Fourth rule of the internet

2017-09-25

in Economics, Geek stuff, Internet matters, Politics, Security

A somewhat obvious rule of internet security to add to the first three:

  1. Against a sophisticated attacker, nothing connected to the internet is secure.
  2. Everything is internet now.
  3. You should probably worry more about being attacked online by your own government than by any other organization.
  4. Sensitive data about you is largely on the computers of other people who care little about your security.

Equifax is getting lots of attention right now, but consider also Deloitte, Adobe, Stratfor, Blizzard, LinkedIn, DropBox, Ashley Madison, last.fm, Snapchat, Adult Friend Finder, Patreon, Forbes, Yahoo, and countless others.

As Bruce Schneier points out, the only plausible path to reduce such breaches is for governments to make them far more painful and costly for corporations.

Report a typo or inaccuracy

{ 1 comment… read it below or add one }

. November 11, 2017 at 4:17 pm

Connections like these seem inexplicable if you assume Facebook only knows what you’ve told it about yourself. They’re less mysterious if you know about the other file Facebook keeps on you—one that you can’t see or control.

Behind the Facebook profile you’ve built for yourself is another one, a shadow profile, built from the inboxes and smartphones of other Facebook users. Contact information you’ve never given the network gets associated with your account, making it easier for Facebook to more completely map your social connections.

Having issued this warning, and having acknowledged that people in your address book may not necessarily want to be connected to you, Facebook will then do exactly what it warned you not to do. If you agree to share your contacts, every piece of contact data you possess will go to Facebook, and the network will then use it to try to search for connections between everyone you know, no matter how slightly—and you won’t see it happen.

That accumulation of contact data from hundreds of people means that Facebook probably knows every address you’ve ever lived at, every email address you’ve ever used, every landline and cell phone number you’ve ever been associated with, all of your nicknames, any social network profiles associated with you, all your former instant message accounts, and anything else someone might have added about you to their phone book.

Facebook Shadow Profiles: What You Need to Know

Leave a Comment

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Previous post:

Next post: