Karen- I've taken the liberty of replying to you via the Folkschool list, since your question is of general interest. So, skipping right over the question of what to do to Microsoft...
When you perform a secure transaction (like when buying something from Amazon), your information is encrypted when it is being transmitted between you and Amazon, so that your personal data (including credit card #, etc.) is safe. (In Internet Explorer, you'll see a little closed padlock icon at the bottom of the screen, indicating you are on a secure site.) But this is only one of the places where there needs to be good security. The on-line vendors, like Amazon, have databases containing transaction records on their own servers. There have been at least a few cases where these databases have been hacked, and credit card information has been stolen. The other place where one needs to worry about security is in your own computer. If you store sensitive info in your computer, you could be at risk if your computer is hacked, or just plain stolen. For instance, the new versions of IE have an "auto-complete" feature which offers to remember and fill out information on Web forms for you, including passwords - a truly terrible idea -- you should tell it no when it asks you if you want it to do this. Another place sensitive info can be stored is in cookies. If you go to a Web site where you need to log in (such as Amazon), you are often given the option of having the site "remember" you on your next visit. It does this by saving your information in a small file, called a "cookies," which is stored on your computer. Depending on the site, this may include your user name, password, and other information. Add to this picture the fact that on some vendor sites, once you log in you can immediately start buying things, because they already have your credit card info stored in their own database, and you can see how important it can be to prevent unauthorized access to your cookies. The Internet Explorer security hole that prompted me to write the message about upgrading to 5.5 or 6.0 is one that -- theoretically -- could allow an evil Web site to read the contents of other sites' cookies that are stored on your computer. It is fairly easy to disable all cookies in your Web browser, but then you'll find that a lot of the Web sites you want to visit won't work, so for most of us upgrading is the best way to go. To put all this in perspective, I think the risks in using a credit card on-line are probably still very low, less than those you face every time you give your card to an anonymous cashier or waitperson. And there are simple things you can do to minimize these risks. If you have Internet Explorer 5, you should replace it with IE 5.5 or 6.0, not try to patch it. I don't know if IE 6 will work with Windows 95, but IE 5.5 will. You should be able to get IE 5.5 from the Windows Update site (<www.windowsupdate.com>). If you have a very old version of IE, this site may not work for you, in which case you should go to Microsoft's general download site, at <http://www.microsoft.com/downloads/search.asp?>. After downloading and installing the new IE, go back to Windows Update, and install anything listed as a "Critical Update." Jon >Reply-To: "Karen Saum" <[EMAIL PROTECTED]> >From: "Karen Saum" <[EMAIL PROTECTED]> >To: "Jon Falk" <[EMAIL PROTECTED]> >Subject: >Date: Thu, 17 Jan 2002 06:14:34 -0500 >X-Mailer: Microsoft Outlook Express 5.00.2314.1300 > >Hi. I have just wasted 20 minutes trying to find a security patch for >Internet Explorer 5 for windows 95 and I couldn't find it, plus another 15 >minutes trying to contact Microsoft. Is there a way to perform industrial >sabotage on these arrogant...well, I'll leave that to your imagination. > >I am not concerned that people would rifle through my files, but I am >concerned about buying stuff on line. When I enter what a seller (like >Amazon) calls a secure site, can that credit card infor be accessed >through my faulty IE or OE? > >Thank you...Karen Jonathan Falk Pine Tree Folk School RR 2, Box 7162 Carmel, ME 04419 (207)848-2433 <http://www.ptfolkschool.org> **Folkschool-list archives are at: <http://www.mint.net/folkschool/helpnet/archives.htm> Sponsored by Pine Tree Folk School ==^================================================================ This email was sent to: [email protected] EASY UNSUBSCRIBE click here: http://topica.com/u/?a84vzQ.a9gqS3 Or send an email to: [EMAIL PROTECTED] T O P I C A -- Register now to manage your mail! http://www.topica.com/partner/tag02/register ==^================================================================
