Another week rolls on by in the world of web development. I want to talk today about security on the internet, how secure is it really for our own personal web surfing and as web developers for the websites we build for our clients. What got me thinking about this was last week for my security and quality assurance course I was tasked with researching a series of websites and the potential security vulnerabilities that those types of sites would need to be secured against. Now after several hours of research on the subject I had enough information to write and submit my assignment.
The following morning I received a scary notification from Google stating that my account someone had attempted to hack into my account from Florida and change my password. Now for some added context here, in the four years since I opened my first Google account I had never had any problems with security or attempted hacks. So while it may have been a coincidence, it seems that merely conducting background research on the most common types of hacking and the methods to prevent them have somewhat partially compromised my personal security online.
So I was left asking myself, how the heck am I supposed to be able to find out how to defend myself and my websites against hacks without being compromised in the process? After doing some additional digging it turns out there is actually quite a lot average internet users can do to lessen the chances their online accounts will be targeted. One of the easiest things to do is remove any cookies your browser stores for extended periods on your computer. Cookies are pieces of web code that allow visitors to a website to store any settings they have with a given website for use when they return later. If there are holes in the security of the cookies they can be hacked (as was the case with me) and personal information can potentially be stolen. Additionally all modern browsers come with some form of privacy mode that doesn’t store user information once the browser window has been closed. In Chrome this is called incognito browsing, and both Firefox and Internet Explorer have similar modes available in their options menus.
For people and organizations that need even higher levels of security & privacy, several of my classmates told me about different browser all together called TOR that keeps users communications secured by relaying them to different servers around the world which makes it much harder for somebody watching your Internet connection to learn what sites you visit, and it prevents the sites you visit from learning your physical location.
One final takeaway to remember with all of methods to enhance your online security, while they will make you a much harder target to find and track; but at the same time remember that none of these steps outlined is by any means full proof.