Security and Privacy Issues for Internet Users (and Internet Searching Tips) Revision 09/2012 Russ...

Security and Privacy Issues for Internet Users(and Internet Searching Tips)

Revision 09/2012

Russ Haynal Internet

Instructor, Speaker, and Paradigm Shaker

21015 Forest Highlands CtAshburn, VA 20147

http://navigators.com

Phone : [email protected]

Note: If you send me an email, put “internet training” in the e-mail's subject

Copyright © Information Navigators

Russ Haynal/navigators.com/

Internet Instructor & Speaker

http:/Security and Privacy Issues

1. Background and Statistics

2. “Persona” issues and options

3. Network Connections (home /small business)

4. Firewalls

5. Anti-Virus

6. Web Browsing issues such as cookies

7. Other Applications: Email, peer to peer, Spyware

8. Authored Content and specialized databases

9. Local options (storage, encryption)

10. Internet Search tips

Online Web page = http://navigators.com/opensource.html

specific_page.html



http:/Disclaimer

• This session illustrates a variety of search tools, techniques and research methods.

• You should consult your organization’s policies to verify if these methods are approved for your types of Internet connections.



http:/An Opening Survey

• Do you have a Broadband connection (i.e. cable, DSL, Fiber ) ?

• Do you have a wireless network at home?

• Do you access the Internet at home without a firewall?

• Is someone in your home PC downloading music? (without paying)

• Do you, or anyone in your extended family, use a genealogy program (i.e. Family Tree Maker)

• Do you, or anyone in your immediate family, use facebook?

• Do you receive Spam email daily?

• Received Phishing? ( = fake request to verify your account )

• What type of Internet connection(s) do you have:

– Attributable (agency.gov), Mis-Attributable, Home

• Have you researched work-related topics via your home account?

• Do you know which Apps in your smart phone can access your GPS?



http:/Why this Course…• This course covers a variety of security and privacy issues

• Some issues apply directly to work-related Internet usage

• Many issues apply strictly to home-based Internet usage

• These issues are important from a counter-intelligence perspective

– Minimize “leaking” of your research interests

– Protection of your personal information and identity

• If the security of your home PC is breeched, it could lead to you being in a compromised/vulnerable situation.

Remember: Internet = Passport to interact with foreign resources and people



http:/Some StatisticsPrivacy Practices of Web Domains

Random Sample

Top 100 Popular

Collect Personally Identifiable Information 90% 96%

Places Third Party Cookies 28% 48%

Posts Privacy Statement 88% 98%

Displays Privacy Seal (ie. Truste, BBB) 12% 44%

Source:http://www.pff.org/publications/privacyonlinefinalael.pdf

privacy.html

source: www.cert.org/stats

source: webroot.com



http:/Identity theft

• Identity theft occurs when someone has collected enough personal information about you, that they can “impersonate” you.

• They can use your identification information to access your existing financial accounts, investment accounts, etc.

• They can use your identification information to establish new accounts (checking, credit card, loans) based on your name/credit history.

• They can collect your personal Information through traditional means – dumpster diving, scam solicitations, corrupt employee.

• Now add the risk from Internet/PC usage:

• Hacker gains access to your PC: bank account information, investment software, cookies, auto-complete password, auto web form fill-ins’ and family genealogy (birth date, mother’s maiden name)

• Hacker gains access to your relative’s PC which has a genealogy program.

• Researcher looks through facebook and public record databases

During 2008, there were ~10 million victims in the U.S.Average loss = $5,885 and 28 hours of time

privacy.html







4. Firewalls

5. Anti-Virus






specific_page.html



http:/Backbones Connecting

regionalISP #1

Your Internet traffic flows through several Internet ProvidersBackbone

ISP- A

Backbone ISP

Regional ISP

Exchange Point

Client(PC)

Server

Private Peering

Backbone ISP- B

regionalISP #2

Web hosting center

Enterprise LAN/Wan

Large organization

Destination

traceroute.html



http:/Introduction to “Persona”

• While viewing a web page (URL1), You click on a hyperlink to visit another web page (URL2)

• Your web browser sends “environment variables” to the web server.

• Webmaster’s use this information to determine information about you and your organization (physical location, your interests, Software, etc.)

ReportsAccesslogs

Analyst Webmaster

Web ServerURL1

URL2

InternetAccess

As you surf the Internet, you give-off a certain persona

You should always know what websites know about you

persona.html



http:/Persona Details•Your persona is communicated to every web server that you visit.

•You should be explicitly aware of your persona before you visit any website. For example, should you visit:– badguy.com from agency.gov?

