Protocols: Tubes Within Tubes
There are many services on the Internet, each defined by a protocol. To give a few examples:
- Most people use the Internet for browsing on web sites. Your browser uses the HTTP protocol for doing this.
- Another common use is email. Your email program uses the POP3 protocol, or possibly the IMAP protocol, to collect email, and the SMTP protocol to send email.
- You might open Skype and start a text chat, voice conversation, or video call; you are using a special protocol used just by Skype to communicate.
- If you share files (legally, one hopes!), you might be using the Gnutella or BitTorrent protocols.
- If you create a web site, you may use a special program to upload files to your web host. That program would use the FTP protocol.
A protocol is important because it is how all computers agree to communicate in order to accomplish a specific task. (Remember, a protocol is a set of rules and language that everyone agrees to use.) When a new service becomes available on the Internet, it might use a new protocol, especially if the service is not possible to do with existing protocols.
Each computer has the basic protocols built-in, and you can add more protocols by downloading software and installing it. For example, if you download Skype and install it, you have added another protocol to your computer.
While the physical network of computers forms the main "Tube" of the Internet, the protocols are like smaller tubes (or wires) inside that main tube. The protocols are important in that they make all of your activities possible. They establish rules which all computers will follow; this makes it possible for very different machines to work together smoothly to provide a service.
Once again, listen to Ted Stevens explain the Internet:
OK... Think of the Internet as a pipe or 'tube' (as Senator Stevens said). It might look like this:
If the Internet is a tube, then your computer is one slice of this "tube:"
Your computer has all the protocols of the Internet--web, email, chat, etc.--and when you add all the computers together, they make up the whole Internet "tube."
I think of this as the "Internet Salami" metaphor.
Another way of thinking about it is that protocols are rules for a game. Let's say that you are in a room where people are playing lots of card games—poker, gin rummy, go fish, seven bridge, dai fugo, etc. In order to play the game, you have to know the rules. If you learn the rules—the protocols—for a game, you can join in with the other players.
Note again that the World Wide Web is part of the Internet. The Web is based upon a protocol (HTTP) used within the Internet, so it is smaller than the Internet (or, the Web is a subset of the Internet).
Sometimes you log into a web site and you will see a change in the protocol: instead of http, you see https, often with a little icon of a padlock:
What does that mean?
What it means is that the site you are using is secure (not 100%, but much more than usual), in that it is much harder for others to see what you are doing, or fake the connection with a real website. That https and the padlock should make you feel more confident that your transaction is safe.
HTTPS stands for HTTP-Secure, and uses security protocols SSL/TLS to help ensure that your information is kept private and that you are communicating with the site you intended.
However, you should also be careful about the domain name itself. Very often, scammers will send you an email pretending to be from a bank, amazon.com, paypal, or some other service; the email will contain a link that may look like it's real, but if you read it carefully, is not real.
For example, notice the email message shown below. It seems to be coming from a real bank, and the link appears to have the correct domain name for the bank:
You will see that the printed link seems to have the domain name direct-certs.bankofamerica.com. However, if you hold the cursor over the link without clicking, most email programs will show the real link, which in this case shows the domain direct-certs.bankofamerica.com.cpoif.gs.cn, which reveals that this is in fact a domain in China (cpoif.gs.cn), with subdomains added to make it look like it is the real Bank of America domain.
If the domain name is not the real one, then the HTTPS security doesn't help you, any more than having uniformed guards and an alarm system in a building with a sign saying "BANK OF JPANN." If it's a fake site, security will not protect you!