Saturday, January 19, 2008

Buying Online Security

This article is an expanded version of my buying only portion of “Buying and Selling Online Computer Security.” Whenever you want to check to see any link s address to see where it is going and a web page s coding, in Mozilla Firefox and Microsoft s Internet Explorer web surfing browsers click on View menu at the top then page source or source. You can read the code and where the link is headed to. If a site takes credit cards themselves without Paypal then they need to be SSL encrypted which was invented by Netscape and means Secure Sockets Layer. The newer method is called Transport Layer Security (TLS), which is very similar. If a site states it is SSL they may actually be using TLS because they are in the same protocol family. The SSL and TLS method consists of two keys that are used to transmit data. One of the keys is known to the public and the other key (private) is only known by the recipient of the message. The public key encrypts the information and the private key deciphers it. The length of the key is important. As of this writing 128 bit length is considered safe, shorter (40 or 56 bit) is considered unsafe. The encryption creation of the keys works with the combination of your browser such as Microsoft Internet Explorer or Mozilla Firefox, your operating system, and the site s server. The keys are unique to that one purchase session only and a new key is created when another site is visited and purchased through. If a site says that it is 128 or 256 bit and you have an older browser that does not support 128 bit length you can still purchase on it but your info is not really being encoded at that bit length, thus it is risky. You can check to see if your browser is 128 bit capable. In Explorer click Help>About> and “Cipher strength” should say 128 bit or better. In Mozilla Firefox click Help> About there you should see a “u” in there which means United States which has the 128 bit level or longer. If there is only an “I” this means international and it is lower bit level and is unsafe. The international market generally uses a shorter bit length, thus it is more risky to purchase outside the United States in some markets, double verify a website s certificate (explained below) and they are using 128 bit for international orders. If your browser does not have the 128 bit level or longer you must download the latest versions of the browser that your operating system can support after downloading the latest upgrades, service packs, and patches for the operating system itself, check the browser again to see if the computer took it. Even if it already says 128 bit, it is best to check for the latest updates anyways and install them. When you are about to enter sensitive information online make sure the address states https: and not just http:. The “s” means a secure encrypted page. Also, you must see a little padlock that is in the locked position on the bottom right of both Microsoft s Internet Explorer and Mozilla s Firefox browsers. If it is unlocked it is not secure. Then double click the little lock on either browser, this will bring up the site s SSL certificate, it must match the site you should be on and the address in the window. If there is a mismatch you might be on what is called a spoof site which is a fake copy of a real site trying to get your info. Phishing is where someone is drawn to the spoof site from an email which has a link to the fake site. To see the bit length of a website with Explorer just hold the mouse over the lock, with Firefox double click the lock and the bit length will show. The certificates are called SSL digital certificates and are issued by organizations that do background checks on a company s identity. The certificate must match the browser s certificate code with the site s certificate code which is done for you by the browser. If there is a mismatch with the certificates then a warning to you will pop up. For all types of discounts and specials on products and services across the web visit: amazing-adventure.com/Discount_Directory.htm For a massive information site visit: information-galaxy.com Glenn Heitkoetter is a part time writer.

No comments: