Final Online Privacy Blog - MGMT 3601

The ideas and concepts in this class have been extremely interesting and captivating for me personally. I understand that as our technology grows so will our network, allowing people to contact each other in new ways all the time. The idea of a network has been discussed in a positive light for the most part in our entire class because we have all seen its benefits personally. Our generation has been using computers for as long as we can remember and children still continue learning to use electronic devices at younger ages ever year. This concept has lead to people creating Facebook profiles for their children and creating a online identity for them before they have even become old enough to speak. I personally believe that we are going to become so intertwined in our online identities and networks that we will become uninterested with our actual reality. For some this is already true, many people lead different or more exciting lives on the internet than they do in real life. Whether they create a famous blog, youtube video, website, fake Facebook account or any other form of online identity, the individual is become less of an offline identity. This could also relate to the way that hacktivists work and still have day jobs when they are not hacking. Hacktivism is another subject I have further expanded my knowledge on because of this class. I feel like there is so much that could be covered in this class that it is difficult to contain it all in one semester. I have now written 10 blogs on online privacy and could definitely keep writing more on the subject because it never stops changing. The main thing I have learned from our information network is that you can never be too safe on the internet or believe everything you see.

Intermediate Network Tools

Intermediate network tools are the only type of censorship I have ever knowingly faced on the internet. In school we were never allowed to view sites that contained content that was against the student code of conduct. Sites that could potentially have quality information such as YouTube , Twitter, Wikipedia, some web hosting websites and blogging websites were impossible to access. I understand the school board's decision to block some forms of content on the internet because they do not want to expose themselves to any trouble with parents. Some parents do the same at home and do not want their children exposed to of violence, nudity, racism, harassment, etc. These intermediate networks allow users to post anything they want no matter the quality of writing or idea but there is some intelligent material. There are some websites such as Facebook, Myspace and other social networking sites that I understand being blocked because of time wasting. These are the websites that schools should block completely. They could look into the possibility of specific page/genre blocking instead of entire websites. I understand that censorship is a concern for parents but the level of censorship differs between parents and kids will always find a way in the end.

Concluding Blog

To wrap things up on this blog, I have a whole new perspective towards online privacy.  Our lives online really are becoming more like an open book that everyone can read.  The web is becoming more people-centric, and the more information that people share online, the more connected everyone will be.   No one is private online.  We can increase our privacy online by making sure a site is safe before sharing information,  watching our online accounts, protecting our wireless connections, using a privacy orientated email service, using a virtual private network to hide our IP addess, and using “Peerblock” to prevent known risks from seeing your computer.  Although there are laws and regulations in Canada to protect our online safety, a lot of it comes down to your own measures and responsibilities online.  We must be very aware and cautious of the information we are sharing online as we do not know who is viewing that information.  I also feel that the government should take a further look into such Bills, as Bill C-12 to help protect us online.  Bill C-12 was proposed to amend PIPEDA, and strengthen the policies associated with PIPEDA.  This will help protect and empower consumers, and clarify and streamline rules for businesses.  It would also make data breach notifications mandatory.  This would increase transparency, and increase online privacy.  I think this Bill would be very important, as social media companies withhold so much of our personal identifiable information.  So to conclude, always be aware and cautious.  Online privacy may be considered dead already, but we must do anything we can to protect ourselves online.

Internet Censorship

I have faced internet censorship in grade school, high school, and I am curious if I currently face any I am unaware of today.  I remember growing up on computers and many of my classmates were as skilled as me at typing and writing code. We did not hack our way around the censorship but some students could  find a program or process that allowed us to bypass the firewalls. I have never been in a school that has had a firewall I was unable to bypass and this definitely is something I have taken for granted. One of the most interested and recent cases of online censorship was the Arab Spring. The Arab Spring was the way that social media and our networks allowed people to overthrow the government in Egypt and Libya. There is a quote that stated " We use Facebook to schedule protests, Twitter or coordinate, and Youtube to tell the world." This was understood eventually by the government and internet access was completely cut off for large periods of time. I believe that we are living in a world more connected than ever and when people use the resources available they can make much more of a difference than ever before.


http://techcrunch.com/2011/01/25/twitter-blocked-egypt/

Anonymous Hacks Chinese Government Websites

Online privacy and internet privacy in China have been an issue for many years due to their government's censorship China has been conducting censorship for over 60 years under the communist party. People have been arrested and who knows what else for speaking badly about the country online. A specific case is when a Chinese reporter sent an email through Yahoo and it was intercepted by the government at Yahoo China headquarters. He was sentenced to 10 years in prison for speaking badly about the country in an email that would be freedom of speech in Canada. Stories like this make you happy that our online censorship laws in Canada are non existent for the most part and that we do not need to use anonymous networks to connect to the real internet. Tor anonymity network is designed for users in countries that have censorship on the internet to be able to use the full uncensored internet. Tor and VPN were both programs that Anonymous posted online when they hacked hundreds of government run websites. The website's homepage displayed in red letters " Hack by ANONYMOUS." Bellow that was a message that read " Your government controls the internet in your country and strives to filter what it considers a threat for it. Be careful. Use VPN for your own security. or Tor." This final message makes me think about whether we do truly face no censorship online.  

