[techtalk] Tech-Talk: INTERNET - Is That Website Unsafe?

[Darci Hanning]

Greetings!

The Tech-Talk e-newsletter for Oregon library workers is distributed weekly via the Libs-OR and TechTalk mailing lists. Please do not forward.

Know someone who might be interested in receiving a copy but they’re not on the Libs-OR or TechTalk mailing lists? Have them contact darci.hanning at state.or.us<mailto:darci.hanning at state.or.us> or visit http://listsmart.osl.state.or.us/mailman/listinfo/techtalk to receive the TechTalk newsletter!

This paid subscription service is supported in whole by the Institute of Museum and Library Services (IMLS) through the Library Services and Technology Act (LSTA), administered by the State Library of Oregon. Enjoy!

[http://files.constantcontact.com/ee1208b4001/34916cb2-412f-43fa-8294-1f7ecb0e9a3d.png]



 Want to share Tech-Talk? Ask first. Contact info at Tech-Talk.com<mailto:info at tech-talk.com> © 2018 Shared Results International



Brought to you by the State Library of Oregon





[State of Oregon]






The State Library is pleased to provide you with Tech-Talk.com. We encourage you to make the most of this skill-building membership site at www.Tech-Talk.com<http://r20.rs6.net/tn.jsp?f=0012vfbVk41Wufy6mGWvD7NLgNSUZ4bIp-su62pyQMcwPQdMjJWJK0FCtVMw-vRP7-NxkjsxVeDmzLKFvvgPI_gNo_WjT1eE7ff4GVCVHIadg1APFDdzAAplLLWGFDlDgw28LD0SHuTSmFc2OCGAjD5jQ==&c=_tuu3SYvh1oXaybnDQb7ik6RIRZFxf5_gy8MtYyiHSj2t-GTFlScMw==&ch=ZZ-OfrlXK6PkAK4YGEDyWTgfMv1WkcBWt1L_2yEfZZKSL9JhTURJFw==>.

Username: ORLIBTECH
Password: ORLIBTECH (case sensitive)
Contact Darci Hanning at darci.hanning at state.or.us<mailto:darci.hanning at state.or.us> if you have questions.








[http://files.constantcontact.com/ee1208b4001/2b47553b-0655-4574-8c79-e3841b96c919.jpg]<http://r20.rs6.net/tn.jsp?f=0012vfbVk41Wufy6mGWvD7NLgNSUZ4bIp-su62pyQMcwPQdMjJWJK0FCjWRTlN9Oumuqmvm9W8er5z4RoK_ThKTASxBF4Xnxs3TZpMdEc-bba1xL8PsdtRrEypRfmN96HX6nIFHRsx9fbxZWL8j9UvcNwit6OMrhoH3Erb4EDqibDGOy3YjUhFfLYCfHhApRJu6&c=_tuu3SYvh1oXaybnDQb7ik6RIRZFxf5_gy8MtYyiHSj2t-GTFlScMw==&ch=ZZ-OfrlXK6PkAK4YGEDyWTgfMv1WkcBWt1L_2yEfZZKSL9JhTURJFw==>