Your persona is communicated via “environment variables” such as:

•REMOTE_HOST = This is the name associated with your IP Number.

•REMOTE_ADDR= This is the IP number of your computer, or proxy. A webmaster could do a traceroute to see how you are connected.

•HTTP_REFERER = This is the URL of the page you were previously viewing. You should be careful on how you create web pages. For example, do you want to reveal the following?:

– http://badguy.com is listed on http://intranet.agency.gov/joe_smith/investigation_targets.html?

• Your persona may also be transmitted via Java Applets such as ga.js and urchin.js (google analytics)

persona.html



http:/A Typical Scenario...

searchtool.com webmaster knows your “search terms”

destination.com webmaster knows what “search terms” you used to find them

Persona:- agency.gov OR- town.ninja.com

Analyst

searchtool.com

destination.com

“search terms”

http://searchtool.com/query=searchterms

hits

page

webmaster

webmaster

persona.html



http:/Always check your Persona

• You can also search for: proxify who am I

This is a key paragraph to look for… If this is missing, then no referring URL is being passed

Important Note: This testing page is most accurate when you click on a link to bring you towards this page.

persona.html



http:/Think before you click...• Does your connection method leak a Referring URL?

• IF IT DOES... do NOT “Click” on your search results

• A click on this search result will tell the webmaster at orgnet.com that you are searching for “terrorist”

Referring URL

Hover over the link to see its URL

persona.html

http://www.google.com/query=terrorist_&start=110



http:/Anonymizers

• Anonymizers replace your persona with their persona.

• Anonymizer now “knows your business”

• Web Masters may easily recognize anonymizer traffic

anonymizer.html



http:/

ninja.com

Agency_portal.com/page_namestarget.comagency.gov

Analyst #1

Analyst #2

Persona=agency.gov + referrer = portal

Persona=ninja.com + referrer = portal

The “portal” Problem...

Exposing a “less recognizable” persona

Analyst #1: uses agency.gov persona to visit “targets”

Analyst #2: uses “ninja.com” persona to visit “targets”

Now “ninja” persona may be recognized as “agency.gov” visitor

The “parallel visit” Problem...

Even with no http_referer, a webmaster can still make the association due to high volume hits or similar usage patterns.ninja.com

target.comagency.govAnalyst #1

Analyst #2



http:/Internet Accounts, Policies, & Procedures

• There may be several different types of Internet accounts with their own intended use, and strengths/limitations

• There may be some policies which always apply

• There may also be unique policies associated with each type of account

• Policies are probably in a state of flux, as organizations try to keep up with the ever-changing Internet and legal environment.

• Clarify these issues from within your organization

• Make sure ALL Internet users are kept aware of the latest internet usage policies. Mistakes by a handful of users could jeopardize your connection’s privacy, and cause unwanted publicity for your organization.



http:/Internet Connection Definitions

• IP # - Internet Protocol number is allocated to you from your ISP

• Fixed IP # - the same IP Number remains permanently assigned

• Dynamically Assigned IP Number – During a log-in/connect sequence, an IP number is assigned to the user for the duration of that session. Such IP numbers may be assigned from a “DHCP” Host (Dynamic Host Configuration Protocol)

• Dial-up – only connected part-time. Dial-up accounts receive dynamically assigned IP #’s.

• Broadband – Cable or DSL. Usually connected 24 X 7. A broadband account may receive a fixed or dynamic IP #. A dynamic IP # may persist for a very long time. Most broadband modems are “External Modems” and must be connected to the PC via a network connection (Ethernet, wireless)

getting_connected.html



http:/Network Address Translation

10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255

• NAT is the translation of an IP number from one network segment into an IP Number that is used within another network segment.

• NAT is often used where a private network touches a public network, such as: Internet Broadband modem Internal LAN)

• There are certain IP numbers allocated for use on private networks. (reference: RFC’s 1918, 1631)

NAT Device

68.70.164.89 192.168.0.1

192.168.0.5

192.168.0.83

• To See your “external” IP Address: “Check your persona” on my web site.• To see your Computer’s “local” IP Address: DOS Prompt -> ipconfig /all


“external” “local”



http:/Getting Online…

Phone Modem

Broadband Modem

Internet Gateway

Router

Dial-up Modem With a single PC- Temporary Connection- Dynamically assigned IP number

Broadband (Cable/DSL/fiber) With a single PC- Persistent Connection- IP Number may remain constant throughout “session”

Broadband Modem With multiple PCs- “Internet gateway router” includes extra features: DHCP and NAT to assign additional IP #’s to all Computers; Firewall, Print server, wireless- Modem’s IP number = Internet persona


Broadband Modem

High speed Router

Local Routers Employee PCs

ISP / Internet

Home options

At Work…. Wide variety of implementations including firewalls.



http:/A special note about wireless networks(are you sure, you can’t install a wire?)

