Online Privacy

Is it futile to un-Google?

For regular folks, like me that want to make stuff and get work done, it is not an easy feat to do so with 100% privacy. To keep private you should spend a lot of time and work on it to setup and maintain the complicated systems. You have to change burner phones all the time and live like Harold from Person of Interest.

From Is it futile to un-Google? - Tasos Sangiotis

Data is not an asset, it’s a liability

Here’s a hard truth: regardless of the boilerplate in your privacy policy, none of your users have given informed consent to being tracked. Every tracker and beacon script on your web site increases the privacy cost they pay for transacting with you, chipping away at the trust in the relationship.

From Richie | Data is not an asset, it’s a liability

How To Secure Your Library's Social Media Presence

The ALA lost control of its Facebook page over the weekend so this seems like a pretty good time to review IT Security! Any size small or midsized organization is difficult, if not impossible to secure. It's very easy to overlook things and leave ourselves vulnerable to things like this.

Who/Why: That person that did it, it's probably their job. They're most likely professionals, either they get paid by others, or this is the life they've carved out for themselves. If you're lucky enough to have a considerable numbers of followers/friends, you'll be a target eventually. Chances are good it's not personal, it's just business. These people are probably just trying to make money. It may also be you're just a small step in a much larger campaign.

How: Mostly likely one of three ways. One of the people with the login credentials gave it away. Either they had their email account compromised, or maybe one of their devices was hacked. It could be someone used an infected public network and gave it away without knowing it. It could be someone was “spear fished” and replied to an email that looked like it came from someone else. Maybe someone lost a password in another compromise and that same password was reused.

Review Your Settings: Take a look at all the security and privacy settings. Now. And again every few months. Facebook has an especially wide range of settings you can change. Those controls are all there for you to limit risk, control who can see what on your profiles, and make things better for you. There are settings in there to help you recover from a comprimied account as well.

Passwords: Make them LONG, at least 20 characters. Make sure you know who has access and how they are storing those passwords. Every single accounts needs a long, strong, unique, rare password. Better yet, a different email account for every account as well. Change that password monthly. Checkout all the different password managers out there, I use LastPass, but there are many more.

Be suspicious: Funny looking emails or links in social media are DANGEROUS. If you're not 100% sure of the source, either ask or just hit delete.

Stay in control: Know who in the library has access to what. Your library needs to have control over who is posting what. The more people that have logins, the less secure things become. Try HootSuite or other managers and you can give access without giving away the credentials.

Who and what else has access: Check those 3rd party apps that have been authorized and make sure you know what they can do and why. Get rid of everything you don't need.

Know what to do if your account is compromised: Both Twitter (https://support.twitter.com/articles/31796) And Facebook (https://www.facebook.com/hacked) have pages devoted to this.

Welcome to the Speakularity, Where Everything You Say Is Transcribed and Searchable

We are going to start recording and automatically transcribing most of what we say. Instead of evaporating into memory, words spoken aloud will calcify as text, into a Record that will be referenced, searched, and mined. It will happen by our standard combination of willing and allowing. It will happen because it can. It will happen sooner than we think.

From Welcome to the Speakularity, Where Everything You Say Is Transcribed and Searchable

The Library Digital Privacy Pledge of 2015

The Pledge for Libraries:
1. We will make every effort to ensure that web services and information resources under direct control of our library will use HTTPS within six months. [ dated______ ]
2. Starting in 2016, our library will assure that any new or renewed contracts for web services or information resources will require support for HTTPS by the end of 2016.

From The Library Digital Privacy Pledge of 2015 - Google Docs

The Illusion of Online Privacy

Enjoying true privacy is difficult in today's digital age, but it won't get easier if people give up on their right to a few personal secrets, Reitman says.  

"People are starting to be so frustrated about privacy that they believe they can't get anything better," she says. "We have to push back against that idea.“

From The Illusion of Online Privacy - US News

It's not too late to reclaim our online privacy

How did we get here? Data has become currency: we barter it for services from operating systems to music players, while accepting promises of personalisation and assurances of security from those to whom we entrust it.

That trust is misplaced. Silicon Valley is built on data trading, and its products reflect that. Webmail isn’t encrypted; that would stop lucrative ads. Apps don’t tell us what they’re doing. Ad-trackers stalk you as you browse. And instead of real security, we are exhorted to strengthen our passwords – which is unintuitive and largely futile.

From It's not too late to reclaim our online privacy | New Scientist

Apple’s content blocking is chemo for the cancer of adtech

This means the iOS platform will now support developers who want to build sophisticated apps that give users ways to block stuff they don’t like, such as adtech tracking and various forms of advertising — or all advertising — and to do it privately.

This allows much more control over unwanted content than is provided currently by ad and tracking blockers on Web browsers, and supports this control at the system level, rather than at the browser level. (Though it is executed by the browser.)

From Doc Searls Weblog · Apple’s content blocking is chemo for the cancer of adtech

The Ashley Madison Hack Should Scare You, Too

Likewise, those who blithely state “privacy is dead” as if they have no skin in the game, as if merely shrugging and accepting that we no longer have any rights as individuals, may be the most disheartening of all. Are we ready to agree that we, as citizens, have no recourse, that it’s perfectly natural that criminals and the corporate entities that fail to protect us from them would mishandle our assets and expose us all to fraud and identity theft and public attacks? Do we want our public servants targeting citizens by using information gained through criminal means?

From The Ashley Madison Hack Should Scare You, Too -- The Cut

Monica at Mozilla: Tracking Protection for Firefox at Web 2.0 Security and Privacy 2015

Advertising does not make content free. It merely externalizes the costs in a way that incentivizes malicious or incompetent players to build things like Superfish, infect 1 in 20 machines with ad injection malware, and create sites that require unsafe plugins and take twice as many resources to load, quite expensive in terms of bandwidth, power, and stability.

From Monica at Mozilla: Tracking Protection for Firefox at Web 2.0 Security and Privacy 2015

Pages

Subscribe to Online Privacy