1. Surfing the Internet Safely
(for Journalists)
Foreign Correspondents Club of China
June 19, 2008
Andrew Lih
http://www.andrewlih.com/
Copyright 2009 Andrew Lih
8. Definitions
• URL: Uniform Resource Location
http://www.foo.com/news.html
• DNS: Domain name system
Convert www.foo.com to numerical address
• Internet protocol (IP) address:
Unique ID of computer on Internet
(like 128.51.56.122)
Used to route packets across the Internet
9. Typical Scenario
• Computer connects to Internet
DSL, Starbucks, corporate, et al.
• Gets a DHCP welcome package
IP address and DNS server
• Access web page URL
http://www.foo.com/news.html
10.
11.
12.
13.
14.
15.
16.
17. Sequence
• Happens quickly (hopefully)
• Multiple “GET”s for images, ads, video,
scripts, documents, audio, et al.
35. Motivation
• Annoyance
• Productivity
• Corporate safety and privacy
• Time
36. 1. Hardware router
• Prevents outside traffic
to naked computer
• Share single connection, Wi-Fi
• Use NAT “shield”
• Use WPA or WPA-2 encryption (not WEP)
• Manufacturers: Linksys, Netgear, D-Link, TP-
LINK, Apple, Travel: Apple Airport
37. 2. Firewall software
• Turn on Windows Firewall
• Only allow known connections in/out
• May need some customization
• Apple: Security preferences
38.
39. 3. Hosts file
• Blacklist of known bad sites (built into
Windows/Mac)
• HostMan (Windows) manages hosts file
• http://www.abelhadigital.com (Wordpress)
40.
41. 4. Browser execution
• Web 2.0: no longer just a read-only page
• Javascript (AJAX, Google Docs, et al.)
• Flash (YouTube)
• Java
• ActiveX (Microsoft)
47. McAfee Siteadvisor
• Firefox plugin, warns of bad sites
• McAfee trusted name in security
• Integrates with Google searches
48.
49.
50. 5. Viruses/Spyware
• Infect computer through email, web
surfing, or just sitting on the Internet
• Virus: destroy data, nuisance
• Spyware: sucks processor time, steals
private data, becomes part of botnet
51. 5. Viruses/Spyware
• Get good software
• BitDefender or Kaspersky ($)
• Avira AntiVir (free)
• Ad-aware (free)
• Spybot Search and Destroy (free)
• Webroot Spysweeper
52. 6. Secure connections
• Virtual Private Network (VPN)
• Your news operation/company may already
give you this capability
• Surf any site, no Great Firewall blocks
• Public options:
HotspotVPN ($8.88/mo)
PublicVPN ($59.95/yr)
Witopia personalVPN ($39.99/yr)
55. Passwords
• Have three types on hand
• Trivial (“buddha”)
• Nontrivial (“h@ppybuddh@”)
• Banking strength
("6eijin9spring!1978", like Beijing Spring)
57. Internet access
• Home, cafes, wireless, hotels on the road
• Consider extremely insecure
• Who can contact your computer?
• Who can read what you’re doing?
• Passwords in the clear?
58. Steps
• Google mail - https://mail.google.com/mail
• Note the “S” and must be that address!
• Entire session is encrypted
• Yahoo/Hotmail - encrypted login, not
session!
60. VPN
• VPNs good for general use
• Protect against snoopers in Starbucks and on
hotel broadband
61. Prescriptions
• Have some type of VPN accessible
• Use Secure Google Mail (https://
mail.google.com/)
• Use Skype for secure chat
• Use a broadband router at home (Linksys
WRT-54G or Apple Airport)
• Use Apple Macintosh (w/Windows)
62. Review
• If you remember nothing else today...
• Hardware firewall
• Firefox and plugins
• Antivirus/Antispyware software
• Avoid Yahoo/Hotmail
• www.andrewlih.com/securitytips
63. Retooled
Old New
Internet Explorer Mozilla Firefox
Yahoo/Hotmail Google mail (https)
Weak password Strong passwords
Cleartext transmissions VPN or secure email
Naked computer Router/firewall
No security software Antivirus/Antispyware
Instant messaging Skype
Naked email HushMail