Spim? Spam? Spit? Stop feeling overwhelmed by internet security jargon. Use this handy glossary to figure out what’s what!
Adware, or advertising-supported software, displays advertisements on your computer in the form of banners and pop-up windows. These ads are a way for software companies to generate revenue. Some adware runs on your machine without your knowledge and consent, while others are intentionally downloaded. While adware is more of a pesky nuisance than a harmful threat to your cyber security, some adware might collect information about your browsing behavior and sell it to third parties.
How does adware work?
While adware is more of a pesky nuisance than a harmful threat to your cybersecurity, some adware might collect information about your browsing behavior and sell it to third parties. This information, such as websites visited and time spent on each one, is used to target you with more advertisements customized according to your viewing habits.
A device can be infected with adware via two main avenues. The first is that it is installed alongside other programs. This is most common with freeware and shareware. The second is by visiting an infected website. The adware takes advantage of a vulnerability in the user’s web browser to stealthily install itself. Once infected, the adware can collect more private information, redirect you to malicious websites, and insert more advertisements into your browser.
Asymmetric encryption, or public-key cryptography, is an encryption method that requires two keys to access a server: a public key for encryption, and a matching private key for decryption.
How does asymmetric encryption work?
Asymmetric encryption is commonly used on the internet as a means of privately communicating without either party necessarily knowing the other’s private encryption key in advance. Anyone can encrypt a message using the receiver’s public key, but only the receiver can decrypt it.
Asymmetric encryption is more computationally intensive than symmetric encryption. For this reason, it’s often used to establish a “handshake” wherein a private key is exchanged between the sender and receiver. That private key, known by both parties, is then used to communicate using symmetric encryption. This process is commonly used when visiting sites that have “https” at the beginning of their URL.
Anti-virus software, otherwise known as anti-malware software, scans your computer or mobile device to detect and restrict the spread of malware on your machine. Since malware is constantly evolving, anti-virus software cannot always detect it, so your machine is always at risk of infection. Anti-virus software is also deployed at an administrative level; many email servers use it to scan emails.
How does antivirus software work?
Antivirus can protect a device from a wide range of threats, including: malware, malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious LSPs, dialers, fraud tools, adware and spyware. Modern antivirus programs often include both real-time threat protection, which guards against possible vulnerabilities as they occur, as well as a system scan, which sifts through all of the device’s files looking for possible risks.
Several antivirus programs are available for almost every operating system, but none are perfect. Furthermore, more operating systems have begun pre-installing antivirus software, such as Windows Defender on Windows 10. You can install multiple antivirus programs on a single system, but users should be wary of compatibility and performance issues this could cause.
A backup is an extra copy of the files on your computer or mobile device. It is typically stored in a separate location from the original files, such as on another drive or in the cloud. If anything happens to your files, or if they go missing or get destroyed, then you will be very thankful you have a backup!
How does a backup work?
Note that a backup is an exact copy of whatever files and folder exist on the original. If a file is added to a backed up folder, then that file will appear in the backup. If that file is deleted, then it will be removed from the backup as well (although some backup programs allow recovery up to a certain period of time). This is the key distinguishing factor between backup and storage, wherein storage is a way to save files that may not exist in any other location (Dropbox and Google Drive are examples of storage).
Note that most backup software simply copies user files to another location–often an external hard drive or the cloud. User files include documents, photos, movies, downloads, and music. They do not back up the operating system, settings, or programs. For that, a “full system” or “bare bones” backup is required. Full system backups can be either clones or images, and they are most useful in the event of hard disk failure.
A backdoor opens a “backdoor” to your computer or mobile device through which hackers and other malicious individuals can connect to your machine and infect it with malware and spam.
How does a backdoor work?
Backdoors are used by hackers to gain access to a device by circumventing security mechanisms. Often times developers install backdoors as a means of troubleshooting their program, but this also leaves a gap for hackers to exploit. The term is often used to describe vulnerabilities put in place on purpose, for example, to allow government surveillance groups to access citizens’ smartphones and computers.
Perhaps the most common backdoor is the use of default passwords. If you’ve ever accessed a Wi-Fi router’s admin console by typing something like “admin” into the username and password fields, you’ve exploited a backdoor.
A blended threat is a combination of two or more “traditional” malware rolled into one truly pesky package. An example might be a combo of a Trojan horse, a keylogger, and a worm. Fighting off a blended threat requires a blend of security tools and protection layers.
How does a blended threat work?
Most sophisticated attacks used today are blended threats. They usually target and spread over networked computers, such as those connected to the internet.
A blog, short for “web log”, is a website where users publish content (known as posts) on a regular basis. Blog posts are typically displayed in reverse-chronological order, meaning that the newest content appears first.
How does a blog work?