My Google Doc Problem

I was recently the victim of an online privacy breach because of Facebook. A member of my group had posted a screenshot of their computer which accidentally allowed anyone with access to the photo to see the URL. While we were working on the Google Docs paper we suddenly noticed a number of people had begun editing our paper. At one point there were 13 anonymous users posting pictures and text to our document that was completely unrelated. While some of the changes were humorous such as adding a photo of Nicolas Cage to our cover page and changing our bibliography to say "Plagerized the whole thing", the intrusion was frustrating. The group leader was forced to close off all public editing and start a new Google Doc. After the new document was created our group was provided with new editing privileges and we reread the entire business outline for alterations. This was a long a tedious process that has taught me a lesson about open source sharing. There are precautions I never believed we would have to take to protect our privacy because Facebook is open to more than just friends.

Food for thought

All this talk about finding articles and research for our blog when we only need to look at our own blog. Researching into our blog's statistics and 'hits' from all across the globe is an eye opener of it's own. To see that our blog received visitors from South Korea, Germany, And the U.S. proves as a strong point of David's earlier post about Panopticon. We never really know when were being watched on the internet, and recently I have actually stopped using Mozilla Firefox because of the issues of Ad's bothering my searches. This blog also helped me further my knowledge in Online Privacy as it proved to be an amazing source of information from four separate contributors. This is another reason our Networked world is so progressive. The internet has created an online profile that is becoming more and more difficult to separate from real live. Personality's are aligning with online profiles as more and more information is being researched and posted. That alone deserves recognition

Panopticon with regards to online privacy

For my last post in the MGMT 3601 blog, i would like to discuss Panopticon with regards to online privacy. The idea of panopticon in the online community is that you never you never know if what you are viewing, is being viewed by the government or the police or the people at Google. It is the awareness of the user that someone could be watching their searches. This affects the users online privacy because their is always the chance that someone is looking at the web pages you're looking at. You can even get int rouble with the law for searching certain things or go on to watch list, where they watch everything you do online. This idea of Panopticon can also be applied to Facebook in the sense that anything you post can be viewed every single person on your friends list at any given time. They can use your posts or pictures or whatever, any way they would like. There is no longer privacy online because once you post something there is always the possibility that someone saw and saved what you posted even if you delete it soon after. This has been a major problem with Twitter; often athletes will post something on their Twitter when they are angry or in the heat of the moment, then later delete it. However, some one will always see the post and it will become lost in the public sphere. Heres an article regarding Facebook's Online Panopticon http://www.thedailybeast.com/newsweek/2012/09/30/facebook-s-online-panopticon.html

Online Privacy: Your Life Is an Open Book

This is an article about the site Spokeo.com, and how our life is almost like an open book that anyone can read.  For $2.95 you can get a month subscription on Spokeo.com, and on this site you can search where people live, what their name is, phone number, email address, education, relatives, profiles on other sites, age, marital status, etc.  Luckily this is only in the United States of America, but I am sure they are expanding.  This website uses algorithm to search public databases, so the information gathered is only as accurate as the sources, but generally it is quite accurate.  The web is becoming more people-centric, and the more information that people share online, the more connected everyone will be.  ABC News asked Spokeo's co-founder about the criticism. He told us, "We do not have people's social security numbers, we do not have people's driver's license numbers, we do not have people's bank account information, so I think, personally, that it is probably hard to steal people's information." (2010)  But they have almost every other little bit of information about you.  This is not illegal as the information gathered was already publicly released.  People now are worried about their safety, and criminals.  This is just a way of speeding up the process of another person finding you. The online world today is becoming a scary place.  The article is: http://abcnews.go.com/WN/Media/people-search-engines-spokeo-make-easy-find-private/story?id=10768917#.ULWG2eRfAuA Check out Spokeo: http://www.spokeo.com/

Online privacy issues evolving too fast for government regulation, says Google

This was the most recent article I read dating at October 30, 2012, and I found it very interesting.  The largest search engine Google feels that there is no need for governments to regulate online privacy policies.  Manager of Global Public Policy at Google, Colin McKay says “the online world is evolving too quickly to set regulations in stone that would endure.” (2012) Mckay is also a former member of the federal privacy commissioner’s office.  As people are becoming more aware of online privacy threats, they are sharing less and less information, but social media sites and Google are always raising eyebrows of the MPs of Canada.  McKay says Google isn’t “Big Brother,” (2012) a show where they watch the lives of other people and assures data collected through Google is not used to develop individual profiles.  It is as if McKay is trying to hide something, as he feels no extra enforcement privacy policies should be enforces.  He states,   “We have the users’ interest in mind and we’re providing security controls for them that allow them to control their information.” (2012)  So Google is looking at our personal information, and trying to provide us with the best security measures. Can we trust Google? How much information do they already have collected about us already? This is almost a battle between Stoddart and McKay. The article is: http://www.calgaryherald.com/technology/internet/Google+tells+Canada+online+privacy+issues+evolving/7472156/story.html

My Online Privacy

I have always considered myself a safe internet surfer and computer user. After taking this course and presenting on internet privacy, I have found that there are many things I never knew I could do to help protect my identity online. I download music, movies, and television shows regularly and have encountered many different viruses, Trojan horses, cookies, and other breaches of privacy. I completely compromised a laptop of mine in high school by downloading unsafe material from a sources that were not credible.  With my new laptop I consistently update my security software and scan for potential threats. In high school I could afford to act carelessly but now that I have a business and other important information on my computer I need to prevent any breaches in privacy. I now only download files from trusted sources from safe websites. I also used to post a lot more things about myself on Facebook when I was younger. I completely agree with the idea Eric Schmidt, chairman of Google, suggested when he said parents should have the internet talk before the sex talk with their children. Children use technology at younger and younger ages so it has become a responsibility of the parents to keep their children safe. Internet privacy is beginning to become an issue for younger demographics all the time.

Australia Post in online privacy breach

This article was about Australia Post releasing the names and locations of thousands of Australians who have been sent parcels.  This was blamed on a computer glitch, but you never know with all the hactivist groups out there.  The Australia Post was forced to shut down its online parcel tracking system, after a customer announced the privacy and security breach.  It came about as simple as typing and searching for a random number, and thousands of Australians information was released.  A spokesperson was sorry about shutting down the system, but not about the privacy breach.  So was this just a glitch in the computer system? Or was it a hacker? I personally do not know how a glitch in the system could release so much information, but who knows.  This could have released a lot of information including: names, addresses, emails, and even potentially financial information, as this was through the online parcel system.  It just goes to show that even sites that you can believe to be safe and trustworthy can turn on you.  You must always be aware of the sites you are using and use extreme precautions, as you never know who may be trying to search you.  The article is:  http://www.news.com.au/business/companies/australia-post-in-online-privacy-breach/story-fnda1bsz-1226498834454

Online Surveillance bill

A new bill is being proposed that would require telecommunications providers to give police subscriber information without a warrant. Currently they have a bill designed to allow the police and government access to specific information upon request. This allows them to view digital communications on email, phone, text, etc. The new bill has requested that the types of information available without a warrant from be moved to 11 from six. These six would be something like Name, Address, Email, Postal code, etc. The proposed new bill changes the amount and type of information that police need to justify searches.  This violates Section 8 of the Charter of Rights and Freedoms, which protects against unlawful search and seizure.
I understand the bill and can see the positives from this invasion in privacy but it is still an invasion of privacy. The police have claimed it is to find people who are suicidal or luring children over the internet. Currently they can request information from telecommunications service providers, but it is up to the company to decide if they will provide info without a warrant. Some service providers stated that they will only hand over the information in cases of child exploitation. A warrant will be required for extortion or robbery cases.
Right now there is a very small chance that the providers withhold information so this bill will not change very much in my opinion. "Law enforcement statistics show telecommunications providers comply with police requests voluntarily in 95 per cent of cases".
I believe there is a great opportunity for abuse of this system because any police officer can request customer data from telecommunications providers. Stephen Tanner, chief of Ontario's Kingston police wants to change this and that is a main focus of the new bill. The new bill says only trained, designated staff can make requests. There is still a chance for human error and some mischief but they will have to record the requests for audit purposes.

http://www.cbc.ca/news/technology/story/2012/02/15/technology-surveillance-bill-privacy.html

Social media websites ignoring privacy laws, watchdog says

This article stated that Canada’s Privacy Commissioner, Jennifer Stoddart, is concerned that some social media companies are ignoring privacy laws.  Stoddart told MPs at the House of Common that, the Personal Information Protection and Electronic Documents Act (PIPEDA) is too weak.  Although Canada’s privacy laws and policies are stronger than America’s, we are still not as strong as other countries, such as Germany.  Some social media companies such as Facebook are not following Canada’s Privacy Law.  Stoddart said, "The problem with social media companies is generally their lack of transparency with regulatory authorities." (2012)  The legislation currently does not require companies to report a privacy breach to Stoddart’s office or to consumers.  Keeping this information confidential could lead to an increased rate of privacy breaches.  Bill C-12 was proposed to amend PIPEDA, and strengthen the policies associated with PIPEDA.  This will help protect and empower consumers, and clarify and streamline rules for businesses.  It would also make data breach notifications mandatory.  This would increase transparency, and increase online privacy.  I think this Bill would be very important, as social media companies withhold so much of our personal identifiable information.  The link is:  http://www.cbc.ca/news/politics/story/2012/05/29/pol-social-media-privacy.html

Some Employers, Schools Demand Facebook Logins

This short article is about employers, and even some schools searching for loopholes around Facebook's privacy settings.  Some employers and schools are demanding that they must become friends on Facebook, asking for a tour of their account, or even asking for usernames and passwords.  I personally think this is getting a little out of hand, as your Facebook is based around your social life, and everyone's social life is different from their work life.  Although you can tell a lot about someone through their Facebook, I do not feel that an acceptance to a school should be denied for some bad pictures or something like that on Facebook.  Some colleges in the States such as, the University of North Carolina require student athletes to "friend" a coach or school official to monitor their Facebook, and if they refuse, they don't play.  I understand these concepts, but I find that is a bit ridiculous that a coach, or student official who you have just met must monitor your Facebook often, or you don't play.  "As a society, where are we going to draw the line?" (Gastaldo, 2009) Here is the link: http://www.newser.com/story/141185/some-employers-schools-demand-facebook-logins.html

More 'Anonymous' shenanigans

This past week the Hacktivist group Anonymous ran "Operation Payback" targeting companies that oppose internet piracy then later attacked Paypal for refusing to process Wikileaks payments. This attack on Paypal reportedly cost them 3.5 million pounds and collapsed their online infrastructure. The hacktivists believed that copyright should not be used on the internet and used this as the basis for who they attacked. Four members of Anonymous were found out and have been charged with conspiracy. Three of them have pleaded guilty to the charge while the other pleaded not guilty. Operation Payback had originally targeted those who opposed the use of the website Pirate Bay to download music for free. More on the subject at http://www.bbc.co.uk/news/uk-20449474

AOL

In 2006, AOL got in trouble for publicly releasing  keywords that 650,000 users from their website had used. These keywords were available over  a three month period. This was suppose to be for research purposes, however this made it possible to identify specific users and what their search history was. AOL eventually recognized their mistake and took down the keywords.  Unfortunately the keywords had been mirrored all over the internet at this point and it was much too late to do anythign. AOL got sued by a class action lawsuit for the tune $5,000 per user or a cool 3.25 billion dollars. This lawsuit is still not settled, an is working its way through California courts. heres an article from 2006 about the search leak http://news.cnet.com/2100-1030_3-6103098.html

Facebook SPAM

There was a viral message spread on Facebook that pertains to the privacy agreement just recently. In this message, it supposedly protects your private information from being accessed and that the privacy terms and agreement has changed. This is false. " It then goes on claiming that anyone can copy this text and paste it on their Facebook wall, which supposedly forbids Facebook to “disclose, copy, distribute, disseminate, or take any other action against [the user] on the basis of this profile and/or its contents.” Finally, the notice points out that “Facebook is now an open capital entity.” and that all its members are “recommended to publish a notice like this.” It is funny that such an item can be passed from so many people so quickly. I have attached the comment below for you guys to 'laugh at'. The theory behind this all is that the changing of Facebook to a publicly traded company will negatively effect users privacy rights.

In response to the new Facebook guidelines I hereby declare that my copyright is attached to all of my personal details, illustrations, graphics, comics, paintings, photos and videos, etc. (as a result of the Berner Convention). For commercial use of the above my written consent is needed at all times!
(Anyone reading this can copy this text and paste it on their Facebook
Wall. This will place them under protection of copyright laws. By the present communiqué, I notify Facebook that it is strictly forbidden to disclose, copy, distribute, disseminate, or take any other action against me on the basis of this profile and/or its contents. The aforementioned prohibited actions also apply to employees, students, agents and/or any staff under Facebook’s direction or control. The content of this profile is private and confidential information. The violation of my privacy is punished by law (UCC 1 1-308-308 1-103 and the Rome Statute).
Facebook is now an open capital entity. All members are recommended to publish a notice like this, or if you prefer, you may copy and paste this version. If you do not publish a statement at least once, you will be tacitly allowing the use of elements such as your photos as well as the information contained in your profile status updates…

mashable.com/2012/11/26/viral-privacy-notice-facebook/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Mashable+(Mashable)

Facebook vows to fix online privacy breach

I found this article that stated Facebook had been tracking users after they had logged out of the social networking site.  This article was dated on September 19, 2011, so it is still quite recent.  A guy named Nik Cubrilovic from Australia had noticed that rather than deleting its tracking cookies, once the user had logged out, Facebook was modifying them.  So basically Facebook was tracking what sites users were going on after and what they were searching.  Although Facebook claims that they did not store any information it should have, this is how I believe they relate so many different apps and advertisements to you.  For instance on the side of my Facebook home page I may have an advertisement for rugby Canada gear, as I may have been on the rugby Canada website recently.  Facebook is now more connected to users through the ‘like’ button.  Users are able to like a company, product, band, a person, etc. on Facebook, and Facebook can relate to users through this and send personal apps and advertisements.  Many businesses, example Pogue Fado in Halifax don’t even update their information anymore on their actual website, just on their Facebook page.  Here are two links to look at: http://www.dma.org.uk/news/facebook-vows-fix-online-privacy-breach and http://www.poguefado.com/