• A Wireless router is connected directly to your LAN/ ISP.

• Wireless Networking Standards are always evolving: 802.11b, 802.11g, 802.11n, 802.11i

• WEP (Wireless Equivalent Privacy) adds encryption, but a weakness in its algorithm means it can be easily compromised using free shareware. WPA/WPA2 (WiFi Protected Access) adds additional security

• Remote “guests” may be able to connect into your LAN

Gateway RouterISP /

Internet

Neighbor’s Computer

WirelessRouter

Broadband Modem


Read the manual for your router AND update the Firmware







4. Firewalls

5. Anti-Virus






specific_page.html



http:/Personal Firewalls• A firewall should monitor incoming and outgoing traffic

(windows XP firewall was incoming only)• Some firewalls are more secure than others

(stateful packet inspection, ICSA Certified, etc)• Most firewalls do not protect against viruses• All firewalls require administration (set-up configuration,

updates, granting permissions for applications)• Change the default administrative

password included in the firewall

• Event logs – learn how to read these

• Many “alerts” come from infected machines doing random scanning

• You can traceroute IP#’s and search for info on Port Numbers

firewall.html



http:/Firewall Options

Broadband Modem

Firewall(hardware)

Ethernet Hub

Firewall(Software)

Firewall(Software)

Firewall(Software)

Ethernet Hub

Internet Internet

• Prices: <$100 to ~$500• Additional functions available• NAT, DCHP, Email notification• Easier for computers to share folders / printers

• Prices: free to ~$50• Each machine needs to be configured• Firewalls may interfere with local network sharing

Broadband Modem

firewall.html



http:/Anti-Virus Software

• Every machine should have updated anti-virus software installed, and running

• AV software should automatically examine every incoming file ( email attachment, web download, peer-to peer download)

• AV software will occasionally scan every file on your machine for viruses

• The heart of most AV programs is a “dictionary” of pre-defined viruses which is compared to your files. The dictionary may have over 100,000 definitions.

• AV programs will also monitor certain sensitive system resources for any changes

Important: the virus definition dictionary must to be updated frequently. There may be 100 new virus definitions added to the dictionary in one week.

virus.html







4. Firewalls

5. Anti-Virus






specific_page.html



http:/Web Surfing Risks

• There are numerous concerns with web surfing

• Cookies / web bugs – track your individual movements

• Java / Active X – Executable code downloaded and running on your machine

• Web Site registrations- collect personal info, credit cards

• Social networking – sharing your information

• Pop-ups, pop-unders, Fake ad windows,

• Browser leaks – persona, referrer, plug-ins, Clipboard

• Numerous web browser settings and third party software options, toolbars, advertisement blockers.

privacy_browser.html



http:/Cookies ( = barcode on forehead)

• A cookie is a piece of text stored on your computer by a web server.

• Helps the web site to “recognize you” (username_greetings) and “remember” your interactions within the web site (shopping cart)

• Web site may repeatedly refer/update your cookie and its internal database on your movements.

• 3rd parties may also place cookies through many web sites (advertisers, hit trackers, etc)

def.comabc.comxyz.com

xyz_cookieBrowser

ad_cookies

“I am not a piece of your inventory”

cookies.html



http:/Are you visiting just one site?

• Viewing a single web page may cause your browser to interact with many different web servers.

• Even with cookies turned off, you still make foot prints on third-party web servers while retrieving their graphics.

Page2.htmlLogo.gifCookiesScripts, etc

Ad_banner.gifCookies, etc

Tiny_dot.gifCookies, etchit_counter.gif

Cookies, etc

Page1.html

Page2.html




http:/Third Party cookies

Web pages can include graphics (and therefore cookies) from “third parties”

[email protected] history

[email protected]_phoneViewing history

badplace.comFake [email protected] history

Jokes.com ID#_201loan.com ID#_4873

badplace.com ID#_539

3p.com

3p.com ID#_435349

Your Cookies

[email protected] viewing [email protected]_phoneYour viewing historybadplace.comFake [email protected] viewing history

Buys/sells your data with its “partners”

Copyright navigators.com

The “third party site” can compile an extensive profile on you, and sell this information to companies that are online and offline.Google Analytics is embedded in 50% of the top 1 million websites



http:/Web Bugs and Beacons• Web Bugs are “hidden” graphics

• The graphic is usually a 1 x 1 pixel and is the same color as the background

• Some web privacy policies refer to web bugs as “beacons”

• www.bugnosis.org offered a free plug-in which highlighted all web bugs, showed you its cookie value, and other parameters:

Each tiny graphic = item to be downloaded

cookies.html

• Try Firefox plug-in; Ghostery



http:/Managing Cookies

Tools -> Options ( or Internet options )

You can allow cookies from specific web sites, while blocking most other sites.

cookies.html

Browsers have several settings to control cookies

There are also Adobe “Flash cookies”. See my web page for links: navigators.com/cookies.html



http:/Secure Web Pages

• Webserver invokes encryption with browser on a page by page basis.

• Watch for encryption whenever personal information is being transferred (username/password, credit card #, Financial info, etc)

• Encryption protects the contents of page information as it is transferred between your web browser and the remote web server.

• Encryption does NOT protect your data from a local keystroke logger

• Encryption does NOT protect your data after it arrives at the remote web server

• Encryption does NOT guarantee that the vendor is reputable.

Not Encrypted Encrypted




http:/What about the other applications?

• Many applications you use are “internet enabled”

• These applications carry your connection persona, and may have their own set of privacy and security settings

Internet Access Internet

privacy_other_apps.html



http:/Email issues• Default email program settings may leave you vulnerable

• Viruses often transmitted via address books (don’t trust any attachment – even from your friends)

• Spam – Do not reply to get “removed”

• Scams – nigeria money scam – Give us your bank account number

• Hoaxes - $300 cookie recipe, boy brain tumor, modem tax, etc.

• Social engineering – One virus hoax email told you to search for a file and delete it... Unfortunately the file in question is a normal system file.

• If it says “tell everyone you know”, it IS a hoax. To confirm if it is a hoax, simply search for part of the email using google .

• Microsoft outlook – Look for updates, patches and learn about settings




http:/Spam, Spam, Spam, Spam

• For every email you receive, dozens of spam messages have been blocked by your ISP.

• Some Spam is sent from infected computers (Your computer…?)


Source: www.junk-o-meter.com

Source: Symantec state of spam report



http:/Reading Email = Web Surfing!

• Most graphics are downloaded from an online server as you view email

• The Spammer now knows that you have read his email

• Ways to avoid this:

– Disable HTML, preview options

– Block Internet while browsing downloaded email

• Try it yourself: www.readnotify.com

Graphics downloaded as you

preview/display an email




http:/Email Architecture

• A sent email may include the following information in its “headers”

– IP # of YOUR PC as you send the email

– IP # of the email server that handles your email (your ISP’s server)

– IP # of the recipient's email server (their ISP’s Server)

Mail Server #1

POP3 SMTP

Email Client B

Port 110 Port 25

Mail Server #2

POP3SMTP

Port 110Port 25

WebBrowser D

Email Client C

Email Client A

Web-Based Email #3

SMTPPort 80

HTTPPort 25

Optional

email_details.html



http:/Email Details

• The “from” of a message is absolutely unreliable. The sender can put anything they want here.

• To see the headers, look under viewing options in your email software or web-based email.

• Anti-spam web sites contain good information for identifying email

To: [email protected] From: [email protected]: meeting agendahere is the body of the message.Stuff, stuff, stuff, etc.

Headers: mail server - mail server communications

Look at the headers too

The part of an email you normally look at

persona_email.html



http:/Other applications

• Most forms of peer- to - peer programs may reveal your specific IP number (file sharing, chat rooms, Instant messenger, etc)

• Peer- to- peer programs can be configured to share the contents of your hard disk.

• Some free programs include piggy-back programs

• Some programs include spyware, which monitor your usage of their product

• Trojans , viruses – Once they are in your system, they can be used to collect personal information ( This is why you want a 2-way firewall)




http:/Look for the options / settings

• Homework: Examine every application on your PC which is “internet aware”, you need to explore through every preference / option menu

• Your firewall settings are WORTHLESS, if your 12-year old enables your entire hard disk to be shared with everyone who also uses that chat program, music swapper, etc.




http:/Piggy Back Applications

(Spyware, Adware)• Some Free program include piggy-back programs (they provide

revenue to the free program)

• For example: a stealth p2p network application is bundled with Kazaa

– Buried in the user agreement:

– "You hereby grant “Brilliant” the right to access and use the unused computing power and storage space on your computer/s and/or Internet access or bandwidth for the aggregation of content and use in distributed computing,"

• “Brilliant” now has the keys to your computer.

• 150 million copies of Kazaa had been downloaded.

• How hard would it be for a hacker to also access these capabilities?


• Programs such as Spyware doctor, ad-aware, “Spybot Search and destroy”, can be used to identify & remove such programs.







4. Firewalls

5. Anti-Virus






specific_page.html



http:/Authoring issuesIf you author any content, here are some concerns:

• Mailing lists – If you post a message to a mailing list – do you know who else is on that list? There may also be an archive of that list’s messages.

• Blogs such as facebook – Assume that your content will be archived and shared with a very large audience.

• Web Pages – Your HTML authoring program may embed your full name into an HTML meta-tag. The software “knows” your name from the first day when you installed the program. (This is also true of most other programs such as Word, Powerpoint)

• Web – based email – includes IP number of workstation



http:/Facebook must be managed…

• Information you (or your kids) post that can assist with identity theft: (birthdate, home town, name of high school, dog’s name, name of best man at wedding, etc)

• Are your co-workers also facebook friends? 8 of your friends have college degrees in “International Relations” and their kids go to Langley High School…

• Facebook Privacy controls are splintered into many different sections and layers. New features are usually defaulted to “everyone”. You have to keep changing them to “friends only”

• Try these tests:

– Make a new “fake person” at facebook, and see how much of your information (and your kid’s) can be seen by “everyone’.

– Make “fake person #2” at facebook, make them a friend to one of your friends/relatives; and see how much of your information (and your kid’s) can be seen by this “friend of friend”

Facebook tracks you across many websites

Consider a web browser dedicated to only Facebook



http:/www.archive .org

• Any user can surf through previous copies of a web site.

• Deleting sensitive information from today’s web server does not remove it from archive.org / public access

• Search engine robot collects web pages like other search engines

• Previous web page copies are also retained

Web Servers

RobotUser

Interface

Recent copy

copied Web page

Archive copies

User PC

• “document not found”? – Paste the address into archive.org

• Viewing archived web pages can still cause hits to live target website



http:/Local Set-up options

• Consider using encryption at home to protect personal data . For example, encrypted file systems are now standard in Windows. - You can also explore using encryption for email (learning curve)

• Some applications offer encryption schemes for files (quicken), but these are not very secure. There are numerous “cracker” programs which will easily break these open.

• Require Passwords for access to computers or internet access

• Create multiple user accounts (even for yourself) = public / private disk space

• Physical security of computer – logon passwords, boot sequence, other users.

privacy.html



http:/Consider Offline Storage

$400+ : A Second PC without a network connection. You can use a KVM switch to run this CPU to your existing keyboard/monitor

$350 : an extra notebook computer

~$100 : Second hard disk – can be external, or internal with a lock key to switch disks (nicklock)

Removable media – optical or magnetic storage that is removable

USB flash drive – Some include encryption

Where will you store the offline media?

privacy.html



http:/Consider Alternatives

• Switch away from Microsoft products

• Alternative products may be more secure, or less targeted by hackers.

• Browsers

• Email Clients

• Operating Systems



http:/Keep your system up to date

• Macintosh: “apple” menu software updates

• Also get updates for Microsoft Office Applications

privacy.html



http:/Worst case considerations• Read through your cookies - what if a clever website

were able to copy all of your cookies?

• Look at the content of your hard drive - what if a clever website were able to copy a directory listing, or individual files?

• If your research requires you to visit “exotic places” you should use a “sacrificial machine” - which has a very “bland identity”

• On the “sacrificial machine”, never use personalized sites (gmail, amazon, local restaurant, etc)



http:/Public Terminals

• Public terminals = Library, Kinkos, Hotel Lobby, Cyber Café, etc

• Is there any kind of consistent “administration” to guarantee the integrity of these computers?

For a public terminal, you should always assume that the machine has been compromised, and that a “keystroke logger” is quietly capturing all keystrokes. ( usernames, passwords, credit cards, etc)



http:/Future• Biometric scanner – finger, voice, eye • Other devices leaking information – Web surfing via cell

phone/GPS… • In the UK there are millions of cameras monitoring public spaces.• Much personal Information is in databases: phone number, map,

county taxes, DMV, court records, supermarket purchases, credit card company, phone company records, etc.

• Proposed law would give copyright owners the right to hack into your PC

Fingerprint scanner as USB accessory or built into a notebook

privacy.html



http:/Final Advice

• Always be self-aware of your persona• Know what policies apply to you• Go HOME – make backups (just in case)• Update operating system, change settings• Update Anti-virus software• Add / configure a firewall• Install & update spyware hunting software• Explore “options” menus in all programs• Make notes of all changes.

