So it's not just Facebook that's full of holes and privacy issues. Twitter has been warned by the Federal Trade Commission for their "serious lapses in data security".

The FTC had originally accused the social media service of making private tweets and the login credentials of users easily available to "hackers" between January and May of 2009. During that time, someone was able to gain administrative access to Twitter's system (and therefore access to thousands of user accounts, passwords, direct messages, and more) simply by using password-guessing software. That user reset numerous user passwords, allowing others to access those accounts.

As is always the case, when not required to provide adequate security or privacy, most companies will do what they can get away with and no more. If there's no penalty for doing a bad job, don't be surprised when they don't.

The city obtained a transcript of Quon’s messages during an investigation to determine whether officers were using their pagers for personal messages. The transcripts showed that Quon had been exchanging sexually explicit messages with his wife, his girlfriend and another SWAT team member.

In the end, the US Supreme Court ruled that for government employees at least, there is no privacy for your use of government furnished equipment.

To me, this is no shocker. What does surprise me is that this made it all the way to the Supreme Court! This guy really wanted someone to blame since obviously someone who's cheating on his wife AND his two girlfriends shouldn't be pointing fingers at himself.

Australia has so much Big Brother nastiness going on, sometimes they make even the UK look tame!

The newest development comes where the government is demanding service providers to store all e-mail and possibly web browsing history for all its subjects citizens.

According to the directive, where internet access is concerned, this means the ISPs must retain the user ID of users, email addresses of senders and recipients of email, the date and time that users logged on and off from a service, and their IP address — whether dynamic or static applied to their user ID.

Like most ideas of this nature, it's sold with a plausible premise of catching criminals, but if innocent people are to accept such an invasion, it must first be shown that:

1. The data actually DOES help catch bad guys.
2. The data won't be abused and misused by the government.

In the US, we fail most consistently on the second. I don't know, but I'm going to guess that Australia's track record isn't a lot better.

As depressing as the privacy and security landscape gets around here, sometimes our European friends come out with laws that make us seem so much better by comparison.

While everyone knows child porn is a very bad thing, some people will use that to push big brother agendas that are way worse than the crime they try to prevent! But won't you please think of the children!?

Remember folks, perfect society is easily obtained! Just remove all privacy and freedom from EVERYONE and we'll easily be able to weed out the bad guys at any time. Sweet!

Apparently Yahoo! is set to publicize everything you do online to all your friends. If you're not excited about this thrilling change, you can opt out with a single button click (so they say), but it doesn't say where or how.

I logged in with an old account and here's what you're looking for:

Once you click that, here's what you'll see:

It will nag you to keep the setting or you won't be able to share everything you do... boo hoo. Click it and party.

Click the checkbox and you should be good until the next major settings change they hope you don't notice.

Note that I clicked around a bit and eventually I did get a screen that warned me about the change and let me opt out. Even if you see that screen, it's not a bad idea to follow the directions I listed above just in case. Anyway, here's what the alert looked like:

Make sure to uncheck each box here the click "Get Started"

This is the same as Google's normal search engine with a few important differences:

1. Searches are encrypted from your browser to Google. While Google still knows who you are and everything you search for, anyone between you and them no longer will (thus the magic of HTTPS). So now when you're on the road (cafe, hotel, airport etc), the people who run or are listening to that network traffic won't be able to see what you search for or what results Google sends back.
2. Any results you click will not forward a "Referrer" value. Normally, when you click a link, the page you visit gets to see where you just came from (called the referrer value). Since the page you came from was a Google search and the search terms are part of the URL, every page you visit gets to see the terms you used to find them. Google SSL removes that keeping your search terms private from websites you visit.

Combine this with the "private" browsing functions of all major Internet browsers and you'll leave little to no record of anything you search on your computer or the networks in-between. It still doesn't solve the problem of Google recording your search history against your will, but it's a great start!

Note that only web search and not others (like image search) are secured at this time, but Google may be looking to add those in the future.

One of the many problems of RFID technology is that they can be hacked and used to spread viruses.

The device, which enables him to pass through security doors and activate his mobile phone, is a sophisticated version of ID chips used to tag pets. In trials, Dr Gasson showed that the chip was able to pass on the computer virus to external control systems. If other implanted chips had then connected to the system they too would have been corrupted, he said.

Mostly, this hasn't received a lot of attention to date because the computing power of RFID has historically been very low. But as the technology progresses, the consequences of not securing them properly becomes higher and higher.]]> http://www.thegeekprofessor.com/researcher-points-out-the-risk-of-virus-infected-rfid-implants/feed/ 0 http://www.thegeekprofessor.com/facebook-now-changing-privacy-policy-in-the-face-of-public-hatred/ http://www.thegeekprofessor.com/facebook-now-changing-privacy-policy-in-the-face-of-public-hatred/#comments Tue, 25 May 2010 11:42:08 +0000 Jeremy http://www.thegeekprofessor.com/?p=1525 Mark Zuckerberg apologizes and says he'll do better.

It looks like it didn't take long for them to get the hint. Facebook will now be improving their privacy controls and policy.

From the CNN article:

Tech blogger Robert Scoble… equated the privacy outrage to both Facebook's complicated privacy settings and the company's inability to communicate why users should share their private information with the public.

No kidding. Well now Mark Zuckerberg has admitted to making some mistakes and promises to do better. We'll see.

]]>

Facebook has found itself facing some tough choices when it comes to the direction of the company, specifically revolving around user privacy. As most Netizens know, Facebook has faced harsh criticism in recent months—which may be coming to a head after having built up slowly over the years—regarding how it handles user information. Now, the company is left deciding whether it wants to revert to its old principles and go against founder Mark Zuckerberg's policy of forging ahead, privacy be damned.

Also this:

Luckily, there are now third-party tools that help users patch up their Facebook settings, such as the incredibly helpful bookmarklet from Reclaim Privacy that lets users see what their settings are and change them automatically. These tools shouldn't be necessary, however.

The Reclaim Privacy tool is very easy to use and effective too! I haven't checked the code personally to see if it's safe, but my virus scanner didn't blip at all and I have nothing in my profile that I'm worried about sharing publicly so there was little risk. Also, since the tool is completely open-source, I'm willing to bet that someone somewhere has taken the time to look it over and would have raised a flag by now.

The author could change the code at any time, but I suspect he's legitimately trying to build attention to his website and isn't looking to quickly become tossed aside by adding attack code. Still, use at your own risk.

Lastly:

It's unlikely that such a user-friendly utopia will arrive anytime soon, though, especially given Zuckerberg's now-legendary disregard for privacy. That said, Zuckerberg was the one who called last week's company meeting to discuss the current state of Facebook privacy and user trust, so it's possible that he's beginning to warm to the idea of giving users what they want.

Source: http://arstechnica.com/tech-policy/news/2010/05/facebook-privacy-comes-to-a-head-changes-may-be-imminent.ars

If you don't know what they mean by recent privacy issues, check out these:

Maybe it's because of things like that that led to this interesting result being found as a top result for Google's suggest feature:

How do I....Delete facebook?

Here's a nice consolidated list with screenshots to the hard-to-reach Facebook privacy controls.