Senators urge Facebook to change privacy settings

April 28, 2010

Washington (CNN) — Four Democratic senators called on Facebook CEO Mark Zuckerberg on Tuesday to reconsider the recent changes in its privacy settings and asked the Federal Trade Commission to streamline guidelines regarding privacy on all social networks.

“Now, users have less control over private information, and it was done without the users’ permission,” Sen. Charles Schumer, D-New York, said on Capitol Hill.

Schumer and Sens. Michael Bennet of Colorado, Mark Begich of Alaska and Al Franken of Minnesota sent a letter to Zuckerberg about Facebook’s decision to allow third-party sharing of users’ information.

“We are writing to express our concern regarding recent changes to the Facebook privacy policy and the use of personal data on third party websites,” the senators wrote. “The expansion of Facebook — both in the number of users and applications — raises new concerns for users who want to maintain control over their information.” Read the rest of this entry »


Facebook Killed the Private Life

April 25, 2010

Online security goes mobile

April 25, 2010

It’s a mobile, mobile mobile, mobile world: More and more of us are using laptop computers, Apple (AAPL)  iPhone’s, Research in Motion (RIMM) BlackBerrys, USB flash drives and other portable computing and storage devices in our day-to-day lives.

Many freelancers and consultants bring their laptops to Starbucks coffee shops, and treat it as their virtual office.

And it’s not just consumers and consultants who are adopting a mobile computing lifestyle.  Companies and government agencies are trying to become more agile and efficient, and increasingly are relying on productivity gains that come from a more mobile workforce.

According to industry analyst firm IDC, there will be over 1 billion mobile workers by 2011.  That means there will be at least 1 billion portable computing and storage devices that will contain work and personal data.  The overall productivity gains sound impressive, but have you ever thought about what could happen if one of those portable computing or storage devices were to be lost or stolen? Read the rest of this entry »


In digital world, we trade privacy for convenience

April 25, 2010

It only takes the touch of a finger to locate the nearest bank, purchase tickets for a movie or find directions to just about anywhere in the world.

The digital revolution has changed the way the current generation carries out everyday tasks. But some say that convenience has come at the price of your privacy.

Your personal interests and where you shop is valuable data for companies that want to effectively target their direct marketing. And it’s not just a matter of companies recording your IP addresses and credit card swipes.

“Almost anything you do in today’s society involves leaving a track,” said Doug Klunder of the American Civil Liberties Union. He’s the director of the ACLU of Washington’s Privacy Project. Read the rest of this entry »


Shopping online tips

April 11, 2010

Here’s a list of tips you should consult when shopping online. Print this page and keep it in a handy place so it will be easy to review before you order.

  1. Trust your instincts. If you don’t feel comfortable buying or bidding on an item over the web, or if you feel pressured to place your order immediately, maybe you shouldn’t.
  2. Be knowledgeable about web-based auctions. Take special care to familiarize yourself not only with the rules and policies of the auction site itself but with the legal terms (warranties, refund policy, etc.) of the seller’s items that you wish to bid on.
  3. Double check pricing. Be suspicious of prices that are too good to be true. Also consider carefully whether you may be paying too much for an item, particularly if you’re bidding through an auction site. You may want to comparison shop, online or offline, before you buy. Make sure there are not extra shipping or handling costs.
  4. Find and read the privacy policy. Read the privacy policy carefully to find out what information the seller is gathering from you, how the information will be used, and how you can stop the process. If a site does not have a privacy policy posted, you may not want to do business with it. If it does have a privacy policy, there will probably be a link to it from the seller’s home page, or it could be included with the Legal Terms.
  5. Review the return, refund, and shipping and handling policies as well as the other legal terms . If you can’t find them, ask the seller through an e-mail or telephone call to indicate where they are on the site or to provide them to you in writing.
  6. Make sure the Internet connection is secure. Before you give your payment information, check for indicators that security software is in place.
  7. Use the safest way to pay on the Internet. Pay for your order using a credit card.
  8. Print the terms. You should print out and date a copy of terms, conditions, warranties, item description, company information, even confirming e-mails, and save them with your records of your purchase.
  9. Insure the safe delivery of your item. If you’re concerned you may not be home when your package is delivered and that someone may take it if it is left on the doorstep, ask whether you can specify that the shipper must receive a signature before leaving the package. Or, it may be safer to have the package delivered to your office.
  10. Inspect your purchase. Look at your purchase carefully as soon as you receive it. Contact the seller as soon as possible if you discover a problem with it. Tell the seller in writing about any problems you have, ask for a repair or refund, and keep a copy of your correspondence.