Blogs have become commonplace on the internet due to the ease of publishing one. Several blogging platforms make creating a blog a relatively simple task, such as WordPress, Blogger, Tumblr, and many more.
Blogs cover a wide range of subjects and types of content. As the definition of blog has broadened significantly, the line between traditional mass media and blogging has blurred.
Bluetooth or IEEE 802.15.1
Bluetooth is a wireless technology standard for data exchange over short distances. Bluetooth enables short-range wireless communication between keyboards, mice, telephones, headsets, tablets, and other devices.
How does Bluetooth work?
Bluetooth can be used to “pair” a wide range of devices such as smartphones, headsets, keyboards, fitness trackers, speakers, printers, and car stereos.
Bluetooth is maintained by a private company that has released several versions of the technology. The latest major release, Bluetooth 5, promises to quadruple the range and double the speed of the previous generation’s Bluetooth 4.0.
Bot or web bot
A bot (from the word “robot”) is a software program that performs automated tasks on the internet. While bots have certain legitimate uses, like crawling and indexing the Web to make search engines more efficient, they can also be used for malware. Evil bots can take over computers, deploy malware attacks, and compromise user data.
How does a bot work?
While bots have certain legitimate uses, like crawling and indexing the Web to make search engines more efficient, they can also be used for malicious purposes. Evil bots can take over computers, deploy malware attacks, and compromise user data.
“Bot” has more recently become a term for low-level artificial intelligence programs that communicate with users over chat channels like Facebook Messenger. While still fairly primitive at the moment, experts speculate chat bots could become a common feature in eCommerce and customer service, among other industries.
Botnet or zombie armies
A botnet (also known as zombie army) is a cluster of computers whose systems have been seized and compromised by an individual with malicious intent. The individual uses these machines to carry out acts of cyber malice, like sending spam and launching denial-of-service attacks.
How does a botnet work?
The word “botnet” is a combination of “robot” and “network”. Compromised machines are often unknowingly infected with malware or viruses. The bots that make up a botnet can remain dormant until activated to perform an attack.
While botnets are usually malicious, they have some legal applications as well. Distributed computing, for example, can use a botnet to take advantage of the idle resources on multiple devices to execute actions that would not be feasible on a single computer.
A browser hijacker changes your browser’s settings without your permission by replacing your homepage, search page, and error page with pages of their own. A browser hijacker redirects your internet activity in order to collect advertising revenue from you, as well as your personal and browsing data.
How does a browser hijacker work?
Browser hijackers often infect computers through malicious websites and software bundles, particularly browser toolbars. They can usually be removed using antivirus software, but that might not be enough to undo the damage done to the host computer. A system restore is recommended.
A certificate authority is a trusted third-party entity that issues digital certificates. A digital certificate verifies that a public key belongs to the individual whose digital signature is on that certificate.
How does a certificate authority work?
Certificate authorities are used in asymmetric encryption to prevent man-in-the-middle attacks, in which a malicious party intercepts traffic heading to a server and pretends to be the intended receiver.
Trusted CA certificates are usually stored on the client software, such as a web browser. There is no single provider of CA certificates, and the market is fragmented by country and region.
A chat room is an area on the internet where individuals can communicate with one another in real time. Chat rooms are separated by topic. Many chat rooms are monitored by moderators, who ensure that users behave according to that chat room’s code of conduct. Since chat rooms allow users to participate anonymously, they can be frequented by predators, who disguise themselves to prey on vulnerable children and teenagers.
How does a chat room work?
Chat rooms can be public or private and include anywhere from two to hundreds of people. Online video games often integrate chat rooms as a means for players to communicate. Chat rooms are also common among remote teams of people who work together online. IRC chat rooms, largely considered the original, are far less common now.
A cookie is a little piece of data stored in your web browser. When you visit a website, it sends a cookie to your computer to remember your surfing behavior, like what buttons you click and what items you add to your shopping cart, as well as your log-in information. Cookies are not software and cannot destroy your computer or mobile device, but they can track your browsing activity.
How does a cookie work?
Tracking cookies, however, remain active and collect information even after the user has navigated to another website. This information, which includes websites visited and time spent on each one, is often used to target the user with customized advertisement.
Defragment or defragging
Defragging, or the defragment of your computer, is the process whereby information and files stored on your hard drive are reorganized into a more logical order. The actual defragment process can slow your computer down, but once it’s complete, your hard drive should be considerably quicker.
How does defragmentation work?
Defragging one’s hard drive should be done on an occasional schedule by PC and Mac owners. It can take anywhere from a few minutes to a few hours depending on the hard drive.
However, solid-state drives (SSDs) should NOT be defragged, as it will reduce their lifespan in return for a negligible performance uptick. Make sure you know which kind of hard drive your computer has before defragging.
