US-CERT Cyber Security Tip ST05-013 -- Guidelines for Publishing Information Online

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                      Cyber Security Tip ST05-013 
              Guidelines for Publishing Information Online

   Remember that the internet is a public resource. Avoid putting
   anything online that you don't want the public to see or that you may
   want to retract.

Why is it important to remember that the internet is public?

   Because  the  internet  is  so  accessible  and  contains  a wealth of
   information,  it  has become a popular resource for communicating, for
   researching  topics,  and for finding information about people. It may
   seem  less  intimidating  than  actually interacting with other people
   because  there  is  a  sense of anonymity. However, you are not really
   anonymous  when  you  are online, and it is just as easy for people to
   find  information about you as it is for you to find information about
   them.   Unfortunately,   many  people  have  become  so  familiar  and
   comfortable  with the internet that they may adopt practices that make
   them  vulnerable.  For  example, although people are typically wary of
   sharing  personal  information with strangers they meet on the street,
   they may not hesitate to post that same information online. Once it is
   online,  it  can  be accessed by a world of strangers, and you have no
   idea what they might do with that information.

What guidelines can you follow when publishing information on the internet?

     * View  the  internet  as  a  novel, not a diary - Make sure you are
       comfortable  with  anyone  seeing  the information you put online.
       Expect that people you have never met will find your page; even if
       you  are  keeping  an  online  journal  or blog, write it with the
       expectation  that  it  is  available  for public consumption. Some
       sites  may use passwords or other security restrictions to protect
       the  information,  but these methods are not usually used for most
       web sites. If you want the information to be private or restricted
       to  a  small, select group of people, the internet is probably not
       the best forum.
     * Be  careful  what you advertise - In the past, it was difficult to
       find  information  about  people other than their phone numbers or
       address.  Now,  an  increasing  amount  of personal information is
       available  online, especially because people are creating personal
       web  pages  with  information  about themselves. When deciding how
       much  information  to reveal, realize that you are broadcasting it
       to the world. Supplying your email address may increase the amount
       of  spam you receive (see Avoiding Social Engineering and Phishing
       Attacks for more information).
     * Realize  that  you can't take it back - Once you publish something
       online, it is available to other people and to search engines. You
       can   change  or  remove  information  after  something  has  been
       published,  but  it  is possible that someone has already seen the
       original  version.  Even if you try to remove the page(s) from the
       internet,  someone  may  have  saved  a  copy  of the page or used
       excerpts  in another source. Some search engines "cache" copies of
       web  pages  so  that  they open faster; these cached copies may be
       available  after  a web page has been deleted or altered. Some web
       browsers  may  also  maintain  a cache of the web pages a user has
       visited, so the original version may be stored in a temporary file
       on  the  user's  computer.  Think  about these implications before
       publishing  information--once  something  is  out there, you can't
       guarantee that you can completely remove it.

   As  a  general  practice,  let  your common sense guide your decisions
   about  what  to  post  online.  Before  you  publish  something on the
   internet,   determine   what   value  it  provides  and  consider  the
   implications  of  having  the  information  available  to  the public.
   Identity  theft  is an increasing problem, and the more information an
   attacker  can gather about you, the easier it is to pretend to be you.
   Behave  online the way you would behave in your daily life, especially
   when it involves taking precautions to protect yourself.
     _________________________________________________________________

     Authors: Mindi McDowell, Matt Lytle, Jason Rafail
     _________________________________________________________________

     This document can also be found at
 
     <http://www.us-cert.gov/cas/tips/ST05-013.html>

     Copyright 2005 Carnegie Mellon University

     Terms of use

     <http://www.us-cert.gov/legal.html>


     For instructions on subscribing to or unsubscribing from this
     mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
     
     
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQrnJ6BhoSezw4YfQAQIppwgAjgHthf3LmqHZPJ4jLYLuodmX2DMiMG1D
a5Qxz/dVHs6ys2RwcowSwYUesI1QkIuS5KdolXUOMuC7kiql4IcT0A4Hf+ewIjwP
V90lcHrvYVIERUmWVmBZefO/H6JhmayOptNpdfzCreOYePv2zr3jz6pXt9rpUgNw
BFbaITEhrvm4hT6COnkepOkse/pEmvqCZLwk08e9zBqudHUNqyKMteoHQJFBBd96
SThjkc4CTOh6FOcSbHz/6oHk9SWYPhFy6YmzT6JpdLUFniPm5RwvscTrWG2sMZ2e
eheQAzFahqEP6H6bryPu4SS6Hb7LzwvytDxXxkqxCe59k3m8g6MRPQ==
=RxLc
-----END PGP SIGNATURE-----

[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux