CRIM 414 Lecture Notes - Lecture 8: Plain Text, Data Encryption Standard, Email Encryption

Web sites (even web browsers) are a common target. Make a political point(hacktivism: exploit web server vulnerability as a means to steal other information. Identify unpatched" software = older versions with known vulnerabilities + Exploit vulnerability: older versions have documented problems, if know what system is being used and its vulnerabilities, and then can attack. Maintain software updates -- ensure most recent versions. Most web sites exchange data in plain when the address starts with http. Creates a risk that data could be intercepted: eavesdroppers could capture data that should be kept secret e. g. , credit card details, may be a risk from isp, local network admins, or other local savvy network users. Adds encryption to the exchanged data - eavesdroppers couldn"t understand what they capture. For web services, uses https - a secure form of the http protocol. Relies on a set of related encryption techniques - called public key infrastructure (pki) Data security is usually based on encryption.