Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll
Well done!
You have completed Security Literacy!
You have completed Security Literacy!
Preview
Gain an understanding of the essentials of internet traffic with an animated model.
New Terms:
- Open WIFI -- A wireless network that is not protected with a password. Consider all traffic exposed to everyone else connected to the network.
- WIFI Router -- A device to provide a local wireless network for connecting to the internet
- Data Center -- A facility that houses servers and routes internet activity
- Internet Service Provider (ISP) -- A company that we pay to provide access to the web (e.g. Comcast, Time Warner Cable, Verizon).
- Node -- A device that internet traffic passes through on its way to the correct destination.
Related Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign upRelated Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign up
When we do a Google search for
movie show times, for
0:00
example, we may only consider this
an exchange between ourselves and Google.
0:02
When we get an email from a friend,
0:07
we may only think of it as communication
between them and ourselves.
0:09
The reality is that, many more people and
devices are involved in these exchanges.
0:13
And a lot more information often fairly
revealing information is transmitted.
0:17
Having a solid foundational grasp
of these flows can help us all
0:22
make informed decisions.
0:26
Let's build up our scene.
0:28
Consider you're in a coffee shop
in Portland, Oregon with a laptop.
0:30
For this example,
0:33
the coffee shop has an open WiFi, meaning
a password is not required to use it.
0:34
There are other people in the coffee
shop too, some with their own devices.
0:39
Each person is surfing the Internet,
browsing Facebook,
0:44
watching Netflix, reading CNN.
0:47
So we can add a data center
to represent those sites.
0:49
In reality, each of those companies would
have a presence in multiple data centers
0:52
located around the world.
0:56
But for simplicity, we'll think of them
as sharing a single, centralized center.
0:58
As we start to add the flows of traffic,
there's probably nothing too surprising.
1:03
We can add a few more elements to
get closer to how these flows work.
1:08
Let's add the WiFi routers,
the devices used to transmit and
1:12
receive the Internet signal to and
from our personal devices.
1:15
Let's add
the Internet Service Providers or ISPs.
1:19
These are companies like Comcast,
Time Warner Cable, and
1:22
Verizon that we pay to
provide access to the Web.
1:25
And in truth,
in order to pass all this traffic around,
1:29
there are additional nodes or
relay points between these parties.
1:32
Let's consider two scenarios, and work
through the flow of the Internet traffic
1:37
involved, including what's exposed and
the parties that might have access.
1:40
We'll look at a Google search and
receiving an email [SOUND].
1:45
If we break down the flow
of a typical Google search,
1:48
the steps would be as follows.
1:51
Open a browser to google.com,
1:53
enter the search terms into the text
field, example, movie show times.
1:56
Note the green lock and
the letters https in the address bar.
2:00
We'll go into detail about this later,
but for
2:05
now know that this means
your connection is secure.
2:07
[SOUND] The text is sent from
the laptop to the coffee shop WiFi,
2:10
to the local ISP,
to Google data center and processed.
2:15
And back through roughly the same path.
2:19
Note that the connecting
nodes have changed.
2:22
Movie showtimes for Portland,
Oregon is then shown in the browser.
2:24
The first thing to mention, is that a lot
of the activity on an open Wi-Fi network,
2:29
like this coffee shop, is exposed
to anyone else on the same network.
2:33
If this were a different search engine
that wasn't protected with HTTPS,
2:37
then another person in the coffee
shop could even see the search terms.
2:40
This may not be a big deal for
a search about movie times, but
2:45
I'm sure you can imagine more
personally sensitive searches.
2:49
The next point is that there are a lot
of hops that the traffic takes for
2:53
a full round trip.
2:56
While most of those nodes are secure,
it's worth noting that if an attacker
2:57
gained full access to one,
they could expose web traffic.
3:01
The ISPs have access to
that web traffic as well.
3:04
This is of course necessary for
3:07
them to forward the Google search
to the correct data center.
3:08
But some laws may allow ISP's to collect
and sell this information to anyone,
3:12
which can really make you think twice
about the web traffic you create.
3:17
And finally, the traffic arrives
at the data center for processing.
3:21
Because you used the Google engine
with HTTPS, the content of your search
3:24
was encrypted for privacy from the browser
all the way to Google servers.
3:29
Google then decrypts this content and
has access to it too.
3:33
It will provide the showtimes
as requested, but
3:37
it may also record a history of searches,
and even serve advertisements for movies.
3:40
We often accept this implicitly
when Google's services.
3:45
But it's worth calling out here so
we know who has access to our data.
3:49
Now, let's put others in the scenario.
3:53
A friend at home with a cell phone.
3:55
They're on their home wi-fi network,
protected with a password.
3:58
Now, let's consider the flow of
receiving an email from a friend.
4:01
[SOUND] The friend will open their
browser or email client on their phone.
4:05
[SOUND] They'll compose their message and
send it.
4:08
[SOUND] The message is sent from their
cellphone, to the wi-fi network,
4:11
to the ISP, a series of nodes,
email data center.
4:16
Another ISP,
another email data center, local ISP,
4:20
more nodes, coffee shop network,
and finally, the laptop.
4:24
The final points here are that there
are a lot more actors and devices in play.
4:29
Generally, this is just part of
the infrastructure but the more points of
4:34
contact there are, the greater the chance
for an attacker to read the email.
4:38
Also, the friend's wi-fi is
protected with a password.
4:42
So a neighbor, for example, wouldn't be
able to see the content of the email.
4:45
But let's say that they use
an insecure email service.
4:49
Even if they are protected in their home,
that email is now exposed to
4:52
all hops along the path, at least until
it arrives at your email service.
4:56
Security is difficult largely for
this reason.
5:01
It requires everyone involved to
do the right thing at all times.
5:03
While I would suggest a different coffee
shop, it's not really your fault for
5:08
trying to use the Internet.
5:11
You even used a secure search engine.
5:13
And I would encourage your friend
to change email providers.
5:16
Most major ones like Gmail and
Outlook are encrypted.
5:18
It's not really their fault either.
5:21
They just wanted to send an email.
5:23
And they even made sure that their home
network was protected with a password.
5:25
In both scenarios,
5:29
it just took one exposed link in the chain
to render the whole flow insecure.
5:30
Both of these scenarios also have
some secure solutions based on
5:35
end-to-end encryption.
5:38
You could browse the Internet comfortably
safe on an open wi-fi network,
5:40
using a VPN.
5:44
Your friend can encrypt that
email on their device for
5:45
you to decrypt on yours with no
one between able to read it.
5:48
No matter what network or
email provider was used.
5:52
We'll discuss these approaches
in later videos so that you and
5:56
your friends stay safe.
5:59
But these are not well known, or
particularly user friendly tools.
6:01
Which brings up one of the other main
reasons that security is difficult.
6:05
It's often a trade-off with convenience.
6:08
Just think of how inconvenient it is
to remember strong unique passwords for
6:11
each site you use.
6:15
In the next video, we'll explore how even
when the content of a message is secure,
6:16
the act of sending a message or
6:21
browsing online itself can reveal
a lot without you knowing it.
6:22
You need to sign up for Treehouse in order to download course files.
Sign upYou need to sign up for Treehouse in order to set up Workspace
Sign up