist clients on both sides of the Atlantic. For more
information, visit our website at www.gdssecurity.com.
Many in the United States think the party in power has sacrificed too
much privacy and liberty in order to address security concerns, particularly in regard to
terrorism. The incoming administration is likely to undo a lot of this, but, at the same
time, a massive number of very upset people with and without tech skills are going to
find themselves jobless.
Unfortunately, some of these people will make up for their income gap
by engaging in illegal activities. This suggests security exposures are likely to spike in
2009 and that initial cuts in security spending both for the public and private sectors
may have to be reversed around midyear.
We've already had laid-off workers take over a plant and several
instances where others have shot their co-workers and managers -- the most recent at
a company Christmas party in Canada. Violent responses to large-scale downsizings
are likely to increase dramatically in 2009 as waves of layoffs cast people into a
market with nothing to offer. With a down stock market effectively eliminating their
financial reserves, many will be extremely angry.
In the past, laid-off employees have vandalized their companies, and the expected
large number of IT-trained employees expected to be laid off in 2009 should result in
several instances of cybervandalism. While defacing Web pages probably will be the
most common, there undoubtedly will be several instances of serious and material
damage done to systems by ex-employees who still have access to critical systems.
As mentioned above, theft will increase sharply and range from petty
theft of office supplies, equipment, and personal property to large-scale financial theft,
home and business invasions, and identity theft. Financial desperation generally leads
to some really bad decisions, and a large number of people will make them.
Finally, financial downturns typically lead to a massive increase in
financial scams. Folks in critical need for funds can be more easily tricked, and we will
likely see a mix of both traditional phone-based attacks, phishing attacks, and full-on
cyberfraud unlike anything we have ever seen in a given year.
Page 87 of 94
Internet security and privacy
So many of the major security problems we will likely see in 2009 can be
mitigated by just ensuring that employees know what to do, using good layoff
practices, and making sure the company doesn't do anything stupid. A lavish executive
party using corporate jets right after a big layoff would fall into the paint-a-target-on-
my-back-stupid category, for instance.
With regard to vigilance, employees should be asked to keep their eyes
open and report suspicious activities. People who are very upset are seldom very
careful, and often their behavior can be noted with enough time to evacuate a building,
call the authorities, or at least lock a door. If an employee hears another make violent
threats, that person should be encouraged to report it; an anonymous method for
doing so would be advised.
In anticipation of layoffs, practices to remove IT access at termination
and the overall security process during a layoff should be reviewed. Many companies
haven't done big layoffs in a while, and those that learn by doing will likely find the
experience both excessively expensive and unacceptably dangerous. It would be wise
to do security audits and tests to ensure that the company is prepared for what will
likely happen in 2009. Firms like RSA, which has already been engaged in countering
attacks in the financial community, could become invaluable in preparing for some of
these issues.
Wrapping Up
We are forewarned that 2009 will be filled with employee issues and that
already many are drifting toward violence. Not being prepared for this eventuality will,
in hindsight, look negligent, and I know the law firms, which are also under financial
pressure, are setting up for a heavy litigation year. Do the work to ensure that your
company, your employees, and you are safe, and it will pay high dividends next year
by keeping you and your firm out of the headlines.
Page 88 of 94
Internet security and privacy
BOOKS ON SECURITY
A. Internet Privacy
2.Computer and Internet Use on Campus: A Legal Guide to Issues of Intellectual Property,
Free Speech, and Privacy
Author: Constance Hawke, Constance S Hawke Trade Paperback
ISBN:0787955167 Published: October 2000
6.The Hundredth Window: Protecting Your Privacy and Security in the Age of the Internet
Author: Charles Jennings, Lori Fena Published By: Free Press Hardcover
ISBN:068483944X
Published: April 2000
9.Ben Franklin's Web Site: Privacy and Curiosity from Plymouth Rock to the Internet
Author: Robert Ellis Smith Published By: Privacy Journal Trade Paperback
ISBN:0930072146 Published: June 2000
10.The E-Privacy Imperative: Protect Your Customers' Internet Privacy and Ensure Your
Company's Survival in the Electronic Age
Author: James Breithaupt, Mark S. Merkow Published By: Amacom Trade Paperback
Page 89 of 94
Internet security and privacy
B. Privacy Law
2.Confidentiality & Privacy in Social Work: A Guide to the Law for Practitioners & Students
Author: Donald J. Dickson Published By: Free Press Hardcover
ISBN:0684826577 Published: January 1998
6.Make It Legal: Copyright, Trademark, & Libel Law: Privacy & Publicity Rights
Author: Lee Wilson Published By: McGraw-Hill Ryerson, Limited Trade Paperback
ISBN:0927629089 Published: January 1990
7.Privacy, Law & Public Policy
Author: David M. O'Brien Published By: Greenwood Publishing Group, Incorporated
Hardcover ISBN:0275904032 Published: January 1979
Page 90 of 94
Internet security and privacy
2.Computer and Internet Use on Campus: A Legal Guide to Issues of Intellectual Property,
Free Speech, and Privacy
Author: Constance Hawke, Constance S Hawke Trade Paperback
ISBN:0787955167 Published: October 2000
6.The Hundredth Window: Protecting Your Privacy and Security in the Age of the Internet
Author: Charles Jennings, Lori Fena Published By: Free Press Hardcover
ISBN:068483944X Published: April 2000
Page 91 of 94
Internet security and privacy
9.Ben Franklin's Web Site: Privacy and Curiosity from Plymouth Rock to the Internet
Author: Robert Ellis Smith Published By: Privacy Journal Trade Paperback
ISBN:0930072146 Published: June 2000
10.The E-Privacy Imperative: Protect Your Customers' Internet Privacy and Ensure Your
Company's Survival in the Electronic Age
Author: James Breithaupt, Mark S. Merkow Published By: Amacom Trade Paperback
ISBN:0814406289 Published: May 2001
D. Firewalls
1.Inside Network Perimeter Security: The Definitive Guide to Firewalls, VPNs, Routers, and
Intrusion Detection Systems: The Definitive Guide to Firewalls, Virtual Private Networks
Author: Scott Winters Published By: Sams Trade Paperback
ISBN:0735712328 Published: June 2002
Page 92 of 94
Internet security and privacy
5.Firewalls 24seven
Author: Matthew Strebe Published By: Sybex Trade Paperback
ISBN:0782140548 Published: March 2002
6.Linux Firewalls
Author: Robert Ziegler Published By: Sams Trade Paperback
ISBN:0735710996 Published: October 2001
7.Cisco Security Spcialist's Guide to PIX Firewalls
Author: Callisma Published By: Syngress Trade Paperback
ISBN:1931836639 Published: December 2002
Page 93 of 94
Internet security and privacy
Page 94 of 94