Tag Archives: online privacy

Using Friend Lists for Facebook Privacy

Posted on by
Reply

Facebook Security Logo - Source: allfacebook.comIn my previous post, I walked you through setting up your Facebook application security settings to prevent apps from taking your personal information, using it how ever they wanted, and even impersonating you on Facebook. Properly configured application setting will help prevent leaking your personal information behind the scenes, and properly configured Facebook profile security settings helps prevent it from being leaked to the public at large. But sometimes, there are certain things that certain people should not be allowed to see. Maybe you have some co-workers on your friend list, and you like to complain about work in your status updates; maybe you have a creepy ex and don’t want him/her or any of their friends to see any pictures of your new love interest; maybe you have an estranged family member you don’t wish to talk to any more, but not adding them as a friend would bring nothing but turmoil to family gatherings. There’s a way to segregate out those people and limit which services they have access to. It’s called Friend Lists.

Setting up a Friend Lists

Account > Edit Friends

First thing you need to do is get on the Edit Friends page by clicking on the Account menu in the top-right corner of the Facebook site, and then on Edit Friends.

Once there, on the left-hand side you may notice a list of menu items: Friends, Phonebook, Find Friends, Invite Friends. Right in the middle of that list is where your Friends Lists will appear…like the one for the-spot.net in this image.

When we’re all done setting them up, you could have a list similar to my actual Friends Lists in the image below. I’ve segregated all of my friends into various lists describing where I first met them or my relationship to me. I have avoided putting people in more than 1 list. If they are in more than one list, and you restrict one of those lists, the results of the restrictions could behave unexpectedly.

Creating a Friend List

In the middle of the page, you’ll find a list of all your friends (probably defaulted to “Recently Interacted”). Just above it you’ll find a drop-down menu to filter the friends based on certain criteria (all, by city, recently interacted, and lists). There’s also a dynamic filter search box – as you start typing a name in it, your friends list is automatically reduced to the names that fit what you’ve typed. Above those is the Create List button.

  1. Click the “+ Create a List” button.
  2. Type a name in the Enter a name box.
  3. Start selecting friends. Each one you click will turn blue. You can also type a name in the box to do a quick filter to find a particular friend.
  4. Click Create List.

In my example, I’ve created a list called “Fans of tsn.”

Do this for as many different types of segregation you want amongst your groups of friends. If you’ve forgotten someone while searching through your lengthy friends list, you can hover over them and click the Edit Lists button, and then add them right there (as in the image below). You will also be able to add people to your lists when you’re responding to or requesting Friend Invitations.

Using Friend Lists as Privacy Settings

Once you’re done and you’ve got your lists, let’s put them to work on your privacy. Go to your Account > Privacy Settings page, and then click on the Customize Settings link below the Sharing on Facebook section.

On the Customize Settings page you’re presented with drop-down menus for the features list that we set to Friends Only when we configured your Facebook Profile Privacy Settings, as well as some things that others share related to you, and your contact information.

To make use of your new Lists, click the drop-down menu for the feature, and choose Customize. We’ll do Status Updates and Posts, for example.

This will give you a popup window with two options:

  1. Who, in the world, should this be visible to…
  2. Within that group of people, who should not be able to see it.

You might also see something like the image below, asking you about your Networks as well…

That goes back to the original intention of privacy. We only want our friends, not people who live in the same town, or go to the same school…leave them unchecked.

In the blocking area, you can use the Lists you’ve made, or individual friends from your global friends list…just start typing the name of the list or friend, and choose from the dynamic drop-down.

One example for this type of setup would be “Friends Only” can see my status updates, unless they are also on my CoWorkers List. Another would be “Friends Only”, except for your ex, Blake Smith.

Do this for all the ones you wish to hide from certain people. If you find yourself blocking the same group in every single feature, you might as well unfriend everyone in that group, and if they ask about it, and let the chips fall where they may. Most people won’t bring it back up, or even notice, unless they are constantly checking your profile – which is creepy anyway.

When you’re done, your feature menu will look something like this:

You can also use these lists to edit your Photo Albums’ Privacy as well, by clicking the Edit Album Privacy for existing photos link at the bottom of the page…

Once there, you’ll see a list of all your photo albums, and a similar drop-down menu as the features. Just click on it, choose Customize, and change the visibility settings.

Completed Configuration Example

Below is my entire configuration on my personal account. I have a Work list with all my coworkers on it, and I have blocked them from seeing anything that I post on Facebook as a status update. They have access to things like these blog posts through Facebook Pages I’ve created for my instructional websites. But my personal updates and thoughts are only broadcast to my friends. If the time comes that I change jobs, I’ll swap all of my coworkers out to my DFW (new skool) list and put my new coworkers into the list. If I start having problems with some people not currently blocked, I just create a new list and block them…but that hasn’t happened to me personally.

 

Conclusion of Facebook Friend Lists

Now that you’ve learned how to segment your friend lists into groups, and assign those groups permissions or restrictions, there shouldn’t be a time when you think to yourself “man I wish I could block that person from seeing stuff about me, without unfriending them.” Keep in mind, though, the reality of the internet: nothing is private. There’s nothing to stop the one person who is blocked from going over to a mutual friends’ house and still seeing what was previously blocked from them. If you find yourself posting something that would be devastating for them to see, you probably shouldn’t post it online. If you think you have mutual friends or connections to any of the blocked person’s friends/family members, then you should either block them all, unfriend them, or just not post the material online.

In my case, I have blocked my coworkers and non-friends from easily seeing my updates on Facebook, but those same updates are available elsewhere online. The reason the coworkers are blocked is less about the content and more about the frequency and that I don’t sit on Facebook all day, but rather I syndicate my updates from Twitter. If they found the updates, it wouldn’t be that big a deal for them to read; it’s more of an image thing.

If you’re posting things online that could hurt your image (photos with red SOLO cups, alcoholic beverages, profanity, obscene language, bitching & moaning about individuals), and want to hide that, you probably shouldn’t post it online, due to the content. But if you’re posting photos of your family or things, and are trying to block people to avoid harassment, that is an acceptable use.

The next post I’ll cover how to tell if some Facebook application or link or post is a scam or phishing attack, what those phrases mean, and how to protect yourself.

Technorati Tags: , , , , , , , , , , , , , , ,

Configuring your Facebook Application Security Settings

Posted on by
2

Facebook Security Logo - Source: allfacebook.comAfter you have properly configured your Facebook profile privacy settings, the next hole to plug is one that most people forget about: Facebook Applications. If you’re not careful, you could easily wind up giving away permission to all your personal information on Facebook, or even your username and password itself. We’re going to put a stop to that, right now.

Configuring Facebook Application Security

One of the lures of Facebook that attracted people away from MySpace (aside from the lack of smiley ads and whoring out of everyone who ever picked up a musical instrument) is the applications. Whether you realize it or not, applications first appeared on Facebook around 2006, but didn’t take off until 2007. And if you didn’t realize it has been that long, then chances are you don’t realize you may have residual applications still sucking down your personal information. You may also be unaware that the application you just installed to “see how many people viewed your Facebook profile” or “see what my first status update was” or any of the “OMG you have to click this link to see [insert something outrageous]” were actually scams. Now it’s time to clean up all that crap you’ve installed on your Facebook profile.

Privacy Settings > Application Security Settings

Open up your Privacy Settings (as in the image above) and then locate the “Edit your settings” link in the Apps and Websites area…

Facebook Privacy Settings: Apps and Websites

Once you’re inside of the Applications Settings area, you should see something like the image below, which lists all the different application settings available to configure. We’ll start with the Red box, “Apps you use” > Edit Settings button…

Facebook Privacy: Applications and Websites settings

Facebook Privacy > Apps and Websites > Apps you use

Click on the Edit Settings button for the “Apps you use” section (the red box in the image above) and you should see a list of all the apps you’ve ever given access to your information in the past, and haven’t yet removed. It should look something like this…

If you want to see what information each individual application has access to, you can click the Edit Settings link for that application, and take a look. The Ping.FM app looks like this…

There are a couple rules of thumb you could use to figure out which applications to remove, and which ones to keep.

