Skip to content

thoughts on online safety

December 14, 2010

I just watched this CNN video titled “stealing your identity in 45 minutes”
http://www.cnn.com/video/#/video/bestoftv/2010/12/11/exp.nr.digital.fingerprint.cnn

The host asks an expert to find out as much information about a certain man on the internet.  He started with just a piece of paper with a man’s
– login (username only, not password) and
– name

and in less than an hour, he found the man’s
– salary range
– home address
– home values
– picture
– credit card information: where he used, ideas of credit range
– social networking sites that that man uses
– where he shops

He says that usually he can find out more on average about a person given the two pieces of information he started with.  If he had more time and more tools, he says that he can find out “everything“, including:
– transaction history
– stuff illegal to share

To help protect yourself better, he suggests the following:
– stop thinking of the internet as a private space. “Everything you do is collected and profiled
– use encryption if you’re using wifi
– using https. “s” stands for “secure”
– using private mode in browsers

What this guy was able to do in under 45 minutes with one laptop and an internet connection is amazing, but it makes sense.

Internet is a public space, everything you do is collected. Why? Because these sites that you use want to “remember you” so that they can “serve you better in the future” (read: “keep track of your information so they can give you customized deals so you will buy more”). We give out our credit card information, our home addresses, and tons of other private information, not thinking twice about how they can be mis-used. Most people install anti-virus softwares and think that they are taking measures to protect themselves, but don’t understand that some things are not in their control. For example: what if those sites that you trust get hacked by malicious users, or they simply mess up?

Consider an online service called “Blippy” (http://blippy.com/).

From their website (http://blippy.com/about):

What is Blippy?

Blippy is a fun, free and safe site that lets you share your purchases and see what your friends are buying online and in real life.

What does it do?

Blippy lets you communicate about and share purchases with friends by syncing already existing e-commerce accounts to Blippy such as iTunes, Netflix, Woot, eBay and more.

So similar to how you post about “what’s happening?” on Twitter, you post about “what am I buying?” on Blippy.  Your credit card and debit card purchases are shared with your friends.  You enter your credit card account info on their site and start sharing your purchases. Hm.

Not surprisingly, somebody found a way to find the user’s credit card information via Google: http://venturebeat.com/2010/04/23/blippy-credit-card-citibank/ This is because Google indexed private information that Blippy displayed (due to sloppy coding on Blippy’s part) and made it easily accessible. Hmmmm.

This story shows 2 important facts:
1) we are moving toward a society that shares more and more information with others and tons of new technology emerge every day to make sharing easy
2) the information that you post online can be retrieved by people that you do not know and do not intend to share with

This is how it is.

How much do I really want to share online? Why? How much do I really need to share online? ” Ask yourself those questions next time you sign up for an account with one of these social sites.

For many people that don’t know what “https” is, how to enable encryption, how to use the private mode in the browsers, what is the best way to prevent others from stealing your online identity? Simple.

Stop posting personal information online, or stop using the internet.

Disclaimer: I am not an expert on online security. I am merely a programmer with some thoughts about the matter.

Advertisements
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: