Choose Privacy Week – May 2-8, 2010


The first-ever Choose Privacy Week will take place May 2-8, 2010. It is a new program created by the American Library Association to help librarians organize events in their communities about the role that privacy plays in their lives, why privacy is important, and how their privacy can be compromised on a daily basis.

The 20 minutes video (whose trailer is posted here) will be a “program in a box” for libraries across America and will help libraries introduce their users to privacy issues today and spark much needed discussions.

For more information visit: PrivacyRevolution.org.

Five Minutes! Why Won’t You Invest 5 Minutes Learning About Facebook Privacy?

Do you like your job? A colleague of mine sure liked his but he got fired. A chain reaction that started with another colleague’s dubious photos shared on Facebook resulted in his termination. I have written about Facebook accidents waiting to happen in the past, but to no avail. Not a day goes by without a friend or a colleague describing a Facebook mishap that could have been avoided by simply knowing what is being shared. I have no idea how people invest so many hours on Facebook without learning the rules of the game. That is why I was happy to see that AllFacebook.com had released a video version of their updated privacy guide.

If people refuse to read – will they watch?

My Own Lil’ Privacy Crusade – Facebook Accidents Waiting To Happen

I have addressed my privacy concerns in the past, but every time I do that I am very careful not too come off as too strict or paranoid. Today I have witnessed how things people do in the virtual world can come back and bite them in the ass in the real world. Although it would have made a great teaching case, I will not be able to go into any details since it happened to people I care about.

Facebook is an amazing tool, and its privacy settings are excellent as they allows you to define exactly who sees what. You spend so much time on Facebook, is it too much to ask that you invest 10 minutes just one time to insure it does not ruin your life? I honestly don’t get it. Is it idiocy? Is it technophobia? Why insist on learning a lesson that so many others have learned before you?

Examples? Well, since I cannot go into that recent major one, let’s discuss other acquaintances of mine:

[singlepic id=232 w=200 h=200] [singlepic id=233 w=300 h=200]
Left: An acquaintance of mine who thought being naked in the toilet is something everyone should see. Right: An acquaintance of mine explaining herself after a recent ‘relationship status’ change made one too many friends ask her what was going on.

Convinced? Great! No need to delete any friends or photos. Just follow the simple instructions here: 10 Privacy Settings Every Facebook User Should Know.
Finished? Great, now pamper yourself by following the simple instructions here: How To Filter Out Facebook “Friends” Without Them Knowing.

All done? Now sit back and have a laugh:
httpv://www.youtube.com/watch?v=nrlSkU0TFLs

My Own Lil’ Privacy Crusade – Default Passwords

Do you have a cell phone?
Would you mind terribly if a stranger listens to your voicemail?
So why haven’t you changed the default ‘1234‘ password?
Do you have a wireless router?
Would you care if a stranger connects to your home network?
So why haven’t you changed the default ‘admin/admin‘ username/password combination?
Do you have a webcam system?
Would you mind terribly if a stranger watches your video feed?
So why haven’t you changed the default anonymous login?

People think of hacking as something done by Russian spies or by genius kids. No one thinks that most of the time the only thing you need is the default password. I honestly don’t get it – how difficult is it to change the initial password out of the box? Why live in the realm of uncertainty when peace of mind is just around the corner?
Here are a few examples to push you in the right direction:

Voicemail:
You would think that a 4-digit password combination allows for 10,000 possibilities, and since after 3 wrong tries the phone call is disconnected, then it would take too much time and too much money to crack the voicemail volt. That is only true in theory, since most people do not change the default 1234 or 1111, it would take exactly one phone call to get in.
Wanna bet? Can you wholeheartedly click this play button knowing there is zero chance of you hearing your own voicemail?

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.

Wireless router:
[singlepic id=177 w=320 h=240 float=right]Paying for your Internet service? Your neighbor used to do that but decided it would be wiser to use yours instead. Now, there might be legitimate reasons why you would not want your home network to use encryption, but can we agree on MAC address filtering as the bare minimum so that only the computers you know can use it? Even if you have a Jewish attitude of ‘All who are thirsty for bandwidth, let them come and drink my connection’ (a.k.a. ‘Kol dichfin’) – is it too much effort to change the default router password, so that no one will be able to configure it?
And don’t get me started on the legal ramifications of someone downloading copyrighted or illegal material using your bandwidth. Yes, I am sure after three years of trial you would probably be exonerated from any wrongdoing, but it sure would be a fun period until then. To quote Mister Rogers: ‘It’s a beautiful day in this neighborhood’.

Webcams:
You have a small business and you want to keep an eye on it from home, so you hooked up a video surveillance system. You have an aging mother and you want to keep an eye on her caretaker. That is all fine, but why risk someone looking in through the Internet peephole? Let your imagination run wild with the kind of people that might want to watch these video feeds. No imagination? Here are some visual aids captured today:

[singlepic id=178 w=253 h=253] [singlepic id=179 w=253 h=253]

P.S.
Since my aim is to educate people about privacy and not to teach them how to hack, I did not go into further details. Suffice to say that any one of you can easily enter these systems using your banged up computer and without buying any hardware or software.

My Own Lil’ Privacy Crusade – Case Study #1: Ruediger K.

When it comes to the right to privacy, most people I talk to just don’t get it. They do not understand it, do not know why it is needed, and do not seem to care much about it. I am not sure whether it is because they are ill-informed, or whether they genuinely do not care what information is known about them. As governments get more tracking tools, cell phone records, biometric data et cetera, it seems that the only people who care about this issue are either clinically paranoid – or accused of being paranoid. Most people just assume their information is safely secured and since they are not ‘bad people’ they have nothing to worry about.

I contend that it is not just ‘Big Brother’ we need to worry about – it’s the sheer unadulterated incompetence of people trusted with our information that really worries me. I have previously wrote about the Israeli Screen Actors Guild revealing private information about its members, like phone numbers, home addresses and social security numbers. A year has passed and nothing was done to rectify the situation.

At the risk of coming off as a stalker, I thought I may be able to promote the subject by publishing from time to time a case study of sorts and although I will redact any information that can uniquely identify the test subject, I hope that by just seeing what kind of information is out there, I would be able to knock some sense into people with regards to their own privacy and digital footprints.

Case Study #1: Ruediger K.

[singlepic id=169 w=525 h=267 float=center]
A tourist from Germany felt remorseful about taking a stone from a holy site in Israel, and sent it back in a parcel addressed to Israel’s Nature and National Parks Protection Authority, along with a letter explaining the situation and $200 for the trouble. The Parks Authority, for reasons beyond my understanding, contacted Maariv, Israel’s 2nd largest newspaper, who printed this story today, accompanied by a scanned image of the original letter. The image, albeit small, is clear enough to be read by anyone who cares to do so – turning this person’s private confession about stealing to public knowledge.

Information revealed:
Full name: Ruediger [redacted]
Home address: [redacted], Unterföhring, Germany
Email address: [redacted]@t-online.de
Sample of signature: [redacted]

Information deduced using Google:
Hobbies: Running

Information deduced using Facebook:
Current location: Grand Forks, North Dakota, USA
Family member: Rainer [redacted]