Privacy

Google lets everyone be Big Brother

acohill — Fri, 11 Jul 2008 07:04:54 -0700

Google is busying driving cars with cameras mounted on top all over England, taking pictures of every single house in the country. Google promises to obscure significant details, which has led to bizarre photos with people's faces blurred out. A lot of British citizens are outraged, since anyone with a Web browser will be able to snoop around the front of your home from a distance. It sounds like a lovely tool for burglars, who will no longer have to risk driving through neighborhoods to case houses--they can do it from the safety and security of their own home.

Ditto with nosy neighbors, stalkers, and anyone else who might be disgruntled or angry. It's hard to understand what value Google is adding here. One might argue this might be quite useful for stores, who want customers to be able to find them easily, but the main effect of this new Google service would seem to be just another opportunity for Google to sell ad space. Google's corporate motto (Don't be evil) more and more just seems to be a sick joke. Google seems determined find a way to usurp every kind of information in the world, turn it into proprietary intellectual property, and then sell ad space.

Is Google Health healthy?

acohill — Tue, 20 May 2008 05:36:36 -0700

Google has announced its long promised Google Health service, which stores your medical and drug records on Google servers. You get to set your own userid and password, and Google makes a big deal about the high level of security on their servers. But I don't think the biggest privacy concern is from hackers--I think Google CAN keep the servers secure.

What I worry about is Google simply nosing through everyone's health records, looking for data that can be sold, repackaged, or re-purposed for advertisers. Yes, the company has a security and privacy policy, but they are also free to change it anytime they like, after many of us have given them all our health information. The service is not bound by HIPAA (Health Insurance Portability and Accountability Act) rules, which would require Google to notify you, if for example, someone or some entity tried to subpoena your health records. "Free health record storage," however convenient it may be, is not free; the price one pays is giving up more privacy.

"Whaling" is newest kind of spam attack

acohill — Tue, 06 May 2008 10:10:14 -0700

"Whaling" is a new form of phishing attacks. It is called whaling because the spam emails are carefully targeted towards big fish, or whales. Spammers have been sending carefully crafted emails that look like an official U.S. Federal Court sub poena. Clicking on the link embedded in the email secretly installs a keystroke logger on your computer which then sends userids, passwords, and credit card numbers to the spammer.

We actually got one of those sub poenas about two weeks ago, and it certainly looked official. But sub poenas are usually delivered in person, and so after looking closely at the email and some of the links, we quickly determined it was spam.

Where has our privacy gone?

acohill — Mon, 25 Feb 2008 06:01:38 -0800

This article highlights a dark side of the Web, where blogs, FaceBook, YouTube, and MySpace, among others, makes it easy for people to be cruel. It is becoming common for students to post cruel, slanderous, and/or profane online content about their teachers. And it is not just teachers that are are the object of this cruelty. Students are "cyberbullying" other students, and even some warped adults are posting cruel comments about students that are somehow competing with their own children.

We have failed to teach our kids, dare I say, manners, and the ease of use of this new technology combined with that lack of manners, has led to the notion that it is okay to post whatever one feels like, regardless of the affect on the person to which the content is directed.

In the article, it is noted that some teachers are responding with civil lawsuits, and some schools are suspending or expelling students for their actions. Parents that are not paying attention to their children's online activities may find themselves paying legal fees and/or expensive financial settlements to the victims.

Wireless keyboards a security risk

acohill — Tue, 04 Dec 2007 07:04:24 -0800

Those handy wireless keyboards are a security risk. Researchers have discovered that they easily monitor every keystroke sent from a wireless keyboard to the computer. The keyboards use a very weak form of encryption that can be easily monitored using an inexpensive radio receiver from as much as thirty feet away, and the encryption algorithm is easy to crack using virtually any computer--no special supercomputer required.

This means hackers can easily monitor your keyboard and filter for passwords, credit cards, and other personal information.

Corporate spam collusion

acohill — Wed, 17 Oct 2007 07:27:59 -0700

I have an American Express business card, and got an email to take part in an online survey. I spent ten minutes or so answering questions about my satisfaction with the company. Many of the questions were related to promotional offers and other solicitations the company sends out. Fine so far.

The last page of the survey thanked me for my participation, and offered me a $15 gift card from Amazon, if I would enter my email address. I don't buy from Amazon because I don't like the way they use and resell customer information, so I tried to click past this page and complete the survey. I could not.

So I have to assume that Amex probably negotiated a deal with Amazon. "You give us some $15 gift cards that we can use to make it look like we are giving our customers something of value, and in return, we'll harvest email addresses so that you can spam our customers for the rest of their lives."

What makes this so sad and pathetic is that the survey was about the amount of unsolicited offers the company sends out, and whether or not Amex users thought it was too much (or too little, though I doubt anyone checked that box). So the "reward" for answering the question, "Do we send you too many unsolicited offers?" is to manipulate us into signing up for more spam.

The way the survey was designed, you could not complete the survey without entering an email address. So I just closed the browser window. I then went to the American Express Web site to try to find out who I could complain to, and of course, there was no way to do that. All they had was a Web form and no indication of where the inquiries go or who might read them.