Photo by Jason Blackeye<http://r20.rs6.net/tn.jsp?f=0012vfbVk41Wufy6mGWvD7NLgNSUZ4bIp-su62pyQMcwPQdMjJWJK0FCjWRTlN9Oumus7Qr_uc_X_ut8zovYL-8bHzSNbEj4SqsnBbUzbrdRGBcuydA93T2CYofNE_v-bF5DrhCf7v9G3VjzQfFdIZMT9fmxwvwdQ5rzE3bteLWQzkuFXxnGZ_JB01q1X8O_CeLPijM73OOMHAVxDpM3so8DO2Z9EdIPB1mSH-IhZ1LF3X5DBBKMlcTcC-kTMngP5uV94hkqPFN1h9BEdDddiRiuA==&c=_tuu3SYvh1oXaybnDQb7ik6RIRZFxf5_gy8MtYyiHSj2t-GTFlScMw==&ch=ZZ-OfrlXK6PkAK4YGEDyWTgfMv1WkcBWt1L_2yEfZZKSL9JhTURJFw==> on Unsplash<http://r20.rs6.net/tn.jsp?f=0012vfbVk41Wufy6mGWvD7NLgNSUZ4bIp-su62pyQMcwPQdMjJWJK0FCjWRTlN9OumunqMacl2MyYukNPg83a_vXjgoapDOu65AEOROciVVhDj_0yS77wRWDFcrcFUyNlbZ0MJUSidPqxhj-r7cuiN8XfcVgjEDdAp5rbJAUO6ZGyL_sLKKZYaDH5YjkHBcF0idIQMPS1qCXl9yCmROClBccn6dulR-C-Td14D_a6RNpHLv3b-A1Mf9RXZJlGCfi36xGW4XQwnAoyP44XbUOOlrn05EE5x_N55K&c=_tuu3SYvh1oXaybnDQb7ik6RIRZFxf5_gy8MtYyiHSj2t-GTFlScMw==&ch=ZZ-OfrlXK6PkAK4YGEDyWTgfMv1WkcBWt1L_2yEfZZKSL9JhTURJFw==>



 This Week's Tech-Talk: INTERNET

1. VIDEO ... Is That Website Unsafe?
2. ARTICLE ... Is That Website Unsafe?
3. COMMUNICATING ... Interpersonal communications skills

NOTE: To view the VIDEO, click here<http://r20.rs6.net/tn.jsp?f=0012vfbVk41Wufy6mGWvD7NLgNSUZ4bIp-su62pyQMcwPQdMjJWJK0FCjWRTlN9Oumuqmvm9W8er5z4RoK_ThKTASxBF4Xnxs3TZpMdEc-bba1xL8PsdtRrEypRfmN96HX6nIFHRsx9fbxZWL8j9UvcNwit6OMrhoH3Erb4EDqibDGOy3YjUhFfLYCfHhApRJu6&c=_tuu3SYvh1oXaybnDQb7ik6RIRZFxf5_gy8MtYyiHSj2t-GTFlScMw==&ch=ZZ-OfrlXK6PkAK4YGEDyWTgfMv1WkcBWt1L_2yEfZZKSL9JhTURJFw==>. Enter the Username and Password!









Tech-Talk: INTERNET - Is That Website Unsafe?
Advanced



The other day I went to a web page that I had visited in the past only to be met with a bold message telling me the site was not secure -- that the connection was not private. It was potentially unsafe.



[unsecure]



How could this be? The site was safe just the other day!

You may have noticed this happening to you more frequently ... getting a warning message on web pages that you have used before ... or which are well known and should be fine.

This is because in recent years, the technology for increasing security on webpages has advanced significantly, so that now the best-practice is to "lock" the pages down, by getting them SSL Certified.

If a page does not have this safety protocol installed (yet), you will get a warning saying that it is not secure.



[http://files.constantcontact.com/ee1208b4001/a67541a7-6d49-4f1a-9859-57fde954a49e.png]



In an effort to help keep user information safe, the major browsers are blocking (even penalizing) websites that do not have the updated secure protocol.

There is a simple way to tell if a site is SSL Certified ... look for the "https://" at the beginning of a URL address. Webpages that start with "http://" are the older, standards sites. Those that begin with "https://" (note the "s") are the ones that are secure.









What the Acronyms Mean



You shouldn't need a degree in IT to feel safe when you're keying in information like your email or credit card number on a website. So let's break down the alphabet soup acronyms of HTTP, HTTPS, SSL and TLS so that you understand what's going on.



HyperText Transfer Protocol (http) and HyperText Transfer Protocol Secure (https) are basically languages for transmitting information between web servers and clients.



