There has been a lot of talk recently about Google Talk and how there are serious privacy concerns with the new application.
The biggest concern seems to come with the ability to search and share multiple computers with one account. In other words, you could use a single desktop search account to search, index and allow you to share files between your desktop and laptop for example.
But are these concerns grounded in truth? Is there really a privacy issue here?
I downloaded and installed the new Desktop Search beta the other day. It has some interesting new features such as the ability to remove panels from the sidebar and dock them anywhere you like on your desktop.
And there are several more panels available to let you do anything from manage what is indexed, to passing time by playing games.
One of the coolest features is its ability to reach beyond the desktop it is on to do a variety of things. Now, I can play tic tac toe with co-workers, or even friends around the world.
But the biggest, and most troubling update to some is the ability to remotely index files, as well as share them using Google servers to temporarily store the items.
By turning this feature on you give Google the right to store your files for up to 30 days. Therein lies the crux of the issue – there seems to be no way around this 30 day requirement.
All I have to say is 'so what?'
So what if you have to give Google this ability? Google will encrypt the data so that no one else can access it. And even if there is some sort of DOJ subpoena requiring access to these files I don't think it would stand up in court.
This is because Google has set up a network whereby all your Google activities are tied to one Google account. Your personalized home page, gmail, google analytics, adwords and adsense accounts all share the same Google account. Therefore, it would be difficult for anyone to get a subpoena to review information pertaining to only part of that account.
Legalities aside, if you are that concerned about the privacy being surrendered to Google in order to use this system then don't sign up for it.
You can still download and use the new Desktop Search with most of its new features, but you don't have to use the file sharing.
But what if you want to share files between computers?
Well, do what I did – go to your favorite electronics store and buy a flash drive. I just bought a USB flash drive with over 2 gigs of storage for under $100. Now I can easily transfer anything between any computer with no worry of some government agency wanting to know what's on it.
As I said, I do have the new Google Desktop installed, and I did look at the settings for the search and file sharing, but I didn't turn them on. I have no need to be able to search my home computer from work and vice versa, nor do I need to share files between the two computers.
And if I did, I'll simply use the FTP site I have set up on a computer at home or the aforementioned flash drive.
Really, when it comes to all the other ways that Google captures your personal data, from search history to Gmail, should we be all that concerned that some files may end up being stored on a Google server somewhere?
I think we should have other concerns. For example, I think we should be concerned about what Google already knows about us via those services I mentioned earlier.
I think business owners should be concerned that such a service would allow employees to easily steal and transfer data to and from work.
I think if you are that scared of the US government infringing on your privacy then you shouldn't have a Google account, nor Google Desktop Search nor a Gmail account. In fact I don't think you should have any Internet accounts because quite honestly everyone is a target for the DOJ. Further, I can almost guarantee you that your local ISP will fold and hand over the data much easier than Google will.
So before you start complaining about how Google could infringe your privacy, remember that YOU have the ability to stop it from happening. It's just a matter of choosing to do so.
Showing posts with label internet security. Show all posts
Showing posts with label internet security. Show all posts
Saturday, December 27, 2008
Your Business can suffer due to absence of Digital certificate on your website
It is very important to take the protection against online information larceny, because it's getting very easy for people to share digital products. Information theft is a type of computer safety and security risk and it's defined as thieving someone’s private or confidential information. It’s very dangerous to get the information stolen as this can cause as much damage, or possibly more then hardware or software theft.
Most of the systems on the way of your data can see what you send. A lot of companies try to stop information from being stolen by applying some user identification and authentication controls.
These constrictions are most promising for protecting computers along a company's premise. However, to protect information on the Internet and on networks, companies use a handful of encryption methods like digital certificates and SSL security. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers. Encryption refers to the process of converting data into an unreadable form. Encrypted data is like any other data because you can send it through a lot of options, but to read it you must decrypt or decipher it into a more readable form with the help of public and private keys provided. Throughout the encryption process, the unencrypted data or input is known as plaintext and the encrypted data, or output is known as cipher text. To be able to create an SSL connection a web server requires an SSL Certificate. When you choose to activate SSL on your web server you will be prompted to complete a number of questions about the identity of your website and your company. Your web server then creates two cryptographic keys - a Private Key and a Public Key. To encrypt information, the programmer converts the plaintext into cipher text using some type of encryption key. An encryption key is the programmed formula that the person who receives the data uses to decrypt the cipher text. There are varieties of encryption or algorithm methods. However, with an encryption key formula, you will be using more then one of these techniques.