DHCP stands for Dynamic Host Configuration Protocol. It is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers configured for a given network. DHCP assigns an IP address when a system with the DHCP client is started.
How does DHCP work?
DHCP assigns an IP address when a system with the DHCP client is started.
A digital certificate or identity key is normally issued by a web certificate authority and contains the sender’s public key verifying that the certificate is authentic and that the website in question is legitimate.
How does a digital certificate work?
Trusted certificates are usually stored on the client software, such as a web browser.
Certificate authorities and the digital certificates they issue are used to prevent man-in-the-middle attacks, in which a malicious party intercepts traffic heading to a server and pretends to be the intended receiver.
A digital signature is normally used in public key cryptography and validates the legitimacy of encrypted data. A digital signature is required to authenticate both the sender of the digital certificate and the authenticity of the certificate.
How does a digital signature work?
Whereas a digital certificate is used to verify the identity of the certificate holder, a digital signature is used to verify the authenticity of a document or message is authentic. A digital signature guarantees the message was not modified by a third party.
Domain spoofing or Domain hijacking
When a domain is hijacked or spoofed, it redirects users to an external website which can infect their computer or device with malicious programs.
How does domain hijacking work?
Domain hijacking is often used to harm the original domain name holder who is cut off from income generated by the site. It can also be used in phishing attacks against visitors who believe they are viewing the original website, when in fact it is a duplicate designed to steal their personal details. Sometimes these stolen domains are sold to third parties.
A drive-by download is a download that a person either unwittingly downloads or downloads without understanding the consequences of downloading the file from a website, email, or pop-up window.
How does a drive-by download work?
In the former situation, malicious websites use different techniques to disguise harmful downloads from antivirus programs, such as hiding them in iframe elements.
In the latter situation, drive-by downloads often take the form of counterfeit software. Java, Flash Player, and ActiveX plugin updates are all common lures to trick people into downloading malicious executable files that will install malware and other harmful viruses onto a computer.
DNS stands for Domain Name System. It syncs up web domain names (e.g. www.expressvpn.com) with IP addresses (e.g. 172.16.254.1), enabling users to use domain names to access IP addresses without needing to remember the IP addresses.
How does DNS work?
Think of DNS as a phone book for the internet associating phone numbers (IP addresses) with people (website URLs). DNS servers are maintained by a number of different entities, though most users default to the ones maintained by their internet service providers.
VPNs like ExpressVPN use their own DNS servers, which helps to hide user activity from the ISP and prevents websites from geographically restricting content.
DoS stands for Denial of Service. It’s a type of attack in which a website or network is overwhelmed with automated server requests, causing a shutdown of service to legitimate visitors.
How does DoS work?
If you picture internet traffic to be like real-world automobile traffic, then a DoS attack is a way to purposefully cause a traffic jam.
The biggest DoS attacks are actually DDoS attacks, which stands for Distributed Denial of Service. In this attack, the automated server requests are often sent from a botnet, or zombie computers infected with malware. The botnet attacks are “distributed” over thousands of computers around the world, wreaking havoc on the target servers when activated.
How does encryption work?
Encryption is a cryptographic way to hide the contents of files and network traffic using a cipher. Different types of encryption are called algorithms, each of varying strength and complexity against brute force attacks (guessing until you get the right key).
Encryption is the most common way to make files and communications on devices and the internet private. Individual files, internet traffic, and entire devices can be encrypted using widely available, open-source algorithms.
An exploit refers to code that takes advantage of a known software vulnerability to gain unauthorized access to a system.
How does an exploit work?
An exploit could take advantage of a bug, a backdoor, or some other security gap in order to take advantage of an unintended system behavior. Exploits typically exist in a system’s design and were not created by a virus or malware.
Exploits are often kept secret by hackers who discover them. If an exploit is published, the entity responsible for maintaining the system or program is usually swift to patch it.
File compression or data compression
To compress a file means to make it smaller by converting its data into a different format. Usually, it is put into an archive format such as .zip, .tar, or .jar. See also image compression.
How does file compression work?
Compression comes in two forms: lossy and lossless. Lossy compression removes bits it deems unnecessary to reduce file size, often resulting in lower quality music and video. Lossless keeps all the information of the original file, but usually can’t make files as small as lossy compression.
While compressed files are smaller, the stipulation that they must first be decompressed means they require more computing resources to use. A smaller video file that’s compressed requires more CPU power for a computer to play than a larger, uncompressed file, for example.
A firewall is a security system that regulates traffic into and out of a network. It can be used to block unauthorized entry from outsiders or to block insiders from accessing unauthorized content.
How does a firewall work?
Firewalls typically block or allow traffic based on the application being used and the device’s range of ports. A firewall can block specific programs or only allow a program to utilize certain ports to connect to the internet.