  1. Do I actively use this application, on a more-than-monthly basis? Basically, if you don’t constantly need this application in order for your Facebook experience to stay in tact (i.e. pulling your twitter updates, posting your RSS feed from your blog as notes, updating via Ping.FM, etc) then you probably don’t need to keep it installed. This will probably get rid of the majority of your applications that are just sitting there sucking up your personal information.
  2. Did this application complete its purpose? Was the app used to collect your status updates for the year, find out your Aura’s Color, or some other thing that you had to install it once, and got one result, and never touched it again? If so, you don’t need this application to linger around – it has served its purpose.
  3. Did this application fail to complete its purpose? Was the app originally for something like adding a Dislike button, or showing your profile views, or finding your biggest Facebook stalkers…but never actually gave you accurate information or came through with its end of the deal? Then the app was a phony, and was created for the sole purpose of collecting information about you, and you should have deleted it the day you installed it and it failed.
  4. Do you remember even installing this application? If you don’t even remember installing it, remove it. Don’t convince yourself of the fallacy “I don’t know what it is, so I better keep it in case I need it.” This isn’t like Computer Software – if you end up needing the app sometime in the future, then the app will make you reinstall it again.

To remove the applications:

  • Just click the little X icon for each one.
  • It will ask you if you really want to remove the app, and then click Remove.
  • It will take a few seconds, and then come back with a confirmation. Click Okay.
  • Then move on to the next one.

Once you’ve paired down all the applications to just the ones you want/need to keep, we can move on to the next Apps and Websites Setting, “Info accessible through your friends“.

Facebook Privacy > Apps and Websites > Info accessible through your friends

If you recall, in the Ping.FM application image above, there is a section called “Access my friends’ information“. This Settings page is where you limit the information that your friends’ applications can access about you. When you click Edit Settings for the “Info accessible through your friends” you will get a window full of check boxes where you can uncheck anything you don’t want your friends’ applications to be able to get. Personally, I only want them to know about my website – the more traffic it gets, the more people I can help with information like this. Here’s what I have set mine to…

In the early days of Facebook applications, some clever developers would take your friends profile photos, and then use some code to display their photo and claim they were using the app also, or that they scored X points on this game, or other false information to get you to continue using their application. Personally, I don’t want any of my information to be available to anyone other than my human friends, and only outside of applications.

Facebook Privacy > Apps and Websites > Game and App Activity

There really isn’t much to this section. Just set it to Friends Only to limit all your game playing and other activity (Youtube Favoriting, etc) to just your friends.

Facebook Privacy > Apps and Websites > Instant Personalization

This setting is directed at a particular set of websites. At the moment, according to Facebook’s Instant Personalization page, those websites include:

WARNING: Once you visit one of these websites, they will AUTOMATICALLY show up in your “Apps You Use” section.  You will have to go remove them if you do not want them to continue to have access to your information.

The purpose of this feature is to display the public activity of your friends, with respect to the particular website you’re visiting from the list. For example, if you visit Rotten Tomatoes, any of your friends’ public activity relating to the Rotten Tomatoes website will be displayed in the designated section. In order for this to happen, the website must automatically install their application as soon as you visit the site, assuming you’re enabled “Instant Personalization“. Conversely, if you have this feature enabled, any of your public activity on this website will be visible to your friends when they visit the site as well. According to the description on the Instant Personalization page, this is limited to only the information you have set to be visible to “Everyone“.

If you followed the instructions in the previous “Privacy’s a Joke” post, “Configuring your Facebook Profile Privacy Settings” then there is a pretty good chance that you do not have anything set to “Everyone“. As this is an exercise in privacy, we’re going to disable this feature.

  1. Click the “Edit Settings” button for Instant Personalization
  2. Close the popup video window.
  3. At the bottom of the page, uncheck the “Enable instant personalization on partner websites” checkbox.
  4. Click the Confirm button in the popup window
  5. Then click the Back to Apps button in the top left to go back.

Facebook Privacy > Apps and Websites > Public Search

The last setting to modify is the Public Search. If you followed the ”Configuring your Facebook Profile Privacy Settings” post, and didn’t leave anything set to “Everyone” then you’re set.

This feature tells search engines whether or not to show a preview of your profile in their search results. When you click the Edit Settings button, there is a See Preview link to see a preview of your information if the feature was enabled.

Generally, if you’re concerned about keeping your personal information private, then ensure that the checkbox is cleared for Enable Public Search and you’re all set.

Part 2 Conclusion

Hopefully you’ve gone through all the various sections described here, and prevented your personal information from leaking out behind the scenes and without your knowledge. Now that you’ve locked up your information from prying eyes on the outside, and from prying eyes behind the scenes, the next post will show you how to lock it up from prying eyes on the INSIDE.

Not everyone on your friends list is the friend you think they are. Do you really keep 200, 300, 500, 1000 different people at the forefront of your thoughts every day? Probably not. There’s a good chance that some people are just lurking around benignly watching what you’re doing. Other people you may have to work with every day, but can’t post updates on the internet because they’ll read it and you might offend them. Still others may comment on your photos, or updates, or notes and say stupid stuff all the time, and you just wish they couldn’t even see them in the first place. Grouping up these sets of people, and using these groups for more granular control of your information is what I’ll cover in the next post: Friends Lists.

Technorati Tags: , , , , , , , , , , , , , , ,

Configuring your Facebook Profile Privacy Settings

Posted on by
2

Facebook Security Logo - Source: allfacebook.comBy design, Facebook was created to let people share information with their friends. In the beginning, you had to have a school email address that was configured for the site, and so did your friends if they wanted to join. If you changed schools, you had to wait for that one to be added. If your friend changed schools, they had to wait. And the only way you could add friends from other schools is if one of the people you knew at that school had joined, so you could be linked together.

I found this was the case when I left ETBU and joined UT, and then had to wait for ETBU to be added to the Facebook list of schools…and then wait for someone I knew at ETBU to join Facebook, and then add based on their friends list, and that person’s friends’ friends list. One individual opened up my network from just a hand full of people, to several hundred, because I was able to view that person’s friend list and branch out from there. And that was back when privacy was at the forefront of the design of Facebook.

That is no longer the case today. Now, you have to take an active role in how you protect your information from people you don’t know, or who aren’t directly linked to you. This blog post will describe the steps I have taken to lock up my Facebook account so that my real information is not visible to anyone I don’t know in real life. So let’s get started…

Privacy Settings: Everyone

Before applying any settings, the default display of information is something like this…

Privacy Settings: Everyone

This is what your profile would look like if someone came upon your facebook.com/username or facebook.com/profile.php?id=###### page. Just take a look at the information it shows…all of your Likes, a listing of some friends, and the ability to contact you. And that’s just without logging in.

And if you take the time to log in, you’ll be able to see everything in this picture below, plus the likes/activities/interests, contact information, and personal biography.

Privacy Settings: Everyone

In addition to all this, they can also see your Wall, Photos, Friends List, and follow any links you’ve provided on your profile to your other personal sites.

So let’s start changing some things.

Privacy Settings Configuration

There are several different layers to the Facebook Privacy Settings: Connecting, Sharing, Applications & Websites, and Block Lists. We’ll go from the top-down on the Privacy Settings page. Log into Facebook, go to Account in the top-right corner of the page, and choose Privacy Settings. Once, you’re there, you’ll be presented with a list of privacy categories. We’re going to start with Connecting on Facebook. Click the View Settings link for this category.

Privacy Settings > Connecting on Facebook

Facebook’s page will tell you the following:

Your name, profile picture, gender, networks and username are available to everyone because this info is essential to helping you connect with your friends and family.

  • Name and profile picture help friends recognize you.
  • Gender helps us describe you (for example, “Add her as a friend”).
  • Networks are open to everyone so network members can see who they will be sharing information with before they choose “Friends and Networks” for any privacy settings.

