Internet Security is something that has grown to be a main concern among society. Companies have come out with Identity Theft prevention services, but often, by the time you get those, it is already too late or doesn’t help. The purpose of this guide is to help you try and develop safe internet habits and to keep you as safe as possible from unwanted problems relating to your personal security.
Many of you probably hear on the news, every so often, “A popular website has been compromised and many people have had their personal data stolen!” When a website is compromised, it puts thousands at risk for one of many possible types of identity theft. It is rare that a site is hacked to this extent: usually, the data is collected through look alike sites, through spyware, or through other means of collection; most of which happen on a single-user basis. It makes many people nervous when giving out personal information to anyone online because they are not sure what can really happen, and they do not have all the facts.
The goal of this article is to help you understand internet security, so you can protect yourself from thieves. We will take a look at how you can protect yourself, what websites are doing to protect you, and what laws are in place to help protect you. The best way to be safe is to understand what common tricks are, and how to avoid getting exploited.
There are two important terms, which are very commonly misused (even among the “experts” at Microsoft), that need to be defined, so you do not get confused later in the article. These words are:
Hacker and Cracker
Official Definition: http://en.wikipedia.org/wiki/Hacker
Hackers are commonly thought of as the bad guys, the people who make your computer go as slow as heck, and the people who steal your identity. In reality, they are actually the opposite. Hackers are the good guys who test security vulnerabilities and fix them. Government agencies, software companies (including Microsoft), and internet security companies employ hundreds of hackers (a few too little, maybe!) to test their software before its release. They try to hack the software to make sure that when it ships, people are not going to be able to use it for malicious purposes.
As a webmaster, even I am a hacker. I have to know how to test my website’s security so the bad guys don’t get through. I also have to ensure that when I make a website for a customer, that any data on the site is safe, secure, and that everything related to security is quite bulletproof. When I use the term “hacking” in this article, it refers to the testing of security, whether for good or bad, for sake of common terminology.
Cracker is a term that isn’t used much outside of the security world. A cracker is someone who exploits holes in a program for malicious use. For example, the people who create game keygens are crackers, meaning what they do is illegal. For continuity, I will refer to both hackers and crackers as hackers, unless a distinction needs to be made; most people think of the two as the same.
Let’s also get a common stereotype out of the way. Hackers are not always some teenager working out of their garage. Most hackers are professional people who know what they are doing. The only reason the “My 15 year old neighbor is a hacker” myth is around is that teenagers tend to be more vocal about what they accomplish. Let’s face it, there are thousands of viruses out there (to be exact, Symantec currently protects users from 69,481 viruses), and a very limited number of the authors ever get caught. Of the very few who do get caught, most of them are probably teenagers. The reason for this is quite simple: they have big mouths. They go to school and yell “Guess what! I cracked Microsoft’s web server this weekend!” and someone gets a sizable reward when they turn the youngster in. Professional hackers tend to be more covert about their actions, and therefore, rarely get caught (until they get too greedy).
A Brief History of Cracking / Hacking
Until the early 1980s, hacking had not been a household term. Prior to this time, the Personal Computer was not a widely available or feasible option for most home users. Most of the computer market consisted of million dollar mainframes the size of a warehouse, which only government and major corporations could afford. Finally in the Mid-1980s, personal computers finally became affordable to most users, and began to find their way into the home.
In 1983, a movie called “War Games” portrayed a teenager who could hack just about anything in the world. He was able to hack through his schools computer network, as well as many other malicious tasks. This movie caught the imagination of the teenagers who saw it, and sparked an evolution of hackers.
This shift caught the computing industry by surprise, so they were unprepared to take on the new breed of hacker. With time, the teenagers gained experience and many gang-like groups of hackers formed. They started to share their exploits with friends in the group, and word got around quick. Almost overnight, hacking came to the forefront of personal computer uses.
At first, hackers mainly wished to gain access to systems, not to damage them. The first hacker to be prosecuted in the United States was Pat Riddle. Pat had been known to regularly gain unauthorized access to U.S. Department of Defense computers; a major problem to the security of the United States. He was arrested, but could not be charged with anything relating to hacking, because at the time, there were no anti-hacking laws. He was charged with theft of phone service instead, putting him in jail for a very limited period of time.
To prevent similar problems in the future, the Computer Fraud and Abuse Act was passed in 1984. It provided a legal means to prosecute hackers for certain things. A more in depth detail of laws and regulations will be covered later in the article.