A firewall can be a security measure or a means of censorship or both, depending on the intention of the administrator.
FTP stands for File Transfer Protocol, a set of rules for transferring files on the internet. Some web browsers have a built-in FTP client, but there are also separate apps dedicated to FTP.
How does FTP work?
FTP allows the transfer of files directly to and from a server. One party is the server while the other is considered the client (even if it’s another server).
Connecting to a server via FTP usually requires a username and password. Transfers are typically encoded using an SSL algorithm.
GIF stands for Graphics Interchange Format, a bitmap image format. Limited to 256 colors, they are inconvenient for high-quality photos, but due to their support for animation GIFs have become a popular format for short, silent, looping videos on the internet.
How does a GIF work?
GIFs use lossless compression to reduce the file size of images, making them easy to share. Most GIF animations last no longer than a few seconds.
The pronunciation of the term is hotly debated, though the format’s creator (incorrectly) says the intended pronunciation uses the soft “J” sound instead of the hard “G”, so it sounds like “jif”.
The term hacker is commonly used pejoratively to describe a malicious person who gains unauthorized access to computer systems with criminal intent, but is also used positively by the coding community as a term of respect for any highly skilled programmer.
What does a hacker do?
Under the computer security umbrella, hackers are divided into three subgroups: white hat, black hat, and grey hat. White hat hackers aim to fix bugs and security vulnerabilities. Black hat hackers exploit those vulnerabilities to gain unauthorized access to a system or cause unintended behavior. Grey hat hackers fall somewhere in between.
More generally, a hacker can describe a skilled enthusiast or expert in a particular field, such as art or business.
HTML stands for HyperText Markup Language, the standard language for web pages on the internet. HTML is not a programming language like C++ or Python, but a markup language, meaning it defines the way text and other media is read by a web browser, i.e. which text is bold, which text is a heading, which text or which image is a hyperlink, and much more.
How does HTML work?
HTML is maintained by the Worldwide Web Consortium, which decides the standards and features of the language. HTML is currently in its fifth version, HTML5, though much of the content on the web was written in HTML4.
Tags are the elements of code that mark up text in an HTML file to be interpreted by the web browser into a web page. Examples include <p> for paragraphs, <h1> for headings, and <img> for images.
How do HTML tags work?
Tags should always be closed, denoted by a forward slash. At the end of a paragraph, for example, the closing tag in the HTML should be </p>. Some tags, such as images and line breaks, are often self-closing like so <br />. Failing to close a tag is considered poor style and can cause formatting issues.
Tags can contain attributes that contain more information about the text within them, such as the “alt” attribute for images and the “class” attribute that assists in CSS styling.
HTTP stands for HyperText Transfer Protocol, the set of rules that determine how web browsers and servers communicate with each other on the internet.
How does HTTP work?
HTTP is a request-response protocol. A client, such as a web browser, sends a request to a server, which responds with content such as a web page. This is an oversimplification, but gives a rough sketch of the core idea.
HyperText refers to text with references to other text or, put simply, links.
HTTPS is the secure version of HTTP. If a URL contains HTTPS instead of HTTP, it means that website uses encryption and/or authentication methods to secure its connection.
How does HTTPS work?
SSL/TLS, or secure sockets layer/transfer layer protocol, is the most common cryptographic protocol used to encrypt secure communications on the web.
Besides encrypting the information being sent between client and server, HTTPS also authenticates both parties using a public-key system to prevent imposters from intercepting communications.
A hyperlink (or just link) is a piece of text or image on a website that connects (or links) you to another page or file on the internet. Hyperlinks are conventionally distinguished from their context with an underline and/or a different color.
How does a hyperlink work?
Hyperlink derives its name from HyperText, the HT in HTTP. At its core, hypertext is text that references other text. The text that is linked is called “anchor text.”
Hyperlinks aren’t just used by humans. Web crawlers, such as the ones used by Google to index web pages, can follow hyperlinks to retrieve their documents and files.
IM stands for Instant Message, a message sent over the internet via any number of real-time chat applications.
How does IM work?
The most popular instant messaging apps today are for mobile devices, including Facebook Messenger, WhatsApp, WeChat, Telegram, Viber, and Line. Instant messaging apps are primarily text-based but have evolved to include voice, video, images, links, stickers, and more.
The internet is the global, publicly available network of smaller networks and computers within it. Not to be confused with the World Wide Web, which refers to the information space of pages and other content transferred over that network.
How does the internet work?
The internet is decentralized, meaning no one entity hosts or controls its distribution or content. About 40 percent of the world’s population has an internet connection. Any internet user can at any time, with permission, send and receive information and data from any other computer on the network.
