1.) Go to Google.com

For my images, I did a search on something pretty safe: baseball gloves. It’s clean, work-related, and simple. Note the SafeSearch settings (if you’re logged in to Google) in the image below. If you’re not logged in, you should do so, because you’re going to need to edit the Search Settings for your account.

2.) Edit your Search Settings

Click the Gear icon in the top-right of your Google Search Results, and then click on Search Settings. You’ll be taken to a page with all the search settings available to you.  Scroll towards the bottom until you find the section labeled SafeSearch Filtering, like in the image below.

3.) Start the Locking process

Click on the Lock SafeSearch link at the bottom of this section. This will lock  your SafeSearch setting to the “strict filtering” to remove explicit text and images. (“Moderate” just removes images, and “Off” does not remove anything.)

You’ll be taken to a Login screen to verify your account. Do it. Also note the text on the left side of the page: Google will place an image of colored balls (like the one at the top of this post) in the upper-right-hand corner of the search results to show that the Lock is in effect.

After you’ve signed in, click the Lock SafeSearch button in the Image below…

This will give you a %-Complete progress text as it runs through all the Google Domains…

When it has completed, you’ll see a status message. Unfortunately, in preparing this blog post, I got an “incomplete” message like the one below…

If this happens to you, click the Back to Search settings link at the top/bottom of the message, and find the SafeSearch Filtering settings like the image in Step 2 (it will look different from the one in Step 2). Then click the Verify link in that section…

You’ll be taken to a page similar to the original Lock SafeSearch page. Click on the Verify SafeSearch button…

4.) Test it out

Once you have completed the Verification process (mine never said it was fully locked, and I don’t know which domains were not successful, but Search was fine), test it out.

I was using Chrome, and just re-typed “baseball gloves” in the OmniBox, and the result was as I expected…

Conclusion

That’s it. If you want to undo this setting, just follow the instructions again from the Verification part of Step 3, but choose Unlock instead of Verify.

Technorati Tags: google, google account, google search, google settings, lock safesearch, safesearch, safesearch filtering, safesearch settings, search, strict safesearch, strict safesearch locking

This is spyware. Don't install anything you see a TV commercial for that will "clean" your computer

Over the course of the last 15 years I’ve learned a lot of tricks to keep spammers from getting my email, and spyware from getting installed. I do my best to create informative posts like these on this blog, but not everyone has access to it, and some don’t even realize how much they have put themselves at risk, and don’t consider it to be that big of a deal.

In my post about Improving Commercials, I take the position that commercials are useful to some extent, but have room to be improved. The other side of that coin are the commercials that are not useful: the ones that would be considered SPAM and SPYWARE-inducing if they were in email format.

I’ve seen the movie “Love & Other Drugs” – I know this is people’s livelihood to get the new drugs on the doctor’s shelf to give to patients, especially if it’s better, has fewer side-effects, or costs less. I get it. However, I don’t need it. I don’t even need to know about it.

There is no reason for a Cialis commercial after 5pm. Its target demographic is already in bed.

Asking people to treat their doctors as legalized drug dealers is one thing. Blatantly lying to people about what your service does is completely different. There is no software out there that will “double your speed”, there is no software that “fixes registry errors”, and there is no software that can “remove popups” that aren’t already removed by your browser.

All of these issues have real solutions, but they do not involve installing 3rd-party software.

Cable companies should allow user-feedback on the advertisers they sell spots to, or at least have some sort of ethics-in-advertising guidelines before letting someone come on. I know they can do this – I’ve seen the local broadcaster preempt national HD commercials with local SD commercials (And I hate it by the way – if it’s an HD channel, only HD commercials should be aired).

There should be a button on the remote that allows the viewer to mark this commercial as SPAM, False Advertisement, or (if you want to get granular) Irrelevant.

I realize this leaves the door wide open for every commercial to be marked as SPAM by some viewers, but the cross-sectional results of which commercials were marked as SPAM by *a majority* of viewers would have more value than the “dirty” data from abuse. And then commercials could be tailored to the household receiving them so that the ad-expense is actually worth the cost for the advertisers (and the ad-revenue can be increased due to the increased relevancy the cable company’s system can offer).

Seems like a win-win from my view. Customers don’t have to see SPAM commercials, and can vote-down false-advertisements, and potentially vote up relevant ads. Cable Companies can generate more ad-revenue from advertisers who would likely do better as a result of only broadcasting to interested customers.

Technorati Tags: ads, advertising, advertising innovation, commercial innovation, commercials, false-advertisements, spam, Spyware, television, tv, tv commercials, tv innovation

I started poking around to see what happens if you force https on a Google Search, and it turns out you’re redirected to:

https://encrypted.google.com

Then I wondered how to make this my default search engine without the use of plugins. It turns out it’s very simple.

1. Do a Google Search using the above URL, and you’ll notice the basic format is: https://encrypted.google.com/search?<insert-a-bunch-of-parameters>&q=<query>. We are just interested in the bolded part of that fake URL: https://encrypted.google.com/search?q=<query>
2. In Chrome OS, click the Wrench menu, click Options, then go to Basics and find the Search section. Click on Manage search engines… button.
3. You’ll get a window with all the Search Engines that your Chrome OS knows about. At the bottom of the “Other search engines” list, you’ll see a row for adding a new search engine.
1. In “Add a new search engine“, put something like: Google SSL
2. In “Keyword“, put something like: encrypted.google.com
3. In “URL with %s in place of query“, put the URL we made from above: https://encrypted.google.com/search?q=%s
4. Hit Enter.
4. Hover over the newly created search engine entry, and click Make Default when the button appears over the URL column.
5. Then try out a new search in the Omnibox and it should be SSL’d through Google’s SSL Beta search service.

