Feb 3 2009

Privacy and the Inadvertent me

Jamie Barrows

I’m not sure if I mentioned this before or not. At least I’m not sure if I mentioned it on this blog. But even if I have mentioned it before, it still bears repeating. Anything you put online may come back to haunt you some day in the future. So be careful what you post or say in forums and on blogs like this one.

What brought this topic to mind for me was a blog post I read on the Freedom To Tinker blog, called Satyam and the Inadvertent Web. Basically it’s the story of how a group of pictures taken and uploaded to Flickr several years ago, suddenly became highly relevant when Satyam became news worthy.

The pictures were taken by someone with no real connection to the company other than visiting it on a trip to India. They sat on Flickr for years and lived in obscurity all that time. Then Satyam got in the news for one of the biggest financial coverups of the Indian high tech industry. Suddenly, they were being referenced and viewed regularly. Suddenly those photos became a very large part of who the photographer is online.

The point is, whatever you say online. Whether on an obscure blog like mine, or on a major traffic destination, could become a big part of who you are and how you are perceived when people do a search for you.

People search engines are becoming better and better at finding all the bits and pieces of yourself that are scattered all over the web and aggregating them into a clear picture of you. Don’t believe me? Do a search for your name on Google and see what comes back. Probably more than you would expect. And Google doesn’t even specialize in people searches. If you do a search on a people specific search engine like Pipl.com. You will be amazed at what it can find about you. All those little comments, pictures, and even government records get matched up to your name. It can often even match up nicknames and pseudonyms that you have used in the past.

Those little tiny pieces of you that are scattered all over the web may lie in obscurity and be hardly noticed for years, and then a current news story can easily bring them to the forefront. Suddenly that comment or picture you posted years ago, is on the first page of a Google search for you. And what’s worse, is that you can’t ever really get rid of info once it is online.

It’s not like having an embarrassing conversation with someone or saying something stupid. Those things are easily forgotten once the conversation is over. Comments, blog posts, pictures, and social networking profiles can stick around forever once they are online. Even going back and deleting them (assuming you can) doesn’t really make them go away. They will still be in caches and archives all over the web. And it’s getting easier and easier to find that info if you are looking for it.

I’m not writing this to scare you off from commenting in forums or on blogs. And I’m not saying you shouldn’t have your own blog or facebook/myspace account. All I’m saying, is that you really should think very carefully before posting anything online. You should carefully consider your words before whipping out a comment on a blog or forum. Because you never know when that little piece of you might become a BIG piece of you.

Oct 17 2008


Jamie Barrows

The above comic(a lot like others from the same author) really hit home for me. I can tell you that the very first thing I do every morning is check on news from my friends on Facebook. Those friends happen to be all over the world.

Oct 16 2007

Hacking MySpace accounts

Jamie Barrows

Lolcat Hacker

The other day I got an email claiming I had a message from a friend on MySpace. Well, I really don’t like MySpace (More of a FaceBook fan)and I don’t use it much anymore, so I didn’t rush out to go get it. But I did eventually go check it out. As soon as I logged in, I saw that it was nothing but a spam message. So I just deleted it. Since I was on anyway, I thought I would check out the various bulletins that people had posted.

And what do you know! There were 4 bulletins from the person who had sent me the spam message. Three of those bulletins were clearly spam, but the last one was really from her. In that bulletin, she claimed that someone had hacked her account, and to disregard any strange messages that she might have sent before she realized she had been hacked.

Well, I was a little curious about the “hack” and decided to do some investigating to find out how peoples accounts normally get hacked. You see, I’ve had a MySpace account for years and it’s never been hacked. And it’s not like my password is super secure. I wont tell you what it is, but I will say it isn’t one of those extremely long ones with a random conglomeration of letters, numbers, and symbols that security experts say you should have. I’ve also never changed it the entire time I’ve had the account!

So I was really wondering how so many of my friends get there accounts hacked. It turns out that the most common method of getting your account “hacked” is to have the password stolen. That’s right, stolen. Not broken or guessed. No one is running brute force attacks to get your password.
Furthermore, if they did steal your password, it’s probably because you GAVE it to them. That’s right, I said gave. They tricked you into giving them your password, and then they simply logged in to your account.They didn’t hack your MySpace account. They hacked you.

So how do you keep this from happening? Well it’s real simple. Don’t give away your password to anyone. Never enter it into any other site except the MySpace login page. That will take care of most of the methods by which people get your password.
The remaining ways people can get your password are a little trickier, and I have a lot more sympathy for people who fall for these. These methods involve sending you to a page that looks exactly like the MySpace login page, but isn’t. So you think you are logging into MySpace, but actually you are logging into another website that is stealing your password. Still involves you giving them the password, but its a little trickier because you thought you weren’t giving it to anyone but MySpace.

This method is still easy to avoid. Just log in to your account only from the official MySpace.com website. How do you know if the page you are logging into is from the original page? Make sure that the address you typed to get to the page was MySpace.com After that you can click on the login link to be taken to the login page. Just make sure you started at the MySpace.com website and not some other site.

Oh, and this advice goes for my FaceBook friends as well.