Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll
Preview
Start a free Courses trial
to watch this video
Gain an understanding of the essentials of internet traffic with an animated model.
New Terms:
- Open WIFI -- A wireless network that is not protected with a password. Consider all traffic exposed to everyone else connected to the network.
- WIFI Router -- A device to provide a local wireless network for connecting to the internet
- Data Center -- A facility that houses servers and routes internet activity
- Internet Service Provider (ISP) -- A company that we pay to provide access to the web (e.g. Comcast, Time Warner Cable, Verizon).
- Node -- A device that internet traffic passes through on its way to the correct destination.
Related Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign upRelated Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign up
When we do a Google search for
movie show times, for
0:00
example, we may only consider this
an exchange between ourselves and Google.
0:02
When we get an email from a friend,
0:07
we may only think of it as communication
between them and ourselves.
0:09
The reality is that, many more people and
devices are involved in these exchanges.
0:13
And a lot more information often fairly
revealing information is transmitted.
0:17
Having a solid foundational grasp
of these flows can help us all
0:22
make informed decisions.
0:26
Let's build up our scene.
0:28
Consider you're in a coffee shop
in Portland, Oregon with a laptop.
0:30
For this example,
0:33
the coffee shop has an open WiFi, meaning
a password is not required to use it.
0:34
There are other people in the coffee
shop too, some with their own devices.
0:39
Each person is surfing the Internet,
browsing Facebook,
0:44
watching Netflix, reading CNN.
0:47
So we can add a data center
to represent those sites.
0:49
In reality, each of those companies would
have a presence in multiple data centers
0:52
located around the world.
0:56
But for simplicity, we'll think of them
as sharing a single, centralized center.
0:58
As we start to add the flows of traffic,
there's probably nothing too surprising.
1:03
We can add a few more elements to
get closer to how these flows work.
1:08
Let's add the WiFi routers,
the devices used to transmit and
1:12
receive the Internet signal to and
from our personal devices.
1:15
Let's add
the Internet Service Providers or ISPs.
1:19
These are companies like Comcast,
Time Warner Cable, and
1:22
Verizon that we pay to
provide access to the Web.
1:25
And in truth,
in order to pass all this traffic around,
1:29
there are additional nodes or
relay points between these parties.
1:32
Let's consider two scenarios, and work
through the flow of the Internet traffic
1:37
involved, including what's exposed and
the parties that might have access.
1:40
We'll look at a Google search and
receiving an email [SOUND].
1:45
If we break down the flow
of a typical Google search,
1:48
the steps would be as follows.
1:51
Open a browser to google.com,
1:53
enter the search terms into the text
field, example, movie show times.
1:56
Note the green lock and
the letters https in the address bar.
2:00
We'll go into detail about this later,
but for
2:05
now know that this means
your connection is secure.
2:07
[SOUND] The text is sent from
the laptop to the coffee shop WiFi,
2:10
to the local ISP,
to Google data center and processed.
2:15
And back through roughly the same path.
2:19
Note that the connecting
nodes have changed.
2:22
Movie showtimes for Portland,
Oregon is then shown in the browser.
2:24
The first thing to mention, is that a lot
of the activity on an open Wi-Fi network,
2:29
like this coffee shop, is exposed
to anyone else on the same network.
2:33
If this were a different search engine
that wasn't protected with HTTPS,
2:37
then another person in the coffee
shop could even see the search terms.
2:40
This may not be a big deal for
a search about movie times, but
2:45
I'm sure you can imagine more
personally sensitive searches.
2:49
The next point is that there are a lot
of hops that the traffic takes for
2:53
a full round trip.
2:56
While most of those nodes are secure,
it's worth noting that if an attacker
2:57
gained full access to one,
they could expose web traffic.
3:01
The ISPs have access to
that web traffic as well.
3:04
This is of course necessary for
3:07
them to forward the Google search
to the correct data center.
3:08
But some laws may allow ISP's to collect
and sell this information to anyone,
3:12
which can really make you think twice
about the web traffic you create.
3:17
And finally, the traffic arrives
at the data center for processing.
3:21
Because you used the Google engine
with HTTPS, the content of your search
3:24
was encrypted for privacy from the browser
all the way to Google servers.
3:29
Google then decrypts this content and
has access to it too.
3:33
It will provide the showtimes
as requested, but
3:37
it may also record a history of searches,
and even serve advertisements for movies.
3:40
We often accept this implicitly
when Google's services.
3:45
But it's worth calling out here so
we know who has access to our data.
3:49
Now, let's put others in the scenario.
3:53
A friend at home with a cell phone.
3:55
They're on their home wi-fi network,
protected with a password.
3:58
Now, let's consider the flow of
receiving an email from a friend.
4:01
[SOUND] The friend will open their
browser or email client on their phone.
4:05
[SOUND] They'll compose their message and
send it.
4:08
[SOUND] The message is sent from their
cellphone, to the wi-fi network,
4:11
to the ISP, a series of nodes,
email data center.
4:16
Another ISP,
another email data center, local ISP,
4:20
more nodes, coffee shop network,
and finally, the laptop.
4:24
The final points here are that there
are a lot more actors and devices in play.
4:29
Generally, this is just part of
the infrastructure but the more points of
4:34
contact there are, the greater the chance
for an attacker to read the email.
4:38
Also, the friend's wi-fi is
protected with a password.
4:42
So a neighbor, for example, wouldn't be
able to see the content of the email.
4:45
But let's say that they use
an insecure email service.
4:49
Even if they are protected in their home,
that email is now exposed to
4:52
all hops along the path, at least until
it arrives at your email service.
4:56
Security is difficult largely for
this reason.
5:01
It requires everyone involved to
do the right thing at all times.
5:03
While I would suggest a different coffee
shop, it's not really your fault for
5:08
trying to use the Internet.
5:11
You even used a secure search engine.
5:13
And I would encourage your friend
to change email providers.
5:16
Most major ones like Gmail and
Outlook are encrypted.
5:18
It's not really their fault either.
5:21
They just wanted to send an email.
5:23
And they even made sure that their home
network was protected with a password.
5:25
In both scenarios,
5:29
it just took one exposed link in the chain
to render the whole flow insecure.
5:30
Both of these scenarios also have
some secure solutions based on
5:35
end-to-end encryption.
5:38
You could browse the Internet comfortably
safe on an open wi-fi network,
5:40
using a VPN.
5:44
Your friend can encrypt that
email on their device for
5:45
you to decrypt on yours with no
one between able to read it.
5:48
No matter what network or
email provider was used.
5:52
We'll discuss these approaches
in later videos so that you and
5:56
your friends stay safe.
5:59
But these are not well known, or
particularly user friendly tools.
6:01
Which brings up one of the other main
reasons that security is difficult.
6:05
It's often a trade-off with convenience.
6:08
Just think of how inconvenient it is
to remember strong unique passwords for
6:11
each site you use.
6:15
In the next video, we'll explore how even
when the content of a message is secure,
6:16
the act of sending a message or
6:21
browsing online itself can reveal
a lot without you knowing it.
6:22
You need to sign up for Treehouse in order to download course files.
Sign upYou need to sign up for Treehouse in order to set up Workspace
Sign up