Technorati Tags: chrome os, chrome os ssl search, chromeos, cr48, google, google search, google ssl, google ssl search, ssl, ssl search

According to the New York Times, AT&T is going to launch a text-message service to send SMS messages to customers in certain locations.

Um, hell no!

It’s called “ShopAlerts” and is designed to allow “brand-partners” (i.e. HP, Kmart, JetBlue, S.C. Johnson, etc.) to send advertisements and coupons to customers who happen to be in range of the “geo-fence” (a pre-defined geographic area around a particular place) for that brand.

The service is opt-in, which makes it a little less about. The troubling thing is it is just another way for people to give up their privacy.

If you allow a service to track when you are *in* a particular place, then by default it will also know when you are *not in* that place. Checking in on Foursquare should be enough of a trigger to send these kinds of advertisements – it shouldn’t be based on a passive location awareness.

In fairness, JetBlue does intend to use their JetBlue Go Places mobile app to offer their program’s points via check-in. According to the article, there is no mention of similar action-requirements. S.C. Johnson intends to put a geo-fence around Wal-Mart to [passively] offer their discounts.

It all sounds eerily similar to the Minority Report’s retina scanners in the shopping malls. Let’s hope the day never comes when you can walk past an adult novelty shop and the on-screen display asks how that sex toy you bought 2 weeks ago has worked out for you. This technology, if extrapolated to track purchases as a response to the ad, combined with the already-present knowledge of your receipt’s items would surely enable such a world.

Don’t opt-in. It’s already easy enough to track you, without making it constantly available.

Technorati Tags: advertisements, at&t, geo-fencing, hp, jetblue, kmart, location-based marketing, presence tracking, privacy, scjohnson, security, shopalerts, walmart

Setting up a Friend Lists

Account > Edit Friends

First thing you need to do is get on the Edit Friends page by clicking on the Account menu in the top-right corner of the Facebook site, and then on Edit Friends.

Once there, on the left-hand side you may notice a list of menu items: Friends, Phonebook, Find Friends, Invite Friends. Right in the middle of that list is where your Friends Lists will appear…like the one for the-spot.net in this image.

When we’re all done setting them up, you could have a list similar to my actual Friends Lists in the image below. I’ve segregated all of my friends into various lists describing where I first met them or my relationship to me. I have avoided putting people in more than 1 list. If they are in more than one list, and you restrict one of those lists, the results of the restrictions could behave unexpectedly.

Creating a Friend List

In the middle of the page, you’ll find a list of all your friends (probably defaulted to “Recently Interacted”). Just above it you’ll find a drop-down menu to filter the friends based on certain criteria (all, by city, recently interacted, and lists). There’s also a dynamic filter search box – as you start typing a name in it, your friends list is automatically reduced to the names that fit what you’ve typed. Above those is the Create List button.

1. Click the “+ Create a List” button.
2. Type a name in the Enter a name box.
3. Start selecting friends. Each one you click will turn blue. You can also type a name in the box to do a quick filter to find a particular friend.
4. Click Create List.

In my example, I’ve created a list called “Fans of tsn.”

Do this for as many different types of segregation you want amongst your groups of friends. If you’ve forgotten someone while searching through your lengthy friends list, you can hover over them and click the Edit Lists button, and then add them right there (as in the image below). You will also be able to add people to your lists when you’re responding to or requesting Friend Invitations.

Using Friend Lists as Privacy Settings

Once you’re done and you’ve got your lists, let’s put them to work on your privacy. Go to your Account > Privacy Settings page, and then click on the Customize Settings link below the Sharing on Facebook section.

On the Customize Settings page you’re presented with drop-down menus for the features list that we set to Friends Only when we configured your Facebook Profile Privacy Settings, as well as some things that others share related to you, and your contact information.

To make use of your new Lists, click the drop-down menu for the feature, and choose Customize. We’ll do Status Updates and Posts, for example.

This will give you a popup window with two options:

1. Who, in the world, should this be visible to…
2. Within that group of people, who should not be able to see it.

You might also see something like the image below, asking you about your Networks as well…

That goes back to the original intention of privacy. We only want our friends, not people who live in the same town, or go to the same school…leave them unchecked.

In the blocking area, you can use the Lists you’ve made, or individual friends from your global friends list…just start typing the name of the list or friend, and choose from the dynamic drop-down.

One example for this type of setup would be “Friends Only” can see my status updates, unless they are also on my CoWorkers List. Another would be “Friends Only”, except for your ex, Blake Smith.

Do this for all the ones you wish to hide from certain people. If you find yourself blocking the same group in every single feature, you might as well unfriend everyone in that group, and if they ask about it, and let the chips fall where they may. Most people won’t bring it back up, or even notice, unless they are constantly checking your profile – which is creepy anyway.

When you’re done, your feature menu will look something like this:

You can also use these lists to edit your Photo Albums’ Privacy as well, by clicking the Edit Album Privacy for existing photos link at the bottom of the page…

Once there, you’ll see a list of all your photo albums, and a similar drop-down menu as the features. Just click on it, choose Customize, and change the visibility settings.

Completed Configuration Example

Below is my entire configuration on my personal account. I have a Work list with all my coworkers on it, and I have blocked them from seeing anything that I post on Facebook as a status update. They have access to things like these blog posts through Facebook Pages I’ve created for my instructional websites. But my personal updates and thoughts are only broadcast to my friends. If the time comes that I change jobs, I’ll swap all of my coworkers out to my DFW (new skool) list and put my new coworkers into the list. If I start having problems with some people not currently blocked, I just create a new list and block them…but that hasn’t happened to me personally.

Conclusion of Facebook Friend Lists

Now that you’ve learned how to segment your friend lists into groups, and assign those groups permissions or restrictions, there shouldn’t be a time when you think to yourself “man I wish I could block that person from seeing stuff about me, without unfriending them.” Keep in mind, though, the reality of the internet: nothing is private. There’s nothing to stop the one person who is blocked from going over to a mutual friends’ house and still seeing what was previously blocked from them. If you find yourself posting something that would be devastating for them to see, you probably shouldn’t post it online. If you think you have mutual friends or connections to any of the blocked person’s friends/family members, then you should either block them all, unfriend them, or just not post the material online.

In my case, I have blocked my coworkers and non-friends from easily seeing my updates on Facebook, but those same updates are available elsewhere online. The reason the coworkers are blocked is less about the content and more about the frequency and that I don’t sit on Facebook all day, but rather I syndicate my updates from Twitter. If they found the updates, it wouldn’t be that big a deal for them to read; it’s more of an image thing.

If you’re posting things online that could hurt your image (photos with red SOLO cups, alcoholic beverages, profanity, obscene language, bitching & moaning about individuals), and want to hide that, you probably shouldn’t post it online, due to the content. But if you’re posting photos of your family or things, and are trying to block people to avoid harassment, that is an acceptable use.

The next post I’ll cover how to tell if some Facebook application or link or post is a scam or phishing attack, what those phrases mean, and how to protect yourself.

Technorati Tags: cyber bullying, cyber harassment, cyber-stalking, facebook, facebook friend list privacy, facebook friend lists, facebook lists, facebook privacy, facebook privacy settings, facebook security, facebook security settings, friend list privacy, friends lists, online bullying, online privacy, online security

Configuring Facebook Application Security

One of the lures of Facebook that attracted people away from MySpace (aside from the lack of smiley ads and whoring out of everyone who ever picked up a musical instrument) is the applications. Whether you realize it or not, applications first appeared on Facebook around 2006, but didn’t take off until 2007. And if you didn’t realize it has been that long, then chances are you don’t realize you may have residual applications still sucking down your personal information. You may also be unaware that the application you just installed to “see how many people viewed your Facebook profile” or “see what my first status update was” or any of the “OMG you have to click this link to see [insert something outrageous]” were actually scams. Now it’s time to clean up all that crap you’ve installed on your Facebook profile.

Privacy Settings > Application Security Settings

Open up your Privacy Settings (as in the image above) and then locate the “Edit your settings” link in the Apps and Websites area…

Once you’re inside of the Applications Settings area, you should see something like the image below, which lists all the different application settings available to configure. We’ll start with the Red box, “Apps you use” > Edit Settings button…

Facebook Privacy > Apps and Websites > Apps you use

Click on the Edit Settings button for the “Apps you use” section (the red box in the image above) and you should see a list of all the apps you’ve ever given access to your information in the past, and haven’t yet removed. It should look something like this…

If you want to see what information each individual application has access to, you can click the Edit Settings link for that application, and take a look. The Ping.FM app looks like this…

There are a couple rules of thumb you could use to figure out which applications to remove, and which ones to keep.

1. Do I actively use this application, on a more-than-monthly basis? Basically, if you don’t constantly need this application in order for your Facebook experience to stay in tact (i.e. pulling your twitter updates, posting your RSS feed from your blog as notes, updating via Ping.FM, etc) then you probably don’t need to keep it installed. This will probably get rid of the majority of your applications that are just sitting there sucking up your personal information.
2. Did this application complete its purpose? Was the app used to collect your status updates for the year, find out your Aura’s Color, or some other thing that you had to install it once, and got one result, and never touched it again? If so, you don’t need this application to linger around – it has served its purpose.
3. Did this application fail to complete its purpose? Was the app originally for something like adding a Dislike button, or showing your profile views, or finding your biggest Facebook stalkers…but never actually gave you accurate information or came through with its end of the deal? Then the app was a phony, and was created for the sole purpose of collecting information about you, and you should have deleted it the day you installed it and it failed.
4. Do you remember even installing this application? If you don’t even remember installing it, remove it. Don’t convince yourself of the fallacy “I don’t know what it is, so I better keep it in case I need it.” This isn’t like Computer Software – if you end up needing the app sometime in the future, then the app will make you reinstall it again.

To remove the applications:

• Just click the little X icon for each one.
• It will ask you if you really want to remove the app, and then click Remove.
• It will take a few seconds, and then come back with a confirmation. Click Okay.
• Then move on to the next one.

Once you’ve paired down all the applications to just the ones you want/need to keep, we can move on to the next Apps and Websites Setting, “Info accessible through your friends“.

Facebook Privacy > Apps and Websites > Info accessible through your friends

If you recall, in the Ping.FM application image above, there is a section called “Access my friends’ information“. This Settings page is where you limit the information that your friends’ applications can access about you. When you click Edit Settings for the “Info accessible through your friends” you will get a window full of check boxes where you can uncheck anything you don’t want your friends’ applications to be able to get. Personally, I only want them to know about my website – the more traffic it gets, the more people I can help with information like this. Here’s what I have set mine to…

In the early days of Facebook applications, some clever developers would take your friends profile photos, and then use some code to display their photo and claim they were using the app also, or that they scored X points on this game, or other false information to get you to continue using their application. Personally, I don’t want any of my information to be available to anyone other than my human friends, and only outside of applications.

