SSL Explained

     The internet (web) is a connection of interconnected computers (nodes). How can one be sure that the website or web resource located on the internet can be trusted? How can one be sure that no one can see the traffic being sent between these interconnected computers (passwords, banking information)?

     When an individual decides to travel via an airport, they will encounter some form of security or an airline front desk. How do they know the person's identity standing in front of the counter or security checkpoint? Simple, they ask the individual to present an ID they can trust. Often the form of ID is a passport, or a state issued identification card. The form of ID accepted is from a trusted agency.

     In the field of computer security SSL is called a 'certificate' issued by a trusted third party like Verisign, Sectigo (Formerly Comodo) along with many others. The way trust is established is mostly done through the browsers bundled with the Trusted Certificate Authorities (like the airport will accept a form of ID) and the browser will validate if the certificate is indeed issued by a Trusted Certificate Authority. It will also check to see if the certificate has expired (just like the expiration date on a state issued identification card). The Browser will also check to see if it is truly issued by the Trusted Certificate Authorities it can trust (just like security at an airport will look at forms of ID's, biometrics (face), as well as placing the ID under some form of scanner to ensure its validity. The process of verifying this is done through cryptographic techniques called Digital Signatures.

     To ensure the safety and security of everyone using this website the browser will automatically redirect the experience to https://www.drmarlynyoung.com. This additional step will help everyone in guarantying the information presented is both reliable and secure.

Sarah Palin Hack

     In 2008, David Kernell, utilized the password reset. The password reset required birth date, zip code, and the answer to the security question, "Where did you meet your husband?" Because she was governor of Alaska all of these answers could be found online.

     What he did was illegal and a violation of the Computer Fraud and Abuse Act. He was sentenced to one year and one day in prison plus three years of supervised release.

     When setting up an account such as email or bank account you will be asked some securtiy questions. Usually the questions and answer combination is really obvious. For example, "What is your mother's maiden name?" That one isn't new it has been around since 1882.

     Enter the bots. Companies frequently scan the internet looking for persoanl information so finding the answer can be really easy.

     When setting these security questions, try to avoid the most obvious suggestions from the drop-down menu. No one says you have to provide the correct response. If you want you can make up every answer. So, how do I remember those answers to each site? Simple, write them down in a password manager. Always consider how valuable the site is to you. You will probable trust your bank more than a streaming site like Netflix.