Intersites Suite 131

How to Read an Email Address

Many people do not know how to read an email address. Since they are unfamiliar, some people are intimidated or frustrated. Reading an email address is simple, though. Just like when your elementary school teacher taught you how to read and write the address on a letter, you just need a simple explanation.

Email addresses, e.g. "me@example.com", are composed of several elements.

Most prominently, you find the '@' character in the "middle" of every email address. To the "right" is the domain name, "example.com" in our example. Unless you buy a domain name, you can't make your own "right side" of your email address. What you do get to choose is your username: in this example "me." So going from left to right we have the username of the person who the email address belongs to, the '@,' and finally the company that supplies the email address.

How to Create an Easy to Remember, Secure Password

We take security very seriously at Intersites. Passwords are a key piece of the security puzzle. Common or easy-to-guess passwords are a serious problem. Fortunately, it’s easy to come up with a strong password. The process is easy. Instead of using your child’s, pet’s or spouse’s name as your password – all of which are weak and easy to guess – use them in a sentence, then use the first letter of each word in the sentence for the password.

For example, instead of using “hunter” as your password, make up a sentence like “my black lab hunter loves playing frisbee”. Now, take the first letter of each word ('mblhlpf') and use that for your password.

Another variation on the same concept is to take a favorite affirmation and use it to make your password: “the early bird gets the worm” becomes “tebgtw”. For an even more secure password, substitute a number or other symbol for one or more of the characters in the password. For example, replace any I's in your password with ! and any S's with $. A more secure version of "Iwhasfl" ("I will have a salad for lunch") is "!wha$fl".

Why Some Sites Ask Me to Look at Scrambled Words

Security has always been an important issue for the internet. These scrambled words that some sites ask you to look at are called CAPTCHAs. A CAPTCHA is a program that protects websites against bots by generating and grading tests that humans can pass but current computer programs cannot. For example, humans can read distorted text, but current computer programs can't. Why are CAPTCHAs important? CAPTCHAs have several applications for practical security, including (but not limited to):

Preventing Comment Spam in Blogs. Most bloggers are familiar with programs that submit bogus comments, usually for the purpose of raising search engine ranks of some website (e.g., "buy penny stocks here"). This is called comment spam. By using a CAPTCHA, only humans can enter comments on a blog. There is no need to make users sign up before they enter a comment, and no legitimate comments are ever lost!
Protecting Website Registration. Several companies (Yahoo!, Google, etc.) offer free email services. Up until a few years ago, most of these services suffered from a specific type of attack: "bots" that would sign up for thousands of email accounts every minute. The solution to this problem was to use CAPTCHAs to ensure that only humans obtain free accounts. In general, free services should be protected with a CAPTCHA in order to prevent abuse by automated scripts.
Protecting Email Addresses From Scrapers. Spammers crawl the Web in search of email addresses posted in clear text. CAPTCHAs provide an effective mechanism to hide your email address from Web scrapers. The idea is to require users to solve a CAPTCHA before showing your email address.
Online Polls. In November 1999, http://www.slashdot.org released an online poll asking which was the best graduate school in computer science (a dangerous question to ask over the web!). As is the case with most online polls, IP addresses of voters were recorded in order to prevent single users from voting more than once. However, students at Carnegie Mellon found a way to stuff the ballots using programs that voted for CMU thousands of times. CMU's score started growing rapidly. The next day, students at MIT wrote their own program and the poll became a contest between voting "bots." MIT finished with 21,156 votes, Carnegie Mellon with 21,032 and every other school with less than 1,000. Can the result of any online poll be trusted? Not unless the poll ensures that only humans can vote.
Search Engine Bots. It is sometimes desirable to keep webpages unindexed to prevent others from finding them easily. There is an html tag to prevent search engine bots from reading web pages. The tag, however, doesn't guarantee that bots won't read a web page; it only serves to say "no bots, please." Search engine bots, since they usually belong to large companies, respect web pages that don't want to allow them in. However, in order to truly guarantee that bots won't enter a web site, CAPTCHAs are needed.
Worms and Spam. CAPTCHAs also offer a plausible solution against email worms and spam: "I will only accept an email if I know there is a human behind the other computer." A few companies are already marketing this idea.

So all in all, it's worth solving a CAPTCHA every once in awhile. By doing so, you're helping make the web a more secure place. To read more about CAPTCHAs, or to get one for your site, visit http://www.captcha.net/

Happy robot apocalypse prevention!

How to Read a Web Site Address

Take a look at the following image, then answer one question. What is it?

If you answered "a mailing or postal address", you are correct! We are so familiar with mailing addresses we don't even think about them and can immediately identify any particular part of an address. For example, if I asked you for the city in the address above, you'd immediately and virtually without thought say, "St Charles".

I'd like you to think about how mailing addresses became so familiar. You weren't born with the ability to recognize them.

The answer, of course, we were taught how to read and write addresses, probably way back in grade school. Since then we've seen so many, reading them has become routine and secondhand.

I'm here to tell you class is in session. Today you're going to learn how to read a website address. Being able to read and understand a website address has far greater importance to your safety and security than the ability to read a postal address. The ability to read an address is an absolutely essential skill and should be required knowledge before anyone is allowed to surf the web.