Facebook Privacy > Apps and Websites > Game and App Activity

There really isn’t much to this section. Just set it to Friends Only to limit all your game playing and other activity (Youtube Favoriting, etc) to just your friends.

Facebook Privacy > Apps and Websites > Instant Personalization

This setting is directed at a particular set of websites. At the moment, according to Facebook’s Instant Personalization page, those websites include:

WARNING: Once you visit one of these websites, they will AUTOMATICALLY show up in your “Apps You Use” section.  You will have to go remove them if you do not want them to continue to have access to your information.

• Bing
• TripAdvisor
• Clicker
• Rotten Tomatoes
• Docs
• Pandora
• Yelp
• Scribd

The purpose of this feature is to display the public activity of your friends, with respect to the particular website you’re visiting from the list. For example, if you visit Rotten Tomatoes, any of your friends’ public activity relating to the Rotten Tomatoes website will be displayed in the designated section. In order for this to happen, the website must automatically install their application as soon as you visit the site, assuming you’re enabled “Instant Personalization“. Conversely, if you have this feature enabled, any of your public activity on this website will be visible to your friends when they visit the site as well. According to the description on the Instant Personalization page, this is limited to only the information you have set to be visible to “Everyone“.

If you followed the instructions in the previous “Privacy’s a Joke” post, “Configuring your Facebook Profile Privacy Settings” then there is a pretty good chance that you do not have anything set to “Everyone“. As this is an exercise in privacy, we’re going to disable this feature.

1. Click the “Edit Settings” button for Instant Personalization
2. Close the popup video window.
3. At the bottom of the page, uncheck the “Enable instant personalization on partner websites” checkbox.
4. Click the Confirm button in the popup window
5. Then click the Back to Apps button in the top left to go back.

Facebook Privacy > Apps and Websites > Public Search

The last setting to modify is the Public Search. If you followed the ”Configuring your Facebook Profile Privacy Settings” post, and didn’t leave anything set to “Everyone” then you’re set.

This feature tells search engines whether or not to show a preview of your profile in their search results. When you click the Edit Settings button, there is a See Preview link to see a preview of your information if the feature was enabled.

Generally, if you’re concerned about keeping your personal information private, then ensure that the checkbox is cleared for Enable Public Search and you’re all set.

Part 2 Conclusion

Hopefully you’ve gone through all the various sections described here, and prevented your personal information from leaking out behind the scenes and without your knowledge. Now that you’ve locked up your information from prying eyes on the outside, and from prying eyes behind the scenes, the next post will show you how to lock it up from prying eyes on the INSIDE.

Not everyone on your friends list is the friend you think they are. Do you really keep 200, 300, 500, 1000 different people at the forefront of your thoughts every day? Probably not. There’s a good chance that some people are just lurking around benignly watching what you’re doing. Other people you may have to work with every day, but can’t post updates on the internet because they’ll read it and you might offend them. Still others may comment on your photos, or updates, or notes and say stupid stuff all the time, and you just wish they couldn’t even see them in the first place. Grouping up these sets of people, and using these groups for more granular control of your information is what I’ll cover in the next post: Friends Lists.

Technorati Tags: cyber safety, facebook, facebook applicaiton privacy, facebook application privacy settings, facebook application security, facebook application security settings, facebook privacy, facebook privacy settings, facebook safety, facebook security, facebook security settings, online privacy, online saftey, online security, privacy, security

I found this was the case when I left ETBU and joined UT, and then had to wait for ETBU to be added to the Facebook list of schools…and then wait for someone I knew at ETBU to join Facebook, and then add based on their friends list, and that person’s friends’ friends list. One individual opened up my network from just a hand full of people, to several hundred, because I was able to view that person’s friend list and branch out from there. And that was back when privacy was at the forefront of the design of Facebook.

That is no longer the case today. Now, you have to take an active role in how you protect your information from people you don’t know, or who aren’t directly linked to you. This blog post will describe the steps I have taken to lock up my Facebook account so that my real information is not visible to anyone I don’t know in real life. So let’s get started…

Privacy Settings: Everyone

Before applying any settings, the default display of information is something like this…

Privacy Settings: Everyone

This is what your profile would look like if someone came upon your facebook.com/username or facebook.com/profile.php?id=###### page. Just take a look at the information it shows…all of your Likes, a listing of some friends, and the ability to contact you. And that’s just without logging in.

And if you take the time to log in, you’ll be able to see everything in this picture below, plus the likes/activities/interests, contact information, and personal biography.

Privacy Settings: Everyone

In addition to all this, they can also see your Wall, Photos, Friends List, and follow any links you’ve provided on your profile to your other personal sites.

So let’s start changing some things.

Privacy Settings Configuration

There are several different layers to the Facebook Privacy Settings: Connecting, Sharing, Applications & Websites, and Block Lists. We’ll go from the top-down on the Privacy Settings page. Log into Facebook, go to Account in the top-right corner of the page, and choose Privacy Settings. Once, you’re there, you’ll be presented with a list of privacy categories. We’re going to start with Connecting on Facebook. Click the View Settings link for this category.

Privacy Settings > Connecting on Facebook

Facebook’s page will tell you the following:

Your name, profile picture, gender, networks and username are available to everyone because this info is essential to helping you connect with your friends and family.

