The news this week of the Gawker hack made me realize how little I know about what happens to one's identifying data when one visits websites. The more I read, the more I realize I don't know and the more confused I become. Out of an abundance of caution, I cancelled a couple of gmail accounts I've had. I even found out that there is a web site where one can check to see if one's email addy or user name was compromised (http://www.didigetgawkered.com/; mind that I don't know how safe it is to use this but came across the information from an Infoworld article).
So, because I don't know, there just might be others out there who are in the boat with me; therefore I thought I'd ask some of the cognoscenti here to help us understand what happened in the Gawker hack and what steps one should take to safeguard - as much as one can - one's identity and passwords whilst web surfing. For example, I read that the Gawker database contained (or might have contained, I'm not sure) multiple usernames, email addresses, and passwords for a user, though how it got them I don't understand. (Just one point of my ignorance.) If that information were compromised, it could be used by anyone who had access to the information to represent themselves as me. OK, I use 5 or 6 different identities (email addys, usernames, passwords, etc.) on different sites. Although I'm open here (BobH stands for Bob Hutchins and my signature indicates the town I live in), there are other sites - mostly news sites where I comment and editorialize (no smut)- where I use noms de surfing
. Is it possible that if I signed into one of those sites and it logged my id data (including IP address), that other identities could be discovered and stored in that database? Surely they could not discover my usernames and passwords from other sites using just an IP address, could they?One of the things I don't understand at all is third party cookies. I presume that this is a cookie that one acquires through unsafe computing or some such. My guess is that if I buy something through, say Amazon, which then passes me to another website to enter the order, I get cookies from Amazon and whomever they send me to. Given our thread about corrupted cookies, I'd prefer not to go to Chicago, as it were. Therefore, I went into my browser (Firefox) and changed the options to disallow third party cookies. But I don't know what effect that action has, if any. Again, I'm demonstrating my ignorance in the hope that some of you kind souls will help me overcome it.
In addition to the answers to the admittedly broad questions above - how do sites garner multiple groups of identifying data and what is going on with third party cookies - I'd like to see a well written article that takes users through what nodes in the Internet might be doing with data each time one visits a sight and more specifically what data - at a minimum - might be stored when one registers on a web site (realizing that much of it depends on what the user chooses to provide). IOW, I'd like to know how to practice safe computing. What prophylaxis - by way of browser settings, caution in using pw's, userids, etc - is/are effective but still allow one to enjoy web surfing? Maybe theirs a "? for Dummies" book I need to read or someone might recommend a good web article - or better yet, one of you cognoscenti might write one.
Ignorantly, but with highest regards,
I remain yr obt svt,
Bob H