ING Direct: Security on the Internet

Again through my research of online privacy, I came across ING Direct and found out how companies like this try to protect their customers.  ING provides a section on their website on how customers can protect their identity, both online and in general.  ING goes through various on how to identify yourself, how to properly sign a transaction, how to recognize a suspect screen, what to do if a suspect screen appears, online fraud protection, and how to protect confidential data.  ING states that although their HomeBank is very secure and safe, it is also up to the users to help protect the system.  Users must monitor their computer and their behaviour online.  Users should have updated software and security services, and must be aware of unsafe websites.  ING also goes over deceptive emails, and what to do if you suspect fraud or abuse.  I think it is great how companies provide this information, as many people are completely unaware of this information, and how to strengthen their online privacy.  I think all e-companies and banks should provide this information on their websites.  Here is ING’s link: https://www.ing.be/en/retail/Pages/security.aspx

Privacy Oriented Email Service

During my research of preventative measures, I came across a method of how to increase online privacy related to emailing.  This is for people or companies who are very worried about privacy and emails, which is a growing problem nowadays.  There are safe and trustworthy email services out there that protect your emails and keep them safe, secure, and private.  I came across an example of one quite well renowned email service call Hushmail.  Hushmail encodes each message with an encryption.  This makes the message unreadable to anyone but the sender and its recipients.  The message is encrypted before it is even sent, and is restored back to its original form once it is received by the recipient.  All the recipient and the sender have to have in common and remember is a secret personal passphrase.  This allows the sender to lock the email, and the recipient to unlock the message.  Although this is not a new service or technology, I had never heard of it, but I do think it is quite useful and has a lot of potential.  This could be vital for a lot of organizations, and even the government.  Here is the Hushmail website. http://www.hushmail.com/

Vic Toews Controversy

This is along the same lines as my last blog, but I just feel that it is such a good controversy and debate.  This blog is about Vic Toews and his proposal of the Protecting Children from Internet Predators Act- Bill C-30.  This Bill is along the same line as Bill C-46 and Bill C-47.  This would give authorities unprecedented new powers to monitor the online and phone habits of Canadians.  Both Internet service providers and Cell phone companies would be required to hand over basic customer information upon request without a warrant.  Toews received such comments as, “Now, every single Canadian citizen is walking around with an electronic prisoner’s bracelet,” Angus said after the tabling of the bill.  “I say to Vic Toews, ‘Stop hiding behind the boogey man. Stop using the boogey man to attack the basic rights of Canadian citizens.’” But in reality, we are taking criminals off the internet, I don’t care how you put it, or how its done. The less people we have like that off the internet, the better.  Here is an example from the summer of 6 men in the GTA getting caught looking at child pornography and getting arrested.  One of these men grew up in Uxbridge (my home town) and was a hockey coach for years.  Here are the two articles to look at: http://news.nationalpost.com/2012/02/14/online-surveillance-bill-will-put-electronic-prisoners-bracelet-on-every-canadian/ and http://www.durhamnews24.com/crime-news/44-police-press-releases/1239-six-arrested-in-durham-child-porn-sweep

New Canadian Laws Would Kill all Internet Privacy???

This article goes over Bill C-46 and Bill C-47.  It is an older article, as these bills were proposed in 2009, but it still provides an interesting argument.  Although Canadians should have the right to complete anonymous online privacy, should the police be given access to our servers to help protect us? These two bills would give granted authorities and the police to access information on all Canadian Internet subscribers and all their private communications without a warrant.  In reality, the police and granted authorities could track where you live, what your name is, email, what you have been looking at, what you have searched, etc.  So is this right? I feel that it is, in the sense the police are meant to serve and protect, no matter what measures it take for them to keep people safe.  Although these two bills did receive a lot of criticism, on both costs and privacy groups protecting individual rights.  How do you feel on this manner? Here is the article, http://www.nupge.ca/node/2375

"Webcamgate"

A school district in Pennsylvania provided to students with several thousand Apple laptops. The problem with these laptops was that they were equipped with built-in Webcams to monitor there use.  The school district admitted it had over 56,000 photos and screen shots gathered by the Webcams and security software installed on the laptops. This is a serious privacy issue because these photos were taken without the knowledge or consent of the students, including in their bedrooms and some while undressing or nude. In April 2010, high school sophomore Blake Robbins filed a class action lawsuit against the Lower Merion School District for invasion of privacy. In October 2010, the school district agreed to pay $610,000 to settle two lawsuits related to the incident.
Here's an article on the case http://www.guardian.co.uk/commentisfree/cifamerica/2010/oct/16/little-merion-webcamgate

