|
But that sense of safety can disappear if users are careless. As
Egyptians discover the appeal of chat rooms, they're also encountering the
special risks of privacy invasion.
one egyptian woman found out the hard way. After logging into an
international chat room devoted to discussions about the Middle East, she
became embroiled in a long and heated discussion with a male user who
espoused pro-Israeli viewpoints.
She logged off without having told him her real name or her e-mail
address. Nevertheless, a couple of hours later, she found that her personal
Hotmail account had been "mail-bombed"--inundated with junk
e-mail messages.
"Her e-mail was totally full of rubbish," said Neal Afifi, an
Internet executive who is a friend of the woman. The junk filled her inbox
to the account's capacity more quickly than she could delete it, so she was
unable to send or receive messages. She had to close the account, Afifi
said.
That sort of inconvenience is enough to take the fun out of chatting.
But more serious consequences are possible for chat room users who fail to
protect their personal information. If a hacker can find out your
computer's IP number, he may be able to manipulate your PC, damaging files
or worse.
"A dangerous hacker can control your hardware," said Mohammed
Reiad, owner of Web site firm MRCO Egypt. "He can control your video
card and fry it. He can drop [destroy] your sound card."
Apart from the malice of hackers, chat rooms have recently attracted the
prying eyes of businesses seeking valuable information--and governments
looking for criminal suspects. In Egypt, gay men wary of surveillance have
abandoned chat rooms since May 2001, when police raided the Queen Boat
nightclub and arrested 52 men on morals charges. And the September 11
attacks in the US prompted lawmakers to authorize broader electronic
surveillance in the cause of finding terrorists.
CHATTY CULTURE
experts said awareness is low in the Egyptian Internet-using public
about the risks of privacy invasion in chat rooms--even as chats surge in
popularity throughout the Middle East.
"Chat mania has been catching on amongst the Arab community, yet
personally I believe that the growing interest amongst the Arab community
in the use of chat rooms is due to the somewhat false belief that their
identity is protected," said Ahmed Shlibak, systems manager for
London-based Chat-Arab.com
Afifi, the co-owner of Egyptsearch.com, studied how Egyptians use the
Internet by looking at private and government data in early 2001. He
estimated that a total of 600,000 to 700,000 people use the Internet in
Egypt (others have put the number at more than 1.5 million). Of those,
Afifi estimated that 70 to 80 percent are males between the ages of 15 and
23 who primarily use the Net for chatting, either with site-based chat
rooms or through programs such as IRC and ICQ.
The popularity of chats fits Egypt's reputation as a verbal culture. And
the scarcity of public locations where young Egyptians can meet and strike
up conversations with the opposite sex may explain why youthful males flock
to chat rooms.
Another characteristic of Egypt's Internet scene makes it more
vulnerable to privacy invasion, said Reiad, whose site Cairo-Guide.com
links to chats. While "firewall" software can block hackers from
intruding into your PC, Reiad said many Egyptians are reluctant to install
firewalls because they make surfing slower.
"I think Egyptians don't [go for] personal firewalls because the
Internet connection is already so slow," Reiad said. "These
firewalls check every word that logs into your computer, so it makes it
slower."
Activating a firewall while chatting is one precaution that greatly
reduces the risks of Internet privacy invasion. But there are many other
common-sense tips for novice chatters and even experienced users.
BEFORE YOU CHAT
security begins before you enter a chat room. The obvious: When you
choose the username that will appear next to your comments, don't use your
real name. Use a nickname or make one up. Don't incorporate your city or
year of birth if you don't want people to know where you live or how old
you are.
Additionally, many chat sites require you to fill out a user profile
form that includes the username, a password you'll use to log on, and, in
some cases, contact information such as an e-mail address, home address and
phone number.
When choosing a password, resist the lazy impulse to make it the same as
your username. Don't choose a password that someone can guess, such as your
country or a subject you will be chatting about. As for the contact
information, think twice about entering the real info.
THE SECRET ANSWER
many sites let you choose a reminder for use in the event that you
forget your password. The reminder is typically a question that, if
answered correctly, will prompt the site to release your password.
This step in creating a user profile is more important than meets the
eye. Realize that once someone else knows your username, he can log onto
the site, pretend he is you, and ask for the password reminder. If the
question is obvious--say, the person saw you chatting in a chat room about
Egypt, and your reminder question is "What is your
country?"--then the person can easily guess your password. Once he has
that, he can view your user profile, including any private contact
information you entered. In the case of the Egyptian woman who got
mail-bombed, MRCO's Reiad speculates that a hacker found her Hotmail
address by guessing her reminder answer and viewing her profile.
So choose a reminder question that couldn't be guessed by someone who
doesn't know you--a child or pet's name, for instance. Don't put delicate
information in your user profile just in case it's broken into. For e-mail
address, savvy chatters often enter a fake one such as
"nobody@nobody.com." That won't work if the chat site requires
you to reply to an e-mail to confirm your registration, so you may want to
have a spare e-mail account that you use for registrations like these and
which you can live without. With the abundance of Web sites that provide
free e-mail accounts, that's not hard to come by.
The same cautions are advisable when using chat programs that require
you to download and run a program such as IRC or ICQ. On the one hand, Web
site-based chat "rooms" are aptly named because, as in the
physical world, you see who else is there when they enter the room. By
contrast, ICQ programs let you list favorite users so you can be notified
when they're online. When you download the chat program and register as a
user, if you opt to enter personal details about yourself, be sure to edit
your preferences so other users cannot automatically view your user
details. (For more about ICQ privacy, see www.icq.com/support/security/.)
