SECOND EDITION

Web Security, Privacy,

and Commerce

Simson Garfinkel
with Gene Spafford

O'REILLT
Beijing • Cambridge • Famham • Köln • Paris • Sebastopol • Taipei • Tokyo
 Table of Contents

Preface xi

Part I. Web Technology

1. The Web Security Landscape 3

The Web Security Problem 3
Risk Analysis and Best Practices 10

2. The Architecture of the World Wide Web 13

History and Terminology 13
APacket's Tour of the Web 20
Who Owns the Internet? 33

3. Cryptography Basics 46
Understanding Cryptography 46
Symmetrie Key Algorithms 53
Public Key Algorithms 65
Message Digest Functions 71

4. Cryptography and the Web 78

Cryptography and Web Security 78
Working Cryptographic Systems and Protocols 81
What Cryptography Can't Do 88
Legal Restrictions on Cryptography 90

5. Understanding SSL and TLS 107

What Is SSL? 107
SSL: The User's Point of View 115

v
 6. Digital Identification I: Passwords, Biometrics, and Digital Signatures... 119
Physical Identification 119
Using Public Keys for Identification 130
Real-World Public Key Examples 140

7. Digital Identification II: Digital Certificates, CAs, and PKI 153

Understanding Digital Certificates with PGP 153
Certification Authorities: Third-Party Registrars 160
Public Key Infrastructure 174
Open Policy Issues 187

Part II. Privacy and Security for Users

8. The Web's War onYour Privacy 203

Understanding Privacy 204
User-Provided Information 207
Log Files 210
Understanding Cookies 216
Web Bugs 225
Conclusion 229

9. Privacy-Protecting Techniques 230

Choosing a Good Service Provider 230
Picking a Great Password 231
Cleaning Up After Yourself 242
Avoiding Spam and Junk Email 252
Identity Theft 256

10. Privacy-Protecting Technologies 262

Blocking Ads and Crushing Cookies 262
Anonymous Browsing 268
Secure Email 275

11. BackupsandAntitheft 284

Using Backups to Protect Your Data 284
Preventing Theft 295

12. Mobile Code I: Plug-ins, ActiveX, and Visual Basic .298

When Good Browsers Go Bad 299
Helper Applications and Plug-ins 304

vi | Table of Contents
 Microsoft's ActiveX 308
The Risks of Downloaded Code 318
Conclusion 326

13. Mobile Code II: Java, JavaScript, Flash, and Shockwave 327
Java 327
JavaScript 346
Flash and Shockwave 358
Conclusion 359

Part III. Web Server Security

14. Physical Security for Servers 363

Planning for the Forgotten Threats 363
Protecting Computer Hardware 366
Protecting Your Data 381
Personnel 392
Story: A Failed Site Inspection 392

15. Host Security for Servers 396

Current Host Security Problems 397
Securing the Host Computer 405
Minimizing Risk by Minimizing Services 411
Operating Securely 413
Secure Remote Access and Content Updating 423
Firewalls and the Web 431
Conclusion 433

16. Securing Web Applications 435

A Legacy of Extensibility and Risk 435
Rules to Code By 443
Securely Using Fields, Hidden Fields, and Cookies 448
Rules for Programming Languages 454
Using PHP Securely 457
Writing Scripts That Run with Additional Privileges 467
Connecting to Databases 468
Conclusion 471

Table of Contents | vii

 17. Deploying SSL Server Certificates 472
Planning for Your SSL Server 472
Creating SSL Servers with FreeBSD 477
Installing an SSL Certificate on Microsoft IIS 501
Obtaining a Certificate from a Commercial CA 503
When Things Go Wrong 506

18. Securing Your Web Service 510

Protecting Via Redundancy 510
Protecting Your DNS ' 514
Protecting Your Domain Registration 515

19. ComputerCrime 517

Your Legal Options After a Break-In 517
Criminal Hazards 523
Criminal Subject Matter 526

Part IV. Security for Content Providers

20. Controlling Access to Your Web Content 533

Access Control Strategies 533
Controlling Access with Apache 538
Controlling Access with Microsoft IIS 545

21. Client-Side Digital Certificates 550

Client Certificates 550
A Tour of the VeriSign Digital ID Center 553

22. Code Signing and Microsoft's Authenticode 560

Why Code Signing? 560
Microsoft's Authenticode Technology 564
Obtaining a Software Publishing Certificate 577
Other Code Signing Methods 577

23. Pornography, Filtering Software, and Censorship 579

Pornography Filtering 579
PICS 582
RSACi 589
Conclusion 591

viii | Table of Contents

24. Privacy Policies, Legislation, and P3P 592
Policies That Protect Privacy and Privacy Policies 592
Children's Online Privacy Protection Act 601
P3P 606
Conclusion 609

25. Digital Payments 610

Charga-Plates, Diners Club, and Credit Cards 610
Internet-Based Payment Systems 620
How to Evaluate a Credit Card Payment System 640

26. Intellectual Property and Actionabie Content 642

Copyright 642
Patents 645
Trademarks 646
Actionabie Content 650

Part V. Appendixes

A. LessonsfromVineyard.NET 655

B. TheSSL/TLSProtocol 688

C. P3P: The Platform for Privacy Preferences Project 699

D. The PICS Specification 708

E. References 716

Index 735

Table of Contents | ix