• Name and profile picture help friends recognize you.
• Gender helps us describe you (for example, “Add her as a friend”).
• Networks are open to everyone so network members can see who they will be sharing information with before they choose “Friends and Networks” for any privacy settings.

Other information in this section, including hometown, activities and experiences, is open to everyone by default to help you connect with friends and get the most out of your Facebook experience.

And it is entirely true that this information is essential in helping you connect to people you know, it also connects you to people you don’t. We don’t need to have all this stuff available for the world to see. In fact, there is nothing that I want all the world to see. Unless I were a public figure, the furthest extent to which my information should be available is “Friends of Friends.” The image below is a screenshot of my settings that I find suitable for remaining private, and requiring that anyone who wants to add me or see certain information to aid in their decision to add me, must be a friend of one of my friends first.

Of course, you can restrict this even further to use the closest form of relationship available for each one (most have a “Friends Only” setting, with the exception of Send You A Friend Request). You can now take a look at how your profile will look to someone who is a.) logged into Facebook and b.) not currently your friend or a friend of a friend by clicking on the Preview My Profile link in the top-right of the settings page. If you want to see how it looks to someone specific on your friends list, type their name into the box on the Profile Preview page.

As you can see, my profile now looks much different from my profile above, using these exact settings.

As cleaned up as this looks, it’s still not where we want, since people can still see the Basic Information, Contact Information, and Birthday. And as I described in my previous post about how to find yourself online, all it takes to find you is your name and birthday. So let’s move on to the second set of privacy settings…

Privacy Settings > Sharing on Facebook

When you first visit the Privacy Settings page, these are the settings you’re immediately confronted with (most likely because they don’t deal with how your public information is displayed as effectively as the “Connecting” settings do). You’ll immediately notice that there are a bunch of dots on the chart, and some big bold words to the left of it all: Everything, Friends of Friends, Friends Only, and Recommended. Forget about the “Recommended” settings.

Sharing on Facebook: Everyone

Take a look at the list of all the features that have a dot. If you use the “Everyone” setting, your profile will have the same visible fields as mine does in the image above. People you know, people you might know, and people you don’t know at all will be able to see everything that is in one of the sections on my example profile. So really, we’re left with 2 settings at this point, and it’s all going to depend on what you want made available.

• Friends of Friends: This setting will make available all of your actual personal info: status updates, photos, bio, family, relationships – but only to the people who are friends of your friends.
  • Let’s say, for example, you chose this setting, and have mutual friends with your boyfriend/girlfriend/wife/husband. Some months later, you two break up/divorce, unfriend each other, and move on. If you still have this setting chosen, your ex will be able to continue seeing everything you’re doing on Facebook.
• Friends Only: This setting restricts all your activity to be visible only to your friends. Those who are “Friends of Friends” will not be able to see anything you’re doing.

Note: There are some more granular settings for these settings, and others, that I will describe in a post later this week.

For my settings, I have decided to go with “Friends Only.” I have also unchecked the box to “Share a tagged post with the friends of the friend I tagged.”

Sharing on Facebook: Friends Only, Unchecked "share tagged photos"

If you type @friendsname into the status box directly on the site, it will link the person in the post. If I’m out with @somegirl who has a boyfriend she’s unhappy with at the time, I don’t want my status update to show up on his News Feed. (More over, I’m smart enough not to make a post about sensitive situations in the first place).

Now that you have set your Sharing on Facebook settings, go back to the Connecting on Facebook page, and click the Preview Profile button again to see what you get. This is how mine now looks. Looks pretty good. No personal information – only the one profile picture, the Name, and the Facebook URL.

Conclusion of Facebook Profile Privacy Settings

Throughout this week I’m going to release a series of posts about Facebook Privacy Settings that will cover all the rest of the stuff. Now that you’ve got your profile locked up from prying eyes on the outside, the next post will show you how to stop the information leakages to people behind the scenes…via applications.

I’ve been seeing an increase recently in the number of people who are getting suckered into clicking on apps that claim to do things with your Facebook profile that you can’t naturally do inside of Facebook itself. There’s a reason that you can’t do them in Facebook: the functionality is not there to begin with. The claims the apps are making are bogus – and their real intention is to suck out your personal information, and get you to share the application with your friends so they can suck out their personal information as well.

The next post will cover Facebook Application Privacy and Security.

Technorati Tags: facebook, facebook privacy, facebook profile privacy settings, facebook profile security settings, facebook profile settings, facebook security, facebook security settings, online privacy, online security, privacy settings

Source: flickr/tinkerbrad

If you followed the instructions in the previous “Privacy’s a Joke” post, “How to find yourself online” then chances are you found some information on the internet about yourself that you didn’t realize was available to just anyone.

I mentioned at the beginning of the post that a search for my actual name yields only about 6 results. Most of those, I intentionally put my name on them, but then realized later on that the descriptions of myself with my real name involved match those of myself using my alias as well. That makes it easy to attach my alias to my real name, and then use the other little bits of information that I unintentionally put on the internet, for example, my résumé, to get the bigger picture.

• What websites or uploaded files have you thought you should use your real name on?
• Is your profile publicly visible on purpose?
• Did you fill in any boxes that link your favorite social sites or a personal website?

Below are some common sources of personal information leakage that you may want to take a look at to ensure the information that is out there is as detailed/generalized as much as you intended.

