In Plain Light 10.17 – The Privacy Issue:
Online Security and Internet Privacy

Welcome to this month's newsletter!

In this issue:

• Online security: A matter of protocol
• Internet privacy: Can you trust your browser?
• Private surfing: What to do if you care
• Links
  

This issue was prompted and inspired by – surprise! – Google. In April 2017, the Lord of Chrome announced that the browser would start warning its users of insecure pages when entering any data, or of all such pages in Incognito mode.

The change was scheduled for version 62, due for release half a year later, out now. It didn't materialize as promised [so far], but the direction is clear:

“Eventually, we plan to show the "Not secure" warning for all HTTP pages…”

Posted by Emily Schechter, Chrome Security Team

So, what's it all about, and how do Internet privacy issues relate to it?

What a difference an S makes

Without much of technical jargon, HTTPS is a communication protocol between a browser [the client] and a web site [the server], just like HTTP is. The difference between the two is that the former is secured by a certificate stored on the server which

• identifies the site as being in fact what it pretends to be,
• prevents data sent in both directions from eavesdropping by a third party, and
• ensures that this data isn't manipulated in transit.

The same spoken out loud:

Three good things about HTTPS (1:15 min.)

This site switched to HTTPS on October 19, 2017.

HTTPS is much more preferable than HTTP, no question about that. Sending your credit card information over an insecure connection is asking – screaming – for trouble.

However, the chance of falling victim to a man-in-the-middle attack [when offenders intercept communication between an insecure site and a user in front of her computer] during a stay on an informational page is rather theoretical.

Why? Well, because of its feeble cost-benefit ratio. Unless the site in question does require credit card details being sent unprotected, you should be quite safe.

On the other hand…

The above presentation does pose another question altogether, if only in passing:

…with some small print in the end (0:09 min.)

Did you get it? Just to make sure: "So an intermediary in the network can't modify or tamper with the data that's being sent. Only the browser and the server can."

I am pretty sure this wasn't intended to mean anything else except pointing out just another advantage of HTTPS over HTTP. 

However, if you take it literally, you may as well raise your hand and ask: Well, what about the browser?

That's what we are going to explore.

Can you trust your browser?

Much of the following content is just videos. I think they are important as they help understand that our online activities take place in public, and can have consequences we never expected or thought about.

If you can spare about half an hour of your valuable time, watch them.

Follow the crumbles

Not to enjoy with milk (2:34 min.)

You are famous now

You are not alone, ever (7:25 min.)

Let's talk

Every click counts, more than once (6:40 min.)

You are being served your own web

Our online behaviour affects our sight of the world (9:04 min.)

The chimney is history

Our online footprint leads to our real selves (5:52 min.)

What is to be done?

Start with opening your browser security and privacy settings. Read all of them, and change some.

Move on to ensure all your gear – the computer, the tablet, the smartphone – is up to the mark, too. Follow the link to learn how to set up your devices for privacy protection.

Follow the link in the section below to learn more about making your online stay safer.

The last word—Why privacy matters

Every human has something to hide (4:12 min.)

PS: Got a cookie?

Dare to share? (3:13 min.)

—Think about what monsters to share it with.

Tags: #inplainlight #https #donttrackme #privacymatters

Useful links

DuckDuckGo privacy blog

The friendly search engine regularly posts articles about Internet privacy and online security issues. They also publish a privacy newsletter, and generally care about your online well-being.

The Power of Privacy

This is the full version of The Guardian's take on privacy in modern times featured above (running time 28:45 min.). The short film was the winner of British Animation Awards 2016 in the category Best Film/TV Graphics. Sorry, it's on the regular YouTube site, so beware.

Ars Technica: No, you're not being paranoid

A recent addition to the topic, about sites logging your keystrokes and mouse movements while you browse, and sharing this information with 3rd parties.

Previous issue

09.17 – The wildlife photography issue

No purchase necessary: Learn how to photograph wildlife for best possible results with your usual equipment.

Following issue

11.17 – The sea issue: Fine art seascape photography

As November closes in, we take Ishmael's, of Moby Dick, advice and get to sea as soon as we can, led by some highly inspirational examples.

Unattributed images on this page are sourced from public domain via Pixabay.
The page features videos from following YouTube channels delivered over "youtube-nocookie" domain:
Google Chrome Developers, Sesame Street, TED, The Economist, The Guardian.

Tell me what you think!

Is it useful 👍? Awful 👎? Leave a message! Your comments help make this site better (and give me a kick—one way or another).

Back to Top