HitChrome

Every time you use the Internet, you’re being tracked by both your server and the servers you access. Your ISP keeps logs of your MAC address (your network adapter card’s number) and your private IP address; the rest of cyberspace sees your public IP address assigned by your ISP. Yes, no matter what you do and where you go, your computer trail leads right to your doorstep. Scary thought? Disturbing? No doubt.

How Your IP Address Invades Your Privacy

Whether or not you’re engaged in illegal or immoral activity, there’s reason to be worried about this lack of privacy on the Internet. Even people who do nothing strictly unlawful deserve privacy. You may be sending an anonymous mail, or having an illicit affair, or visiting websites that your family and friends would be offended by. You may have moved away and parted with friends and just want to check on their blogs without being identified. Perhaps you share an e-mail account with another person and you want to answer mail for them without giving away the fact you are someone/somewhere else. There are all kinds of reasons why being anonymous is important, and they are not all illegal.

Unfortunately, you can’t be anonymous without a proxy server that hides your tracks for you. The websites, forums and web mail services you use all log your visits. Even social networking sites do. If you use your office’s network, the administrator keeps records of who uses it and when. Your public IP address may be changeable and have limited details only, but whoever gets past that and sees your private IP address (behind your ISP router) and worse, your Mac address, will be able to identify you. Read the rest of this entry »

Viruses, phishing, spyware, spam, denial-of-service attacks, botnets. You have probably heard these words, and perhaps even suffered from what they signify, with or without knowing it.

I’d like to lay out a simple path to addressing (not resolving) these security problems, one that does not require agreement among all governments (or people) on what really constitutes a crime, much less a global police force or unenforceable global treaties. If we can increase security in general, then governments can focus on the real criminals.

A better approach is to view computer security as an issue of public health and economics, in which people can protect themselves but must pay for the costs they impose on others. We need to enable people to defend themselves against others; prevent innocent, well-meaning people from becoming infected and harming others; and reduce the incentives and ability of the ill-intentioned to do harm.

That sounds like a lot of different challenges. But there are effective approaches to each of them that do not require tracking everyone online, or requiring IDs for every interaction. Tracking user IDs will not enable us to catch or stop bad guys, and it will render the internet impossible to use. We can’t save cyberspace by destroying its openness.

To implement effective security, the entities best equipped to do so, the internet service providers, must take the lead. They are technically savvy organisations with the ability (more or less) to protect users and detect abusers; they have a direct (though impersonal) relationship with their users; and they compete for users’ business, so that, unlike governments, they will suffer if they perform badly. Read the rest of this entry »