URL Formation
Given a particular URL...
http://www.google.com/#hl=en&...
The first part, "http" in this case, is the "protocol". There's a few different things you may see here, but nothing you generally need to be concerned with. Although it is worth knowing that when the protocol is "https" that means data is encrypted before being exchanged between your browser and the server. On pages where you're entering sensitive data (SSNs or credit card numbers), you should check that the page is secured ("https://").
Then after the protocol seperator ("://") is the "domain name". Domain names are basically a tree path, seperated by the dots, and formed right to left. The right-most dot-something group (".com") in this case is referred to as the root domain. Then moving to the left the next sub-domain, the "first level" domain is google. And then one more sub-domain, a "second level" domain of www.
Anything after the first slash after the domain name ("/#hl=en...") all has to do with the path to resources on that site, and all irrelevant to the rest of this info.
This often mis-understood right-to-left organization is something malicious sites tend to try to take advantage of. They register domain names but then apply sub-domains (parts on the left of the first level domain) to make them appear legitimate.
For example, I received an email about a Password Reset from a service I use, and the email had a link to their reset page. I'm sure if I went to the page it would look like the real service's page and ask me for my "old password", which if I provided of course they'd then have my account password and be able to hack my account. The URL was...
http://us.battle.net.blizzard-
Which the first level domain name they used is actually ".blizzard-password-us-eu". The real service they're trying to impersonate "us.battle.net".
Public Networks
And if you're using a public network (library, coffee shop, etc), you should probably also make sure any page where you provide a password (or any sensitive data) is also secured. This is because any data you send out on a network, can be seen by other people on that network. But if you're on a page using HTTPS while anybody can still see the encrypted data, it will be just jargon to them.
For example (and rather surprisingly), Facebook's default home / log on page is not secured! If you just type "facebook.com" in and hit Enter you'll be taken to http://www.facebook.com/. If you then log on to that your logon credentials can potentially be seen by anybody on the same network. With most sites like this though, it is also possible to explicitly provide the https and still use the site as normal. So while just typing "facebook.com" and hitting Enter takes you to the unsecured page if you explicitly put "https://facebook.com" you can still use the site and log in as normal, but now your data is protected.
So in short...
Before providing passwords be sure to check the first level domain you're on and that you know it's legitimate. And before providing anything like SSNs or credit cards (or any private data when on a public network) the page is using a secured (HTTPS) protocol.
Posts
No comments:
Post a Comment