http://www.safeshopping .org


Want to develop tough-to-crack passwords that resist infiltration? Follow these 10 rules:

April 11, 2010
  1. Avoid using dictionary words.  These passwords are easy for hackers to figure out using an electronic dictionary.
  2. Don’t use personal information.  Any part of your name, birthday, Social Security number, or similar information for your loved ones is a bad password choice.
  3. Avoid common sequences, such as numbers or letters in sequential order or repetitive numbers or letters.
  4. If the web site supports it, try to use special characters, such as $, #, and &.  Most passwords are case sensitive, so use a mixture of upper case and lower case letters, as well as numbers.
  5. Passwords become harder to crack with each character that you add, solonger passwords are better than shorter ones. A brute-force attack can easily defeat a password with seven or fewer characters. Microsoft has an online password strength checker atwww.microsoft.com/protect/yourself/password/checker.mspx
  6. To help you easily remember your password, consider using the first letter from each word in a sentence, a phrase, a poemor a song title as a password.  Be sure to add in numbers and/or special characters.
  7. Create different passwords for different accounts and applications. That way, if one password is breached, your other accounts won’t be put at risk too.  Do not use the same or variations of the same password for different applications.
  8. Despite admonitions to the contrary, one easy way to remember your passwords is to write them down and keep them in a securely locked place.  Never leave them on a Post-It note on your monitor, in an address book, in a desk drawer, or under your keyboard or mouse pad (or any other obvious place).
  9. Consider using a secure password manager. The Firefox browser has a password manager already built in.  The Firefox password manager and 4 others are reviewed at http://lifehacker.com/5042616/five-best-password-managers.
  10. If you have already established a password that is not strong, change it! Web sites have a variety of procedures that govern how you can change your password. Look for a link (such as “my account”) somewhere on the site’s homepage that goes to an area of the site that allows password and account management.

What are the risks of cloud computing?

April 11, 2010

When users store their data with programs hosted on someone else’s hardware, they lose a degree of control over their sensitive information.  The responsibility for protecting that information from hackers, internal breaches, and subpoenas then falls into the hands of the hosting company rather than the individual user. This can have many possible adverse consequences for users.

The privacy policy and terms of service of the hosting company should always be read carefully.  While generally lengthy and sometimes difficult to understand, they will provide a good outline of what the host can and cannot do with your information.  However, it is important to realize that most privacy policies and terms of service can and do change.  In fact, you may not have an opportunity to remove your information from the hosting site before such a change.

The location of the host’s operations can significantly impact a user’s rights under the law.  The location of the records might not be disclosed in the terms of service or might be changed without notice.  This could have substantial legal consequences.

Government investigators or civil litigants trying to subpoena information could approach the hosting company without informing the data’s owners.  The hosting company generally does not have the same motivation as the user to defend against disclosure of the information.

Some companies could even willingly share sensitive data with marketing firms. So there is a privacy risk in putting your data in someone else’s hands. Obviously, the safest approach is to maintain your data under your own control.

There is also a risk that the host might shut down its operations, declare bankruptcy, or sell the business to another provider.  What might happen to your data if that were to happen?

One of the problems with cloud computing is that technology is frequently light years ahead of the law.  There are many questions that need to be answered.  Does the user or the hosting company own the data?   Can the host deny a user access to their own data?   And, most importantly from a privacy standpoint, how does the host protect the user’s data?

So, before you utilize any cloud computing services, be aware of the potential risks.  And make sure that you carefully read the privacy policy and terms of service of the hosting company to become aware of your rights.