interweb freedom

(formerly Stop Usage Based Billing)

Posts Tagged ‘internet security’

Internet Security Tip #1 spam

Posted by Laurel L. Russwurm on September 12, 2010

red circle with a strike through over the word SPAMWe all know spam is out there. We all get it. The only real way to stop spam is for no one to ever ever answer it.
Mark it as spam and delete it. But so long as one person somewhere in the world clicks ‘reply’ or ‘buy’, it will never go away.

But there are things we can do.

don’t make it easy for spammers

I can’t tell you how many times I’ve passed along this advice, because it is a simple thing that we can all do.

When sending email to many people it is much better to select “BCC” than “CC”.

  • CC = stands for ‘carbon copy’
  • BCC = stands for ‘blind carbon copy’

When you use “CC” every recipient gets access to every email address.

This is important because if even a single copy of your email goes astray and falls into the hands of a spam harvester, they get the bonanza of a whole pile of email addresses to send spam to or to sell to other spammers to send spam to. Spammers aren’t going away any time soon so we should at least try to make it tough for them.

BCC means that the recipients can only see your email address, their own, and the addressee if there is one. Sending them all BCC would mean that only 2 email addresses appear in the email.

Always use BCC

And no, I’m not saying that you can’t trust the people you sending email to.

The thing to realize is that email travels across the Internet. DPI is the equivalent of unsealing our email.

But in Canada, the CRTC allows Bell Canada to use Deep Packet Inspection (DPI) to look inside Internet traffic– which includes email. DPI is illegal in Europe due to privacy concerns. It just takes one unscrupulous person with access and spammers have our email addresses.

history lesson: the origin of the carbon copy

Antique typewriter

Before computers, people in the 20th Century had typewriters. Typewriters were machines used for writing. Pressing down on a typewriter key worked the typewriter machine by striking the corresponding letter shaped metal die onto an inked ribbon against paper rolled into the machine.

When using a typewriter, it was possible to make an exact copy by sandwiching a piece of carbon paper between two sheets of typing paper and rolling them both into the typewriting machine. The force applied to the key would first transfer the ink to the paper and then through the flimsy carbon paper transferring the carbon onto the second piece of paper in the shape of the typed character.

The drawback was that the second copy was not crisp. The advantage that every keystroke was reproduced. This second copy was called a carbon copy. It was considered good form for the typist to type “cc” followed by the name of the person who would receive the second copy. In this way, bot copies indicate who received the letter.

A duplicate made without indicating a second recipient was called a “blind carbon copy” or “bcc” since the original recipient is not privvy to either the fact of it’s existence or information about it’s disposition. Often a file copy would be made in this fashion so that the sender retained a copy of his side of the correspondence.

image Credits:
“No Spam” image by laurelrusswurm under a Creative Commons CC0 License

Underwood 11 Typewriter photo by alexkerhead under a Creative Commons Attribution License (cc by)

Posted in Changing the World | Tagged: , , , , , , , , , , , , , , , , , | 1 Comment »

Nutshell Net Neutrality

Posted by Laurel L. Russwurm on January 20, 2010

The Easter Egg Museum

The Easter Egg Museum is located in Kolomyya, Ukraine. -- Photo by Mia

Ukrainian Law says that Internet Service Providers are not responsible for what their customers do.

This is the concept called Net Neutrality.

Internet Service Providers should NOT be held responsible for what their customers do.

Just as Landlords are not held responsible for what their tenants do.

The tenant may be the father of a family of four whose worst crime is crossing against the lights. Just as easily the tenant may be a serial killer who keeps locks of his victim’s hair in a jewelry box. Or perhaps the tenant is a wax museum artisan who keeps locks of necessary hair samples in a jewelry box at home for repairing exhibits.

The only way a landlord can know which involves serious invasion of privacy. Because it is only by spying on the tenants that the landlord can know. And even then, the landlord is not trained in recognizing or preserving evidence, much less building cases to present in court.

So no one expects the landlord to engage in this type of spying.

Largely because people prefer not to be spied on.

Even an innocent father doesn’t want his landlord pawing through his mail. The police aren’t allowed to open our mail because they want to. Email should be just as protected as postal mail.

Chances are the serial killer has taken precautions that would make it difficult for the landlord to discover the truth anyway. Besides, we’ve all seen the movie… if the landlord DID get the goods on the killer, the tenant would have to arrange an accident…
Paul Gross in the role of RCMP officer Benton Fraser in Due South
If the tenant is in fact breaking the law, either through tax evasion or serial killing, it is NOT the landlord’s job to investigate and prosecute. That’s what law enforcement is for. Centuries of jurisprudence have built in protections for citizens, so that something resembling probable cause must exist before citizen’s rights may be assailed.

Just as it is should not be an ISP’s job to monitor and investigate citizens in the event they may be breaking a law somewhere.

ISP’s are in the business of providing an internet connection, in much the same way that a landlord provides a rental property. In fact, the jargon used for a website’s main page is “home page”.

Spying on customers will be a huge expense for ISPs. Who will foot the bill?

I’ve seen enough spy films to know that intelligence gathering is a time consuming and expensive business. Surely it is not expected that the customers being spied on will pay for the privilege. The ISP can’t be expected to pay for the necessary personnel and equipment.

So the government will have to foot the bill.

But wait: government funds come from the citizens… so in effect the customers being spied on will pay for the privilege.

The internet has stopped being a luxury toy, as individuals and businesses conduct more and more of our real lives online. Internet access is as vital to modern life as phone access was 20 years ago.

We live a great deal of our lives online. Many people do online banking, and of course many commercial transactions take place online.

I correspond with family and friends around the world online. I know to be careful what information I put on facebook.

Internet security will be non-existent if ISPs are allowed or ordered to spy on us.

If they do, nothing on our computers will be secure.

Posted in Changing the World | Tagged: , , , , , , | 8 Comments »