[HTTPS]



HTTPS is a secure connection (hence the "s' on the end), while HTTP is unsecure -- or not encrypted.

It used to be that only websites that took sensitive or credit card information needed to be secure. But now the recommendation is for ALL websites to have this level of encryption.









How SSL and TLS Play a Part



You may have heard the term SSL -- a website gets an "SSL certificate" to make it safe. This acronym refers to the Secure Socket Layer which is commonly used interchangeably with the term TLS or Transport Layer Security. Both of these protocols help encrypt information that is transmitted over a computer network.

For example, when this updated protocol was first recommended, at Tech-Talk, we worked with our website hosting company to obtain an SSL Certificate for the website updating it to the HTTPS protocol.









How Can You SEE if a Website is Secure?



Each browser has its own way of displaying that a site is secure -- and the image of a padlock in the address bar (usually green or gray) is the key that confirms it.

As in the example below in Google Chrome, you see that both Tech-Talk.com and Amazon.com have the green padlock displaying with the word "Secure" next to it. And the protocol HTTPS is in the website's URL.



[padlock]



In Mozilla Firefox, you also see the green padlock displayed next to the website URL.



[Firefox padlock]





[website security]






When looking at sites in Google Chrome, you may see either the green padlock, or other symbols showing the site is not secure, or even dangerous.

Other browsers have similar security symbols and messages.

For example, in the image below, you see that this site does not have the padlock. And when you click on the information link (the "i" in a circle), it displays a message telling you "Your connection to this site is not secure."


[unsecure site]









Why Should You Care?



When you visit a website, should you care if it is secure or not?

If you're reading a blog and not entering any personal data into forms on the site, then securing your information is not a factor.

But if you're entering any information on the site, protecting your data is important.

A secure "HTTPS" website protects your data in these ways:

·     Confidentiality encrypts the data that you enter into a site so that no one else can read it. For example, if you're using public Wi-Fi without an HTTPS connection, a hacker could see private information as it is being transferred.

·     Data Integrity ensures the information that you key into website forms to be transmitted is not tampered with in transit. It can't be intercepted by hackers.

·     Authentication verifies the ownership of the website. It prevents hackers from creating realistic looking copies of websites designed to steal your information.









How You Can be Vigilant





[stay secure]






It may take some time for all websites to become complaint and institute the HTTPS protocol. There's kind of a "grace" period in this transition where unsecured sites are not red-flagged in your browser window. But you can take precautions.

·     If you visit a site and don't see a green padlock, as long as you're not entering data in a form, most likely the site may not be harmful.

·     However, before you enter any information into a form, even an email address -- but especially credit card information, look for that green padlock to ensure your information is transmitted safely.








What You Can Do if a Website isn't Displaying in Your Browser



Each site's SSL certification has to be renewed in intervals (sometimes every 90 days, or annually) to ensure it is still valid. Sometimes the automatic system that does this runs into a streaming glitch, so the renewal doesn't kick in. The owner of the site then has to trigger it manually to re-certify.

If this is a known web page to you, you can bypass the warning by clicking on "Advanced" and choosing to proceed to the page.









[http://files.constantcontact.com/ee1208b4001/f8f1ecc8-4884-4c21-8ed0-cf647e6db944.png]








Communications: Interactive Skills
How often do you do each of these?

Every single thing we say to each other, whether it's in meetings, on the phone or at the water cooler, falls into one of three communication behaviors. We're either clarifying, reacting or initiating.

Over the next couple of issues, we'll share insight into how each of these can be used to improve the quality of your day to day interaction with colleagues. As you become more sensitive to the differences, start tracking how often you do each.

Clarifying Communications

The first two types of clarifying communications are what we do most frequently: give and seek information. These are the easiest to identify.

Give Information: Offer facts and opinions. The sad truth is that most of us spend an inordinate amount of time "giving information". We're telling people what we think, what we know, what they should understand. The reality is that "Giving Information" is the least powerful interactive communication skill. It's less capable of generating engagement, buy-in and support. Just telling stuff to people has limited effect.