Social Networks – Entertainment

Websites like Facebook, Twitter, MySpace, Last.fm, FriendFeed, and others are the ones that are still either mainsteam, or on the peripheral edges of common use. Websites in this category have the most personal information on them, and can be tied in to several other websites as an addon, RSS syndication, widget or other means of sharing your activity with other websites you own or frequently visit. When it comes to these social networking sites that people use to broadcast their minute-to-minute activities, you have to be conscious about where else that information gets propagated on the internet.

• Do you have a Twitter widget on your blog or MySpace page?
• Do you update all your social statuses with Ping.fm?
• Do you know which sites are going to receive which messages?
• Have you connected your MySpace & Facebook & Twitter together?

When you make an update to your choice of social networking sites, you have to remember who else is going to see that update. Any thing that you think is only going to one place, or places that have limited permissions, but ends up visible somewhere else will instantly break the chain of privacy you thought you had. I’ll break down some of the privacy settings of these types of sites in future posts, like next week’s Facebook Privacy Settings post.

Social Networks – Professional

Sometimes, it’s better to go by your real name on a website where you’re in contact with other professionals in your career field. I’m pretty sure the likelihood of being hired under the alias “xXxSpicyCandy87xXx” is very very low – unless you’re trying to get a job as a stripper. Websites like LinkedIn and CareerBuilder.com are business-oriented and it’s best to use real, accurate information. Of course, the amount of information you offer up to the site can vary – but the less information you have about yourself, the harder it is going to be to locate colleagues or convince future employers of your qualifications (should they decide to use those platforms).

With LinkedIn, you can limit what people see about you during a search – which is helpful if you share similarities in your name with other people. By only displaying certain bits of information, you can still show up as a relevant prospect while at the same time not stand out or openly display everything about you for all the world to see. Due to the nature of these types of professional sites, location and other physical details about your past and present are vital – but keep in mind that anything you want a colleague or future employer to see, you are also offering up to the general public. I’ll have more about these types of sites in a later post.

Blogs/Online Journals

Back in the early 2000s, online journal keeping was all the rage. It gave teens and adults a creative outlet with an audience that simple diary-keeping couldn’t offer. Fortunately, or not, most of those blogs are still out there – and there’s a good chance that you haven’t given any of them a re-read once a week or two has passed. Aside from social networks, blogs are the next biggest place you’re likely to leak out all kinds of personal information – even if it’s under the guise of an alias. I have a brief anecdote:

Back in the mid-2000s, I met a girl online, and after several conversations, phone calls, photo exchanges, and issues in our lives, we agreed to become an item. We hadn’t yet met, but it was nice to have someone to think about who was supposedly thinking about you too. We made plans to meet, but before they could be carried out, she got in a car wreck, and went into a coma for 2 months. When she came out, everything that we had talked about was lost. Fortunately, being an internet relationship, it was all documented, and I was able to bring her up to speed on who/what we were.

During the recovery time though, stories of her family and life had started to change. Things weren’t adding up like they used to, and a lot of explanation was necessary to try and make sense of what was going on from her point of view. So I got curious.

Being the industrious person that I am, I started out on Google Blog Search from blogger.com, with only the information that she “had a blog she used to keep a long time ago.” I had what I thought was a reasonable understanding of where she lived (based on gifts we sent to each other), and her name, current online aliases, and other small tidbits of information that one would probably not be able to effectively make up.

It took about 2 weeks of searching different combinations of info, names, location, and stories of her past before I finally located the blog that she had kept – and from there was introduced to a whole different person than the one I thought I was talking to. Everything was explained in categorized posts, in chronological order from when she was just a couple years younger.

Needless to say, when I confronted her with this information, she was not only surprised, but saddened and disappointed she didn’t tell me sooner. It also ended our digital relationship, as she informed me that everything she had said about herself was a fabrication, created to escape her present reality of a sick & dying mother, troubled father, and just generally bad home-life. All of that made more sense than her fabricated life did, once I recalled that our first phone conversation was me intervening & preventing her from cutting herself.

When you post a blog online, it may be the case that no one cares enough to actually read it at the time that you post it – but there will come a time when the right search words are put in, that it gets returned at the top of the results pile, and someone will see it. Also, if you write in a blog, you’ll need to be careful about what you link to. If you have other social sites, personal sites, or favorites, and you provide a link directly to them, that anyone who has seen your blog has also seen every site you’ve linked to.

Applications and Web-based Games

Back in 2007 & 2008 when Facebook’s Platform started to take off, a ton of apps and games came out that you could play right there from inside Facebook. In order to play the games, you had to give the apps permission to access your data. Why? Because it was accessible…so why not?

I’ll attempt to go into some of this in detail in a later post – but it’s really more technical than I wish to cover, at least today. Suffice to say, if/when you decide to play/use an application that wants to access your data, take a look at the things it’s asking to access. If it wants something that you don’t think it should need to have, or you don’t want it to have, then you should not give it permission to get it.

There is a similar situation in phone apps, like the iPhone and Android. The difference is that there is no control over what information gets sent back to the application developer or its third-parties…it just does it.  I will also cover this in a future post as well.

Online Documents & Files

Back in the mid-2000s, in my naivety, I decided to host my own résumé online in PDF format. Not only did it have my name, but also my address, email, phone number, previous employers, references, schools, hobbies, interests, etc. Everything I would have given an employer (or actually uploaded to careerbuilder, at the time) was in that PDF. Little did I know, Google was able to crawl through PDF files, and so was everyone else.

