Eikonal Blog

2013.02.26

Facebook sinking even deeper

  • “Why I’m quitting Facebook” by Douglas Rushkoff (CNN; 2013.02.25) – http://www.cnn.com/2013/02/25/opinion/rushkoff-why-im-quitting-facebook/index.html?iid=article_sidebar
    • I have always argued for engaging with technology as conscious human beings and dispensing with technologies that take that agency away.

      Facebook is just such a technology. It does things on our behalf when we’re not even there. It actively misrepresents us to our friends, and worse misrepresents those who have befriended us to still others. To enable this dysfunctional situation — I call it “digiphrenia” — would be at the very least hypocritical.

    • Facebook does not exist to help us make friends, but to turn our network of connections, brand preferences and activities over time — our “social graphs” — into money for others.
    • The true end users of Facebook are the marketers who want to reach and influence us. They are Facebook’s paying customers; we are the product. And we are its workers. The countless hours that we — and the young, particularly — spend on our profiles are the unpaid labor on which Facebook justifies its stock valuation.
  • “Facebook Is Recycling Your Likes To Promote Stories You’ve Never Seen To All Your Friends” by Anthony Wing Kosner (Forbes; 2013.01.21) – http://www.forbes.com/sites/anthonykosner/2013/01/21/facebook-is-recycling-your-likes-to-promote-stories-youve-never-seen-to-all-your-friends/
  • “Why are dead people liking stuff on Facebook?” by Bernard Meisler (ReadWrite > Social; 2012.12.11) – http://readwrite.com/2012/12/11/why-are-dead-people-liking-stuff-on-facebook

2011.11.15

New Facebook machinations

Filed under: FaceBook, privacy — Tags: , , , — sandokan65 @ 13:12
  • Facebook Privacy section at EPIC (Electronic Privacy Information Center) – http://epic.org/privacy/facebook/
  • “Facebook to alter privacy practices following FTC ruling” by Greg Masters (SC Magazine; 2011.11.29) – http://www.scmagazineus.com/facebook-to-alter-privacy-practices-following-ftc-ruling/article/217775/
    • Users were deceived by Facebook, and now the social media giant is paying the price.
    • “Facebook is obligated to keep the promises about privacy that it makes to its hundreds of millions of users,” Jon Leibowitz, chairman of the FTC, said in a statement. “Facebook’s innovation does not have to come at the expense of consumer privacy.”
    • The FTC charges chronicle a number of misleading or untrue assertions about privacy that Facebook made, but did not keep, including: not warning users when a change to its “Friend List” allowed private information to be exposed; stating that third-party apps would not access personal information beyond what they needed to operate; claiming that the “Verified Apps” program certified the security of participating apps; promising users it would not share personal data with advertisers; and insisting that it complied with the U.S.-European Union Safe Harbor Framework that governs data transfer between the United States and certain European nations.
  • “Facebook Settles FTC Charges That It Deceived Consumers By Failing To Keep Privacy Promises” (FTC; 2011.11.29) – http://ftc.gov/opa/2011/11/privacysettlement.shtm
    • In December 2009, Facebook changed its website so certain information that users may have designated as private – such as their Friends List – was made public. They didn’t warn users that this change was coming, or get their approval in advance.
    • Facebook represented that third-party apps that users’ installed would have access only to user information that they needed to operate. In fact, the apps could access nearly all of users’ personal data – data the apps didn’t need.
    • Facebook told users they could restrict sharing of data to limited audiences – for example with “Friends Only.” In fact, selecting “Friends Only” did not prevent their information from being shared with third-party applications their friends used.
    • Facebook had a “Verified Apps” program & claimed it certified the security of participating apps. It didn’t.
    • Facebook promised users that it would not share their personal information with advertisers. It did.
    • Facebook claimed that when users deactivated or deleted their accounts, their photos and videos would be inaccessible. But Facebook allowed access to the content, even after users had deactivated or deleted their accounts.
    • Facebook claimed that it complied with the U.S.- EU Safe Harbor Framework that governs data transfer between the U.S. and the European Union. It didn’t.
  • “24 year old student lights match: Europe versus Facebook” by Kim Cameron (Identity Weblog; 2011.10.13) – http://www.identityblog.com/?p=1201/li>
  • Europe vs Facebook – http://europe-v-facebook.org/EN/en.html
  • “Facebook Ireland accused of creating ‘shadow profiles’ on users, nonusers” by Laura Locke (CNet; 2011.10.21) – http://news.cnet.com/8301-1023_3-20123919-93/facebook-ireland-accused-of-creating-shadow-profiles-on-users-nonusers/
  • “Facebook Patent to Track Users Even When They are Not Logged In to Facebook” by Bruce Scheier (2011.10.24)- http://www.schneier.com/blog/archives/2011/10/facebook_patent.html

