admin/clarkeis.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
clarkeis.com/site/introwebdev/week-3-safety.html
Tyler Clarke 0ce859a50e
All checks were successful
ClarkeIS Build / Build-Docker-Image (push) Successful in 25s
Details
w3
2026-01-21 23:30:43 -05:00

87 lines
4.5 KiB
HTML
Raw Permalink Blame History

[!]
[=title "Week 3: Safety"]
[=content-]
<p>
Building a website is not among the more dangerous activities you can undertake.
Driving to school is actually a much bigger risk, statistically speaking!
However, there are still some things to be aware of.
</p>
<p>
Note that just posting a website <b>cannot</b> leak any information about you! The only information Github provides
to the public is your username, and Github themselves do not know anything compromising. Thus the
easiest way to stay safe is to not tempt fate! Don't put your personal information on a website. Period.
</p>
<p>
You should always operate under the assumption that anything you put online is there for good.
This applies on social media, chat apps, and also your personal website! Archives and Github version control make it
nearly impossible to permanently remove anything. Therefore you should always very carefully check
through anything you post for information that could identify you. This includes,
</p>
<ul>
<li>
E-Mail addresses: Don't put an email address on the public internet! That's just ASKING for spam, and it can
potentially make it much easier for a hacker to break into your accounts elsewhere.
</li>
<li>
Phone numbers: Same with email; spam is annoyingly automated, and a hacker could potentially use your phone number
and guess your password for an account, thereby compromising you.
</li>
<li>
Real names: In the information age it's shockingly easy to find people with their
real name. I would not recommend ever sharing it online under any circumstances.
</li>
<li>
Locations: Don't put your address or an address near you on the internet. You don't want
somebody looking through (often public!) voting and census records and finding you.
</li>
<li>
Location <i>hints</i>: This is really dangerous! It's easy to think
"it's probably fine if I post a review of [some restaurant near me]", but
that is in fact quite dangerous, especially if you live in a smaller area. A clever hacker can
use that to massively narrow down your location and pinpoint you.
There's no general rule for how far away it should be: until you're older
and more capable (and possibly hackers yourselves!) you shouldn't risk it at all.
</li>
</ul>
<p>
Some risks don't exist, and you should not put effort into worrying about them:
</p>
<ul>
<li>
Hackers can't get your IP address from your public website. What would that even <i>mean</i>? Hopefully we'll have time to cover some basic
networking in this course so you all can see how patently ridiculous most of the common concern over IP addresses is.
</li>
<li>
Hackers can't get any information you don't post. You fully control the flow of information to them.
They <i>can</i> take existing information and make further deductions based on publicly available knowledge (e.g. voting records) but
they can't create information out of thin air.
</li>
<li>
Nobody can break into your computer because you're using Github. It's a website. Websites don't do that.
</li>
<li>
Similarly nobody can break in through Git or Github Desktop - these are incredibly well-tested tools
used millions of times every day by millions of developers, and the chances of a security breach are
MUCH lower than the chances of e.g. an angry koala bear trampling all of us in class on Friday.
</li>
<li>
Your home network will not be exposed to anyone: your website will be hosted externally on Microsoft servers
(Microsoft owns Github), and will not in any way communicate back to your local network.
</li>
</ul>
<p>
It is a generally-safe rule of thumb that the only risk here is accident. In the case something
like that happens (e.x. you upload seconds before you realize you included your email address, or somesuch)
the first thing to do is immediately remove it and update again; you really don't want spam crawlers to see it.
Then you need to delete the commit containing your identifying information, and possibly send takedown requests to archives. It's a hassle,
but not an unnavigable one. Don't be afraid to ask me if you need help scrubbing personal information off the web!
</p>
<p>
<b>Warning: images and videos not necessarily safe!</b><br>
Many types of media (predominantly images) taken by phone cameras contain hidden <i>EXIF metadata</i> (like the metadata
in your site, but really annoying) often containing your location. Do not post images taken by your phone camera
unless you've used an editor like GIMP to strip out the identifying metadata. We may go over this in class.
</p>
[/]
[#template.html]
Reference in New Issue View Git Blame Copy Permalink