Other information in this section, including hometown, activities and experiences, is open to everyone by default to help you connect with friends and get the most out of your Facebook experience.

And it is entirely true that this information is essential in helping you connect to people you know, it also connects you to people you don’t. We don’t need to have all this stuff available for the world to see. In fact, there is nothing that I want all the world to see. Unless I were a public figure, the furthest extent to which my information should be available is “Friends of Friends.” The image below is a screenshot of my settings that I find suitable for remaining private, and requiring that anyone who wants to add me or see certain information to aid in their decision to add me, must be a friend of one of my friends first.

Of course, you can restrict this even further to use the closest form of relationship available for each one (most have a “Friends Only” setting, with the exception of Send You A Friend Request). You can now take a look at how your profile will look to someone who is a.) logged into Facebook and b.) not currently your friend or a friend of a friend by clicking on the Preview My Profile link in the top-right of the settings page. If you want to see how it looks to someone specific on your friends list, type their name into the box on the Profile Preview page.

As you can see, my profile now looks much different from my profile above, using these exact settings.

As cleaned up as this looks, it’s still not where we want, since people can still see the Basic Information, Contact Information, and Birthday. And as I described in my previous post about how to find yourself online, all it takes to find you is your name and birthday. So let’s move on to the second set of privacy settings…

Privacy Settings > Sharing on Facebook

When you first visit the Privacy Settings page, these are the settings you’re immediately confronted with (most likely because they don’t deal with how your public information is displayed as effectively as the “Connecting” settings do). You’ll immediately notice that there are a bunch of dots on the chart, and some big bold words to the left of it all: Everything, Friends of Friends, Friends Only, and Recommended. Forget about the “Recommended” settings.

Sharing on Facebook: Everyone

Take a look at the list of all the features that have a dot. If you use the “Everyone” setting, your profile will have the same visible fields as mine does in the image above. People you know, people you might know, and people you don’t know at all will be able to see everything that is in one of the sections on my example profile. So really, we’re left with 2 settings at this point, and it’s all going to depend on what you want made available.

  • Friends of Friends: This setting will make available all of your actual personal info: status updates, photos, bio, family, relationships – but only to the people who are friends of your friends.
    • Let’s say, for example, you chose this setting, and have mutual friends with your boyfriend/girlfriend/wife/husband. Some months later, you two break up/divorce, unfriend each other, and move on. If you still have this setting chosen, your ex will be able to continue seeing everything you’re doing on Facebook.
  • Friends Only: This setting restricts all your activity to be visible only to your friends. Those who are “Friends of Friends” will not be able to see anything you’re doing.

Note: There are some more granular settings for these settings, and others, that I will describe in a post later this week.

For my settings, I have decided to go with “Friends Only.” I have also unchecked the box to “Share a tagged post with the friends of the friend I tagged.”

Sharing on Facebook: Friends Only, Unchecked "share tagged photos"

If you type @friendsname into the status box directly on the site, it will link the person in the post. If I’m out with @somegirl who has a boyfriend she’s unhappy with at the time, I don’t want my status update to show up on his News Feed. (More over, I’m smart enough not to make a post about sensitive situations in the first place).

Now that you have set your Sharing on Facebook settings, go back to the Connecting on Facebook page, and click the Preview Profile button again to see what you get. This is how mine now looks. Looks pretty good. No personal information – only the one profile picture, the Name, and the Facebook URL.

Conclusion of Facebook Profile Privacy Settings

Throughout this week I’m going to release a series of posts about Facebook Privacy Settings that will cover all the rest of the stuff. Now that you’ve got your profile locked up from prying eyes on the outside, the next post will show you how to stop the information leakages to people behind the scenes…via applications.

I’ve been seeing an increase recently in the number of people who are getting suckered into clicking on apps that claim to do things with your Facebook profile that you can’t naturally do inside of Facebook itself. There’s a reason that you can’t do them in Facebook: the functionality is not there to begin with. The claims the apps are making are bogus – and their real intention is to suck out your personal information, and get you to share the application with your friends so they can suck out their personal information as well.

