Issues for 2012 #3: Who Gets to Define Your Online Identity? - ReadWriteCloud. If I were truly mischief and wanted to game the system, I would have named this article, "Facebook Wants to Be Your One True Login, Part 2. " If you're not familiar with the incident to which I'm referring: One of the most illustrative cases of the incomplete state of the Internet as an information system was in February 2010, when ReadWriteWeb itself happened to publish an article with "Facebook" and "login" in its headline.
It soon found itself at or near the top of Google search results for the phrase "facebook login," with the result being that hundreds of Web users to this day happen upon this page when they're trying to reach Facebook itself. The Web was not designed to require identity or authentication for data to be accessed. Up to now, most consumers have not considered this a problem - at least, not the ones who found themselves staring at ReadWriteWeb when they were expecting Farmville. This will change. Too many protocols, too few sources Pairing identities with profiles. China telecom briefly hijacked U.S. Web traffic: panel. Find your Twitter Followers - Map My Followers. Coder fires Idiocy warning to Twitter users - Security.
Firefox extension reveals Facebook and Twitter logins | Technology. Public wireless networks have always been perceived as generally safe. Surely, the odds of having your private details stolen out of thin air must be slim to none? And surely, the ability to steal those details must be restricted to the most knowledgeable and most evil of techies? Even Google's recent announcement that it accidentally collected complete emails, usernames and passwords using its Street View cars was treated as a one-off accident.
Grabbing private data from unsecured networks isn't something that the average user can do – so the average user isn't concerned. On Sunday, Seattle-based developer Eric Butler may have changed that perception for good by releasing a tool called Firesheep. Password stealing from open networks is nothing new, and the flaws that Firesheep exploits have been known for more than a decade. Firesheep, though, has an easy-to-use interface and, perhaps most importantly, a cute name. Live Webcast: 8 Steps to Protecting PII (Personally Identifiable Information), from Sophos - Webcasts and audiocasts with leading IT vendors -- courtesy of TechRepublic.
Twitter DM Insecurity, SEO Tips, Latest on Google, Yahoo & Bing - Search Week in Review for Oct. 9, 2010 @SEWatch. Your Twitter Direct Messages (DMs) are not private. It's quite easy to use the Twitter API to access your personal information and obtain all the DMs inside your Twitter inbox. When you allow access to log-in to some website or application, you're also agreeing to let the developer who created this log-in access all your direct messages, and opening yourself to potential abuse.
Gary-Adam Shannon explains how this is possible in "Twitter Exploit Warning: How Anyone Can Easily Snatch Your Direct Messages. " Kristine Schachinger also provides more coverage in "Twitter: Take Better Care of Our Private Information! " Here's a roundup of this week's other columns and news stories for the week of Oct. 4 to 8, as reported by Search Engine Watch, as well as search news and tips from around the web. Search Engine Optimization The 10 Step Site Migration Process by Simon Heseltine Don't lose rankings and traffic levels when a website moves or shuts down.
Search Advertising Analytics & ROI Link Building. Google's 600 Gigabyte Privacy Fiasco, by the Numbers. "We screwed up," Google CEO Eric Schmidt said in June. "Let's be very clear about that. " Schmidt was referring to the "rogue data" controversy, a privacy fiasco that has embroiled the company everywhere from Germany to Spain to South Korea. Discovered several months ago after a third-party audit, between 2006 and 2010 Google's Street View vehicles, the cars it used to capture images from the world's major cities, had "accidentally" intercepted loads of personal data over unsecured Wi-Fi networks.
Email addresses, Web sites, and other snippets of Internet activity--possibly even bank account information--were all accessible through these channels, which Google has blamed on a programming error. Just how much did Google screw up? In those four years, Google collected about 600 gigabytes of personal data from users in more than 30 countries--a heck of a lot of data to "inadvertently" collect because of a coding mishap. 62 million... messages in your Gmail inbox 25... hard drives of the Droid X.
Facebook in Online Privacy Breach; Applications Transmitting Identifying Information. On the Web, Children Face Intensive Tracking. Infographic of the Day: How Your Favorite Websites Spy on You | Co.Design. We all know, vaguely, that the websites we visit are tracking us with cookies and whatnot, silently scraping data on how and where we surf. But when you see the facts all laid out for you, it's gobsmacking. The Wall Street Journal just published the results of an investigation they did into tracking habits at the Web's top 50 websites, and summed up the results in this superb infographic.
Basically, the top half shows the Web's top 50 websites; the bottom half shows the tracking companies whose software can be found on those sites. When you click on one, it shows you the myriad linkages between them. Here, for example, are all of the tracking sites used by Dictionary.Reference.com: And here are all of the sites where Google has embedded its own tracking software: You can even click on each company, and look at a detailed profile of exactly what their privacy policies are, concerning user data: Now, you might think that all of the data is pretty anodyne. Still, is that a bad thing? Digital Identity, Privacy, and the Internet's Missing Identity Layer. Last week I gave a presentation at PII 2010 in Seattle where I tried to summarize what I had learned from my recent work on WiFi location services and identity.
During the question period an audience member asked me to return to the slide where I recounted how I had first encountered Apple's new location tracking policy: My questioner was clearly a bit irritated with me, Didn't I realize that the “unique device identifier” was just a GUID – a purely random number? It wasn't a MAC address. It was not personally identifying.
The question really perplexed me, since I had just shown a slide demonstrating how if you go to this well-known web site (for example) and enter a location you find out who lives there (I used myself as an example, and by the way, “whitepages” releases this information even though I have had an unlisted number…). My questioner then asked, “Is your problem that Apple's privacy policy is so clear?