Resources for the global digital safety training community.
Credits
Last Updated 2015-03The purpose of this interactive activity session is to illustrate how information is requested and delivered online, demonstrating basic concepts of how the Internet works as a whole. It also helps participants understand much we expose about ourselves online.
Prior to the session trainer(s) will need to write the following words in big letters, on index cards or large post-it notes - each index card or post-it represents a “role” that a participant will play in this activity, so make sure that you create enough so that there is one for each person.
The Access Points will be the next step in the chain from the Researchers - they might be Access Points in a home, a library, or a workplace. You’ll need at least two - one to be a WiFi router, and the other a mobile phone.
Choose the number of researchers and queried webservers according to the number of participants you have; trainer(s), or any support staff, can help fill in if you fall short a bit:
This Activity has two scenarios - one required scenario for a standard connection, and a second optional scenario for connections using HTTPS and SSL. If using this Activity and Discussion for the Safer Browsing - HTTPS and SSL module, the second scenario is required.
Ask for 2-3 volunteers from the group to represent Researchers, and have them stand together on one side of the room. These volunteers will carry pens and notepads to represent they are researchers, and will use the notepads to write down requests of websites. Then, ask for 2-3 volunteers to represent popular Websites (e.g. Google, Yahoo!, Wikipedia, etc.) and directs them to stand together at the opposite side of the room.
If they are popular websites, they could wear cool sunglasses (up to the trainer).
Make an announcement to the group…
Help the remaining participants form a line between the Researchers and the Websites - for each of the researchers, request at least two volunteers to be Access Points. Announce that these peoeple are now Access Points, like a Wi-Fi router in their office or home.
Hand one of the Access Points an index card or post-it for that role; for the remaining participant, give them a post-it or index card that says Mobile Phone.
Trainer can use whatever they like to identify those acting as Access Points, such as asking the person to wear antennae. The more humorous the activity, the better it will be!
The remaining participants will play the other links in the “chain” of an Internet connection, with each person wearing or holding a card that identifies them as…
Trainers can decide how many cards to issue. The purpose is not for the participants to learn the terms, but for them to understand that no one connects directly to a website; there are many links in the chain. Participants should also gain a sense of having to circumvent at a national level.
Now, explain that we have all now formed a simulation of the Internet right in this very room - you’ll then guide participants through the following scenario:
Have participants pass their cards to the Access Point, the first link in the chain that is the Internet. The Access Point person will now have all the index cards with questions in their hand. Now ask the group…
Now you can respond…
…and so on, down the line. At this point, stop the traffic and ask Local ISP 1…
Ask Local ISP 1 to hand each card, one at a time, to the next person, National ISP 1 who calls out…
When people representing various Websites eventually receive their index cards, they should send a reply that begins…
…and then send them back. When Access Point successfully delivers each index card with its answer to each participant, they should congratulate themselves with applause! With participants still standing, the trainer can ask the participants…
Explain before moving onto the Discussion session, this is a very simplified version of what happens on the Internet and the kinds of information we include every time we click on a link. Instead of index cards, we send out “packets” that contain lots of data/code that can identify us.
This optional portion of the Activity illustrates the security that is provided by an SSL – also called HTTPS – connection. With the participants remaining in their original spots, the trainer will need an envelope that is large enough to contain one of the index cards. The envelope should have the labels “To” and “From” written on it.
Explain that, with the addition of the envelope, some information is still known – for instance that the Researcher is still writing to the website (e.g. Google or Yahoo!), but the content of what is being sent is not visible before it reaches its destination.
Ask the Researcher to repeat the steps of the original activity. As the envelope is passed from person to person, the trainer can ask each participant what they know about the envelope…
Explain that the most common secure connection is Secure Sockets Layer – or SSL for short, and this is now available from several popular email and social networking sites. It does not hide all information, but it does hide some.
Hand the envelope to one of the Researchers and ask him or her to place their index card inside. The trainer then asks the participant to fill in the “To” and “From” fields on the outside of the envelope before sealing it.
Explain that the Activity so far has helped illustrate what is exposed over an insecure or unprotected connection. We see most websites over this type of connection, though some websites offer is a more secure connection.
With the activity completed, trainers may wish to have participants sit in a circle or a semi-circle, so they can address one another. The following questions may help start the discussion. Trainers are welcome to add to this list or improvise as they see fit.