Web Privacy and Security

I am a bit worried. This webpage is intended to help you sleep a bit better. There are some simple rules that allow you to reduce the threat.

1. Think

Apply some common sense! If a message pops up that you have just won 1 billion dollars, it is bogus. If someone promises you a lot of money for few work, it is a scam. If someone calls you out of the blue and tells you that there is malware on your computer, it is a trap.

2. Browser

Keep your browser updated! Some browsers (like Firefox or Chrome) do auto-update, others (like Internet Explorer) don't. So make sure you are always using the latest version of your favourite browser. Obviously, you should only download the programmes from a trusted source.

• Mozilla Firefox
• Google Chrome
• Microsoft Internet Explorer
• Apple Safari
• Opera

3. NoScript

NoScript is a Firefox Add-on which "... allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, guarding your "trust boundaries" against cross-site scripting attacks (XSS), cross-zone DNS rebinding / CSRF attacks (router hacking), and Clickjacking attempts, thanks to its unique ClearClick technology."

The NoScript makes your web usage safer, because you need to manually allow each host to run executable code. Clearly, the protection only works if you only allow trusted servers, which requires you to stay awake when browsing!

4. Search engines

Whenever you use a search engine, the company will try to identify in order to personalise the search results. (See for example this article by Feuz, Fuller, and Stalder.) You can avoid this by either opting for

• DuckDuckGo.com, a search engine which claims not to collect and distribute any user information, or
• Startpage, a search engine which "[...] does NOT collect or share ANY personal information!". Also, it provides you with a useful Firefox add-on.

5. HTTPS

Whenever possible, you should transmit your web data only in encrypted form. You do this by adding the "s" to the http. For example, instead of http://www.google.com/ you type https://www.google.com/. Many large websites offer this possibility. HTTPS Everywhere is a Firefox or Chrome add-on that automates this for many websites.

6. Encrypted E-Mails

An E-Mail is like a postcard. Although the transmission of data between you (more precisely, your e-mail desktop client or web browser) and the e-mail provider is encrypted, the content of your e-mails is still saved in plain format on the e-mail providers server and when sent between different providers.

There are two ways to encrypt or sign messages, S/MIME and PGP. Read more about this here.

7. Public Wifi - VPN

To be added soon...