Most common example is a nasty individual stealing credit cards so they can make illegal purchases on another person's account. If information is transmitted over a network then it has a very high chance for nasty users to capture the information.
A digital signature is a type of encrypted code that an individual, website, or company pastes to an electronic document to make sure that the individual is who they claim to be. The code will most likely consist of the user name and a hash of usually part of the message. The complexities of the SSL protocol remain invisible to your customers. Instead, their browsers provide them with a key indicator to let them know they are currently protected by an SSL encrypted session - the lock icon in the lower right-hand corner, clicking on the lock icon displays your SSL Certificate and the details about it. All SSL Certificates are issued to either companies or legally accountable individuals. The main purpose behind using digital signatures is to make sure that it's not a swindler participating in the transaction. So, digital signatures help narrow down e-mail frauds. A digital signature can also make sure that contents of a message have not been changed.
Typically, an SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country. It will also contain the expiration date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate. When a browser connects to a secure site it will retrieve the site's SSL Certificate and check that it has not expired, it has been issued by a Certification Authority the browser trusts, and that it is being used by the website for which it has been issued.
Many ecommerce websites will usually have digital certificates. A certificate authority (CA) is an authorized company or individual for that matter that has the ability to issue and verify digital certificates. There are several of websites that offer a digital certificate. One of the popular Global Certification authorities is MindGenies (www.sslgenie.com).
Most of the systems on the way of your data can see what you send. A lot of companies try to stop information from being stolen by applying some user identification and authentication controls.
These constrictions are most promising for protecting computers along a company's premise. However, to protect information on the Internet and on networks, companies use a handful of encryption methods like digital certificates and SSL security. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers. Encryption refers to the process of converting data into an unreadable form. Encrypted data is like any other data because you can send it through a lot of options, but to read it you must decrypt or decipher it into a more readable form with the help of public and private keys provided. Throughout the encryption process, the unencrypted data or input is known as plaintext and the encrypted data, or output is known as cipher text. To be able to create an SSL connection a web server requires an SSL Certificate. When you choose to activate SSL on your web server you will be prompted to complete a number of questions about the identity of your website and your company. Your web server then creates two cryptographic keys - a Private Key and a Public Key. To encrypt information, the programmer converts the plaintext into cipher text using some type of encryption key. An encryption key is the programmed formula that the person who receives the data uses to decrypt the cipher text. There are varieties of encryption or algorithm methods. However, with an encryption key formula, you will be using more then one of these techniques.
Most common example is a nasty individual stealing credit cards so they can make illegal purchases on another person's account. If information is transmitted over a network then it has a very high chance for nasty users to capture the information.
A digital signature is a type of encrypted code that an individual, website, or company pastes to an electronic document to make sure that the individual is who they claim to be. The code will most likely consist of the user name and a hash of usually part of the message. The complexities of the SSL protocol remain invisible to your customers. Instead, their browsers provide them with a key indicator to let them know they are currently protected by an SSL encrypted session - the lock icon in the lower right-hand corner, clicking on the lock icon displays your SSL Certificate and the details about it. All SSL Certificates are issued to either companies or legally accountable individuals. The main purpose behind using digital signatures is to make sure that it's not a swindler participating in the transaction. So, digital signatures help narrow down e-mail frauds. A digital signature can also make sure that contents of a message have not been changed.
Typically, an SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country. It will also contain the expiration date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate. When a browser connects to a secure site it will retrieve the site's SSL Certificate and check that it has not expired, it has been issued by a Certification Authority the browser trusts, and that it is being used by the website for which it has been issued.
Many ecommerce websites will usually have digital certificates. A certificate authority (CA) is an authorized company or individual for that matter that has the ability to issue and verify digital certificates. There are several of websites that offer a digital certificate. One of the popular Global Certification authorities is MindGenies (www.sslgenie.com).
Subscribe to:
Posts (Atom)