Related here: Facebook privacy? What Facebook privacy? – https://eikonal.wordpress.com/2010/04/30/facebook-privacy-what-facebook-privacy/ | Facebook foolies – https://eikonal.wordpress.com/2011/05/12/facebook-foolies/ | Unending stream of Facebook privacy news – https://eikonal.wordpress.com/2010/11/22/unending-stream-of-facebook-privacy-news/ | More Facebook news – https://eikonal.wordpress.com/2010/10/08/more-facebook-news/ | Facebook monkeying again with user trust model – https://eikonal.wordpress.com/2010/09/22/facebook-monkeying-again-with-user-trust-model/ | Scan for your Facebook privacy – https://eikonal.wordpress.com/2010/05/23/i-want-you-to-scan-for-facebook-privacy/ | Facebook leaks users IDs to advertisers – https://eikonal.wordpress.com/2010/05/22/facebook-leaks-user-ids-to-advertisers/ | Facebook mulls U-turn on privacy – https://eikonal.wordpress.com/2010/05/19/facebook-mulls-u-turn-on-privacy/ | Mark Zuckerberg’s birthday present: Facebook in crisis – https://eikonal.wordpress.com/2010/05/16/mark-zuckerbergs-birthday-present-facebook-in-crisis/ | Temptest in a teapot – https://eikonal.wordpress.com/2010/05/15/1202/

2011.05.20

Reputation management

Filed under: FaceBook, infosec, opression, privacy, surveillance, tracking — Tags: , , , — sandokan65 @ 14:32

2011.05.17

Infosec pages at this blog

Filed under: infosec, privacy — sandokan65 @ 11:38

Related content at this blog:

2011.04.25

Steganography

Filed under: crypto, infosec, privacy, tools — Tags: — sandokan65 @ 14:45
  • “New Tool Hides Data In Plain Sight On HDDs” (SlashDot; 2011.04.25) – http://it.slashdot.org/story/11/04/25/1558237/New-Tool-Hides-Data-In-Plain-Sight-On-HDDs
      “A group of researchers has developed a new application that can hide sensitive data on a hard drive without encrypting it or leaving any obvious signs that the data is present. The new steganography system relies on the old principle of hiding valuables in plain sight. Developed by a group of academic researchers in the US and Pakistan, the system can be used to embed secret data in existing structures on a given HDD by taking advantage of the way file systems are designed and implemented. The software does this by breaking a file to be hidden into a number of fragments and placing the individual pieces in clusters scattered around the hard drive.”

2011.04.08

Geolocation

  • “SimpleGeo Makes Location Data Free, Complicates Smartphone Tracking Worries” by Kit Eaton (Fast Company; 2011.04.22) – http://www.fastcompany.com/1749262/simplegeo-makes-location-data-free-complicates-smartphone-tracking-worries
  • “Involuntary Geolocation To Within One Kilometer” 9SlashDot; 2011.04.08) – http://yro.slashdot.org/story/11/04/08/1245244/Involuntary-Geolocation-To-Within-One-Kilometer
      Schneier’s blog tips an article about research into geolocation that can track down a computer’s location from its IP address to within 690 meters on average without voluntary disclosure from the target. Quoting: “The first stage measures the time it takes to send a data packet to the target and converts it into a distance – a common geolocation technique that narrows the target’s possible location to a radius of around 200 kilometers. Wang and colleagues then send data packets to the known Google Maps landmark servers in this large area to find which routers they pass through. When a landmark machine and the target computer have shared a router, the researchers can compare how long a packet takes to reach each machine from the router; converted into an estimate of distance, this time difference narrows the search down further. ‘We shrink the size of the area where the target potentially is,’ explains Wang. Finally, they repeat the landmark search at this more fine-grained level: comparing delay times once more, they establish which landmark server is closest to the target.”
  • “Internet probe can track you down to within 690 metres” by Jacob Aron(NewScientist; 2011.04.05) – http://www.newscientist.com/article/dn20336-internet-probe-can-track-you-down-to-within-690-metres.html
      Online adverts could soon start stalking you. A new way of working out where you are by looking at your internet connection could pin down your current location to within a few hundred metres.
  • “Pinpointing a Computer to Within 690 Meters” by Bruce Schneier (2011.04.08) – http://www.schneier.com/blog/archives/2011/04/pinpointing_a_c.html

Related here:

2011.03.09

Privacy articles

  • Report: “Dispelling the Myths Surrounding De-identification” (Anonymization can still work) by Lauren Weinstein (Lauren Buzz; 2011.06.16) – http://bit.ly/lbH5PE by Information and Privacy Commissioner of Canada [PDF]
      “Recently, the value of de-identification of personal information as a tool to protect privacy has come into question. Repeated claims have been made regarding the ease of re-identification. We consider this to be most unfortunate because it leaves the mistaken impression that there is no point in attempting to de-identify personal information, especially in cases where de-identified information would be sufficient for subsequent use, as in the case of health research. The goal of this paper is to dispel this myth – the fear of re-identification is greatly overblown. As long as proper de-identification techniques, combined with re-identification risk measurement procedures, are used, de-identification remains a crucial tool in the protection of privacy.”
  • AOL search data scandal (WikiPedia) – http://en.wikipedia.org/wiki/AOL_search_data_scandal
  • “What the know” series of articles (The Wall Street Journal) – http://online.wsj.com/public/page/what-they-know-digital-privacy.html
  • “The privacy covenant is an illusion: How to regain control” by Chad Perrin (Tech Republic; 2011.04.18) – http://www.techrepublic.com/blog/security/the-privacy-covenant-is-an-illusion-how-to-regain-control/5351?tag=nl.e036

Related pages here: Privacy and digital liberties – https://eikonal.wordpress.com/2010/11/01/privacy-and-digital-liberties/|Personal computer security – https://eikonal.wordpress.com/2011/02/28/personal-computer-security/ | Online privacy tools – https://eikonal.wordpress.com/2010/12/25/online-privacy-tools/ | Unending stream of Facebook privacy news – https://eikonal.wordpress.com/2010/11/22/unending-stream-of-facebook-privacy-news/ | TSA folies – https://eikonal.wordpress.com/2010/11/16/tsa-folies/

2011.01.13

Declawing Cookies


Disabling Flash cookies (LSOs)

2010.12.29

WikiLeaks 2010

  • CableSearch – http://cablesearch.org/an attempt for an user friendly search engine of already published documents from Wikileaks.

On the leaks

Contents of leaks


Related here: Information disclosure sites – https://eikonal.wordpress.com/2010/02/25/information-disclosure-sites/ | ACTA – https://eikonal.wordpress.com/2010/07/16/acta/ | Law vs Technology – https://eikonal.wordpress.com/2012/05/16/law-vs-technology/

.

2010.12.25

Online privacy – tools

Filed under: infosec, privacy — Tags: , , , , , , — sandokan65 @ 15:48

Tools

Articles

2010.11.23

X-Ray Vans on US streets

It is time for tin-foil hats … and (tin-foil) whole-body uniforms.


Related here: “Surveillance, wiretapping, tracking, etc.” – https://eikonal.wordpress.com/2010/09/27/surveilance-wiretapping-etc/.

2010.11.22

Unending stream of Facebook privacy news

Filed under: FaceBook, privacy, surveillance — Tags: — sandokan65 @ 10:47

2010.11.01

Privacy and digital liberties

Organizations and sites

Blogs


Related pages here: Privacy articles – https://eikonal.wordpress.com/2011/03/09/privacy/ | Personal computer security – https://eikonal.wordpress.com/2011/02/28/personal-computer-security/ | Online privacy tools – https://eikonal.wordpress.com/2010/12/25/online-privacy-tools/ | Unending stream of Facebook privacy news – https://eikonal.wordpress.com/2010/11/22/unending-stream-of-facebook-privacy-news/ | TSA folies – https://eikonal.wordpress.com/2010/11/16/tsa-folies/

2010.10.08

More Facebook news

Filed under: FaceBook, privacy — Tags: — sandokan65 @ 10:44

2010.10.07:

2010.10.06:

2010.08.16

Schneier’s taxonomy of data used in social networks

Filed under: FaceBook, infosec, privacy — Tags: , — sandokan65 @ 14:34
  • “A Taxonomy of Social Networking Data” by Bruce Schneier (IEEE Security & Privacy; July/August 2010) – http://www.schneier.com/essay-322.html

    • Service data is the data you give to a social networking site in order to use it. Such data might include your legal name, your age, and your credit-card number.
    • Disclosed data is what you post on your own pages: blog entries, photographs, messages, comments, and so on.
    • Entrusted data is what you post on other people’s pages. It’s basically the same stuff as disclosed data, but the difference is that you don’t have control over the data once you post it — another user does.
    • Incidental data is what other people post about you: a paragraph about you that someone else writes, a picture of you that someone else takes and posts. Again, it’s basically the same stuff as disclosed data, but the difference is that you don’t have control over it, and you didn’t create it in the first place.
    • Behavioral data is data the site collects about your habits by recording what you do and who you do it with. It might include games you play, topics you write about, news articles you access (and what that says about your political leanings), and so on.
    • Derived data is data about you that is derived from all the other data. For example, if 80 percent of your friends self-identify as gay, you’re likely gay yourself.

2010.05.23

I want you to scan for Facebook privacy

Filed under: FaceBook, privacy — Tags: , , — sandokan65 @ 12:12
I want you to scan for Facebook privacy

"I want you to scan for Facebook privacy"

2010.05.22

Facebook leaks users IDs to advertisers

Filed under: FaceBook, privacy — Tags: , — sandokan65 @ 00:53

“Facebook, MySpace Confront Privacy Loophole” (WSJ.com, 2010.05.21) – http://online.wsj.com/article/SB10001424052748704513104575256701215465596.html


    Facebook, MySpace and several other social-networking sites have been sending data to advertising companies that could be used to find consumers’ names and other personal details, despite promises they don’t share such information without consent.

    … Most social networks haven’t bothered to obscure user names or ID numbers from their Web addresses, said Craig Wills, a professor of computer science at Worcester Polytechnic Institute, who has studied the issue.

    The sites may have been breaching their own privacy policies as well as industry standards, which say sites shouldn’t share and … See Moreadvertisers shouldn’t collect personally identifiable information without users’ permission. Those policies have been put forward by advertising and Internet companies in arguments against the need for government regulation. …

    … For most social-networking sites, the data identified the profile being viewed but not necessarily the person who clicked on the ad or link. But Facebook went further than other sites, in some cases signaling which user name or ID was clicking on the ad as well as the user name or ID of the page being viewed. By seeing what ads a user clicked on, an advertiser could tell something about a user’s interests. …

    …”If you are looking at your profile page and you click on an ad, you are telling that advertiser who you are,”…

2010.05.19

What Internet Knows About You

Filed under: privacy — sandokan65 @ 13:05

http://www.whattheinternetknowsaboutyou.com/

Facebook mulls U-turn on privacy

Filed under: FaceBook, privacy — Tags: , — sandokan65 @ 12:54

“Facebook mulls U-turn on privacy” (BBC News, 2010.05.19) – http://news.bbc.co.uk/2/hi/technology/10125260.stm

2010.05.16

Mark Zuckerberg’s birthday present: Facebook in crisis

Filed under: FaceBook, privacy — sandokan65 @ 16:44

“Mark Zuckerberg’s birthday present: Facebook in crisis” (The Daily Maverick, 2010.05.16) – http://www.thedailymaverick.co.za/article/2010-05-13-mark-zuckerbergs-birthday-present-facebook-in-crisis

Older Posts »

Create a free website or blog at WordPress.com.