= Do it now!

advice.html



http:/Parent Options

• Do nothing…

• Separate computers / user accounts

• Require password for internet access

• Time constraints on when access is available

• Move computer screen to a visible location

• Install parent control software

– Blacklists, vs. logs

– Monitoring web vs monitoring everything (key logger)

• Know what applications are being installed and how they are configured ( bit torrent, hotmail – email filter options, etc, etc)

• Talk to child – show them how they can be tracked – email articles to them about online predator cases.

• Next, what about the neighbor’s computer where your child goes instead?

• What happens when the child moves out? Have they learned how to take care of themselves online?

Keystroke catcher

navigators.com/parentguide.html

Your Options:







4. Firewalls

5. Anti-Virus






specific_page.html



http:/How Does it Work?• Internet started as “Packet Switching Networks” using TCP/IP

(Transmission Control Protocol - Internet Protocol)

• Every Internet connection has a unique IP Address consisting of 4 numbers, each number has a range of 0-255 (ie. 198.211.16.134)

• Internet IP numbers are allocated through a hierarchy

– IANA --> ARIN/RIPE/APNIC/LACNIC/AFRINIC --> ISP’s /Company/Country

• Routers direct your packets of information along the “preferred” path

Router Router

Router

Router

Router

Router

RouterRouter

Note: The next generation of IP Address space (IPV6) is quite LARGE3,911,873,538,269,506,102 IP #’s per square meter of the Earth's surface 4,500,000,000,000,000 IP#’s for every observable star in the known universe

traceroute.html



http:/Domain Name System• The Domain Name System (DNS) associates

alpha-numeric names with IP addresses

• Names are registered with commercial registrars such as Go Daddy or country-specific registrars

• DNS Servers are distributed throughout the Internet - They act as a set of inter-linked phone books

• You enter “www.navigators.com”, and the DNS servers match it to “198.171.173.51”

• Historical meaning for domain names– .com=commercial .net= Internet Provider .org = non-profit

– .uk = United kingdom .pk= Pakistan .ru = Russia

• Reality…. Many country domain names are now for sale to ANYONE from ANYWHERE

domain_name.html



http:/Web Server / Web Site

Web pages= name.html

Graphics=name.gif=name.jpg

• Web Site is the Content

• The Web Server is a computer loaded with server software and a reliable Internet connection.



http:/A more complex environment

DataBase

•Internet users interact with web server•Web server query is passed along to data base.•The content of the database is only displayed

TEMPORARILY in a web page that is created in response to USER-actions.

•Most database content is unreachable by search engines

Web Browser

Online Hosting

typed form

Web server

page data

Application server



http:/Plan out your Internet Research

• Spell it Out - Define the Topic, Spell it out, Key words, acronyms, “what” and “who”

• Strategize - Choose your approach, which online resources, search tools

• Search - Get online, execute, stay focused, use advanced search features

• Sift - Filter the results, Follow the leads

• Save – Make bookmarks, take notes, organize results, share with co-workers.

search_methodology.html



http:/Spell out the topic...1. Name of topic, and what do you want to learn about the topic:

__________________________________________________________________

__________________________________________________________________

2. Spell out the topic (words, acronyms, abbreviations)

_______________________________

_______________________________

_______________________________

_______________________________

_______________________________

_______________________________

_______________________________

_______________________________

3. Make a list of “who” might publish such information (industry association, government agency, NGO’s, user group etc.)

__________________________________________________________________

__________________________________________________________________

generic, simple terms obscure, specific terms

search_methodology.html



http:/Overview of Internet Search Tools

• Search Engines (Google, search.yahoo.com)– Large database – text from billions of clickable pages

• Directories (dir.yahoo.com, www.dmoz.org)– Manually built subject trees–links to millions of web sites

•“User Pages” (Joe’s guide to widgets)– Built by subject experts- hundreds of topic-related links

Each tool has strengths and weaknesses

Pick the right tool...

search_tool_intro.html



http:/

Internet Directory (i.e. dir.yahoo.com, www.dmoz.org)

Mega

Directory

Filer may not be a subject-expert

URL’s & Descriptions (submitted by Users)

• Good for early stages of search, general subjects

• Links are grouped by topic

• Pages are manually built




http:/Searching a directory...

Main Menu“top”

Topics

subtopics

Content of subject tree

website

Links to external web pages

• Searches the text within the directory’s own web pages.

