Changes between Version 19 and Version 20 of WebInfoPamphlet
- Timestamp:
- Jun 30, 2008, 4:07:38 PM (16 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
WebInfoPamphlet
v19 v20 33 33 === For email itself, does your provider use starttls so all email data is encrypted from point-to-point with other email providers using starttls? === 34 34 35 Starttls is not common among commercial providers and it's possible that the provider's representative 35 Starttls is not common among commercial providers and it's possible that the provider's representative you're talking to won't even know what you're talking about. But consciousness of this security feature is as important as anything we've talked about here. Normally your email is sent from your provider's mail server to the recipient provider's mail server in plain text, usually traveling through a half dozen routers controlled by the largest telecommunications providers on the planet, all of whom have the technical capacity to read the message (and, of course, turn it over to any government authority who wants it). On the other hand, if both providers use starttls, your communication will be encrypted from end-to-end. 36 36 37 37 Insist on this with your provider. … … 55 55 One area of content attack is the cease and desist letter. At some point, you or an organization you work with is going to get a cease and desist letter from a company, an individual, another organization or the government. These letters are designed to stop you from doing something you're doing on line. Often they have to do with copyright infringements but we've seen such letters provoked by expressions of opinion or information about some company or government agency. 56 56 57 Many providers have a knee-jerk reaction to these letters. They give you a day to pull the material and , if you don't, they take yourwebsite down. After all, they're there for the money and any potential legal difficulty (even answering a lawyer's letter) isn't worth what you're paying.57 Many providers have a knee-jerk reaction to these letters. They give you a day to pull the material and if you don't comply they take your entire website down. After all, they're there for the money and any potential legal difficulty (even answering a lawyer's letter) isn't worth what you're paying. 58 58 59 59 In reality, cease and desist letters are usually bogus and if the complaint is legitimate, a court can decide or you can negotiate with the letter-writer. Providers have no right to act unilaterally or threateningly towards you. If something is so offensive that it shouldn't be on a provider's servers, they should discuss that with you and take action on their own. Otherwise, if it's not too offensive to be on-line, it deserves to be on-line. … … 61 61 ==== Shell access ==== 62 62 63 Another prominent issue around access is shell access. You may not know about it or even use it but there's a layer of functioning beneath your website display and beneath protocols like sftp. It's call "shell access" and it means that you can use a command line program to get into your directories and files and interact directly with the files and operating system.63 Another prominent issue around access is shell access. You may not use it or even know about it but there's a layer of functioning beneath your website display and beneath protocols like sftp. It's called "shell access" and it means that you can use a command line program to get into your directories and files and interact directly with the files and operating system of the computer (or computers) that provide your web site. 64 64 65 Most of us won't use this but , if we need to (or we have a techie working on some aspect of our website),it should be available. In principle it represents real control over your website and your data.65 Most of us won't use this but if we need to (or we have a techie working on some aspect of our website) it should be available. In principle it represents real control over your website and your data. 66 66 67 67 ==== Domain name control ====