Manualshelf

User Guide

ManualsBrandsMcafee ManualsOtherINTERNET GUARD DOG 3.0
61626364656667686970
Internet Security and Privacy
60 Internet Guard Dog
If SSL is so great, what is the problem?
SSL is affected by a coupleof problems. O ne p roblem is thatnot everyone has
anSSL-enabledserverorbrowser.SomeWebadministratorsdon’twanttouse
SSL because they have to pay for it, and it can also slow down server
transactions. A more onerous problem that affects SSL is the way it is
implemented. It turns out that some developers made incorrect assumptions
aboutSSL,whichmeanssomeolderbrowserversionsarelesssecure.The
good news is that Microsoft and Netscape now coordinate their security
efforts, which means a more secure, universal standard for Web security.
What about authentication?
Authentication is a method of assuring that both parties to an Internet
transaction are who they claim to be. For example, if you get account balance
information from your bank, you want to be sure that you are contacting the
bank,andnotsomeunauthorizedentity.Inaddition,thebankwantstobesure
that they are providing the information to you, and not just to a person who
happens to know your bank accoun t number.
Authentication usually entails entering a user ID and a password. To
circumvent intercepted passwords and IDs, authentication employs
encryption to scramble this information before transmitting it.
NOTE: Certificates are Microsoft technologies designed to guarantee a
person’s identity and Web site security. Personal certificates verify that
you are who you claim to be. Web site certificates verify that a Web site
issecureandwhatitclaimstobe(soWeb sitescan’tfalsifytheiridentity).
Whenyou open aWeb site thathas acertificate, InternetExplorer checks
if the certificate is correct. If the certificate is not OK, Internet Explorer
warnsyou.Certificatesaregreat,intheory.Theproblemisthattheyonly
establish a security standard—Web sites are f ree to choose to use
certificates, or not.
How does encryption work?
The onlyway to k eep a secret is if you do not tell anyone, and if youdo not jot
it down. If you need to share the secret, you can hide it within another
message, and let the intended recipient know how to find it. Computer
encryption hides messages by making the original data unintelligible. The
intent is to garblethe data sothat it can notbe read. In this case, thedata it self
is useless if access by an unintended recipient.