Now, when I do a people-search for my own name, the address that gets returned is my previous address. Since that episode, I have not posted my address online for public consumption in any way. My address is on my Facebook page, but only to the specificity of block, not apartment number or suite or building – plus, it’s only visible to Friends, and I’m selective about who I add as a Friend.

Location Sharing Services

It seems that late in 2009, websites like FourSquare, GoWalla, BrightKite, Loopt, and Whrrl started taking off with the ability to share ones current location. Not long after, Google Latitude, Facebook Places, and Twitter showed up with their own location-based geotagging abilities. Obviously, with this comes the announcement of where you are in the world. But the less obvious is the announcement of where you are not.

If you slipped up and your current address is available on the internet, and someone has tracked back your real name to your alias, and notices that you use a location-sharing social network service, then guess what: you’ve just told everyone you’re not home right now. And then depending on where you’re checking in at, you’ve also given a time-frame for how long you’ll be out. Are you having dinner? At work? Visiting a relative? On vacation? At a sporting event? All of these have a particular number of hours usually associated with them.

In order to prevent…

In order to prevent someone from tracking/stalking you, you have to know what information you’re freely sharing with the world. You have to keep track of all the places that your information is syndicated, what the information implies, what contextual/meta information is available, and who is going to be privy to any of it. If it’s overwhelming to remember all of that, then you have spread your social network too far, and need to start pairing down what you offer up to the world and where.

When people find out what I know how to do on the internet, it always shocks them – but I explain, just as the “It Takes A Thief” series on the Discovery Channel, in order for me to help protect myself and others against the dangers inherit in the world, I have to learn how people can use the information. And you should take an active interest in learning it too. If you can cut off the leaks of personal and private information that are available, you’ve made steps in the right direction to keep yourself safe.

Next week I’ll go through the Facebook Privacy Settings page to get your profile locked up to only the people with whom you want to share.

Technorati Tags: app safety, application safety, blog privacy, blog safety, cyber harassment, cyber safety, cyber-stalking, cyberstalking, facebook app safety, facebook safety, friendfeed safety, geotaggin safety, geotagging, last.fm safety, linkedin safety, location-based sharing safety, myspace safety, online document privacy, online document safety, online privacy, online security, personal information leaks, personal information sharing, present.ly safety, privacy's a joke, protecting privacy, protecting your privacy, social network safety, twitter safety, white hat hacker

Source: swcenter.fortlewis.edu

I’m sure at one point or another, everyone has done the “ego search.” You go to Google, type in your name, and see what comes up about you. From what I’m told, there’s even a fun ranking system based on the number of pages that show up about you.

My real name has about a 6. My online alias is somewhere around 3300. Why?

For reasons simple enough: I started my online life under an alias so that one of my sets of parents (the estranged ones) would not be able to find me, but I could still write and do whatever I wanted with my friends over the internet. Fortunately, this worked out in my favor years later when it came down to internet privacy.

Unfortunately my real name did make it to the internet, and it came down to two reasons, one of which was my fault, the other was an uninformed elementary-school friend I had just found. I will discuss those reasons later on.

Moving on.

If for some reason you haven’t bothered to take a look at just what shows up for your name in a Google search, you should go do that right now. I’ll wait.

No, really…go do it.

What did you find? Were there any recognizable pages that were obviously about you? Did you put them there? Were they compiled by someone else? Was there any information on those pages that allowed for John Q. Stalker to help himself? If so, you probably need to either figure out how to protect the information on that page from prying eyes, or do what you can to take that page down.

What about those of you who didn’t find anything…Why do you think that is? Do you do all your online business via an alias? Even if you don’t go by an alias most of the time, try searching for that alias and others that you use. Then, try searching for that alias and your first name….then add your last name to it. What did you find? You probably found some pages where your “semi-anonymous” alias is linked to your real name. All it takes is one for the privacy to be broken.

I’m sure there are a handful of you reading this thinking “Nope, I didn’t find anything under my name, and I don’t really have an online alias that I use everywhere, and the ones I do have are so common and/or scarcely used that it would be difficult to pinpoint it to my real name.” Bravo to you for making it difficult to be found on the web. But there’s still one more thing…people searches.

Lately, there has been a boom of People Search Engines. Sure, they’ve always been around in one form or another, starting with the White Pages in the phone book, which got online, and then grew from there. But these days, the technology behind them is much more sophisticated. These days, they crawl the internet for publicly available information, and store it up, keeping an associative record of what they found, and who it’s related to.

So, if you think you’re safe from a Google Search, why don’t you give this a try…visit here and here, and just type in your first+last name, nothing else. Then scroll through the page until you find the entry that describes you. There’s about a 95% chance that it’s there. It may not be the most current, but the fact that the information they have is there is pretty unsettling in itself.

Unfortunately, I’m not sure if there is any way to remove the information from those sites – however, there are ways to stop them from getting more information.

This was just a glimpse at what’s out there. With some creative searching, all it takes is two pieces of information to find someone. With those pieces of information, the vault doors are blown off and all kinds of information is available about anyone who hasn’t taken the steps necessary to protect it: birthdays, family members, employers, addresses, home values, home floor plans, photos, license plates, drivers licenses, daily/weekly schedules & routines, favorite hangouts, alerts to the world about where they are (and aren’t), credit info, security questions for credit card applications, etc. Everything you could possibly want is potentially available online, if you know where to look.

Hopefully by the end of this series, you’ll have prevented a majority of this information from making it into the hands of stalkers, identity thieves, and serial cyber-bullies, while still being able to have an online life. Meanwhile, you should probably go check the privacy settings on every site that you update information to, and make sure that it’s either “not public” or “friends only.” If you use location-updating services (Foursquare, Gowalla, Twitter, Facebook, etc) make sure that you never check in at home, of all places, and that your updates are available to only friends, and that you only have ACTUAL friends in your list – not just whomever wants to follow you. I’ll cover each of these types of services in future posts.

The next post will talk about self-inflicted information leaks.

Technorati Tags: finding personal information, how do I find myself online, how to find yourslef online, online bullying, online harassment, online privacy, online safety, online security, people searches, privacy, privacy's a joke, security, what information is available about me online

Source: endlessorigami.blogspot.com

About 10 years ago, having an email address and/or an instant messenger screen name meant you were riding the cutting edge of the internet. A couple of years after that, the hot trend was having a MySpace profile. Today, it’s generally assumed that everyone has at least a Twitter account or a Facebook page.

Over time, and as online services gain more and more capabilities, a couple of things happen:

1. We forget about all the old stuff we signed up for, and that information stays out there.
2. We offer up even more of our personal information simply because the boxes are there for us.
3. We open ourselves up to being tracked online and become subjects of data-mining projects because the boxes are not there to opt-out.

Why is this a problem?

If you don’t know the answer to this question, you probably shouldn’t join any social networking sites.

Nothing done online is 100% anonymous. Not only can the source of the effort to put it online be tracked, but also the person’s online persona (the account and global online identity of the person), as well as the physical place of the person. Once the information exists on the internet, it is available for search in one way or another, then compiled and categorized. The more information that’s out there, the more to gather.

Why is this bad? Simple: cyber-stalkers or cyber-bullies. These acts are cyber-stalking or online harassment.

Cyber-stalking is the use of the Internet or other electronic means to stalk or harass an individual, a group of people, or an organization. It may include false accusations, monitoring, making threats, identity theft, damage to data or equipment, soliciting minors for sex, or gathering information to harass.  ”Harassment” must meet the criterion that a reasonable person, with the same information, would regard it as enough to cause another reasonable person distress.

Source: wikipedia

The rest of this blog series will discuss how to protect your information from this kind of stalking effort, but the rest of this post will tell you what to do if you become a victim of these acts.

1.) Do NOT react. Period.

The very most important thing to remember is that you must not react. Don’t respond, don’t reply, don’t acknowledge the person at all. The people who get involved in this type of activity do it only to get a reaction out of the person, as shown by this SI.com writer when he got angry tweets about one of his columns and contacted the  person. Often times they’ll do it under a fake online alias (whether it’s a fake human’s name, or a fake screen name) so that you can’t tell who it actually is.

As upsetting and stressful as the messages like this will be, this is the most important thing to remember.

2.) It’s not personal, it’s serial.

It is most likely that the person behind the act doesn’t even know you. Instead they have a preset collection of messages and responses and look for people online that have posted something related to the subject they have created responses for.

In my most recent case, I had someone come after me because my fiancée and I went to dinner at Uno’s Pizza. Later I found out he sent the same message to someone who’s girlfriend had a party for him at TGI Fridays. In the real world, we had no connection. Online, we fit the individual’s serial criteria.

3.) Take action on the site.

Chances are, this is all taking place on a public website that you don’t have control over. If you do have control over it, then you are probably aware of how to block the person. If you’re not, contact your web host’s customer service to ask about your options.

Most people who get targeted aren’t their own web host, I’ll focus on them: block the person.

My instance described above happened on YouTube. YouTube can block users from sending you messages, posting on your channel, and making comments on your videos. More extreme measures might also include blocking your Subscriber list, Friends list, or even Channel from public view altogether.

The main thing to remember, no matter what the social site is: make sure you have taken proper measures to prevent this person from contacting you…and don’t urge the person by responding or indicating that you even received a message from them.

4.) If needed, report it to the web service.

If the person continues to find ways around the privacy measures available from the web service, then visit the help pages to find out what their policies are on harassment and other unwanted acts.

For me, it took 3 separate reports, and a nasty message via Twitter to finally get results. Among the other things I did in preparation for the last day, I don’t know if it was the person, or YouTube themselves, but at the end of the day the individual’s account disappeared (after being active for several months with several thousand views to it).

5.) If it continues, report it to the police or FBI.

If the web service is not taking the proper actions, or if the person is threatening your physical safety by disclosing personal information, making physical threats, or other types of harassment, contact the Police. According to the US-CERT webpage on dealing with cyber-bullies the local police department or FBI branch are good places to start when reporting online harassment. If you are unsure where your local FBI office is, here is a directory of all their US locations that you can search by providing your state or zip.

Recap…

The most important things to remember when someone picks you as a target for their online harassment are:

1. Do not react: They feed off the target’s reactions.
2. It’s not personal: Don’t take anything they say personal. It’s just stuff they found online, or made up completely.
3. Block the person: Take any measures necessary to block the person from further contact.
4. Contact the Website: If the person is making extra effort to get around the blocks you’ve put in place, contact the website
5. Contact the Police/FBI: If the threats are becoming more real, or the harassment does not stop, alert the local authorities before it’s too late.

Next up, finding out what information is out there about yourself.

Technorati Tags: bullying, cyber harassment, cyber-bully, cyberstalking, harassing, how to contact police for online harassment, online predators, privacy, report cyber harassment, report cyberbullies, report cyberstalking, report online bullying, report online harassment, security, stalking