The Rules

There appears to be a little confusion about what the Internet is, why it exists, and its rules of use. So, as a public service, I offer the following gentle reminder.

The internet is not a safe playground. It is a dark, dangerous, occasionally beautiful and sometimes fatal window into the dreams and nightmares of a civilization.

Everything you do on the internet is being recorded, stored, MapReduced, data-mined, segmented, and sold. Your name, address, phone number, and social security number are trivially accessible online. You do not own your own data.

From the standpoint of online safety, there is no functional difference between a smartphone app and a website.

All encryption, given enough time, can be cracked, hacked, subpoenaed, or social engineered around.

Anything you say, even in a “private” forum, will eventually be trivially searchable by anyone. Any photo, video, or other data you put in the cloud, will eventually be made public. Once something is made public, it cannot be taken back.

Real-time meat-space coordinates exposed through social media are also visible to predators and thieves, not just your friends.

The owners of every website you use, no matter how nice or idealistic, have dreams of becoming billionaires. They aren’t running their sites for your benefit. If something is free, then you’re the product.

You are the smallest fish in the food chain. There are governments, corporations, criminal organizations, and anonymous collectives of script kiddies who will eat you alive, should you come to their attention.

There are no safe web sites, only more and less dangerous ones. Any site might be hacked or bought, and their data distributed to unknown end points.

Pirated software and media aren’t free. You pay by acting as a vector for malware and attacks against others.

The internet isn’t this way because it’s been twisted into something it’s not. This is what the internet is.

It’s easy to say that “something should be done” to fix these problems, but there are no good choices. Protecting freedom helps everyone, including the bad guys. Restricting freedom hurts everyone except for the bad guys. Heads they win, tails we lose.

Ignorance of The Rules won’t protect you. Innocence won’t protect you. Youth won’t protect you. Laws won’t protect you. Being right won’t protect you. The Rules should not scare you off the internet, but ignoring them, willfully or not, will dramatically increase your odds of victimization.

The Rules are not an excuse for bad behavior. “They deserved it, they should have known better,” is a psychotic’s justification.

Basic stay-safe rules

  1. Don’t trust any website that promises the ephemerality of your data
  2. Don’t trust any website that promises not to track you
  3. Don’t trust any website that promises not to sell your data
  4. Don’t use the same password in multiple locations
  5. Never send something through the internet that you want to stay secret
  6. Never open an email attachment that you aren’t expecting
  7. Never believe anything in email from unknown senders
  8. Never respond to email from unknown senders
  9. Check with snopes before believing hysterical emails from friends and family
  10. Using Paypal is safer than giving your credit card number to an unknown web site [EDITED: see comments for discussion]
  11. Don’t trust any site that’s able to return your password to you when you click the “forgot password?” link
  12. Don’t reveal your physical location through social media in real time – there’ll be time enough to post your photos when you get back home
  13. Encryption is hard – don’t try to roll your own

5 thoughts on “The Rules

  1. Not sure about (10). Federal law says you have zero liability for internet credit card fraud… and if dodgy charges start showing up on your statement, its easier to change a credit card number than a bank account which maybe linked to yout paypal account.

  2. Well…. you said “Using Paypal is safer than giving your credit card number to an unknown web site”. Its not :) You may also loose any credit card protections you have since you are paying Pay Pal, not the merchant.

    Also, Paypal’s fees are generally higher (there’s an extra middleman now), so the merchant is getting less money… especially important if you’re making charitable donations.

    Personally, every time I’ve tried to pay by credit card on Pay Pal I’ve had the transaction blocked by the credit card provider as Pay Pal usage tends to be fraudulent.

    Using your credit directly is really the way to go!

  3. I also don’t agree about Paypal. There was fraud on my Paypal account and Paypal wouldn’t give me my money back. But my bank did and since then Paypal has blocked that account and any new accounts, so I can’t use Paypal anymore.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s