The next post will cover Facebook Application Privacy and Security.

Technorati Tags: , , , , , , , , ,

How to plug your personal information leaks

Posted on by
2

Source: flickr/tinkerbrad

If you followed the instructions in the previous “Privacy’s a Joke” post, “How to find yourself online” then chances are you found some information on the internet about yourself that you didn’t realize was available to just anyone.

I mentioned at the beginning of the post that a search for my actual name yields only about 6 results. Most of those, I intentionally put my name on them, but then realized later on that the descriptions of myself with my real name involved match those of myself using my alias as well. That makes it easy to attach my alias to my real name, and then use the other little bits of information that I unintentionally put on the internet, for example, my résumé, to get the bigger picture.

  • What websites or uploaded files have you thought you should use your real name on?
  • Is your profile publicly visible on purpose?
  • Did you fill in any boxes that link your favorite social sites or a personal website?

Below are some common sources of personal information leakage that you may want to take a look at to ensure the information that is out there is as detailed/generalized as much as you intended.

Social Networks – Entertainment

Websites like Facebook, Twitter, MySpace, Last.fm, FriendFeed, and others are the ones that are still either mainsteam, or on the peripheral edges of common use. Websites in this category have the most personal information on them, and can be tied in to several other websites as an addon, RSS syndication, widget or other means of sharing your activity with other websites you own or frequently visit. When it comes to these social networking sites that people use to broadcast their minute-to-minute activities, you have to be conscious about where else that information gets propagated on the internet.

  • Do you have a Twitter widget on your blog or MySpace page?
  • Do you update all your social statuses with Ping.fm?
  • Do you know which sites are going to receive which messages?
  • Have you connected your MySpace & Facebook & Twitter together?

When you make an update to your choice of social networking sites, you have to remember who else is going to see that update. Any thing that you think is only going to one place, or places that have limited permissions, but ends up visible somewhere else will instantly break the chain of privacy you thought you had. I’ll break down some of the privacy settings of these types of sites in future posts, like next week’s Facebook Privacy Settings post.

Social Networks – Professional

Sometimes, it’s better to go by your real name on a website where you’re in contact with other professionals in your career field. I’m pretty sure the likelihood of being hired under the alias “xXxSpicyCandy87xXx” is very very low – unless you’re trying to get a job as a stripper. Websites like LinkedIn and CareerBuilder.com are business-oriented and it’s best to use real, accurate information. Of course, the amount of information you offer up to the site can vary – but the less information you have about yourself, the harder it is going to be to locate colleagues or convince future employers of your qualifications (should they decide to use those platforms).

With LinkedIn, you can limit what people see about you during a search – which is helpful if you share similarities in your name with other people. By only displaying certain bits of information, you can still show up as a relevant prospect while at the same time not stand out or openly display everything about you for all the world to see. Due to the nature of these types of professional sites, location and other physical details about your past and present are vital – but keep in mind that anything you want a colleague or future employer to see, you are also offering up to the general public. I’ll have more about these types of sites in a later post.

Blogs/Online Journals

Back in the early 2000s, online journal keeping was all the rage. It gave teens and adults a creative outlet with an audience that simple diary-keeping couldn’t offer. Fortunately, or not, most of those blogs are still out there – and there’s a good chance that you haven’t given any of them a re-read once a week or two has passed. Aside from social networks, blogs are the next biggest place you’re likely to leak out all kinds of personal information – even if it’s under the guise of an alias. I have a brief anecdote:

Back in the mid-2000s, I met a girl online, and after several conversations, phone calls, photo exchanges, and issues in our lives, we agreed to become an item. We hadn’t yet met, but it was nice to have someone to think about who was supposedly thinking about you too. We made plans to meet, but before they could be carried out, she got in a car wreck, and went into a coma for 2 months. When she came out, everything that we had talked about was lost. Fortunately, being an internet relationship, it was all documented, and I was able to bring her up to speed on who/what we were.

During the recovery time though, stories of her family and life had started to change. Things weren’t adding up like they used to, and a lot of explanation was necessary to try and make sense of what was going on from her point of view. So I got curious.

