Wireless Networking & Social Engineering

Wireless network is a computer network are connected together through a wireless transmission system without any cable of any kind to avoid the costly process of introducing cables into to a building, or as a connection between various equipment locations. For example, if any person in the airport, coffee shops, library or hotel recently, he or she will have a chance to be in the middle of a wireless network. This wireless network called WiFi or 802.11 networking system was released in 2000 and used to connect personal computers at home, and some cities are trying to use the technology to provide free or low-cost Internet access to residents.

WiFi has a lot of advantages such as easy to set up and inexpensive. They are also unobtrusive -- unless we are on the lookout for a place to use our laptop, we may not even notice when we are in a hotspot.

In 2001, the standard Wired Equivalent Privacy (WEP) access protocol, designed to keep unwanted users from accessing the device. Security was greatly increased in 2003 with the release of Wi-Fi Protected Access (WPA).

Wi-Fi has reinvigorated the use of public spaces from cafés to parks around the world. Unfortunately, several attack scenarios remain largely unknown and could feed an epidemic of corporate and personal identity theft. For example, when we try to connect to a cheap wireless access point from any Internet service provider at any airport trying to check our emails using our credit card for paying, a security certificate may pops up when we browse to any site that offers encryption. We will recognize that a site is using an encrypted session because the web link starts with https:// instead of http://. In this case we many choice to either close the page or continue to the website. After a while, we may discover this cheap internet provider charge our credit card within hundred dollars. Unfortunately for us, it turns out that this cheap wireless access company was really an identity thief.

Now the question is this, “how do you know that this particular wireless access point is trustable? Anyone can put up a wireless access point and put up any page they like.

Most people don’t pay that much attention to security warnings that show up when browsing the Internet because they don’t understand what these warnings mean. Society just needs to find ways to reduce the risks without reducing the convenience. User can do to protect himself is to pay attention to security alerts.

The digital certificate is one of the few things a corporation can do to give an end user any sort of confidence in the site’s security. If the certificate is not properly maintained, it causes skepticism about the rest of the security.

1. Do not accesses to any wireless access point without any prior knowledge it is a trustable wireless network.
2. It is better to use your personal mobile internet access to security purposes.
3.  Use 128 bit or even 256 bit encryption key.
4. Keep any personal information about you as private as possible.
5. Do not use common numbers like your birthdates or the last four digits of your Social Security number.

How to Avoid Hacking, and Prevent Internet Security Problems

1. Do not open any attachments or files in your email if you do not recognize the sender.
2. Make sure that your system has a competent firewall installed and activated.
3. Make sure to download and install any security updates for your system as soon as they become available.

Reference

Oram, A., and Viega, J. (2009). Beautiful security. O'Reilly Media, Inc. Sebastopol, CA.

Copyright on the Internet

Copyright could be defined as a protection provided by the laws to the authors of original works including literary, artistic, musical, architectural, etc.

Nowadays the Internet is a wide open source for information, entertainment, and communication. Sometimes and without proper knowledge, people unintentionally break the copyright laws that govern the Internet. Many myths have caused people to believe copyright laws do not apply to the Internet and that’s not true. One of the biggest mistakes that people believe is that if any information provided on the Internet or any other works have no copyright notice, it is not copyrighted. For example, one of the correct form of a copyright notice is "Copyright or © by date and author name". Many people believe that if this notice is absent, they can post, use, or take any work on the Internet. In fact, everything is copyrighted by the owner or author whether is has a notice or not. However, copyright laws are in effect in today's cyberspace to protect those people who created original works. The internet is built on the copying. It also built on links. For example, if you copy any photo, text video, sound, etc without permission, you have a long series of copying with no consent and therefore potentially dozens of infringements of the copyright. Some of the web content can be protected including, links, original text, graphics, audio, video, html, list of web sites compiled by an individual or organization, and any other original material.

Some of Copyright principles:

The essential step to understand the copyright principles is getting a good understanding of the technology and the flow of content. Then one applied copyright principles to each derivative to see if it is infringing or not. Congress gives us laws from time to time due to technologies change, but this approach to the analysis is constant. For example, one of the not copyright issue under United States law in providing a link. But there is a question mark about the deep linking use. The court in 2000 answer this question that deep linking is possible so long as it is clear to the user who if the owner of the linked to use. On the other hand, framing is permissible under United States copyright law too as long as the source of the framed page is made clear. That’s because it mechanism is just a link and not copy the framed page; it just sends the user a web page that includes a link to the framed page.

As a result, when people trying to create a web site, they can link to other web sites and cite source but they should be aware from some specific requirement associated with that link. The best way to do so is checking the link to find any restrictions. In addition, people can use free graphics on their web site but if these graphics are not free, then they should get a permission to copy them as well.

On the other hand, people can not copy and paste the contents from various Internet sources into their personal website or change the context in a way which changes the meaning, include another person e-mail in their own document, or forward it to another recipient without permission and using other people icons, logos and other graphics from other web sites to their web page.

DMCA Notice and take down rules

The Digital Millennium Copyright Act (DMCA) was signed into law by President Clinton on October 28, 1998. That has provisions that can act as a shield against copyright liability. It applies to any “Service Provider - SP”, which defined as “a provider of online services or network access”. Any company that allows posting of content or messages such as blog site, any instants messaging services, chatting rooms, online video gaming, etc can get quite benefit from this DMCA rules. These rule protected any SP against claims of infringement of copyright by reason of the “storage at the direction of a user” of material on the SP systems.  

On the other hand, this rule has some limitations, such as:

1. Protection will not apply if the service provider has “actual knowledge” that the material is infringing.
2.  Protection will not apply if the service provider is a ware of “facts or circumstances from which the infringing activity is apparent.
3. Protection will not apply if the service provider does not expeditiously remove or disable access to the material upon obtaining such knowledge or awareness of the infringing material.”

The protection rule will be applied if the SP does not receive a financial benefit directly attributable to the infringing activity, in which the SP has the right and the ability control such activity.

Any company or website owner wants to be eligible for these DMCA rules; they should designate an agent for notification about claimed infringements. They web site must register the agent with the US copyright office. To do so, they must download, fill out a special form from the website (www.copyright.gov) and send it to the address indicated.

Once this process has been completed, its website needs to clearly identify that person as the agent for notice under the DMCA and inform users of the DMCA procedure. Once the website owner has it registered agent and the right form of a copyright policy up on its website, then the website owner site owner can avoid most or all US copyright infringement due to user-contributed content as long as it complier with some formal procedure rules

Reference:

Landy, G (2008). The IT/digital legal companion. Synrress Publishing, Inc. Boston

Welcome to the Web Privacy Strategies Blog

Everybody welcome here.

This blog was created as one of EM835: Information Accountability and Web Privacy Strategies: IAS (Win 2011) course requirement.

EM835- is very excited class. Now I posted outside the box of the Moodle.
I’m very glad to be in this class. I think there will be much more to learn.

Your comments are so important to me.

Thanks alot