Online edition of India's National Newspaper
Thursday, July 26, 2001

Front Page | National | Southern States | Other States | International | Opinion | Business | Sport | Science & Tech | Entertainment | Miscellaneous | Features | Classifieds | Employment | Index | Home

Science & Tech | Previous | Next

Surfing: better safe than sorry

Recent investigations by the Net's watchdog agencies reveal an alarming increase in officially sanctioned snooping on unwary web surfers. Anand Parthasarathy reviews Internet's patchy privacy record and suggests what India's 10 million strong Net-enabled users should do to repel those prying eyes.

IF YOU want a truly scary demonstration of how much information about yourself, your physical location, your surfing habits, your purchasing preferences.... can be gathered by websites which you visit, try doing the ``Privacy Analysis'' of your Internet connection that is available at www.privacy.net/analyze. In under 2 minutes, the site will display on screen a 3-4 page report of the most detailed information it has gleaned from your computer.

How does it do it?

The most personally identifiable information that is captured everytime you make a communication link over the Internet is your Internet Protocol or IP address. Often your IP address is automatically noted by all the companies who put their advertisements on a web page you visit. Since IP is the lingua franca of Internet, each computer is assigned a unique address.

When IP addresses are converted to more easily remembered names like www.privacy.net, they become domain names.

Once an IP address is captured, there are tools which can find out:

- who owns the network

-where the network is located

-and where else that network has been surfing - useful to understand the surfer's habit patterns.

-your browser type and your operating system; your monitor preferences.

The majority of individual Indian surfers who use dialup connections through a service provider, have one small edge: their IP address changes within a pool of numbers allotted to the provider, unlike fixed connection users like cable modem or DSL ( Digital Subscriber Line) accounts or company accounts, who have static IP addresses

But a privacy analysis test will nevertheless come as a rude shock to most of us. If you feel vulnerable and are willing to pay a small price to protect your PC from prying eyes, there are software solutions like Anonymizer.com to prevent others from finding out your IP address. The service will act as an intermediary between you and the web sites you visit, filtering out any information like software configuration or browsing habits that can be used to identify you. Anonymizer provides a surfing box where you type in the address you want to reach rather than entering it in the location or address bar of your browser. In other words, tell Anonymizer where you want to go and it will take you there - safely.

You can download a free version of the software at their website, but the full featured service costs something like $ 5 a month. For this you get to control the other irritating intrusion on the Net - cookies, those small file packets that load on to your hard disk unless explicitly barred and then sit there for some days or months. The problem with banning all cookies is that many information sites will not send you what you want unless cookies are enabled.

There are also special tools like CookieCrusher which help to control and use cookies selectively.

A PC connected to the Internet has been aptly compared to a house where all the doors are wide open - 64K or approximately 65,000 of them, with ``welcome'' written on the doormat!

There is no way you are going to secure all these doors and still do meaningful surfing.

So the only option is to encrypt those portions of your PC, like any confidential mail files you may store, with software tools like PGPfreeware offered for free download by Network Associates.

The latest version 7.0.3 dates from February 2001 and the 7.5 MB zipped file can be downloaded on a good day with a 56K modem in about 15-20 minutes. There are other tools ``Nukenabber'' and ``Net-Commando'' which serve as port sentries, alerting you when someone, somewhere out there is getting too curious about your PC.

The easiest way to access the free tools among these is to visit a site like cnet.com and search in the free downloads section. A search at the site using the keyword ``privacy'' will also take you to excellent tutorial material - some of which has been summarized above.

I know what you have surfed

On July 9 a report released by a U.S. based watchdog agency called the Privacy Foundation, revealed that in addition to the anonymous watchers on the web described in the preceding paragraphs - there is another more invidious danger: one of three employees in the US ( and by inference outside as well) is being secretly monitored by his or her employer. The report identifies some of the big U.S. -based companies -like Glaxo, 20th Century Fox , American Express, Duracell and Barclays - who are known to keep close tabs on the emails of those who work for them. But as the Foundation ruefully notes, such surveillance is becoming very cheap - thanks to software like ``Websense'' or ``Mimesweeper'' - and employee monitoring will soon be such a commonplace facet of the work place, that its ethical implications will not even be discussed.

Of course, the arguments to justify such abuse of privacy are by now familiar: unfaithful employees who send out company secrets, employees who surreptitiously apply for other jobs etc.

But the fact that the vast majority of loyal employees are also abused in the process is usually brushed aside.

How does the snooping take place? Take Web sense Enterprise ( www. websense.com) which claims that 13,000 organisations worldwide uses its technology. Its system is based on ``pass through filtering'': all requests for web pages pass through a control point: either a special proxy server or a caching device.

Web sense examines each request and can be programmed to allow or deny access to the website.

It works in conjunction with a Master Database of over 2.4 million sites. Thus an employer can block sites which offer mp3 music; or video, or games, or objectionable ``adult'' content.

It can also locate and block sites offering Internet telephony, radio, online trading etc. The package also generates 60 different reports based on individual or category of site.

New sites visited are logged and can be reviewed by the employer.

The other software popular with employers is said to be the email scanner ``Minesweeper'', (mimesweeper.com) claiming over 10 million users worldwide.

It has modules to handle breaches of confidentiality, theft of data, productivity loss ( euphemism for 'time wasting'!) and damage to reputation.

The easy availability of such tools should convince any employee that the company email facility can today be limited in scope sharply and easily, to serve the narrow interests of the employer.

It is not - as many Indian employees, dewy eyed about being given ``internet access'' think - a perk or a subsidy of some kind.

If you want to enjoy the Net in peace, buy your own Internet account and do your surfing at home on your own machine.

Interactive dangers

But in the safety of your own home, possibly surfing with an affordable set-top box tied to your TV, or with a Cable TV Net connection, are you free from surveillance?

Perhaps not for long - if another disturbing US report is to be believed.

It concerns the dangers of interactive TV an increasingly popular technology in the West. Herein India, for different reasons - the large number of TV sets owned (about 80 million) compared to PCs ( about 5 - 6 million) - Internet through TV and the complementary technology of interactive shopping and entertainment services are being seen as appropriate to our situation.

The Centre for Digital Democracy, a Washington- based advocacy group, last month released a report which says the interactive industry is deploying new technologies that can capture huge amounts of personal information about TV viewers.

The Set-top box, the VCR-VCD player, the Cable TV connection can all be used as invisible eyes: As you watch the TV screen, the TV is watching you - so to speak -noting which channels you prefer, which advertisements you watch, which you zap with the remote....and it builds up a profile of you, the user.

Theoretically a cable operator, knowing from your viewing habit that you are a vehicle owner, can send you tailored advertising, urging you to trade or sell your car for a newer model.

If the TV is used to see a lot of children's programmes, the local supermarket might be interested in sending you streaming text at the bottom of your screen, touting new sweets, fast foods, school accessories....

The fascinating 31 page report can be downloaded freely from www.democratic media.org/privacy report.pdf.

Much of it may not apply to India today - but it will be useful as an amber signal of the dangers that lurk ahead as we grope for the best, most affordable, means to e-nable ourselves and our loved ones.

Send this article to Friends by E-Mail


Section  : Science & Tech
Previous : Brain stores perceptions into small meaningful
           chunks
Next     : Pusa Ankur : new brinjal variety

Front Page | National | Southern States | Other States | International | Opinion | Business | Sport | Science & Tech | Entertainment | Miscellaneous | Features | Classifieds | Employment | Index | Home

Copyrights © 2001 The Hindu

Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu