Privacy policy

לעברית לחצו כאן

To switch from edit view to read view

To search in the Wiki

Home page > Privacy policy ‎‎


Data Collection

In NetFree, data is not collected even not temporarily or for support purposes, the user is the only one who can initiate such an action temporarily for support needs.

In other words, if the user has a problem or malfunction on a secure site, neither the service representatives nor the managers have the ability to know where he or she is surfing. But the user himself can launch the Trafic record tool, and receives a unique link to this temporary recording, the link he can send to support to help solve the problem.

Secured sites

Background

Any access to a remote computer is done using a predefined rule set (protocol). The two common protocols are the http protocol used for unencrypted communications, and the https protocol used for encrypted communication.

An example of unencrypted communication is browsing to a weather forecast site. The user asks to display certain data (for example: the expected weather in Jerusalem tomorrow), and the remote computer displays the answer visually.

An example of encrypted communication is browsing to a bank's website. The user asks to view certain data (for example, his current account status at the bank). The remote computer wants to verify that the applicant is entitled to access this data, which is done by a user name and password that the user must provide. In order to prevent a quote from foreign media, it is executed in a secure protocol that encrypts the media, which does not allow other parties to quote it. At this point, the remote computer knows that the user is allowed to view the data they are requesting, but the user can not tell if he is requesting the data from the remote computer of the bank, or from a remote computer who acts like the bank (impostor) and thereby stealing his or her password. Worse of this, one can "mediate" between the user and the bank, and look at the data and even change it. Here comes the Security certificate, which is a kind of hologram sticker affixed to the site and confirms: 1. The site is not an impostor but the real 2. Encryption of the data has not been "opened" before any users until they reach the user's browser.


Secure site filtering in general

Today, many sites use encrypted protocols, such as Google, e-mail services, banks, credit card companies, online shopping sites and many more.

Every filtering system needs to decrypt encrypted data. Encryption of encrypted communications requires the filtering server to re-encrypt it with its own certificate. This certificate that belongs to the filter service must be installed on the client computer to know that it is trustworthy, otherwise the browser will block the connection.

Installing a security certificate from a filtering service does not show the encrypted communication to anyone except the filter system.

The problem that the filtering system can have access to content (passwords, credit details, etc.) is actually by installing the security certificate (which exists in all the filtering companies), regardless of whether the filtering company chooses to filter the contents of the site or not. Even companies that choose not to filter certain secure sites, it is because of their choice, but if they want to collect credit information consciously on users, they can do it with a push of a button to filter or gather content without the knowledge of the user (advanced user can check the in the details of the certificate: if it is from the filter company, a decryption was done and the data were exposed).

Can you trust the filter company? So you have to know what the risk is. Certainly if there is a security vulnerability or an authorized high level with malicious intent, someone can lay a hand on the data. On the other hand, this is a computerized system that is an official supplier with all the regulations by law, and there is a commitment to strict security standards. It should also be remembered that all non-encrypted Internet traffic is exposed to the provider, and the information in it is sometimes not less sensitive than the encrypted sites.


Secured web site with NetFree

In NetFree any open secured site is defined as whether it is necessary to filter. Some sites, like Ravkavonline are not filtered, and the original certificate is not decrypted. On sites where there is a need for filtering then decryption is carried out and then encryption is signed by NetFree's Security certificate.

In order for the NetFree certificate not to be a rubber stamp for invalid certificates, the certificate is checked against the database Mozilla CA Certificate Store which is are very strict. If the certificate is valid, the encryption is done by NetFree's certificate, if the certificate is not valid according to the above database, the encryption is done using the method Self-signed certificate so that the customer receives a warning about an invalid certificate.


External links

terms-of-use in Hebrew