Bypassing the Pleasantries: How Internet Security is Getting Personal

It’s a very disturbing fact that even in 2014, over half of internet users in the UK are still not implementing appropriate web security to protect their data. Maybe people will endeavour to change this attitude when they learn that a massive amount of personal data was recently discovered to be for sale on the online ‘black market’.

How much data? Information from over 360 million accounts and well over one billion email addresses were up for grabs to the highest bidder. When it comes to the web, anyone and everyone is after what they can steal, take or copy.

Worth a packet

Online security is always going to follow the pattern of ‘board up the door, they will break in through the window.’ However, the best way to understand something is to do that thing yourself, even if it is a negative action. Security is a constantly evolving field which has just been given a boost with the news that University researchers have just developed a new technique to bypass secure internet connections.

They have also created defensive software that reduces packet information an attacker can gather. Whilst it effectively reduces the accuracy to identify web pages a person visits by almost 60%, the flip side of the coin is far more alarming.

After a study on almost half a million pages from industry leading websites, this technique was developed as a method of highlighting the need for increased online security.

Brad Miller, co-author of the study, stated that the process of identifying the segmented and encrypted patterns of web users would be like…”if somebody gave you a bicycle but took it apart and wrapped each piece individually. You would quickly notice that there were two big packages which look like wheels, a frame, a squiggly one that corresponds to a chain, etc.”

The study goes on to focus on the unfortunate truth that it might not just be hackers who can adopt this technique. There’s nothing to stop ISPs and Wi-Fi access point operators with access to HTTPS traffic from gathering data on users and selling this to advertisers.

Is encryption still viable?

People might worry that encrypted data will soon be a thing of the past and that all personal data is open to theft and manipulation. Edward Snowden, the former computer specialist for the CIA and NSA, stated that encryption technology is still an effective and powerful tool that still works, if handled right.

Speaking at the recent SXSW event, Snowden stated that encryption is a basic, fundamental aspect of online security that needs to be understood more by the wider audience of internet users. He added that encryption is “something we should not only implement, but actively research and improve on an academic level.”

He went on to advise stronger encryption methods. However, he also felt that it might not be adopted by the online community at large simply because the largest companies such as Facebook and Google rely on gathering data from their users for advertising purposes.

Is internet security too lax today? Do we not understand, as a whole, just how necessary protecting our personal data is?


About the Author:

This post was written by Jake Messer on behalf of HANDD, providing Data Security and Managed File Transfer solutions.