The good news is that learning to read a website address is about as easy as it was learning to read a postal address.

Let's start by realizing that one of the things which makes a postal address easy to read is that they have a format, or structure.

Yes, the format has some flexibility. The first line might be the name of a company or an individual. There may or may not be a suite or apartment number. Nevertheless, we all know that the first line is usually a name, the second a street address, and the third is city, state and zip in that order. This format was drilled into our heads by Mrs Carvilano, or whomever your 3rd grade teacher was and has been reinforced by the thousands of addresses you've seen since.

For today's lesson, we're going to use the following website address as our example:

Like mailing addresses, website addresses have a format or structure. Once you learn the format, it becomes much easier to read them.

I should note an important difference between mailing and website addresses. The format of mailing addresses was set up mostly to make them easy to read by humans. The format of website addresses was determined in part because they must be read by humans *and computers*.

One question I'm frequently asked is why website addresses are all "jammed together" with no spaces. The reason is that computers, like humans, need some way of knowing where one thing ends and another begins. We humans use spaces. While hardly anyone ever thinks about how "nothing" can be important, a blank space is critical to our ability to read. Ifyoudon'tthinkso,tryreadingthissentence.

It turns out for a lot of reasons, computers have a hard time using spaces to separate things. Because of that problem, the people who designed the world wide web decided to use forward slashes ('/') to indicate where one thing ends and another begins.

It will take a little time until your brain becomes trained and used to seeing the slashes as separating different elements. As an exercise, I replaced the slashes with spaces so you can start to more easily see the different parts of the website address.

Let's label the different parts of the website address, just like I labeled the different parts of a mailing address in the second image of this article.

The first part of the website address is called the "protocol". Computers can use different sets of commands, or "protocols", when talking to one another. When they are talking email, they use the "Simple Mail Transfer Protocol" ("smtp"), or "Post Office Protocol" ("pop") sets of commands. When they are uploading files, they use the "File Transfer Protocol" or "ftp" set of commands. When they are talking about websites, they use the "Hyper Text Transfer Protocol" or "http". If they want to talk about websites secretly, they use the "Hyper Text Transfer Protocol - Secure" or "https".

The protocol is followed by a colon, then two forward slashes. This is a special case where one slash isn't enough for the computer to recognize it as a separator.

The next part of the address is the domain name. One interesting item: while many people automatically type "www." before the domain name, it is not technically required. It is up to each individual company or web designer to decide if they want to use "www." or not.

You can think of the domain name as indicating what company you want to visit.

The next part of the address specifies the "path" to the page you want to view. If the website address doesn't include a page, most websites will show you the "home" page.

Sites with many pages usually group them into folders or "directories". If a site has many, many pages, the website designer may group the folders within folders within folders. The number of folders is completely up to the designer. In the website address example below, the designer has placed the page called "qr_codes" inside a folder called "article" which is itself in a folder called "blog".

That's all there is to reading a basic website address. More complex sites may have more complex addresses; we'll cover those in another article.

You have enough information now to begin to recognize suspicious addresses. As you read more website addresses, your confidence will grow, just as it did when reading postal addresses. For example, if you saw the following mailing address, you would immediately know something was wrong.

In the same way, you should recognize there is something wrong with the address below. We found this link in a hacking attempt against one of our customers.

With your new knowledge that you should look for slashes to indicate the different parts of an address, you should be able to read this address as:

not this, which is what the hacker hoped.

The tipoff in this address is that the domain name (www.facebook.com.login.ru) is odd. The hacker in this case tried to trick the user by sticking a familiar website name "facebook.com" to the left of the real domain name "login.ru". Had the user actually clicked this link, they would have been taken to a site in Russia, not Facebook. The Russian site probably would have installed a virus or malware on the user's computer with dire consequences.

Reading website addresses is an essential skill for surfing the web today. I hope this article gives you the confidence to actually read and understand them.

How Can I Tell If a Link is Safe?

Sometimes you come across links in emails or on websites that you aren't sure if you should click on or not. How can you tell if these links are safe? There are generally 3 things that can happen when you click on a link. The link could take you to a different page on the same site, a different site altogether, or start a download. A link can be anything from an image, to a block of text, to a single word. Your internet browser will usually give you a clue when you are on a link by changing your mouse cursor in some way.

To get an idea of what a link will do when you click on it you should look at the bottom left of your browser while your mouse is on the link. This will show you the url of where the link will take you or what it will do. Try to tell if the link is safe by first looking at the beginning. Is the website one that you know and trust? If the url is to a different website, is that what you would expect from the link? Do you trust the new website? You can also look at the url of the link to see if it includes the word “download” or ends in “.exe.” This can mean that clicking the link will begin a download. If you aren’t trying to download something, reconsider clicking the link. Look at the first part of the url to see if it’s a site you trust. For example, even though google.com/downloads contains the word “download” the website google.com is known to be safe so clicking this link is OK.

Try reading the urls of these two links by putting your mouse over the link and looking to the bottom left of your browser. Link 1 Link 2 The first link is OK but you should be cautious about the second link (I wouldn’t actually include a malicious link in this article so clicking the 2nd link just takes you to an error page). Hopefully reading this article will keep you safer on the internet! Remember, think about where you expect the link should take you and use your common sense when deciding whether to click a link!