Home / Mac / How the Internet Mac Security Blog Works

How the Internet Mac Security Blog Works



How

How the Internet works

Posted September 10, 2020 by Kirk McElhearn

It has become a different nature to use the internet for surfing, email, messaging and streaming music and video. It’s a bit like how we use electricity: we have a vague idea of ​​how it is generated and how it comes to us, but we are rarely worried about the details.

The difference with the internet is that you share personal information with retailers and social networks, provide detailed financial information to banks and investment firms, and tell some of your deepest secrets to friends and family.

Security and privacy are (or at least should be) important concerns for Internet users. To fully understand why this is so important, it is helpful to understand how the internet works. In this article, I will give you an overview of how the internet works, how your data comes from one place to another, and why it is important to protect your privacy and security online.

Introduction: TCP / IP

Before you outline how different internet services work, it may help to understand a little about how most internet traffic is sent and received. The TCP / IP protocol, or Internet Protocol package, describes how “data should be packaged, addressed, transmitted, routed and received.” Entire books have been written about TCP / IP, but what is important to understand is how this protocol controls the way your data is sent from one computer to another.

When you send data, they are divided into “packets” or small pieces of data. When you send a picture, it is not sent as a whole; in fact, it is broken up into packets that allow the data to be transmitted efficiently and re-collected when it reaches the addressee. Each packet contains information about the final destination, so that each route it goes through can route it accordingly. Error correction is used so that each packet is checked using mathematical calculations when it reaches its final goal; if there is a mismatch, the computer receives the data requests from the sender to resend them. And all of these packages are put together to reconstruct that image so your parents can see a picture of their grandchildren.

Because the data is fragmented, each packet may take a different route, perhaps going through different cities or even countries. Your data does not run in a straight line or over an isolated connection between two computers, but rather through a large network of devices.

Connecting

All activity over the internet starts with a request from a computer (which can be a desktop computer, a handheld device or something as mundane as a light bulb) to a server. A server is simply a computer that responds to requests by sending some information in return. This can be a web server (which hosts or generates web pages), a file server (which stores files and allows you to download them), a time server (which returns the current time when a device requests it) and more.

Many Internet resource requests begin with using the domain name system, or DNS, to translate an Internet address (such as intego.com) into the precise IP address (Internet Protocol address) of a server. It’s much easier to remember “intego.com” than it is to remember “104.18.13.119,” so DNS allows servers to have much more memorable names.

In general, each server and each home router (or other device connected directly to the Internet) has a unique IP address, such as a telephone number (with country code and area code, to ensure that all numbers are unique worldwide). One way to find out the IP address behind a domain name is through the Network Utility app, which is in / Applications / Utilities on a Mac.

Once the numeric address is found, your request is sent. It goes through a number of devices to get to the destination, which can include:

  • Your website if you are at home; a mobile mast, if you are using a mobile device; a Wi-Fi access point, switches and routers, and a firewall, if you are on a corporate network.
  • A long series of cables running underground, above ground and even underwater; or one or more satellites (although this form of communication is rather slow due to the distance to geostationary satellites).
  • Additional routers (devices that intelligently route and forward network traffic) in your city, in other cities, and even in other countries.

There is no straight line between two points on the internet. When you send a request to a service, your data is a number bumblebee, goes through many other routers before reaching the destination server. You can see the path (or route) using Network Utility, on the Traceroute tab. Enter a domain name, then click Track to see how many hops it takes to get to your destination.

Note that some routers do not respond to the types of packets sent when you run a tramway, so you can see stars (***) in the results.

How websites work

Originally, websites worked with a series of individual pages, each of which could contain links to others. To view www.intego.com, a web server will receive your request and load the default page for that domain, usually at an address such as http://www.intego.com/index.html, and display the content. That page would be static to someone manually changing the code.

Today, most web pages are dynamic, which means that they do not exist as pages, but rather as elements in a database that is collected on request. So if you go to www.intego.com, a database on Intego’s web server receives your request and builds the page for you. This process means that pages can be updated automatically as the various elements of a page are updated. And the process is much more efficient than saving thousands, or potentially hundreds of thousands of pages, on major websites like newspapers. And they can be updated automatically when new data arrives, such as time, temperature or new stories on a newspaper’s website.

