Online Identity and Your State of Presence
Briefly explain, in your own words, what you think of the ideas
and solutions presented in Reading A by Dick Hardt.
I found this a difficult video to follow and had to keep stopping and rewinding to review sections of it. This was mainly because Dick Hardt spoke so quickly and, of course, most of the language was new to me. Basically, though I think he was putting forward his case for a need for an identity management system to be employed over the internet. This type of system would prove a person’s identity on the internet, just as a driver’s licence does in the real world. Hardt gives several different models of varying systems and how they have changed over time. I particularly thought the model that he described where a user “registers” with an identity site set up on the internet of some interest and value to help protect a user’s identity. When the time comes and the user needs to input personal information to a site requiring it, the user contacts the identity site, tells them which information they need to release and the site sends the user a token or some type of indication of their identity. It is then the user who sends the information to the site requiring it. A system such as this means that a user only registers information once or updates in one place if and when required. Communication of information only occurs between the user and the trusted identity site. This leaves less chance of information going anywhere but where it is intended to go. Having the user pass on the “token” to the requiring site means that the user is still in control of the destination of the information.
During his 15 minute talk he mentioned phishing, pharming, privacy invasion and identity theft. Give an example to support your explanation of each of those activities.
Phishing - is an illegal and fraudulent process of trying to gain sensitive information like usernames, passwords and credit card/banking details by pretending to be a trustworthy entity in an electronic communication. It is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website set up to look like the real one.
Pharming - is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fake Web sites without knowledge or consent.
In Pharming, larger numbers of computer users can be victimized because it is not necessary to target individuals one by one and no conscious action is required on the part of the victim. In one form of Pharming attack, code sent in an e-mail modifies local host files on a personal computer. The host files convert URLs into the number strings that the computer uses to access Web sites. A computer with a compromised host file will go to the fake Web site even if a user types in the correct Internet address or clicks on an affected bookmark entry. Some spyware removal programs can correct the corruption, but it frequently recurs unless the user changes browsing habits.
Privacy Invasion - is the intrusion into someone’s personal life or obtaining their information without their personal permission.
http://www.switched.com/2009/07/29/cheerleader-sues-over-facebook-privacy-invasion documents the case of a cheerleader at an American high school who was forced to give a coach her Facebook password. The coach used the password to access the cheerleader’s account and discovered a conversation that was meant to be “private” but was derogatory toward the team and the school. The student was subsequently reprimanded and punished by the school.
Probably, a basic theory to live by would be not to “post” anything, anywhere on the internet that you don’t want to be read.
Identity Theft- can happen in many ways. It ranges from somebody using your credit card details illegally to make purchases over the internet or telephone, through to having your entire identity assumed by another person to open bank accounts, take out loans, and conduct other business illegally in your name.
It can occur as a result of -
Computer and backup theft
Direct access to information
Searching trash or garbage bins (”dumpster diving”).
Theft of a purse or wallet.
Mail theft and rerouting
Reading over your shoulder (”shoulder surfing”).
False or disguised ATMs (”skimming)
Dishonest or mistreated employees
Telemarketing and fake telephone calls
Hacking, unauthorized access to systems, and database theft.
Phishing
Pharming
Advance-fee fraud
Fake forms that contain identity information
Keylogging and password stealing
Hardware that plugs into a computer
my_new_startup
August 20th, 2009 at 22:44
Hello fellow student! I’ve linked your Online Communities OLR blog in my blog roll, feel free to add my OLR blog to yours if you like. You can also follow me on twitter at http://www.twitter.com/my_new_startup
http://www.mynewstartup.com
Good luck with your studies!