Being the industrious person that I am, I started out on Google Blog Search from blogger.com, with only the information that she “had a blog she used to keep a long time ago.” I had what I thought was a reasonable understanding of where she lived (based on gifts we sent to each other), and her name, current online aliases, and other small tidbits of information that one would probably not be able to effectively make up.

It took about 2 weeks of searching different combinations of info, names, location, and stories of her past before I finally located the blog that she had kept – and from there was introduced to a whole different person than the one I thought I was talking to. Everything was explained in categorized posts, in chronological order from when she was just a couple years younger.

Needless to say, when I confronted her with this information, she was not only surprised, but saddened and disappointed she didn’t tell me sooner. It also ended our digital relationship, as she informed me that everything she had said about herself was a fabrication, created to escape her present reality of a sick & dying mother, troubled father, and just generally bad home-life. All of that made more sense than her fabricated life did, once I recalled that our first phone conversation was me intervening & preventing her from cutting herself.

When you post a blog online, it may be the case that no one cares enough to actually read it at the time that you post it – but there will come a time when the right search words are put in, that it gets returned at the top of the results pile, and someone will see it. Also, if you write in a blog, you’ll need to be careful about what you link to. If you have other social sites, personal sites, or favorites, and you provide a link directly to them, that anyone who has seen your blog has also seen every site you’ve linked to.

Applications and Web-based Games

Back in 2007 & 2008 when Facebook’s Platform started to take off, a ton of apps and games came out that you could play right there from inside Facebook. In order to play the games, you had to give the apps permission to access your data. Why? Because it was accessible…so why not?

I’ll attempt to go into some of this in detail in a later post – but it’s really more technical than I wish to cover, at least today. Suffice to say, if/when you decide to play/use an application that wants to access your data, take a look at the things it’s asking to access. If it wants something that you don’t think it should need to have, or you don’t want it to have, then you should not give it permission to get it.

There is a similar situation in phone apps, like the iPhone and Android. The difference is that there is no control over what information gets sent back to the application developer or its third-parties…it just does it.  I will also cover this in a future post as well.

Online Documents & Files

Back in the mid-2000s, in my naivety, I decided to host my own résumé online in PDF format. Not only did it have my name, but also my address, email, phone number, previous employers, references, schools, hobbies, interests, etc. Everything I would have given an employer (or actually uploaded to careerbuilder, at the time) was in that PDF. Little did I know, Google was able to crawl through PDF files, and so was everyone else.

Now, when I do a people-search for my own name, the address that gets returned is my previous address. Since that episode, I have not posted my address online for public consumption in any way. My address is on my Facebook page, but only to the specificity of block, not apartment number or suite or building – plus, it’s only visible to Friends, and I’m selective about who I add as a Friend.

Location Sharing Services

It seems that late in 2009, websites like FourSquare, GoWalla, BrightKite, Loopt, and Whrrl started taking off with the ability to share ones current location. Not long after, Google Latitude, Facebook Places, and Twitter showed up with their own location-based geotagging abilities. Obviously, with this comes the announcement of where you are in the world. But the less obvious is the announcement of where you are not.

If you slipped up and your current address is available on the internet, and someone has tracked back your real name to your alias, and notices that you use a location-sharing social network service, then guess what: you’ve just told everyone you’re not home right now. And then depending on where you’re checking in at, you’ve also given a time-frame for how long you’ll be out. Are you having dinner? At work? Visiting a relative? On vacation? At a sporting event? All of these have a particular number of hours usually associated with them.

In order to prevent…

In order to prevent someone from tracking/stalking you, you have to know what information you’re freely sharing with the world. You have to keep track of all the places that your information is syndicated, what the information implies, what contextual/meta information is available, and who is going to be privy to any of it. If it’s overwhelming to remember all of that, then you have spread your social network too far, and need to start pairing down what you offer up to the world and where.