With great websites, you often go through one content delivery network, or CDN, which consists of many servers located around the world. CDNs ensure that content can be delivered quickly to users anywhere in the world, instead of all requests being served by a single server in one place. If a server receives more requests than it can handle because too many people are trying to access it at the same time, it may be slow, or even unable to respond to users’ requests.

A company like Apple – which has huge demands on content such as pages on their site, downloads from the iOS App Store and Mac App Store, streaming music and video and more – uses huge content delivery networks to meet users’ needs.

Websites and security

Website URLs start with either http: // or https: //. The former means protocol for the transmission of hypertext, and the S in the latter means secure. HTTPS sites use certificates which is guaranteed by reliable third parties, companies or organizations that certify website ownership and enable encryption between your device and the web server you contact. When you connect to a secure website, browsers display a padlock in the address bar, and browsers alert you when you visit a website where the certificate is invalid or has expired.

Once a secure connection is established, you can be sure that data you send, such as credit card information, is encrypted. This helps ensure that your data cannot be intercepted or changed along the way. The same goes for data sent to you by a website. So if you access your email through your browser, it can not be intercepted by anyone who can intercept your traffic. (See below for more on email.)

It is worth noting that some browsers protect your privacy more than others. Take a look at two articles about the most private browsers for Mac, and the best private browsers for iOS and iPadOS.

How email works

Email is one of the most common forms of messaging in the world. Still, email is inherently insecure. As you saw above, your data goes from server to server in packets, and is put together when they reach the destination. Even if you have a secure connection to your email provider, that email can be stored unencrypted when it reaches the email servers (and your emails can be forwarded via multiple servers, and can be replicated on multiple servers to ensure fast access and redundancy).

Emails usually stay on the servers for a long time – you may have many years of emails you have sent and received in your account – so they can be vulnerable until they are deleted. And when you send someone an email, you have no idea what they want to do with it. For example, they may pass it on to someone else without your knowledge. You also have no control over what happens when your email reaches the destination server or recipient’s email app; sometimes the contents of the message may not be stored securely.

When sending an email, imagine that it is like a postcard. Assume that someone other than the intended recipient can read it.

Fortunately, there are ways to encrypt email to ensure that only the intended recipient can see it; we discuss some such services in this article.

Instant messaging

While email has some inherent uncertainty, not all instant messaging is based on the same standards, and as such, not all instant messaging services are the same. They can be extremely safe, if they use it end-to-end encryption (E2EE). Apple’s iMessage and FaceTime use E2EE. When you send a message via the Apple Messages app to another iPhone user, the background color of the text bubble will be blue, which means that it was sent via iMessage and was encrypted during transit. (A green background indicates that it was sent as an SMS or MMS, which is less secure.)

If someone’s computer or device is compromised, it may be possible for an attacker to read all of someone’s instant messages, even if they were sent using E2EE.

In addition to Apple’s iMessage, other services, such as Signal, Telegram and WhatsApp, also provide secure messaging. But do not assume that regular messaging platforms like Facebook, Instagram or Twitter are secure; As we explain in The Great Twitter Hack of 2020, hackers gained access to instant messaging on Twitter.

Summary

There is much more on the internet than what I have discussed in this article, but I have covered several of the main services and how they work, to highlight some security risks inherent in internet communication. It is important to be aware of the risks when sending or sharing sensitive information so that you can be more aware of how your data can be handled during transport and when it is protected.

About Kirk McElhearn

Kirk McElhearn writes about Mac, iPod, iTunes, books, music and more on his blog Kirkville. He co-hosts Intego Mac Podcast and PhotoActive, and is a regular contributor to The Mac Security Blog, TidBITS and several other websites and publications. Kirk has authored more than twenty books, including Take Control books on iTunes, LaunchBar, and Scrivener. Follow him on Twitter at @mcelhearn. View all posts by Kirk McElhearn →

This entry was posted in How To and tagged internet. Mark the permalink.




Source link