![[Bytes Link logo]](../../../cgif/bytelnk2.gif)
Main Meeting
by by Eric Saca - February 22, 2001 at 15:35:51:
Steve Gibson gave us a presentation in February on Internet security and on testing firewalls.During Random Access, George Margolin discussed computer image generation. He mentioned a company that provided him with outstanding graphic printouts – Colour Prints in Canada. Their website is www.ColourPrints.com. He passed around a sample printout.
George then introduced Steve Gibson, a highly experienced computer programmer and Internet security guru.
Steve started his presentation with a story he had read in the National Post that illustrates today’s Internet security problems. Basically, a man from Canada was surfing the Web. At one point, he happened upon a website by accident and left it. About half an hour later, he’d received a phone call from a representative of that website’s company. The representative knew that he was soon going out of town and made him a special offer, geared to his specific tastes. All he had done was pass that website. He had not bought anything from it, browsed through it or even stayed on it for very long. Yet, the salesman knew his home telephone number, his tastes and the fact that he was soon going out of town!
Steve then briefly explained the origin of cookies. Internet servers started out as stateless systems, which maintained no record of a user or his activities. Every time a user connected to a website, it would be like his first time because the server had no way of tracking or recognizing him.
Eventually, the programmers at Netscape fixed this by developing a new feature – the cookie. A cookie is just an arbitrary token. It can contain any random contents. Those contents do not change for a given user. When a user pulls up a website, that site sends him a cookie. Then when the user later returns, the site can use the cookie to identify him. Dot com companies and third-party advertisers took advantage of this feature.
Several parts of a given web page can send a cookie to a user, including sections from third-party advertisers. Data entered on a website can get into a cookie. Also, third-party advertisements can reside on multiple web pages. This combination of factors can cause incredible security problems for the end-user.
An end-user can be browsing one page with a third-party advertisement that sends him a cookie. Then he can surf the Net and end up on another, completely unrelated page with the same third-party ad. That ad can pick up the cookie from the previous website the user visited. Then it will be able to use that cookie to identify the user and possibly other information, such as other websites that he had visited. This is how the website gleaned so much information from the Canadian man’s computer in Steve’s story from the National Post.
Due to concern about the security risks posed by cookies, several programs have come out to deal with this issue. They do everything from blocking cookies to faking the acceptance of cookies. (Some websites, such as Microsoft’s, will not function if your browser does not accept cookies.) Steve recommended setting your browser to accept only cookies that are sent back to their originating server. Accept all cookies is the default setting for both Netscape and Internet Explorer. (This can be changed in Advanced Preferences.) Steve recommended completely flushing cookies from your system on a periodic basis. All browsers should be able to do this.
Steve also warned about e-mail formatted with HTML. This is where all the e-mail viruses came from. Such e-mail is literally an HTML program that runs when you open it. It can do almost anything on your system – including gathering and sending information about you to another website. Companies have used this type of e-mail to profile potential customers. Steve recommends using and accepting text-only e-mail.
He suggested a way to keep software from sending information about you to unfamiliar websites – restrict the ports that any software can use. E-mail should only use ports 25 and 110. They should not use the web browser port – 80. To limit port usage, Steve recommended a program called Zonealarm Pro.
Another security measure Steve takes is to always set up aliases and change his name when sending e-mail. That way, it is harder for profiling websites to track him.
A member asked if the government can do something about these security problems. Steve replied that he is presently working with two senators! To keep up with the latest news, Steve suggested pointing an Internet newsreader to grc.com, the website of his company, Gibson Research Corporation in Laguna Hills.
This website also contains several useful articles and utilities to help users and companies experiment with their own web browser and firewall security. It contains his popular ShieldsUp!! program which major vendors, such as Symantec Corporation, are using to test and improve their firewalls. There is LeakTest, which can help end-users find leaks in their own firewalls. Users can test cookies sent to their own browsers and see what information they contain at nanoprobe.grc.com. This particular web page also contains useful and well-written information on personal browser security. Grc.com also contains utilities and information on data recovery and maintenance.
Steve Gibson had so much information to share with us that he couldn’t present it all at the Main Meeting. Thus, after a brief raffle, he stayed for the Internet SIG and finished his presentation there…
Next Meeting—Ted Meyer of the IRS on “The Advantages of Electronic Tax Filing.” Ted Meyer is the Los Angeles Territory Manager for Taxpayer Education and Communication (TEC) in the Small Business/Self Employed Division.
![[------STRIPE-----]](../../../cgif/str1.gif){kind=small}
Site Disclaimer Suggestions? E-Mail to webmaster@noccc.org