Where you surf to on the World Wide Web can say a lot about what
you're interested in, what types of activities you are involved with
or would like to be involved with, and (depending on if you sign up
to online services etc.) what likely password choices and login names
you might use on other accounts. Did you know that the computer that
you surf the WWW from is most likely recording all of that
information?
Most people don't. But for the person who knows where to look, it
is easy to explore your computer to find a complete history of where
you've been, what files you have downloaded, and what information you
have accessed.
There are other ways that your web-surfing data may be tracked,
such as cookies, which are planted by web sites on your machine,
enabling them to keep track of how many times you've visited their
site, what pages you may have surfed from, and other data . Some
sites now require your browser to accept cookies in order for you to
visit them. Another way that data may be collected on you is via the
connection your computer makes to another computer while you are
surfing the web. Anyone with the proper technical know-how and
equipment can be sniffing your connection to the Internet and see
information you type and pages you visit.
Even with these various obstacles to secure surfing, taking a few
simple precautions is all you need to do to protect your information
from being read by other people.
Your History and Cache - Protect yourself from snoops
Who knows what sites you've
been visiting? Anyone sitting down at your home computer can find
out, and so can people whose sites you visit -- unless you take a few
simple precautions.
Leave No History - Clearing out your browser's History list
is something that should be done each time you are finished with your
program if you don't want someone to be able to sit down at your
computer and very easily see where you have been surfing to. In
Netscape 3, simply close the program -- the History folder will clear
itself out (a rare case where a shortcoming can also be useful). In
Netscape 4, select Edit¥Preferences, choose Navigator, and click
Clear History. In Internet Explorer 3 or 4, select View¥Options,
click the Navigation tab, and click Clear History.
An Empty Address and No Location - If you walk away from
your machine while your browser is running, it gives anyone a chance
to look at the current URL displayed at the top of your browser
window (labeled Address in Internet Explorer, and either Location or
Netsite in Netscape, depending on site specifics). If you're using
IE3 or IE4, clearing your History folder (see "Leave No History"
above) will wipe out the Address list. In Netscape, this is a bit
more of a pain.
You can clear the list by futzing with the Windows 95 Registry, but
that's difficult and dangerous. A better solution is simply to not
use the list. If you type in a URL at the File¥Open Location dialog
box (-l in N3 and -o in N4), the address won't be recorded in the
Location or Netsite list.
Where's the Cache? - Another place that your web trail is
recorded is the cache folder--a temporary storage area for recently
visited pages and images -- the cache is there so that repeatedly
visited websites will show up quicker when you reload them in your
browser. If you don't want people sitting down at your computer to
read your cache files, they should be deleted (or stored on an
ecrypted disk - see our encryption section for more info). Note,
however, that on slower machines with slow connections, this will
result in a noticeable decrease in the speed your computer brings up
previously visited web pages. To delete your cache you can do one of
two things:
1) Trash your cache files at the end of each browsing session. The
exact location of the cache folder depends on decisions you made when
you installed your browser. However, N3's cache folder is probably
C:\Program Files\Netscape\Navigator\Cache, N4's is C:\Program
Files\Netscape\Communicator\Users\username\Cache, and IE's is
C:\Windows\Temporary Internet Files. Use Windows 95's Explorer to
delete the folder's contents.
2) In newer versions of Netscape, there is a feature in the
preferences that allow you to set the cache to 0 and to automatically
delete the whole lot at the end of a session. Go to Edit*Preferences
and once in the Preferences dialogue - go down to Security*Cache.
There you can set your cache to 0 if you prefer (which will mean that
pages you view are never cached) - or dump the contents of your cache
folder.
Bookmarks are a problem for the same reason the history file is a problem. It shows what sites you are regularly looking at. If you are bookmarking sites which require passwords to enter, a quick look in the cache will possibly reveal that password, or at least the account ID.
Beware the Cookie Monster
A "cookie" is a small piece of information sent by a web server to
store on a web browser so it can later be read back from that
browser. This is useful for having the browser remember some specific
information.
What are they used for? An example is when a browser stores
your passwords and user ID's. They are also used to store preferences
of start pages, both Microsoft and Netscape use cookies to create
personal start pages. Common cookies which companies use are find info
are listed below: Online Ordering Systems, Site Personalization,
Website Tracking, Targeted Marketing, User ID's.
Security? An HTTP Cookie cannot be used to get data from your
hard drive, get your email address or steal sensitive information
about your person. Early implementations of Java and JavaScript could
allow people to do this but for the most part these security leaks
have been plugged. But HTTP Cookie can be used to track where you
travel over a particular site, This site tracking can be easily done
without using cookies as well, but using cookies just makes the
tracking data a little more consistent. If you want to disallow
cookies you can do so with version 3.0 or greater of Netscape. Go to
the Options Menu Select the Network Preferences Menu Item. From the
window that appears select Protocols and locate the section "Show an
Alert Before". Check the box labelled Accepting a Cookie.
From now on you will get an Alert box telling you that a server is
trying to send a cookie to your browser. It will tell you what the
cookie value is and how long it will last before it is deleted.
For more information on Cookies including how to change your
browser's prefs to not accept cookies can be found on the Internet
JunkBusters cookie page,
or Cookie Central.
Two articles at The Register talk about some of these issues in more detail. DIY
INternet Anonymity #1 & DYI
Internet Anonymity #2.
Other Tools
Web Proxys
Web proxys can be used to help you remain anonymous on the web. They can
hide your IP address -- so the web site you are visiting only sees the IP
address of the proxy that fetched the pages. It may be preferable to use a proxy
not located in the same country you are located in. It is also possible to
chain proxies, although it can get a little slow.
You can check to make sure your IP address is not being seen through this
Proxy Info.
Anonymity Providing Services that provide immediate browsing using HTML forms:
Our larger list of web based cgi proxys
Rewebber
(www.rewebber.de) also with SSL
(In
Germany)
Rewebber (www.anon.de)
also with SSL
(In
Germany)
Anonymouser (In Germany)
The Cloak - anonymizing
proxy and encrypted connection.
Siegesurfer - 5-day free
trial, after that it costs money.
Ultimate Anonymity - a one-time
fee of $15 allows you anonymous surfing, posting to usenet, irc/icq and other services.
A site that rates and compares web based proxy services: Web Veil.
Accessible proxy servers that are open for anyone to use:
Public Proxys Servers that offer an anonymous proxy service:
Further Reading and Resources
