Facebook Privacy Settings… Some may say it’s too little, too late. I’m relieved that Facebook is finally responding to concerns about their confusing and weak privacy settings. The social media giant (who has been losing customers of late) has recently made several changes to their settings.
Facebook Privacy Settings Update
Additional photo settings. Your current profile photo and cover photos have traditionally been public by default. Soon, Facebook will let you change the privacy setting of your old cover photos.
More visible mobile sharing settings. When you use your mobile phone to post, it is somewhat difficult to find who your audience is because the audience selector has been hidden behind an icon and this could lead to unintended sharing. In this Facebook privacy settings update, they will move the audience selector to the top of the update status box in a new “To:” field similar to what you see when you compose an email so you’ll be able to see more easily with whom you are sharing.
Do you know that panicked feeling, sweaty-hot pins and needles…
when you realize that you’ve lost your wallet or mobile phone? Gone are your credit and debit cards, driver’s license and maybe even checks or a Social Security card. Your phone might house addresses and phone numbers for your loved ones, passwords and logins for your financial accounts, and even access to your email program (allowing someone else to email as you, let alone make calls as you). While the wallet might contain cash and the mobile phone is expensive, they are worth virtually nothing compared to the value of the sensitive (and sellable) data they contain.
My guess is that you feel pretty comfortable banking online, at least from your computer, if not yet on your mobile device. I do too, despite all of the hackers out there trying to intercept our bank account numbers and passwords. Most of us are at ease because of the little lock symbol that appears before the URL when we visit our bank (or Gmail, Yahoo, and so forth). That lock symbol means that our communication is encrypted (digitally scrambled) by a standard called OpenSSL. Over time, SSL has proven to be relatively safe.
Just this week, however, it was discovered that OpenSSL was hacked using a vulnerability known as the Heartbleed Bug. Jeremy Bowers, as interviewed on NPR, put eloquently (emphasis mine):
Recently, I was asked to do a segment for The Rachael Ray Show that demonstrated very visually how many audience members face immediate identity theft risks. Watching them move across the stage as we exposed two or three common sources of identity theft was remarkable. Once we had experienced the numbers, we ventured into the house of one of Rachael’s audience members to see how to mitigate the risk. Watch the video to see if you would have joined the “at risk” group, or read the transcript below:
Rachael: We had the audience stand back here because we all carry several items on any given day, EVERY given day, that put us at risk. So John, you’re going to weed out our audience so we can all learn in how many areas we are seriously at risk if we have certain items on us, correct?
It’s no surprise that identity theft once again tops the “Dirty Dozen” tax scams put forth by the IRS for 2014. They warn that if an identity thief has access to your personal information, such as your name, Social Security number or other identifying information, he or she may use it to fraudulently file a tax return and claim a refund in your name. Think of the implications for the 110 million victims of the recent Target data breach as well as victims of the hundreds of other breaches at other retailers, universities, healthcare providers, government agencies and so on.
KrebsOnSecurity reports that the information from the Target breach alone has reportedly flooded underground black markets and cards are being sold from around $20 to more than $100 each. This data is being sold in hundreds of online “stores” advertised in cybercrime forums. A fraud analyst at a major bank was able to buy a portion of the bank’s accounts from such a store.
Do you ever delete the words you type on Facebook before you hit post?
Have you ever started to type a status update that you thought was hilarious…until you realized your boss might not appreciate your 8th-grade humor? So what’d you do? You quickly hit the delete key and watched your comment disappear forever, right? Not exactly.
What if you are ready to make a snarky comment to Greg, the upperclass jerk who stole your high school girlfriend (and is about to get a divorce, ha ha), but decide to take the high road just before hitting the “post” button and instead, wish him well on his pending journey of love (despite the fact that it’s bound to fail)?
No harm done, right? You never hit the post button, so no one ever saw it! Well, it turns out that’s not quite how it works in Facebook Land.
What happens when a spy agency spies on the Congressional body that was created to keep spying in check in the first place? What are the implications of the CIA spying on the Senate?
That is exactly what Sen. Dianne Feinstein, D-Calif., head of the Senate Intelligence Committee, asserts has happened. In a scathing address to the Senate, Feinstein, who has been a strong advocate of the intelligence community in the past, accused the Central Intelligence Agency (CIA) of violating “the separation of powers principles embodied in the United States Constitution including the Speech and Debate clause”.
This accusation stems from an agreement between the committee and the agency to allow committee aides to review millions of confidential documents related to the post 9/11 Bush administration detention program for handling terror suspects. In the process of reviewing these documents, staffers came across an internal review of the agency’s practices. When the CIA became aware of this, Feinstein claims they searched the network — including the committee’s internal network — and removed the documents.
Today I served as the keynote identity theft speaker for the Fort Worth Speakers Foundation, here in balmy Texas (well, compared to Montana, where I spoke last week). After the main presentation, I fielded a range of questions on all topics. One woman asked me this: “At what point is fraud committed as a by product of the Target breach no longer Target’s fault?” The question was highly intelligent and the answer is very revealing.
When word got out about the massive security breach that occurred at Target in December of 2013, and which could wind up being the largest in U.S. history, many speculated that shoppers would dramatically change their habits. After all, nearly 1 out of 3 Americans were affected.
But a recent poll conducted by the Associated Press shows that our intentions don’t necessarily match our actions. The AP-GfK Poll, which was conducted in January and involved interviews with 1,060 adults, shows that the majority of Americans polled say they fear becoming victims of theft after the breach.
Biometrics are like passwords that you leave everywhere (fingerprints, facial recognition, voice patterns), except that unlike passwords, you can’t change them when they’re lost or stolen. It’s easy to change your password, a bit harder to get a new retina. Like passwords, risk goes up as they are stored globally (in the cloud) versus locally (on a physical device).
In addition to the biometrics mentioned above that most of us have come to accept as commonplace, there are many other methods in use or under exploration:
Get monthly strategies and tips for protecting yourself and your business delivered right to your Inbox. Signup now and you'll immediately receive John's 7 Survival Strategies for Starving Data Spies!
It’s no surprise that identity theft once again tops the 
Self-censorship on Facebook
Today I served as the keynote identity theft speaker for the Fort Worth Speakers Foundation, here in balmy Texas (well, compared to Montana, where I spoke last week). After the main presentation, I fielded a range of questions on all topics. One woman asked me this: “At what point is fraud committed as a by product of the Target breach no longer Target’s fault?” The question was highly intelligent and the answer is very revealing.
