Hardly a week goes by without a report of some new virus or other security risk on the Internet. Microsoft's Internet Explorer was a particularly fertile ground for bug-hunters, as is explained. Depending on whom you talk to, browsing the Internet is as safe as a walk in the park, or as dangerous as a walk alone at night in Central Park.

Is your data being read by prying eyes? Intercepted by third parties? Altered or obliterated by crooks or pranksters? How concerned should you be, and what exactly is at risk?

D ata can be compromised while it resides on your computer or during transmission from one place to another. (To see why transmission is so risky, see this explanation of.)

The best way to secure your data from outsiders is via encryption. The goal here is to prevent others from accessing it or, as a last resort, preventing them from reading it or tampering with it if they do succeed in accessing it. Encryption works on the principle of a lock and key. The lock is the encrypted data; the key is a number. The number can't be derived from the encrypted data, so the lock can't be opened without the key.

The simplest and most effective kind of encryption is single-key encryption: The author puts his data in a box, locks it, and sends it to an audience that already has a copy of the key. Single-key encryption works fine for broadcast situations such as a military command sending orders to its units, but not so well for two-way interactions. Public/private-key encryption provides an elegant solution to the problem. Under public/private-key encryption, everyone gets an individual lock with two keys. One key locks it, the other key unlocks it, and you can't derive one from the other. If Bill wants to send Joe mail, he locks it with Joe's public key, which is available for all the world to see. Now it is locked, and only Joe can unlock it with his private key, so only he and Bill can know the contents. Unfortunately, there is currently no standard way for someone to get or publish a key, which is one reason encrypted e-mail is not common today. PGP (Pretty Good Privacy) is a free utility that lets you do public/private-key encryption.

E ncryption comes in different strengths, denoted by the size of the numeric key. The bigger the key, the harder it is to break the encryption (pick the lock). Since encryption inhibits the ability of the government to spy on private dialogues, there are public-policy issues surrounding encryption. This is another reason encrypted e-mail is uncommon today, a topic which David Plotz covered in an earlier "The Gist" in Slate. SSL (Secure Sockets Layer), an Internet standard for encrypting data, is built into recent versions of Microsoft's Internet Explorer and Netscape's Navigator. But because encrypting and decrypting data is fairly slow, SSL tends to be used only where privacy really matters--typically, electronic commerce.

Sometimes it's desirable to have data that are publicly available, but untamperable. For instance, the government publishes a crop report that a commodity broker then passes on to a client. How can the client know that the broker hasn't altered the report? Digital signatures solve this problem. Mathematics can reduce any document to a few unique numbers--the signature. Changing the original data in any way results in a different signature. This signature is then encrypted with a private key. Using a public key, anyone can confirm that the signature matches the document. The document can't have changed because the signature is the same, and the signature can't be forged because only the creator has access to the private key that encrypted it.

What about protecting the data on your hard drive? Typically this is done at the operating-system level by restricting access to certain users. Ideally, users would carry around giant numeric keys to identify themselves, but computer marketers could never sell that solution. In the end, most systems identify users by passwords. Users enter their names and passwords. The name is public, but the password is private. The simplicity of the system is its power. While an encrypted document gives a code breaker something to analyze, an empty password prompt is simply empty.

Unfortunately, computer users betray themselves. Anecdotal evidence shows that most passwords are birth dates of family members, maiden names, favorite sports teams--things that are easy to guess. That's why the best passwords aren't real words, but combinations of letters, numbers, and punctuation. The best password contains enough nonsense so that no one can guess it, but not so much nonsense that you can't remember it. And therein lies the other problem with passwords: People forget them. This is so common that, for every network, there is someone (the system administrator) who has the power to retrieve or change your password. The world's best password is useless if the system administrator's password is easy to guess, or if someone can get her drunk or blackmail her. But the alternative is frightening, which is why we don't encrypt our hard drives with the password as our key. If we lost the key, that would be that.

The greatest perils to your precious data are the programs you've installed on your computer. Who hasn't accidentally told a computer to delete the wrong file or stood by helplessly while the operating system crashed and took all the files with it?