• Use search terms that would appear in:

– category titles

– web site titles

– web site’s brief description

• You are NOT searching the websites – just their brief description

wireless




http:/

Search Engines (ie. google.com, bing.com)

• Search Engine’s “robot” explores Internet, and copies web pages into its database

• Supports very detailed keyword searches

• Take the time to learn about the features & options of the search engine

Web ServersSearch Engine Site

RobotIndexerSearch

Interface

Your PC

Indexed Database

cachedWeb pages

copied Web page


You must envision what the target page will look like. “Use your imagination”

Try adding the words “resume” or “curriculum vitae” to your search terms



http:/Which have you bookmarked?

• The advanced search page can be used just as easily as the basic search page.

• Just seeing the options might remind you to use them

Basic search Advanced Search

Key Tip: Limit your searches to PDF or Powerpoint files to quickly locate detailed content

from great web sites.

search_tools.html



http:/Pay Attention to search results

Clustering – Google showing a maximum of 2 hits per domain

Cached = Google’s local text copy of the page. Graphics will still be downloaded from the remote website, unless you add: &strip=1

See hits from only that domain

Indentation = clustering

Problem: The “cached” link has been moved into Google’s “instant preview” pane… and a google javascript “hi-jacks” all

links back through Google (this breaks the &strip=1 trick)Solution: disable javascript in your browser.

persona.html



http:/

Alexa.com

• Like most toolbars, it “spies” on its users• Most of the information collected via the tool bar is

available at alexa.com

search_tools.html

• This is a great way to discover new websites based on the traffic patterns of millions of Alexa Toolbar users

• Click on “site info”

• Enter a Domain name

• Click “get details” and then “related links” & “traffic stats”



http:/“User Pages”

Potential weblink

Usually focused on a specific subject

Developed by “experts” in that field(or just a person with passion for subject)

Info Expert

Often contain “the best” online resources




http:/Finding “User pages”• Announced to Dmoz and other directories

• Linked at wikipedia, wikimapia

• Groups of users at forums, blogs and mailing lists

• Watch for sites labeled:“Joe’s ultimate guide to widgets”

• “User pages” often point to other “user pages”

• “Surfing Upstream” from several related sites (covered in Hidden Universes part 2)

• Ask other researchers – there are several sites that everyone knows as “the best”

• Interactive, live communication (Chat, telephony, virtual worlds)

search_universes.html



http:/Wiki ____• A Wiki is a type of website that allows easy and immediate creation

and editing of pages by “anyone”

• Wikipedia.org – Encyclopedia that can be instantly edited by ANY Internet user.

• Good starting point for many subjects to gain an overview of the topic

• Page can be biased from the most recent editor

• Some entries get “locked-down” due to editorial vandalism

• Wikimapia.org – same concept applied to google maps

• “map type” google map: zoom to the right location

• “map type” “wikimapia classic” : to see comments



http:/Blogs and Forums• A Web Log (blog) is usually owned by one person.

• Owner can post a log of their daily activities, or post ongoing comments about a topic.

• Guests may be also be allowed to add comments onto the blog

• Wordpress and blogger are popular sites

• Forum – An online discussion site focused on a particular topic

• Many users can participate by posting messages.

• Moderators may “police” comments that are considered off-topic

• Try searching for:

• Searchterms forum post - to find a forum that discusses your topic

• Searchterms forum post replies views – to find individual threads and messages that discuss your topic

• Membership requirements are a barrier to search engine robots

• Vbulletin is a popular program used on many websites

social_networking.html



http:/Surfing Upstream vs. Downstream

#1 Most researchers follow the links “downstream” from an interesting page

#2 “link:http://www.target.com” shows all the web pages which link towards the target (=upstream). Indicates the page’s “popularity” (= who knows about target.com)

#3 shows web pages that link to both target sites … will show “user pages” for the that topic

Target.com

Target.com Target.com Target2.net

#1 #3#2

“Upstream” “Joe’s guide to MANY targets”

search_upstream.html



http:/Surfing Upstream Details

• You need to decide which scenario makes more sense; Row #1 or Row #2

• A 3rd and 4th site can be added if they are popular enough

• At Google, can try the following search format ( no link: )

“www.example1.com” “www.example2.com”


search terms (use www.blekko.com) Search Results

link:http://www.example.com Web pages containing links toward example.com

link:http://www.example.com/pageA.htmlWeb pages containing links toward the specific web page

link:http://www.example1.com link:http://www.example2.com

Web pages which contain links towards both example sites. This is a great way to discover “user pages” (i.e. Joe's guide to example-sites)



http:/“site:” examples

( Google works best)

• This technique can save you weeks of search time

• Much faster than reading through thousands of web pages from a large website.