An IP (or Internet Protocol) address is the numerical identifier for a computer on the internet. IP addresses are generally written as a string of digits punctuated by dots or colons as in 172.16.254.1 (IPv4), and 2001:db8:0:1234:0:567:8:1 (IPv6). IP addresses are often linked to geographic areas, allowing a website to identify the country and/or city from which a user is accessing the site.
How does an IP address work?
Any device that connects to the internet is assigned an IP address. This IP address is often used by websites and other web services to help identify users, although a user’s IP address can change if they connect from a different location, device, or if they use a VPN. See also DHCP.
IPv4 was long the standard type of address assigned to a device, but due to the fast growing number of connected devices, the number of IPv4 addresses is soon running out. IPv6 was created to solve this problem, as it offers a much larger range of addresses, but adoption has been hampered by compatibility issues and general laziness.
What is my IP address?
Wondering what your IP address is? Visit ExpressVPN’s “What’s my IP Address?” page and find out!
JPEG, which stands for Joint Photographic Experts Group, is an image file format popular on the internet for its ability to retain photo quality under compression. JPEGs are indicated by the file extensions .jpeg or .jpg.
How does a JPEG work?
JPEG is a lossy compression type, meaning it reduces the quality of the original image. JPEG is an ideal format for photos that feature smooth transitions of tone and color, but less apt for graphics, text, and drawings where contrast between pixels is sharp. JPEGs are also not the best format for repeated editing, as repeated compression will reduce image quality over time.
A keylogger is a piece of software that records a user’s keystrokes on a keyboard. Sometimes this is used for technical support, but other times it is used maliciously, without the knowledge of the user, to collect passwords and other personal data.
How does a keylogger work?
Keylogging is also known as keystroke logging or keyboard capturing. Most keyloggers are software based, meaning they run as covert applications on the target computer’s operating system. Some, however, are hardware-based, such as a circuit that’s attached between the keyboard and the USB input. A few are even firmware-based, installed into a computer’s BIOS.
MP3, or Mpeg audio layer 3, is a popular compressed file format for audio recordings. MP3s are indicated by the file extension .mp3.
How does an MP3 work?
MP3 is a form of lossy compression, meaning it sacrifices some of the original quality to save space. An MP3 can reduce the size of a digital audio recording by a factor of 10 to 1 without most listeners noticing the difference.
MP3s are often used by streaming music services like Spotify due to the low bandwidth required to play them without buffering, and because individual frames of sound can be lost in transmission without affecting the successfully delivered frames.
How does Malware work?
Malware is often embedded in or disguised as non-malicious files, and can run as a script, executable, active content, or some other form of software. The purpose of malware can be anything from a prank to a tool used to steal financial information.
Also called two-way authentication, mutual authentication is when both sides of a transaction authenticate each other simultaneously. Online, this is often used to prevent fraud by requiring both the user’s web browser and a web site’s server to prove their identities to each other.
How does mutual authentication work?
Both parties must prove their identities before any application data is sent. Mutual authentication the default mode of authentication in some encrypted protocols like SSH and IKE, but is optional in others like SSL.
In the context of computing, a network is a group of devices that communicate with each other, whether by physical cables or wirelessly. Networks range in scale from the connection between your computer and a wireless router, to the internet itself.
How does a network work?
When one device is able to exchange data with another device, they are said to be networked together. Connections between devices can be direct or indirect, with any number of nodes between two or more networked devices. A node can be any device on the network that sends, routes, or terminates data, including servers, routers, and computers.
A patch is a software update targeted to fix one or more vulnerabilities. Good software developers are constantly testing their code and issuing new patches to users.
How does a patch work?
A security patch is issued to close an exploit that can be taken advantage of to cause an unintended behavior in the software. Other types of patches fix bugs and add improvements. Most patches come from the original developer, but some are created by third parties.
Patches are often denoted by a software application’s version. For example, version 1.0 is the first complete version of a video game, but version 1.02 adds a patch to fix bugs and security holes. Patches can usually be downloaded and installed on top of an existing application, as opposed re-installing the entire application.
Phishing is the attempt to acquire personal information (such as a password or credit card number), generally for malicious purposes, by assuming the identity of a trusted authority. One common form of phishing is an email pretending to be from a user’s bank, asking the user to enter his/her online banking login information on another site.
How does phishing work?
Phishing is a homophone of fishing, a sport where bait is used to lure victims. Instead of using malware, a virus, or a hack to access private information, phishers rely on social engineering. That is, making someone believe something that is not true, usually by impersonating a trusted authority or an acquaintance in dire need of assistance.
Credit card information, usernames, and passwords are all common targets of phishing. Phishing can be guarded against by never giving up these types of information over unencrypted channels like email, non-HTTPS websites, and chat apps.
