- One 40-year-old looks back on the Internet, c. 1971
- 1972: ELIZA, IANA and the search for (in)finite attention online
- 7 rules for rule-breakers
- Waiting for your life online
- How my custom URL shortener taught me the 10 principles of tech support
- Dittos remind us of the pleasures of obsolescence
- 10 ways you can help to build the Internet
- 10 ways spam taught us to focus our attention
- 6 questions to prepare you for a social media crisis
- Picturing the Internet in 1981
- 6 ways to beat time zones with technology
- 25 rules of social media netiquette
- Honoring the debt Canada’s connectivity owes to Chinese workers
- Cut the cord
- Core tenets of the social web
- Quiz: What level of online security is right for you?
- Online innovators turn foresight into insight
- Finding the soul of the web in HTML
- What you choose when you choose a network
- Blacksburg reminds us how to worry about our kids
- Are you using the Internet to monetize or to enlighten?
- Real innovators don’t hold grudges
- 10 bloggers share their tips on how to stay motivated
- 6 resources for learning about Internet history
- Looking back to predict the future of the Internet
- Creative disobedience online, from DeCSS to tweettheresults
- 6 web technologies that don’t suck anymore
- What we can learn from delicious and the tagging revolution
- 8 ways writers can make the most of online video
- The Lonely Princess: A Social Media Fairy Tale
- Why we need to remember life before the Internet
- The 9 secrets of a successful marriage (to a web application like Evernote)
- Bing helps us search for the meaning in our tech choices
- 8 browser extensions that will make you more productive
- 7 lessons about our online future from our online past
- Why do moms have to choose between usability and openness?
- Search party: 10 tips for better searching on Google and beyond
- Custom URL shorteners put the poetry back in domain names
- 40 tips on how to make the most of your life online
Getting the inside scoop on Santa Claus. Finding out what really happened to your childhood pet when your parents took him to “the farm”. Realizing that your favorite TV show didn’t mention one car company four times in a single episode simply because it was a natural extension of the plot.
We all remember those moments of disillusionment. For the first generation of Internet users, one such moment came on November 2, 1988. That was the night that a Cornell graduate student, Robert Morris, released a worm – a destructive computer program — onto the Internet. Before the Morris worm, the Internet was a largely unguarded space, plagued only by occasional, accidental mishaps.
The Morris worm opened a new chapter in Internet history, a new industry, and a new preoccupation: online security. Thanks in part to the worm, system administrators devoted new levels of attention to defending their networks. A generation later, the question of how to secure a network — or any data that is or could go online — remains a major preoccupation for tech professionals and tech users.
What’s interesting about this particular case of disillusionment is the variation in subjective response. In a world with many well-documented online threats, some people devote hours (or careers) to securing their systems and data. Other people spend little or no time worrying about computer security, living their online lives as if the Internet were still that pre-1988 Garden of Eden.
Most surprising is the lack of correlation between offline risk profile and online risk-taking. In a rigorously unscientific study of people with whom I have discussed privacy protection, data backup and other security-related issues, I have observed a near-total disconnect between security awareness on- and offline. People who are religious about arming their houses with the latest alarm systems may post their minute-to-minute movements on FourSquare; free spirits might eschew motorcycle helmets but guard every e-mail transmission with 1024-bit encryption.
Writing a dissertation about computer hackers left me on the slightly cautious end of the spectrum, but I try not to force my security religion on others. (Other than frequently relaying the single most useful thing I heard from any of my research subjects: “Until you have your data in at least two places, you don’t have your data.”) What I’d like to encourage is some simple consistency: a degree of alignment between one’s offline risk profile and the level of security pursued online.
To that end, let me introduce a new security enhancement tool, not coming soon to a women’s magazine near you:
What level of online security is right for you?
By completing these questions, you can identify the level of network security appropriate to your personal risk profile.
Cyber-security practices for your personal risk profile
Now that you know your appetite for (or aversion to) risk, let’s look at how that translates to a set of online security practices.
Easy Rider: Approach the Internet with the same devil-may-care attitude you take in offline life:
- Use library or café computers to do your banking and email, so you don’t have to buy a laptop
- Snap up the great deal in that pop-up ad by entering your credit card number when prompted
- Use a single password for everything you do online (preferably “password”)
- You’re an open book: why not share those photos of your new inner thigh tattoo?
- Don’t bother with “logout” buttons on those public computers
Trusting Tom: Embrace the social web with your characteristic spirit of generosity:
- Buy a Mac; it’s easier than worrying about viruses
- Use your credit card online as needed; if Visa has to replace your card a couple of times due to security issues, so be it
- Sign up for FourSquare under your full name and keep your location updated at all times so your friends can find you
- Post your family photos to Facebook and Flickr, without passwords, so your friends can enjoy them
- Use one password for your online banking and another password for everything else
Clear and careful: Take precautions that will allow you to enjoy your life online:
- Install anti-virus software on your computer
- Use your credit card only in reputable online stores
- Turn on private browsing when surfing porn or other potentially embarrassing content
- Share kid photos and news with a very limited circle of people online, and never post your kids’ identifying details (names or school)
- Use a secure, encrypted password manager like 1Password
Wary Larry: Implement the security measures that keep you from lying awake at night, worrying about your online exposure:
- Buy a Mac and run anti-virus software weekly
- Use a separate, low-limit credit card for any online transactions
- Read a couple of security blogs on a daily basis so you know about any emergent viruses or security issues
- Use PGP encryption for all e-mail correspondence
- Never post any photos or news about your kids online
- Keep all your passwords on a keychain drive
Nervous Nellie: Exercise the same level of constant alertness online and off:
- Keep separate computers for on- and offline activities, just in case you get infected on your network-connected machine
- Limit your online shopping to Craigslist and complete all transactions in cash
- Complete all online forms with false information, just to throw off the data collectors
- Avoid all social media
- Get Google to do the same thing for your house that they did for Dick Cheney’s
The bottom line is that there is no one-size-fits-all approach to network security. How much effort you put into staying safe online, and how you define safety, is a personal choice. Just make sure that your online safety decisions are driven not by apathy or alarmism, but by reliable information and clear boundaries.