Episode 6
Web Browsing
In this episode we uncover how problems and pitfalls can arise even from a simple advertisement, apparently real and harmless. Today we all have to del with surfing the web, for work, study or personal activities. This continuous exchange of information on the Internet includes, of course, the exchange of sensitive data, such as bank and credit card codes, phone numbers and addresses, personal information, etc..
The characters of the story
The story
Glossary
Web Server e Web Browser
A Web browser (often called simply “browser”) is a software application used to browse the World Wide Web (usually called “the Web”). Technically, its purpose is to fetch information from the Web. There are many browsers available, each with its own characteristics, but the most famous and used ones are Google Chrome, Apple Safari, Mozilla Firefox and Microsoft Edge. In order to use a browser to reach a website, or some other resource you want to visit, you simply have to enter the correct web address, the URL (see URL), in its address bar. A website can have a lot of different 'shapes' and purposes: it can be an online store, (often referred to as an e-commerce), a digital newspaper, a freelance personal portfolio, the page of a company, and many other things.
HTTP e HTTPS
HTTP (Hypertext Transfer Protocol) is the communication protocol used by websites to transmit information. When you browse a site that uses plain HTTP (so to say, a site whose complete URL begins with http://) data transmission is normally called 'clear', which means that if compile a form with your credit card number or input a password, on that site, to buy your new shoes, those information are readable by anyone, including Mr. Bad Guy! To solve this problem, an extension of the HTTP protocol has been created: the HTTPS, where the S stands for 'secure'. A website that uses the HTTPS extension (a site whose complete URL begins with https://) protects the credit card information or the password you send it, creating a sort of container, secured with a padlock, that seals the data during all of their journey, from the moment you enter them, to the moment they reach the recipient. Only the recipient can open the container. HTTPS is quite common today, especially on websites that sell goods (see E-commerce) and websites that deal with user’s sensible data.
E-Commerce
E-commerce, or electronic commerce, is the activity of selling and purchasing goods or services over the Internet. An e-commerce website is the online version of a traditional shop, even if it resembles more a modern, online version of a sales catalog. The difference with traditional shops (and even with some older sale catalogs) is that on e-commerce websites money transactions are all carried out completely electronically. This kind of sites and services can be particularly critical from a security point of view, because they collect your personal data, including your credit card data. That’s why they are the ones you need to pay the most attention to; for example, making sure that they use the HTTPS protocol (see HTTP and HTTPS.
URL
The URL (Uniform Resource Locator) is one of the fundamental elements of the World Wide Web. It is an alphanumeric string, of variable length, that uniquely identifies a web resource, like a website. Examples of URLs are www.google.com (Google’s search engine homepage), www.nytimes.com (New York Times homepage) and www.un.org (United Nations Organization homepage).
URL Shortening
E-commerce, or electronic commerce, is the activity of selling and purchasing goods or services over the Internet. An e-commerce website is the online version of a traditional shop, even if it resembles more a modern, online version of a sales catalog. The difference with traditional shops (and even with some older sale catalogs) is that on e-commerce websites money transactions are all carried out completely electronically. This kind of sites and services can be particularly critical from a security point of view, because they collect your personal data, including your credit card data. That’s why they are the ones you need to pay the most attention to; for example, making sure that they use the HTTPS protocol (see HTTP and HTTPS).
Today's lesson
What do you think about what you just read? Is it incredible? But, sometimes, a simple oversight of where we put our data is enough to let our bank account balance drop sharply. Unfortunately not all sites keep and transmit data in a secure way (i.e sites whose URL starts with http://…), so they are easily stolen if intercepted. You should always checl the security of the site you are connecting to, both for the transmission (if the URL starts with HTTPS://…) and for the thrutfulness of the site itself (unfortunately lately there are a lot of malicious sites using secure URLs).
What should I do?