Pharming is the (generally malicious) attempt to redirect a user to an imposter website, either by altering a file on the user’s computer or by attacking the DNS server which converts URLs into IP addresses.
How does pharming work?
Users of eCommerce and banking sites are the most common targets of pharming. Users should look for a verified HTTPS certificate to authenticate the identity of a real website. This is often indicated by a green, closed lock icon and the letters HTTPS in the browser URL bar.
Antivirus and antimalware can often protect against pharming attempts that alter host files on the local computer, but they cannot protect against compromised DNS servers. A “poisoned” DNS server has been altered to direct users to a pharming website.
A podcast is a regularly updated series of audio files from a content provider, the modern analogue of a radio program. The term was coined as a portmanteau of “iPod” and “broadcast”, though today podcasts are commonly downloaded or streamed onto any number of smartphones and other mobile devices.
How does a podcast work?
Most podcasts come in either audio or video format, and can be viewed or listened to using a variety of applications depending on how they are distributed. These applications are often called “podcatchers.” Podcatchers can automatically download new episodes of a podcast so the newest content is always available on the device of the listener or viewer.
How do private keys work?
In asymmetric encryption, senders encrypt their files and messages using a public key, which can then only be decrypted using the private key. Private keys should be stored somewhere safe and hidden on the receiver’s device.
If a private key is lost or forgotten, anything encrypted using the paired public key can never be decrypted (at least not without considerable computing resources).
VPN Protocols are the methods by which your device connects to a VPN server. Some common protocols are UDP, TCP, SSTP, L2TP, and PPTP. Learn more about protocols.
A proxy is an intermediary server that allows the user to make indirect network connections to other network services.
How do proxies work?
Users can use the proxy server to request resources from other servers (files, web pages, etc.) as they would without one. However, requesting these resources via a proxy allows the user to remain anonymous online and helps them access restricted content if their actual IP is blocked by the content provider. This is because the request will appear to be from the proxy server’s IP instead of the user’s actual IP.
How does a public key work?
Public keys encrypt messages and files in one direction, meaning the public key used to scramble a file or message cannot be used to unscramble it. Decryption can only be accomplished by the receiver who holds the private key.
Public keys are often stored on local machines and on publicly accessible key servers. MIT, for example, hosts a searchable PGP key server used to encrypt email.
Rogue security software
Rogue security software is malware that poses as anti-malware software, often in an attempt to install additional malware or solicit money for its false services.
How does rogue security software work?
Both a form of scareware and ransomware, rogue security software manipulates victims through fear. Malicious websites often display popups or alerts that ask users to download trojan horses disguised as browser plugins, multimedia codecs, or a free service. Once downloaded, the trojan installs the rogue security software.
Ransomware describes malware that prevents a user from accessing normal functions of a system unless a ransom is paid to its creator.
How does ransomware work?
A typical scheme is for the ransomware to encrypt all of the data on a hard drive or server. The ransomware will display a message that says the data cannot be decrypted until the victim has paid a ransom in Bitcoin to a given Bitcoin wallet address. Once the payment is made, the victim will be sent a password to decrypt the data.
Data recovery is the process of using backups, e.g., from a hard drive or online storage, to restore lost data.
How does data recovery work?
The data could be lost due to hardware failure, file corruption, or accidental deletion. The process can restore data either onto the original storage device or onto a separate one.
Recovery can also refer to the process of regaining access to an online account. For example, a user might reset their password after forgetting it in order to log into their email account.
A router is a piece of hardware that directs traffic between networks, most commonly between a computer and the rest of the internet. Practically, the word “router” is often used as shorthand for “wireless router”, a type of router that also functions as a wireless access point.
How does a router work?
Routers use the DHCP protocol to assign IP addresses to each of the devices on their network. They are typically embedded directly on the device’s firmware and don’t employ software. The most popular router firmware brands are DD-WRT and Tomato.
How can I use a router to protect my devices?
ExpressVPN users can set up their VPN connection directly on a router’s firmware, which allows every device connected to automatically route their internet traffic through the VPN server.
RSS stands for Really Simple Syndication, and is a popular method for publishing regularly updated content on the internet. Instead of repeatedly checking a website for new content, a user can subscribe to an RSS feed using a feed reader or aggregator to receive automatic updates from that and other sites.
How does RSS work?
Information published through RSS can be text, audio, video, and images. This information is sent using an XML format that contains both the information itself as well as metadata such as author name and timestamp.
RSS readers can aggregate RSS feeds using web apps, native desktop clients, or mobile apps. Subscribing to an RSS feed is free and usually only requires the user to copy and paste the feed’s URI or searching for it in their preferred app.
A rootkit is a type of stealth malware designed to hide its own existence from detection. Because of this, rootkits are often extremely difficult to remove, and often necessitate completely wiping the hard drive and reinstalling the operating system.
