Not a place, or even a tangible thing. At its roots the Internet is nothing but a large number of agreements between participants. One type of agreement deals with the carrying and exchanging of traffic, or the connectivity links between different nodes and networks. The other deals with how the traffic is represented, known as the protocols, which lets everyone understand the traffic being exchanged. Nobody owns the Internet, but many own pieces of the hardware that it runs on, the links and servers. Most of the protocols are openly defined and are in the public domain, so anyone can use them to talk ‘net talk. The Internet is dynamic, with nodes (individual machines included), links and entire sub-nets appearing and disappearing over time. Developed by networking researchers sponsored by the military, the ‘net is able to automaticly take advantage of new connections and route around broken links. Atomic bomb blasts were the concern at the time; fortunately the same ability works well for back-hoe damage.
Now completely run by commercial enterprises, the Internet spans the globe and connects hundred of millions of individuals with e-mail and web access. According to the latest netcraft.com survey, there are over 15 million web servers online. These hold billions of pages of information, messages and sales pitches, expose archival and real-time databases, provide access to legitimate and pirated music, banking, stock trading; the list goes on forever.
More specialized services can provide device and data sharing between any two or more computers connected to the Internet, these being across the room or across the country. Suddenly it’s possible to have knowledge workers spread around the world, all working together. And the marketing demographic! Hundreds of millions of people, most affluent enough to own their own computer. Yet the connectivity and publishing costs on the ‘net are surprisingly low, and dropping quickly while capacity increases during the current phase of build out.
With possibilities and opportunities like this, it’s no wonder so many people, agencies and businesses are coming online as quickly as they are. It is unfortunate, however, that many are attaching themselves to the Internet without realizing it can also be hostile, or that their machines may be improperly configured for such an environment. A line from a CBC show from about ten years ago will never leave me: “Everyone talks about what technology will do. No-one talks about what it will undo.”
Connect a machine directly to the Internet, and that machine becomes a peer, and can be reached by any other peer, no matter where it is. This is, of course, the great thing about the Internet — normally. But what if the remote peer isn’t a friend (or co-worker, or a customer), but is instead someone (or some autonomous agent of someone) who wishes to do harm; properly referred to as a cracker, commonly known as a hacker. Well, if your machine is poorly configured, the cracker just exploits the open services, and gains access to your machine.
Poorly configured machines are more common than might be thought, but as many desktop environments are expecting a nice, safe LAN, it’s not really that surprising. In addition to a proper security posture on the machines themselves, network routing and filtering provided by your network connection provider can help reduce this exposure, as can an on-site Network Address Translation router and/or Firewall box. There are often many reasons why someone doesn’t want to be a full peer on the Internet. And those machines which are, should be carefully configured.
As frequent e-mail spread virus reports attest, even reducing one’s exposure to simply receiving e-mail still doesn’t fully protect you, on some platforms. I think it’s worth noting that current virus protection software only protects you after someone else (or possibly millions of others) have already been infected. The virus protection software company needs to receive a copy, then they develop a signature of the virus which you then have an opportunity to download. Then you’re protected.
For the most part, staying safe on the Internet is the same as staying safe in the real world: common sense. Don’t automatically trust people or companies you don’t know. Don’t leave your doors and windows (ports and services) unlocked, or give out copies of your key (password). If you can afford a moat (firewall), get one. Other precautions are uniquely ‘net oriented, like don’t ever launch something someone e-mails you, or to say anything in e-mail you’re not prepaired to have the world read.
If you have a web-site open to the public, be prepared for the fact some small percentage of the public aren’t nice. Add to this the fact some people on the ‘net are located in completely different legal jurisdictions, and the prudence of securing your assets become clear. For example, it can often make much more sense to have the company’s public web-site off-site at a commercial hosting service, and rely on them to worry about the increased security needs. If crackers do decide to go after your web-site, why give them the opportunity to crack your LAN too?
Not intended to discourage people from coming online; the Internet is truly a great new place of opportunity for both individuals and businesses. Properly managed, the ‘net can be an amazing tool. But improperly managed, well, we just don’t have the room….
Published in the Victoria Business Examiner.