Really interesting project

This article is both interesting and scary haha. Researchers at the San Francisco-based Electronic Frontier Foundation tried an experiment. The group that managed the online privacy advocacy set up a web page and collected browser information from visitors. The site was set up so it didn't steal any data or ask for installations of any sort, it would simply log the basic information almost all internet users in the world believe unknowingly hand over each time they visit a website. This information included their time zone and Internet-Protocol (IP). These can be important clues with regards to locating a certain individual after finding out this address. This is a very interesting study because the group responsible for the site are professionals and the survey is completely hidden from visitors or participants. This was the result of the study. "More than 470,000 Web surfers, 83.6 per cent of them had an instantly identifiable, totally unique fingerprint: Their particular combination of settings and information was unlike that of any other user, creating an excellent chance they could be personally identified, even though they had done nothing but make a few clicks of the mouse. This stat is extremely alarming and honestly made me think about the sites I visit. I'll leave this blog with one last statement to really open your eyes.

"If you think the long-form census is pushy for asking you how many bedrooms are in your house, imagine someone knowing the exact color of the IKEA sheets you're thinking of buying for your bed."

http://www.theglobeandmail.com/technology/the-end-of-online-privacy/article1214216/?page=all

Aust gov tightens internet security

Saturday night, figure there's nothing else much better to do then post a nice blog. Since all of the other blogs have been about security breaches and issues, I decided to research a bit about improvements. The Australian federal government has moved to tackle cyber-attacks and other intrusions under an initiative that will reduce the number of internet gateways within government from 124 to just eight. This is a secure internet gateway program that is designed to improve security with respects to internet traffic, while helping save the government while saving significant costs over the next three years. The Department of Agriculture, Fisheries and Forestry, is the first lead agency to sign-up for this program and there presence will assist in the initial internet trafficking and filtering in the start up. The theory behind this program is that reducing the number of gateways will improve security through a more consistent approach by applying gateway management. This will allow the team that is running this program to make sure appropriate information and channels are operating with proper use and respect. This is an excellent program to integrate within a country, as there are many speculations and concern these days with federal governments vulnerability and outside access to information. With any luck, this will minimize the number of information leaks and detour any hackers from attempting to access classified information.

http://www.futuregov.asia/articles/2012/oct/04/aust-gov-tightens-internet-security/

U.S. accused of launching cyber attack

This article intrigued me when I was researching Online Security for our Final presentation. In this case, The U.S. Government was accused of launching a cyber attack on the french government, which the U.S. categorically denied. This is actually an excellent article because it explains the steps that professional hackers took in their efforts targeting "the team of [former French President] Nicolas Sarkozy." These hackers starting point? That's right, Facebook. "From there, they were sent e-mails that contained a link leading to a fake website that replicated the Elysse Palace's own page. After the page asked for a username and password, the advisers obliged, and their information was stolen." It was as easy as that. Weather the U.S. government is behind this or not has yet to be determined, everyone may have there suspicion. A series of important documents were obtained form this cyber attack, including "secret notes" and Sarkozy's strategic plans. One suspicion is that the U.S. knew that this former president would be out the door soon, and wanted to make good terms with the new government official. Cyber attacks that are backed from government efforts are nothing new. "For years now, we've been hearing of reports of China and the U.S. launching cyber-attacks on important networks. Claims also have been made that the U.S. and Israel were behind the Flame cyber attacks on Iran's nuclear efforts. This is the first time that there has been a report of the U.S. launching a cyber-attack on an ally.

http://news.cnet.com/8301-1009_3-57553153-83/u.s-accused-of-cyberattack-on-french-government/

Geotargeting

With the holiday shopping season now in full force, people should be more careful when buying things online then ever. Companies use methods of geotargeting to try to get consumers to buy things online. Geotargeting is the method of determining the location of a website visitor and delivering different content to that visitor based on his or her location, such as country, region/state, city, metro code/zipcode, organization, IP address, ISP or other criteria. They will manipulate the content specific people see based on prior websites they have visited. The website will also leave cookies on a user's computer which will save information about the IP address without ever notifying the user. Not only has this increase a significant amount since marketers began using this method, one article I read said geotargeting will increase by 868% by 2016. Companies such as Twitter and Facebook are also welcoming this with open arms because of the 30 to 40% premium they can charge for geotargeted advertisments as opposed to non-geotargeted advertisements. http://streetfightmag.com/2012/08/17/why-not-all-geotargeting-methods-are-created-equal/#.UK_X0cxe6nA

