|
|
|
|
|
|
Click here for the Microsoft Internet Explorer Security Patch |
|
There are organizations on the Internet offering "free services" such as
Internet acceleration or email virus scanning. Some of these organizations have
loosely defined Privacy Policies allowing them to harvest and share information,
which is considered to be personal and highly sensitive by Internet users.
Such organizations ask unsuspecting users to configure their browsers to cause all web
traffic, including sensitive encrypted secure traffic to be decrypted and passed through
and captured by that organization's servers. The information is then forwarded on to
its intended destination. Hence, information that is thought by the end user to be
inaccessible and private to everyone but the intended recipient is collected and may be
shared with intermediaries and unnamed third parties.
Such organizations rely upon the fact that many Internet users do not understand the
methods employed by these organizations or that users too quickly peruse Agreement
Terms without reading the fine print of the Privacy Policy. This is a dangerous
situation, made worse by the fact that once installed, such software has been designed
to fail upon uninstall, leaving a "back door" to future communications, which are
assumed to be private.
One such organization following this business model installs its own "trusted" certificates
so that it can intercept secure (SSL) connections made by the user's PC.
It is important that Internet users be aware of Internet companies that use technology
to intercept encrypted communications and have full access to end user's personal
information and have obtained user's acceptance to share information with third parties.
|
|
|
|
|
|
|
|
|
|
|
|
|