How does a rootkit work?
The “root” in rootkit refers to the top level of administrative privileges that can be granted on a computer. Rootkits attempt to escalate its own privileges to root so there is effectively no higher level account that can remove them.
Once a rootkit has gained root privileges, it can access, modify, delete, and install software and files.
As opposed to asymmetric encryption, symmetric encryption requires the same key to encrypt and decrypt a message. Therefore both keys must be private in order to keep the message secure, unlike asymmetric encryption in which the key for encryption can be public.
How does symmetric encryption work?
The key must be exchanged between both parties. Symmetric encryption requires less computational power than asymmetric encryption but isn’t always as practical. For that reason, asymmetric encryption is often used to verify both parties, and symmetric encryption is used for actual communication and transfer of data.
Symmetric encryption can either encrypt the digits of a message one at a time as they are sent (stream ciphers), or encrypt the digits in blocks and send them as a single unit (block ciphers)
SMTP stands for Simple Mail Transfer Protocol, a standard set of rules for sending email through the internet. At the user level, it is generally used only as a sending protocol. For receiving, applications generally prefer other protocols like POP3 or IMAP.
How does SMTP work?
While not used by employed by user-level email clients, SMTP is often utilized by email servers and mail transfer agents.
SMTP connections can be secured by SSL, known as SMTPS.
Social engineering is the umbrella term covering scams like phishing, pharming, spam, and scams. Unlike other forms of malicious hacking that exploit a user’s software, social engineering exploits our natural tendency to trust each other.
How does social engineering work?
Social engineering is often employed by fraudsters to impersonate a trusted authority. The goal is to manipulate a victim into performing a certain action or giving up private information, such as a password or credit card number.
Spam is unwanted email, also known as junk mail. Modern email clients like Gmail automatically detect messages likely to be spam and sort it into a separate folder.
How does spam work?
Spam is often sent unsolicited to hundreds or thousands of people at once. Lists of email addresses are acquired by spammers through both legal and illegal means.
Spim is spam in instant message (IM) form.
Spit is spam over VoIP, e.g. Skype or Viber.
How does split tunneling work?
Practically, split tunneling allows you to access the internet while also accessing devices on a remote network, such as a network printer.
How does ExpressVPN use split tunneling?
The ExpressVPN App for Routers has split-tunneling capabilities, allowing users to select which devices connected to the router are protected by the VPN and which are simply connected to the internet.
The ExpressVPN App has a split-tunneling feature called “Connection Per App”. Users can select which apps will use the VPN and which apps won’t when their computer is connected to ExpressVPN.
ExpressVPN apps use split tunneling to give you the best of security and accessibility. Learn more about ExpressVPN’s Split Tunneling feature.
Spyware is malware that logs data from a user’s computer and secretly sends it to someone else. This data can be anything from a user’s browsing history to login names and passwords.
How does spyware work?
Most spyware is designed to monitor user activity, then serving them pop-ups and other targeted ads using the stolen information. Other types of spyware can take control of a computer and direct them to certain websites or installing additional software.
Most spyware can be guarded against using up-to-date antivirus.
Spear phishing refers to phishing targeted at a specific user or organization. Because of this targeting, spear phishing more likely to appear authentic to its victims, and is generally more effective at deceiving them.
How does spear phishing work?
Spear phishing attacks often impersonate someone acquainted with the victim. The goal is to manipulate the victim into divulging private information such as a password or credit card number.
Spear phishing is by far the most successful type of phishing attack, accounting for nine out of 10 successful attacks.
SSL stands for Secure Sockets Layer. It is the standard security technology for establishing an encrypted link between a web server and a browser, ensuring that all data passed between the web server and browser remains private and secure.
How does SSL work?
When a browser is connected to a site through SSL, the URL is prepended by HTTPS. SSL is the most common secure transfer protocol on the internet.
SSL is also built into the OpenVPN protocol, which is the default VPN protocol used by ExpressVPN and many other VPN clients.
A Trojan horse, or simply Trojan, is malware masquerading as legitimate software, named after the famous Trojan horse in which ancient Greek soldiers smuggled themselves into Troy. Trojans often act as a backdoor to give an attacker remote access to a user’s computer.
How does a trojan horse work?
The purpose of a trojan can range from destroying the victim’s system to using their resources as part of a botnet, extorting money, and stealing data. Up-to-date antivirus software and vigilance on the part of the user are the best defenses against trojans.
How does a URL work?
URL spoofing is the attempt to mislead a user to a different (often malicious) website by imitating or “spoofing” a legitimate URL.
How does URL spoofing work?