Women arrested in India over Facebook post

Shaheen Dhada, an Indian woman, was arrested over this week because of a Facebook post she made criticizing the shutdown of Mumbai after the death of a politician. However, not only did she get arrested, her friend, Renu Srinivasan, was also arrested because she 'liked' the comment. To someone living in North America, this seems absolutely crazy. It is just two women expressing their opinions, not making any threats or spreading hatred, just saying what's on their minds. Although many people in India would share the same opinion as me, their government and police force did not. They charged the women for "creating or promoting enmity, hatred or ill-will between classes". She made the comment after Mumbai politician Bal Thackeray died over the weekend which caused the near shutdown of Mumbai. The comment on Facebook read; "People like Thackeray are born and die daily and one should not observe a 'bandh' [shutdown] for that." It is hard to imagine anyone in North America or Europe getting in trouble for writing a message like that. Not only did she get arrested, but an angry mob also attacked and vandalized her uncle's clinic. http://www.bbc.co.uk/news/world-asia-india-20405457

Parents Facebook Privacy

I recently read an article about parents strong concern for their child's privacy on the internet and mainly Facebook. I believe it is important to understand the levels of safety that are provided by programs and Facbook itself. The article says that parents are extremely concerned but do very little to actually act. Of the 802 parents interviewed only 39% said they have helped their children step up their privacy settings. It was also found that white parents are almost twice as likely as black parents to help set up their children's privacy online  These stats are astonishing to read because there are so many potential threats online for young kids. I remember when I was younger there seemed to be less threat to my friends and I because we spoke to only each other on MSN messenger. Those times have changed dramatically and now privacy is changing every day. Facebook has opened up the world to view each other in new ways that were not previously available and pose a lot more potential threats. If parents do not react properly it is left up to the children to discover for themselves.
http://newsfeed.time.com/2012/11/20/study-most-parents-worry-about-kids-online-privacy-but-arent-doing-anything-about-it/

Anonymous strikes again....

The fighting between Israel and Palestine has been on three different fronts. The first is the physical fighting taking place, the second is the war of opinion on social networking sites and the third is the cyber war taking place. A large contributor in the cyber war has been the hacktivist group Anonymous. They have decided to attack the Israeli government via the web because of what they call “barbaric, brutal and despicable treatment” of Palestinians. Since the aerial strikes on Gaza last week, the Israeli government has been hit with over 44 million cyberattacks. Some of these have been pro Israeli websites taken down, some have been passwords leaked. Basically they are doing every they can to spot the war by limiting the accessibility of Israel’s computer systems. I find it very interesting that nowadays, it is possible to affect a war that is thousands of kilometers while in the comfort of your own home. The article I read is http://www.cnn.com/2012/11/19/tech/web/cyber-attack-israel-anonymous/index.html?hpt=hp_bn5

Playstation

Sony, the creator of the Playstation 3 was the victim of a hacker last year. They were only one of the victims because they lost 4.8% on their stock price. The real loser in this hacking are the users of Playstation because their information was stolen. Credit information, names, locations, dates all were in the players user profiles and was stolen by this hacker. I believe that it is Sony's duty to protect this information. The unauthorized sharing of this information opens up millions of possibilities for credit fraud and identity theft. These are issues that should not be taken lightly and can open Sony up to millions of lawsuits from all of their users at risk.  Sony released a statement claiming that there was an external intrusion and that it is believed to be the group ANONYMOUS. The group then released a statement claiming that they had not done this themselves but sometimes ANONs work by themselves.  This does not seem to be the work of ANONYMOUS in my opinion because they typically perform a Distributed Denial of Service attack (DDoS). This is the equivalent of  bombarding a target with 100 gigabits per second worth of information from up to thousands of computers. I believe that someone out there stole a large amount of information for personal gain as oppose to send Sony a message.

http://www.pcworld.com/article/226128/Sony_Makes_it_Official_PlayStation_Network_Hacked.html

David Petraeus

Recently, news came out that CIA Director of Central Intelligence David Petraeus resigned from his position because of an extramarital affair. The link between this and Online privacy is that the reason this affair became public, was because the FBI gained access to his email through Google (gmail). There are to general views people would tend to take on this issue. The first would be taking it as a positive. Everyone knows that the FBI and the CIA have an enormous amount of power, whether it be online or just in a general sense. It is good to know that they use this power to check on the people within their own organization, not just the citizens of the United States. It is nice to know that they do not hold the agents in their organization to a higher standard than they do for the rest of the world. On the other hand, it is troubling to think that anyone's email can be accessed and used against you. If the CIA Director can't keep his private life private, it is unlikely that the average person can. A major reason for this is because of Google. The company is well known for given out private information, with 93% of information requested by authorities in 2011 given out. For more information on this topic, here is a CNN article about the 5 things we learned from this scandal.. http://www.cnn.com/2012/11/14/opinion/ghitis-petraeus-5-things/index.html