When people find out what I know how to do on the internet, it always shocks them – but I explain, just as the “It Takes A Thief” series on the Discovery Channel, in order for me to help protect myself and others against the dangers inherit in the world, I have to learn how people can use the information. And you should take an active interest in learning it too. If you can cut off the leaks of personal and private information that are available, you’ve made steps in the right direction to keep yourself safe.

Next week I’ll go through the Facebook Privacy Settings page to get your profile locked up to only the people with whom you want to share.

Technorati Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

How to find yourself online

Posted on by
5

Source: swcenter.fortlewis.edu

I’m sure at one point or another, everyone has done the “ego search.” You go to Google, type in your name, and see what comes up about you. From what I’m told, there’s even a fun ranking system based on the number of pages that show up about you.

My real name has about a 6. My online alias is somewhere around 3300. Why?

For reasons simple enough: I started my online life under an alias so that one of my sets of parents (the estranged ones) would not be able to find me, but I could still write and do whatever I wanted with my friends over the internet. Fortunately, this worked out in my favor years later when it came down to internet privacy.

Unfortunately my real name did make it to the internet, and it came down to two reasons, one of which was my fault, the other was an uninformed elementary-school friend I had just found. I will discuss those reasons later on.

Moving on.

If for some reason you haven’t bothered to take a look at just what shows up for your name in a Google search, you should go do that right now. I’ll wait.

No, really…go do it.

What did you find? Were there any recognizable pages that were obviously about you? Did you put them there? Were they compiled by someone else? Was there any information on those pages that allowed for John Q. Stalker to help himself? If so, you probably need to either figure out how to protect the information on that page from prying eyes, or do what you can to take that page down.

What about those of you who didn’t find anything…Why do you think that is? Do you do all your online business via an alias? Even if you don’t go by an alias most of the time, try searching for that alias and others that you use. Then, try searching for that alias and your first name….then add your last name to it. What did you find? You probably found some pages where your “semi-anonymous” alias is linked to your real name. All it takes is one for the privacy to be broken.

I’m sure there are a handful of you reading this thinking “Nope, I didn’t find anything under my name, and I don’t really have an online alias that I use everywhere, and the ones I do have are so common and/or scarcely used that it would be difficult to pinpoint it to my real name.” Bravo to you for making it difficult to be found on the web. But there’s still one more thing…people searches.

Lately, there has been a boom of People Search Engines. Sure, they’ve always been around in one form or another, starting with the White Pages in the phone book, which got online, and then grew from there. But these days, the technology behind them is much more sophisticated. These days, they crawl the internet for publicly available information, and store it up, keeping an associative record of what they found, and who it’s related to.

So, if you think you’re safe from a Google Search, why don’t you give this a try…visit here and here, and just type in your first+last name, nothing else. Then scroll through the page until you find the entry that describes you. There’s about a 95% chance that it’s there. It may not be the most current, but the fact that the information they have is there is pretty unsettling in itself.

Unfortunately, I’m not sure if there is any way to remove the information from those sites – however, there are ways to stop them from getting more information.

This was just a glimpse at what’s out there. With some creative searching, all it takes is two pieces of information to find someone. With those pieces of information, the vault doors are blown off and all kinds of information is available about anyone who hasn’t taken the steps necessary to protect it: birthdays, family members, employers, addresses, home values, home floor plans, photos, license plates, drivers licenses, daily/weekly schedules & routines, favorite hangouts, alerts to the world about where they are (and aren’t), credit info, security questions for credit card applications, etc. Everything you could possibly want is potentially available online, if you know where to look.

Hopefully by the end of this series, you’ll have prevented a majority of this information from making it into the hands of stalkers, identity thieves, and serial cyber-bullies, while still being able to have an online life. Meanwhile, you should probably go check the privacy settings on every site that you update information to, and make sure that it’s either “not public” or “friends only.” If you use location-updating services (Foursquare, Gowalla, Twitter, Facebook, etc) make sure that you never check in at home, of all places, and that your updates are available to only friends, and that you only have ACTUAL friends in your list – not just whomever wants to follow you. I’ll cover each of these types of services in future posts.

The next post will talk about self-inflicted information leaks.

Technorati Tags: , , , , , , , , , , , ,