This is all symptomatic of a bigger issue that we see mostly with large corporations, who have simply abandoned real customer service simply because the technology allows them to. Bean counters "prove" how much money can be saved by firing customer service reps and replacing them with voice response systems (which rarely work). They "prove" how much can be saved by eliminating all contact information from company Web sites. But it seems that few CEOs ask the converse question: "How much business are we losing by alienating our customers with lousy service?"

Why is there a steady increase in the creation of new, small businesses? In part because technology enables small businesses to compete with big businesses, and in part because big businesses do such a fine job of driving customers away by the mis-use of technology and complete disregard for customers.

But wait, there's more. I tried to call Amex to get a mailing address so I could write a letter about this, and after fighting the voice response system for a while, I got a live person--from some other country! With an accent so thick that I could barely understand them. They had to literally spell out, letter by letter, the entire address. After two or three tries on each word, I still did not have the correct address and gave up. But I was able to use what information I did have to do an online search and make corrections. My prediction: Like many other companies, Amex will eventually discover that offshoring customer support hurts the bottom line, and will bring that operation back "onshore." There is a booming new kind of job opportunity, where customer service reps work directly from their homes for these kinds of customer service operations. It's a great opportunity for workers in rural areas....if they have reliable, affordable broadband.

The government can turn off your car

acohill — Wed, 10 Oct 2007 06:52:27 -0700

It must have been a slow news day yesterday. During a long drive, I heard a news story on the radio at least ten times. It was about a new capability added to GM cars and trucks equipped with Onstar. The vehicle can now be turned off remotely. The news story was all about what a boon this was going to be to law enforcement officials, who could request that the friendly Onstar person turn off the engine in a car begin chased by the police.

This sounds benign enough until you start thinking about it a bit. Suppose you get behind on your car payments. Will the bank be able to ask Onstar to disable your vehicle until you pay up? Suppose you owe back taxes; can the IRS request that your vehicle be disabled until you pay? Owe a traffic ticket? Can the local police department, which already knows what vehicle you are driving from the ticket, request that your vehicle be disabled until the fine is paid?

What I have not been able to determine yet is whether or not the vehicle owner can disable this option. If the owner cannot turn this option in the vehicle itself, it is a major privacy issue and a property rights issue. If the government can decide when you are able to drive a car you purchased yourself, you really don't own the car anymore. The government does, and can decide what you do with the vehicle and when you can and cannot drive.

FaceBook turns search on

acohill — Wed, 12 Sep 2007 05:56:46 -0700

USA Today reports (page 3B) that FaceBook is planning to allow search engines to index the site. This means that what people thought was not searchable may become public, depending upon the rules FaceBook sets up for crawling by the search engines. At a minimum, FaceBook will allow indexing of names and photos unless users choose to opt out.

FaceBook users are already up in arms. The opt out option requires users to do something to keep their information off search engines, and privacy advocates generally prefer opt in strategy that don't require users to remember to select a specific setting.

Facebook easy pickings for identity theft

acohill — Wed, 15 Aug 2007 06:17:22 -0700

A study by research firm Sophos indicates that Facebook users are very willing to give personal information to complete strangers. The firm set up a fake Facebook entry and then made "friend" requests to hundreds of other Facebook users. Most of them happily revealed enough personal information (family names, photos, etc) to make it easy to steal that person's identity, according to Sophos. Among the items Facebook users were willing to share was their full date of birth, which is used by many organizations to validate identity.

Congress wants to own our devices

acohill — Fri, 03 Aug 2007 06:31:35 -0700

Mark Pryor (D-Ark) has decided that Congress and the Federal government should decide what we can and cannot see on our TVs, cellphones, and portable media devices. Pryor is sponsoring a bill that would require the FCC to develop a "super V-chip" that would have to be installed in every device that connects to any third party network, including the network.

There are so many things wrong with this that it is hard to know where to start. First, adding this sort of flawed technology to every single electronic device would raise the cost of everything. And remember that we are rapidly moving towards a time when every single electronic device we own (radios, phones, TVs, computers, music players, etc. etc. etc.) all have some kind of connection to networks. The cost of implementing this would be staggering, and we would get to pay for this with higher prices.

It also beggars belief that we would want FCC bureaucrats in Washington D.C. to decide what we can and cannot look at. Pryor is wrapping this in the usual "it's for the children" bait and switch language, but it would give the Federal government total control over the media. The V-chip was a dumb idea from the start, but if you squinted hard, you could dimly see some kernel of justification for it, since in 1996 a lot of us still got TV over the airwaves, which was still heavily regulated by the FCC. With all the alternative ways to get news, information, and entertainment today, the FCC is hardly needed to "protect" us.

Pornography is a scourge, but as more and more communities move toward an open services model for delivering media, the open market will take care of this problem quite neatly. In open services networks, some Internet access providers will be able to cheaply and easily sell "family friendly" Internet access with all sorts of parental controls built in. It will be quicker, cheaper, and easier than any government-mandated solution, and it will work better. That's the right way to do it.