Big Brother Is Watching You: Web Privacy

As a lot of you know, I'm a college student, majoring (hopefully) in web design and computer programming. For one of my courses, I was asked to discuss privacy on the web. What I wrote I really liked, so... I want to share it. So here you go:

The biggest catch to the internet, from either a developer's standpoint or just a casual user's standpoint, is that there is no such thing as absolute privacy. The paper trail you leave is a mile long, tracking your actions across cyberspace. Depending on how secure the sites you create or visit are, you leave behind as little as your IP, or as much as your name, address, credit card numbers, and even more.

The idea of internet anonymity is a pipe dream. No matter what advances are made, this will not change, simply because it is far too profitable, either on the personal level or beyond, to mine for personal data, either to use for personal gain, or to sell or distribute to advertising/spam/otherwise destructive agencies.

One of the main problems with internet privacy is the concept of the cookie. A cookie is a piece of information, stored on the user's PC, that contain information about a user's use of a given site or domain. This may include information for login authentication, saving an online "shopping cart", and site preferences. These can be sniffed out and hijacked with a packet sniffer. A site can fool the browser into sending a cookie to a site that is not supposed to get them. Or worse yet, scripts can be made and utilized that just outright steal a user's cookies. Of course, then there's always bad programming, which can lead to insecure sites, which can lead to isues with cookies.

Another issue is the concept of the Internet Service Provider (ISP). ISPs are businesses, pure and simple. They're not above such breaches of privacy as combing all incoming and outgoing data, throttling speeds for certain programs or protocols (I'm looking at you, Comcast!), or collecting extraneous information for whatever use they may have. On top of all this, they are left to their own discretion when it comes to information they may or may not surrender to the government during inquiries. There is no legal precedent for what they have to surrender, its quite easy to deny the government information based on the idea that an ISP refuses to undermine its user's privacy. Google did it, although they're not an ISP, but then again, Google is bigger than a fair share of ISPs. The government does not control ISPs at the business level, so whatever information is surrendered is surrendered voluntarily. However, ISPs can't know what you're sending, if its encrypted right. At least, not without violating their own Terms of Service and/or laws. Its a nifty and powerful bit of knowledge to have.

Spyware is, without a doubt, the most ANNOYING detriment to internet privacy and computer health. I mean, just look at this image. That is not a healthy PC, and frankly the fact it loaded the browser that far surprises me. (On a side note, I find it funny that an AOL program is considered Spyware, and I agree with this wholly. But another discussion for another time.) Spyware is nasty, software installed on a PC (without the user's informed consent), that monitors user behavior, and manipulates it into malicious things like tracking user across the net, collecting personal information, change computer settings, or solving CAPTCHAs for rogue servers, bots, or users. This is easily defeated, however, by utilizing anti-spyware programs like Spybot. However, some gets really rooted into the system, and can be a pain to remove from memory, then from the PC itself.

Add to these concepts things like phishing (fraudulently getting personal information by faking being a trustworthy entity in or on a site, forum, messenger, etc) and social engineering (a sociology idea turned to a net practice, a series of techniques used to manipulate users into giving away information or performing actions they normally would not do.) and the internet is hardly what anyone would consider a secure place. Its more of a wild frontier, really, and if you take the wrong steps, it will swallow you (or your personal information) whole.