• “use your imagination” to focus these searches.


Search Terms (use www.google.com ) Search Results

site:example.com

web pages hosted on any kind of example.com server (www.example.com, blog.example.com, etc). This is a quick way to access the size/depth of a web domain

site:example.com searchtermweb pages hosted on example.com servers which mention the "searchterm"

site:ru searchtermweb pages hosted on .ru web servers which mention the "search term"

site:ac.ru nuclearWeb pages hosted on any academic .Russian web servers which mention nuclear

site:iaea.org iran filetype:pdfPDF documents hosted at iaea web servers which mention iran.



http:/

Who knows about your topic?(google search terms in red)

Example: Iranian cell phone Company (Irancell-MTN)

Government Regulations, license site:gov.ir irancell

Industry MagazineNews, vendors, maps,Management interviewssite:gsmworld.com iran

Construction vendorTowers, networkssite:vendorsname.com iran

Equipment vendorPhones, networksPress announcementsite:nokia.com iran

Res

ume’

EmployeesResumes,Job Postingsresume irancellsite:linkedin.com irancell

CustomersService issues, technology insightsIrancell forum postsite:mob.ir irancell

Topic’s own websiteMarketing informationPress announcementsite:irancell.ir

Investors Ownership, disclosures




http:/

Mailing Lists

“The web” is TINY

• Many detailed searches are a two-step process

– First find the specialized database

– Then type a very specific query in the database.

World Wide Web (pages.html)

ChatVOIP

Blogs,Forums,

Multi-media

Search engines

Total Online material

SpecializedDatabases

Email

Closed systems

1. Initial Search 2. Detailed Search

search_universes.html

( 1000X larger than the web )



http:/Lists of Search Engines

• For specific information, use a specialized search tool – Get “deeper” results than a general search engine

• Thousands of search engines are listed

• Search engines are grouped according to the subject they cover

search_tool_specialized.html

70,000 databases

55,000 public record

databases

.com

.net



http:/Many country resources are onlinecountry_specific_content.html

Phone books



http:/Many countries sell their domains

• These were just some of the country domains available for sale

• “All Domains” happens to be a licensed “registrar” for these countries.

• There are many additional countries who will sell their domain names to “anyone”

domain_name.html



http:/Learn about the 2-letter code

• Visit your county’s domain name registrar

–www.iana.org/domains/root/db OR

–www.norid.no/domenenavnbaser/domreg.html

• What is the policy for getting a domain name? (citizenship, trademark, local presence, money)

–What is the cost to register a domain name?

–Are there any censorship clauses?

• Does the registrar require any proof of identity? (drivers license, passport, business license)

• Is there a whois service? (make a bookmark)

domain_name.html



http:/Each search tool is different

• Each search tool has it’s own unique set of defaults and options

• Take the time to learn the options of each tool

– Don’t assume anything

• These tools are competing, trying to be unique

• Read the help



http:/

Several open sources can be combined to build a complete picture

fcc.gov filings: “12. C&W USA states that the Apollo Cable landing stations in the United States will be located in New York and New Jersey. In New York, the cable landing station will be located in Tritec Park, Brookhaven Technology Center, Shirley, New York, at coordinates 40º 50 minutes 30 seconds north and 72º 53 minutes 4 seconds west.”

Newspaper / Building Permit Section: “USA Apollo Cable Landing Station, Ramsay Rd. and Precision Dr., site plan-land division station, construct 25,573-square-foot one-story building to house computer equipment for a fiber optic cable landing station on one lot of a two-lot land division in Phase 1. External generators and associated above-ground vaulted diesel fuel tanks to be installed in Phase II. Cable & Wireless USA, Shirley.”

Start with a simple cable map

Nautical Charts show exact Cable locations

Satellite Imagery can follow cable ashore

FCC Filings, Building Permits, etc. provide additional details:

Reference: http://cryptome.org/eyeball/cable/cable-eyeball.htm

Here is the cable landing station



http:/Summary• Internet contains a large, fragmented information space

• Search engines are limited to only billions of “Clickable” pages

• The best content is organized by “people without lives”

• The Internet’s “critical mass” will transcend all other communication technologies

• Change is the only constant

The Future is Clear...Master the Information Superhighway

orBecome Roadkill

Security and Privacy Issues for Internet Users (and Internet Searching Tips) Revision 09/2012 Russ...

Documents

Transcript of Security and Privacy Issues for Internet Users (and Internet Searching Tips) Revision 09/2012 Russ...