I feel like I learned a lot from Module 6. Internet security is something that I generally think I know, but it is one of those things where I know only exactly as much as I feel I need to, and haven't really dived much deeper than that.

So for example while i know not to click suspicious links in an email, for example, and while i make it a habit to go to the site myself rather than click any link, i really didn't know that these links could redirect you via using the real address and then an @ to their phishing site. I have taken risks in the past with emails I was unsure about if I could tell that the link started with the intended domain, and I knew it was a site that didn't allow users to make their own unvetted pages. It's really clever to stick things like that in the area you would normally find tracking info. I think most people have come to expect tracking info on links and would not think to vet them. Now that I know this, that'll help me avoid making mistakes in the future.

The information about identity theft was also very interesting to read. I have been a bit worried that someone may have stolen my information a few years ago, as I got a call back from a doctor's office once about a phone call I never made, at a doctor's office I had not been to in years. I didn't give any major information during this call but after the call ended I realized that this call itself could have been spoofed and verifying information they obtained from a data breach at that office. So far i haven't seen any other signs of trouble, but it still worries me, so it was helpful to see the page about steps to protect yourself.

I also found the section about “web bugs” interesting. I feel like i heard about 1px gifs containing 3rd party cookies years ago, but they seemed like the kind of urban legend that popped up a lot in the earlier world wide web, maybe because seems like nowadays single pixel gif files are less likely to be used for cookies compared to javascript ads approved by the site.

Finally, the section on security certificates was very relevant to something I'm currently dealing with. A group of friends and I recently inherited an older website from another friend of ours who originally created the site and eventually decided he could no longer deal with managing it. The site works (barely) and it's important to all of us to keep it around and functional, but one problem that's at the forefront right now is that we cannot get the site a security certificate in its current state. I don't understand the particulars at the moment as my role in fixing things up is mostly in a design capacity at the moment, but this section was a good overview of how that works and gave me a baseline to understand what needs to be done in order to recertify the site so that users can use https with it without a security threat warning.