CHOOSE SITES
being vague in your user profile will protect you in the event of
intrusions by another user--or even by a Web site operator.
Just because someone knows how to launch a Web site and equip it with
chat rooms, it doesn't mean they're trustworthy. Don't enter your credit
card number or bank account numbers in a user profile. If the site won't
let you chat without providing such information, find another site.
While there are no known instances of a chat-site operator hacking its
users' computers, it's not unreasonable to suspect that the operator could
monitor users' visits and note their comments. In the June U.S. News and
World Report magazine, a former Pricewaterhouse-Coopers auditor recounted
how a job-hunting Web site invited users to complain about their employers
in a supposedly "anonymous" chat room--then went to the employers
and offered to track the employees' Internet comments for a fee. In another
US case, a company tried to get InfoSpace to reveal the names of chat room
users who had criticized the company; a federal judge ruled in April that
their privacy was protected under the US constitution.
More common are Web sites of all types that track users' online travels
by tagging their computers with "cookie" files. Recording the
users' patterns allows the site to show advertisements that match their
interests or even compile consumer profiles for sale to marketing
companies. If you dislike that sort of profiling, you can block cookies by
adjusting your Internet browser to a high security setting, although you may
have to re-enable them for certain uses such as online banking sites.
Learn a little about a chat site before you become a regular user. Read
its privacy policy. Search for descriptions of it on other Web sites.
Chat-Arab.com's Shlibak suggests seeing whether the site has ascribed to
the principles of the nonprofit TRUSTe association (www.truste.com),
avowing to disclose what data is being gathered and how it's used. You may
also want to read the site's policies on what constitutes
"abuse." If another user harasses you, some sites take it more
seriously than others, and some have different opinions of what
"abuse" is.
WHILE CHATTING
once you've created a safe username and profile, you can start chatting.
Chat rooms are a great place to make new friends, but don't let your guard
down. Remember that you don't know who the other users are or whether what
they tell you about themselves is true.
"In order to protect oneself in a chat room, it is highly
recommended that [users] not give out any personal information to other
people in the chat room--real name, e-mail addresses, telephone number,
home address, etc.," Afifi said. "If they wish to give this
information out to another party that they already know and trust in the
chatroom, they should do so in a discrete manner--either by using private
messages, or sending them to that person directly using e-mail, but not in
front of everybody else." Even telling people the name of the company
you work for or which faculty you attend can give them enough information
to find you.
One of the bonus features of instant-message programs such as ICQ is
that users can transfer documents and media files directly to each other.
An important warning: Do not accept files from users you don't know and
trust. Underline that: If an unknown user offers to pass a file to you,
don't click the link. The reason is that once you accept a file and open a
direct connection to your computer, the transmitting user may be able to
figure out your Internet Protocol (IP). address. Once a hacker has your IP
address, he can tell your computer to delete files, send e-mails from your
account, even damage your media cards.
"ICQ is very dangerous," said MRCO's Reiad. "Go ahead,
you can chat, but if someone says, 'Want to see a picture of beautiful girls?
I can send you some files now,' say, 'No, no, no, I don't accept
files.'"
As a backup, get a firewall. Firewall programs are available for
download on the Web for free or for a small shareware registration fee.
And, as with anyone who surfs the Web or uses e-mail, chat aficionados
should back up their important files on disks, buy anti-virus software and
set it to auto-update. If you suspect your IP address has been exposed,
call your Internet service provider and ask to be assigned a new IP number.
A final note on hackers: Don't go looking for trouble. If a chat room is
labeled "Hackers," don't enter it or you might find yourself the
victim of sport.
FAST FRIENDS
more common than hacking is old-fashioned harassment. If another chat
participant's comments become abusive, some chat services such as Yahoo's
let you block all future comments and file a report on the offending user.
Don't let other users pressure you into providing personal
information--any of it: A chat user named "Caryl" told www.ChatMag.com
that she told a male chat room user only her first name and the type of
work she did, then was surprised when he figured out exactly where she
worked and showed up uninvited. If you strike up an acquaintance and want
to meet the person in the flesh, ChatMag.com recommends proceeding with
caution: Have the person give you his or her phone number, verify it with
directory assistance, then meet in a public place after telling another
friend where you'll be and when you should be home.
Even if Internet users realize the risks and take the proper
precautions, chat rooms will remain a mainstay of the Web because they
provide a lightning-fast route to one of the necessities of life: human
interaction.
"The main thing is, nobody's safe on the Internet," Reiad
said, shrugging. "When you cross the road, it's a risk. So you must
take care. Look each way."
CYBERSPACE FAUX PAS: One user in this chat room admits his real name to
a public room. If you are serious about maintaining anonymity don't tell
people who you are.
SECURE YOUR PC
HACKERS ARE ALL over the Net, and they love chat rooms. The more time you
spend online, the more vulnerable you are. There are a number of free
programs to protect your computer while you're online. If you intend to
spend a lot of time online, you really need to get one or both of these.
If you use an Internet café, you only need to make sure you delete your
personal information on the PC you use before you leave.
ZoneAlarm is a free firewall program to protect you from hackers. You
can also try the Pro version for 30 days, if you want to see the higher
level of protection. http://www.zonealarm.com/products/za/freedownload.html
SurfinGuard Pro is a free program that protects you from hacking and Web
bugs. It checks any downloaded active content for malicious behavior. I
installed it recently after there was a successful attempt to hack one of
my Web mail accounts while I was signed in. The hacker then used my e-mail
to send out spam mails. I only knew when I got the "undeliverable
mail" notification. Once installed it monitors what (or who) you give
permission to access your files, so you can stop malicious code in its
tracks. Download it at www.finjan.com
|