·     Our numbers are up 25% this year.
·     The Director is coming to our meeting next week to give feedback on the show.
·     The most common problem from the focus group session was "listening".

Seek Information: Ask questions – looking for facts. Interspersing questions, gathering data and insight are good techniques for engaging others, getting their support and benefiting from other people's knowledge. Certainly being sure you have all your facts in order before giving directions is a strong skill to development.

·     What are the department's goals this year?
·     How many have signed up for the Community Service Project?
·     Does anyone have the revised training schedule?

Try this... Just in one meeting or a phone conversation, take a piece of paper and mark a single tick mark for each time you Give Info and Seek Info. What kind of ratio do you have between the two?








[innovation]



 CLICK HERE ... for the TECH-TALK LIBRARY!<http://r20.rs6.net/tn.jsp?f=0012vfbVk41Wufy6mGWvD7NLgNSUZ4bIp-su62pyQMcwPQdMjJWJK0FCtVMw-vRP7-NxkjsxVeDmzLKFvvgPI_gNo_WjT1eE7ff4GVCVHIadg1APFDdzAAplLLWGFDlDgw28LD0SHuTSmFc2OCGAjD5jQ==&c=_tuu3SYvh1oXaybnDQb7ik6RIRZFxf5_gy8MtYyiHSj2t-GTFlScMw==&ch=ZZ-OfrlXK6PkAK4YGEDyWTgfMv1WkcBWt1L_2yEfZZKSL9JhTURJFw==>

NOTE: Forgot your user ID? See your sponsor block at the top of this email.
Problems? Contact us at Support at Tech-Talk.com<mailto:Support at Tech-Talk.com>









 YOU CAN ASK A QUESTION!

Do you have an idea for an article, or a problem using technology in some way...

We can help! CLICK HERE<http://r20.rs6.net/tn.jsp?f=0012vfbVk41Wufy6mGWvD7NLgNSUZ4bIp-su62pyQMcwPQdMjJWJK0FCl3OPjqvP85cNqxhQtuccNbCIEOIthwBbBFaFZyzi0K9MmBbpxrgPekGRL_9-nel65RWU3avVb0Xmv2ybqNLzVr-SDwQbopDkMj8__ym22Q2AKAJsh4B5HM=&c=_tuu3SYvh1oXaybnDQb7ik6RIRZFxf5_gy8MtYyiHSj2t-GTFlScMw==&ch=ZZ-OfrlXK6PkAK4YGEDyWTgfMv1WkcBWt1L_2yEfZZKSL9JhTURJFw==>.

Just contact us and we'll get the answer for you right away.


[http://files.constantcontact.com/ee1208b4001/464c50f5-0d77-4705-bb24-bf95437ce585.jpg]


Copyright 1996-2017 Shared Results International. Published weekly. Do not forward this issue of Tech-Talk.com without prior permission from Shared Results International. Distribution is limited by contract. Forwarding it to unauthorized recipients constitutes copyright infringement.
For information on site licenses or how to include additional recipients, email darci.hanning at state.or.us<mailto:darci.hanning at state.or.us>









Cheers,
Darci Hanning, MLIS
Technology Development Consultant
darci.hanning at state.or.us<mailto:darci.hanning at state.or.us> | 503-378-2527 | www.oregon.gov/osl/ld<http://www.oregon.gov/osl/ld>
Follow us: Facebook<http://fb.me/orlibsupport> | Twitter<https://twitter.com/ORLibSupport> | Tumblr<http://www.statelibraryor.tumblr.com/> | Pinterest<https://pinterest.com/statelibraryor/>
Ask me about the Edge Initiative<http://oregonedge.net/>!
[cid:image005.png at 01D31C27.4B9FEA30]



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/techtalk/attachments/20180322/286d5386/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 15548 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/techtalk/attachments/20180322/286d5386/attachment.png>