Sometimes spoofed URLs are accessed due to a bug in web browsers that lack the latest security updates. Other spoof URLs simply look similar to the original. For instance, the URL could transpose two letters in the hopes that the user won’t notice: www.experssvpn.com
Back to Menu
A computer virus is malware that replicates itself and infects computer data, files, programs, and systems, similar to its namesake that infects human bodies.
How does a virus work?
Viruses always attach themselves to other programs. A virus can make a computer slower, steal private information, take up disk space, corrupt data, display messages, spam the user’s contacts, and log their keystrokes.
Viruses can be guarded against using up-to-date antivirus software.
VPN stands for Virtual Private Network. It is an encrypted tunnel between two devices which allows you to access every website and online service privately and securely.
How does a VPN work?
A VPN routes all the internet traffic from a device through a server in a remote location, which is often chosen by the user. From there, the traffic arrives at the intended destination, masking the true IP address and location of the user.
Encryption is also a key distinguisher of most VPNs from other types of proxies. VPN traffic is encrypted so third parties cannot decipher it. These parties might include hackers, the user’s ISP, and government agencies.
In the context of computing, a vulnerability refers to a known weakness in a piece of software that could potentially be exploited by an attacker. Software developers generally test for vulnerabilities and release patches to fix them.
How does a vulnerability work?
Vulnerabilities often lead to security risks. If a hacker exploits a vulnerability, this is called a breach. However, not all vulnerabilities have exploits.
Vulnerabilities exist as a result of the design, implementation, or operation of the developer or admin, and are not created by the attacker.
VoIP stands for Voice over IP (Internet Protocol). VoIP is the internet equivalent of a telephone service, most commonly implemented by Skype and Google Hangouts.
How does VoIP work?
VoIP technology allows audio to be digitized and then sent over the internet so two or more parties can have a conversation in real time. It is a feature now built into most computers and smartphones.
ExpressVPN is a premier VPN client that offers best in class security with easy-to-use software.
How does a VPN client work?
A VPN client allows the user to choose the server location and often the protocol used, among other settings.
ExpressVPN is a premier VPN client that offers best in class security with easy-to-use software.
A web page is a file on a server that can be accessed by someone via the internet. Generally, this file is written in HTML and includes text, images or other media, and links to other web pages.
How does a web page work?
A web page differs from a website. A website is made up of multiple web pages, at the bare minimum an index page (more often called a home page). Each web page is stored as a single file on a web server, though it may integrate content from multiple sources.
Besides HTML, web pages can include code written in PHP, ASP, and Perl. Web page design, formatting, and style is usually governed by a separate CSS file.
A web server is a computer that stores, processes, and delivers web pages to clients who request them. This is usually done through a web browser which then displays the page to the user.
How does a web server work?
Web servers always use the HTTP or HTTPS protocol to communicate with clients. The term web server can refer to the server software or the entire host system, including the physical server and firmware.
Web servers primarily serve content, but they can also receive input from online forms and user uploads.
The goal of WEP was to implement confidentiality on par with a wired network. WEP was once the most common type of security used on Wi-Fi networks and is still very common despite its well-documented flaws. As a result, many devices–routers, computers, and smartphones–still support the deprecated algorithm.
Wi-Fi (a play on “Hi-Fi”) is a local area wireless technology that lets devices network with each other over radio frequencies.
A Wi-Fi hotspot is a physical location where you can connect your Wi-Fi-enabled device to the internet over a public wireless network. Be careful, though! While many Wi-Fi hotspots use WEP or WPA security protocols to encrypt your connection, others have no such security features, leaving you and your data vulnerable to malicious third parties.
How does a worm work?
Some worms are only created to replicate themselves and not do harm, though they all at least consume some bandwidth and disk space. More malicious worms carry “payloads,” which can destroy files, install backdoors, encrypt files, and install malware.
Worms are often spread through spam attachments. They can be protected against by not opening untrusted email attachments, keeping your device’s operating system and programs up to date, and installing up-to-date antivirus software.
How does WPA work?
WPA2 is the recommended security protocol for Wi-Fi networks. Devices can connect to a WPA-protected network with a password, security code, or using a Wi-Fi protected setup (WPS). However, routers that allow devices to connect using WPS enable a flaw that allows WPA and WPA2 to be bypassed.
WPA2 certification is mandatory for all devices that carry the Wi-Fi trademark.
XML stands for Extensible Markup Language and like HTML, is used to format and present information on web pages. However, unlike HTML it does not have a fixed set of formatted tags but instead acts as a meta-language. This flexibility allows webmasters to be able to construct their own markups.
How does XML work?
XML is used to structure data in a way that both machines and humans can easily read it. Several types of documents use the XML syntax, including RSS feeds, Microsoft Office’s latest document formats, and Apple iWork.
XML is extremely flexible, allowing users to create and nest their own tags and attributes. Developers create and develop many interfaces to help easily process XML data.