Private Vs. Public Online Security

Private Vs. Public Online Security

This was an interesting article I came across during some blog research. In one of my other classes: Government Policy towards Business, we discussed the management and the operational actives involved with online security. Two groups had a a debate in class, and they argued weather our online security should be run by a private of public entity. It's rather interesting to hear both points, because they were both fairly convincing. Private companies have been responsible in the past for firewalls, anti spam, and the security of people's computers and information. They have experience in the field, and hold much less of a threat to hackers as opposed to a government run security. I read in an article Hackers breached the security networks of top US defense contractors. This sounded extremely dangerous and ridiculous.  Not much classified information was accessed because it was locked down on a private network; however, it's possible that some details on future weapons systems as well as weapons in use today in Iraq and Afghanistan were compromised.  Industry  receives the initial respect for the complete launch and maintenance of the online-networked world, so if anything they deserve the responsibility to 'secure' it. Another main point that industry had was that government is much too wide spread to be completely focused that this subject and deliver the attention it requires. I do think publicly run online security would be detrimental to an already well established field to date.

 http://www.newser.com/story/119629/hackers-breach-security-of-us-defense-contractors.html

 

 

In our last class, we discussed Amanda Todd's suicide and the internet vigilantism the hacking group 'Anonymous' took to find out the identity of her perpetrator. The group released the name of one British Colombian to the public, who they believe pushed Amanda Todd to commit suicide. Recently, it has come to light that this man was not the perpetrator, after his name has been released. This brings to question whether what the hacktivism group is even right. Obviously they had good intentions in bringing the name of the terrible person that tormented this young teen. However, they did not even give the right name. I understand these groups are trying to do the something good for their community, but they are violating the community's privacy rights. Not only is this illegal, but it can also be dangerous. What if someone that was close to Amanda decided to take the law into their own hands, and harm this man that 'Anonymous' identified. Then later it comes out that he wasn't involved at all. A completely innocent man could have been harmed for no reason, other than because these internet vigilantes thought they could provide justice themselves. This is why i believe criminal justice should be kept in the hands of the police and the judicial system. Here is the article I took this information from http://www.cbc.ca/news/technology/story/2012/10/19/f-doxing-tracking-online-identity-anonymity.html.

Onling Gaming: Starcraft

Online Gaming: Starcraft

When talking about online security I couldn't help but to think about online gaming. There are a ridiculous amount of people in the world connected through an online world. This world almost always is dependent upon goal oriented behavior. For example, any role playing game allows you to explore different areas of a map, and upgrade your character and progress to other challenges. In my case I wanted to talk about Starcraft for PC. This game is extremely old, and when it was first released there was an enormous amount of 'hacking'. Initially, I had no intention of hacking but constantly, when trying to sneak into an enemy base, I was being greeted by an army, it got frustrating. I downloaded a few hacks very easily from an online source which was accompanied with a read-me file. I was able to stack buildings, see the entire map, change my name, spam opponents screens, etc. It actually became more fun then playing. I downloaded an ANTI-hack which allowed me to detect if an opponent was hacking and drop there connection to the internet. I was also allowed to see opponents IP address's and computer profiles. So obviously during a game with pleanty of hackers, things might get a little carried away. For example, beating someone who was hacking, and they rage quit, start spamming you and messaging you your IP address and what not. It got so ridiculous people stopped playing Starcraft until the next version came out but it showed how incredibly easy it was to access peoples information.

Facebook Messages on Timeline

Recently Facebook users were unhappy to find their personal messages had been published for all of their friends. 900 million users around the world, 18 million in Canada had their personal messages between each other published to their "Timelines". Facebook maintains that these are not personal messages but I believe that is just a cover up. I personally observed numerous messages that I had not been intended for the public eye that were on my "Timeline". I believe that this is just a glimpse into what could happen if our personal information was leaked. This is not your social insurance number, home address, or credit information it is information you have sent to another member of Facebook with the idea that your message was private. Privacy on Facebook is a reoccurring debate due to its hierarchy of social media and the vast amounts of personal information people freely share over the Facebook servers.  This is only the tip of the iceberg when it comes to information leaking on Facebook which will be addresses in numerous blogs this semester. 

http://business.financialpost.com/2012/09/24/facebook-privacy-glitch-social-network-says-reports-of-private-messages-on-timelines-false/

I was just looking through a few media sources, trying to find something interesting to blog about when i found this article on CNN. http://money.cnn.com/2012/10/10/technology/security/google-chrome-hacker-prize/index.html. Google offered $60,000 to any hacker who could find security issues with their Google Chrome browser. Its interesting to see a company as established as Google, relying on hackers to try out their security systems, but i guess it worked because one hacker actually found problems with the browser and  received the $60,000 prize. I find it very interesting they just host a hacking competition for anyone that's able to hack, in order to find out problems with their servers. The hacker that won the prize is a teenage boy that goes by the online name "Pinkie Pie", and this wasn't even the first time he has taken Google's prize money. In 2010, him and another hacker took home another sum of money for finding holes in the Chrome browser back then. I think Google should just put him on their payroll, then they wouldn't have to hold any more of these competitions.

David