For instance they’ll see what emails you receive and subscribe to, what videos you watch, what things you search for, what sorts of documents you work on and what the content of those documents is, what you blog about, what you take photographs of and where, what newspapers and blogs you read, what you buy online, what parts of the world you’re interested in (and where you live), who you chat to and what you like to buy.

All of this information, when put together, helps advertisers paint an incredibly detailed picture of you and with about a billion users worldwide, that information is incredibly valuable.

Now Microsoft have hit back with newspaper adverts in the US saying that this isn’t what want at all and that you should ‘obviously’ use their products and services instead.

In the advert they say…

Google is in the process of making some unpopular changes to some of their most popular products. Those changes, cloaked in language like “transparency”, “simplicity” and “consistency” are really about one thing: making it easier for Google to connect the dots between everything you search, send, say or stream while using one of their services.

But, the way they are doing it is making it harder for you to maintain control of your personal information. Why are they so interested in doing this that they would risk this kind of backlash? One logical reason: Every data point they collect and connect to you increases how valuable you are to an advertiser.

So is this fair enough, sour grapes or the pot calling the kettle black?  In fairness it is all of the above as there are elements of all of these in the advert.  Google make almost all of their revenue from advertising and the better and more attractive they can make their own advertising, and the data they collect on their users, the more companies they will attract and the more money they can charge for the (your) personal information.

Many people simply don’t want to be tracked and Microsoft point out that you can do this in the latest version of Internet Explorer.  What they don’t mention is that you can also do it the latest version of Google’s Chrome browser as well and that many of the advertising and data-mining tactics used by Google are also used by Microsoft.

Consumers will have to decide for themselves how they feel about the approach Microsoft are taking here, though many will just see it as a company taking advantage of an open goal for a publicity stunt.  The fact remains though that the US Congress is so concerned about the new changes Google is introducing that they are holding an closed door hearing to discuss what the changes mean.

So what do you think about Google’s new privacy policy?  Have you even heard about it and what do you think of Microsoft’s response?  Why not tell us in the comments below.

So what do I mean by this and why?  Well times are still hard and for all those people struggling in their jobs, or struggling even to find work after being made redundant employers are increasingly searching Facebook and Twitter for clues as to the types of people that they are hiring or that are already working for them.  Couple this with the fact that Twitter is and has always been completely public, and that Facebook seems to find ever increasing ways to make everything you say and post publicly available, and you could find yourself going into the new year with a problem.

I’ve recently gone through my Facebook account and deleted all the photo libraries I put online this year from holidays and days out.  Let’s face it, each of these were only supposed to have been there for a few days, a couple of weeks at the most, so that my other friends could catch up with what had been going on but nobody would have looked at them since.  I’m extremely careful about what I put on Facebook, for instance I tend to avoid photos where I’ve had too much to drink (though the obligatory Saint Patrick’s day hat photo will always remain a notable exception!) but even so it’s wise to be cautious.

Facebook are currently rolling out their new Timeline feature that they dub “a new kind of profile”.

Timeline is wider than your old profile, and it’s a lot more visual.  The first thing you’ll notice is the giant photo right at the top. This is your cover, and it’s completely up to you which of your photos you put here.  As you scroll down past your cover, you’ll see your posts, photos and life events as they happened in time. You choose what’s featured on your timeline. You can star your favorites to double their size or hide things altogether.

In short Facebook want everybody’s profile to be a complete history of their lives and do you really want all of this information available to everybody, and trust Facebook to keep it secret?  This is why I highly recommend not just removing old photos but modifying your status history as well.  Not that long ago Facebook offered a new feature that can be found in your Privacy settings called Limit the Audience for Past Posts.  Here you can control your privacy better for all the things you have said in the past, some of which you may not be completely proud of.  All of this is in the name of being constantly careful and vigilant about the company’s proclivity to make everything public as often as they can.

With Twitter it’s different because everything is already public.  Deleting old Tweets is a laborious process of removing them one at a time (I have almost 7,000 tweets in my account and don’t want to face that!) but some tools such as TwitWipe are available to plug the gap.  This and similar services will completely wipe your Twitter history, enabling you to start from scratch with a clean bill of health.  That means the next time someone does a search online for your Twitter handle and the word “drunk” nothing will appear in the results.

Personal privacy is something we’re giving up more and more as we get involved with social networks and companies that trade online, but it’s such an important thing to guard.  Making sure that my privacy is maintained online will certainly be one of my resolutions for 2012, will you make it one of yours?

The flaw was first reported on the forums of BodyBuilding.com, presumably because the users of that website like taking photos of themselves and putting them online.  The bug exploits the way the offensive photograph reporting tool works.  I’m not going to detail it in too much detail here because I don’t want to encourage anybody to try and view photographs that other people have made private as they obviously want them to be kept private.  However the post does detail how the flaw works.

ZDNet used the flaw to show a picture from Mark Zuckerberg’s private album, taken from a dinner party where everybody seems to be having lots of fun making the food, it’s quite sweet actually as Zuckerberg clearly looks like the shy one.

Facebook have said they are looking into the issue which revolves around being able to report more than just the single photo you can see.  It’s not a bug with the system but it is quite a substantial design flaw and, oddly, surprising that nobody has noticed it before.

Facebook has been heavily criticised in the last few years for matters of privacy and so there are people who will leap on this story as yet another example of how the company simply doesn’t take its users privacy seriously.  Such problems have included a change to the terms and conditions that made all your photographs and statuses Facebook’s property and a settings change that made everything on everybody’s profile accessible to search engines by default.  Both times the change was quickly withdrawn.

ZDNet said…

Details of this flaw were examined in detail. While some browsers restrict this flaw, private photos that are hidden or inaccessible to people who are friends, can not only be accessed but enlarged to their full scale.  This flaw is open for anyone to use — and abuse. While Facebook anonymises the reports that it gets through, the user whose profile pictures can be viewed will also not know that their privacy has been invaded.

There are real problems with privacy and the Internet, much of which seems to stem from people not understanding what the Internet really is and how it works.  I have published a free Facebook Privacy Guide, though some settings have changed and the book needs a second edition when I get time.  There’s lots of advice in here though about how to keep yourself and your personal information safe and private when online, at least as safe and private as Humanly possible.

As is always the case with these things the best advice is not to put embarrassing pictures or messages online in the first place, or to remove them after they’ve been seen by close friends.  Some companies are working on solutions including one ingenious one I’m looking forward to where a picture can be programmed to expire after a specified time.  These types of technology will no doubt help all of us in the future.

But CCleaner is nowhere near as complete as it could be. This has for instance been shown by CCleaner Enhancer, a program that adds more than 200 different cleaning rule sets to CCleaner.

Windows users looking for a CCleaner alternative have several programs at their disposal. I reviewed some of them, like System Ninja or Clear Prog in the past here on Ghacks Technology News.

Wipe 2011 is another CCleaner alternative. The program concentrates more on privacy and tracking orientated traces on the system and even identifies data that CCleaner does not find by default.

When you first start the program you will notice that it will start to scan the system for tracks and garbage. The delete tracks and garbage option is selected by default. This setting is a click one delete all option, a click on continue would delete all data found by Wipe 2011 during the scan.

Users who want more control over the process should switch to the Advanced cleaning mode option which displays the programs findings in list form with options to prevent the cleaning of specific data points on the PC system.

The advanced listing displays all of its findings in table form. listed are the type of data search, the files and Registry entries found and the total amount of disk space in bytes occupied by the data.

Checkboxes are provided to enable or disable groups or individual titles from the cleanup.

CCleaner users will find that Wipe 2011 lists several data locations that CCleaner ignores. Among them the CryptnetURL cache, RSS feeds cache, Direct3D recent program list, game statistics or the recent wallpaper list.

A right-click on any title in the Wipe 2011 software opens a context menu with options to view all contents of a particular location in the application or to delete its contents manually.

Wipe’s missing a backup and restoration option. The program can wipe data permanently from standard platter driven hard drives. Users who want that need to switch from standard deletion to anti-recovery overwrites in the program settings.

Wipe 2011 is a handy CCleaner alternative with a focus on privacy and tracking related data. Windows users can download the program from the developer website. The application is compatible with 32-bit and 64-bit editions of the Microsoft Windows operating system.

This falls in line with the finding that Facebook does not delete all cookies on a user system during sign out.

I reviewed several browser extensions and add-ons to deal with the privacy issue, Share Me Not for Firefox for instance is one of them.

Priv3 for Firefox uses a very similar concept to improve a user’s privacy on the Internet. The developers of the extension note that Priv3 “does not block third-party interactions completely”. It instead “selectively suppresses the inclusion of third-party web cookies” when the browser connects to the social networks.

Instead of blocking or removing the social scripts outright, it basically blocks their functionality until the user makes the decision to interact with them. With the add-on installed it is still possible to see the number of likes, Twitter messages or +1s a page has received.

When you start interacting with a social networking script on a site the extension starts to reload the session cookies to pass on the click to the social networking site so that the desired action can be completed (e.g. liking a page).

Priv3 in its current state supports the three top social networking sites Facebook, Twitter and Google+, as well as LinkedIn. The developers promise to add support for additional sites in future releases.

The extension works similar to Share Me Not which uses a similar technique to block privacy sensitive data to be transferred to one of the social networks. Firefox users can install Priv3 from the official Mozilla add-on repository.

One could say that you better pick your friends carefully on Facebook, but we all know that this is not always possible. Facebook fortunately has implemented an option called tag reviews which allow a user to review tagged photos before they become visible on the Facebook profile page.

To enable tag reviews on Facbeook, you need to click on the down arrow in the main toolbar next to your user name and the Home link and select Privacy Settings from the menu that opens up.

Locate How Tags Work – control what happens when friends tag you or your content, and click the Edit Settings button next to it.

This opens an overlay menu with five options to change.

• Profile Review of posts friends tag you in before they go on your profile (note: tags may still appear elsewhere on Facebook)
• Tag Review of tags that friends want to add to your posts
• Maximum Profile Visibility of posts you’re tagged in once they’re on your profile
• Tag Suggestions when friends upload photos that look like you
• Friends Can Check You Into Places using the mobile Places app

Tag Review is the second option in the list. Just click on the arrow icon next to it to turn it on. This displays an informational page where you can turn on tag reviews on Facebook.

Once you enable the feature you will receive notifications whenever you have been tagged by another user in a photo. You can also turn on the Profile Review feature to approve or deny being tagged in friend’s posts that are displayed on your own profile.

Lastly, you can change the maximum profile visibility for posts that you are tagged in. You could for instance make it only visible to yourself, to friends or a specific group of users.

Making the changes to the tag privacy settings can really improve your privacy on Facebook and reduce the amount of unwanted posts and notifications that appear on your Facebook profile page. (via)

Use BCC Instead is a Mozilla Thunderbird extension. It works almost like the native attachment warnings that you get when you use words like attached in the email body or subject without attaching a file to the email.

The extension warns you whenever you send emails to multiple recipients using either To or CC instead of BCC.

Please note that the extension warns you about sending the email to multiple To or CC recipients. It gives you the option to go ahead and send it anyway or to click cancel to modify the parameters to BCC. It does not auto-correct the issue.

The default limit is set to 10, which means that you only get warnings if you send out emails to more than ten recipients using To or CC. You can change that in the options, for instance to 1 which would always warn you when To or CC is used.

You can furthermore block emails from being send out at all if the selected value is exceeded.

Thunderbird users can download Use BCC Instead from the official Mozilla extension repository.

The Firefox add-on IPvFox does that in a convenient and comfortable manner. It adds an icon inside the Firefox address bar that indicates whether IPv4 or IPv6 was used to connect to the website.

More interesting than that is the list of all connections the web page made to load data. The list includes at least one server, the server the web site is hosted on, and usually a couple of additional servers.

Those servers can be content delivery networks, advertising networks, social networking buttons, third party scripts among other things.

The A Tech Girl’s Life web blog for instance makes two connections. One to the web server the site is hosted on, the other to the web analytics server Google Analytics.

Both the domain name or host name, and IP address are displayed in the listing. The connection data is selectable, which means that you can copy it to the clipboard or a service on the Internet that verifies servers and IP addresses like Virus Total.

I personally would find it more helpful if the add-on would indicate the number of connections made in the address bar directly, instead of the IPv used. Options to export the information directly would also come in handy.

Firefox users can install the IPvFox extension from the official Firefox add-on repository. The add-on requires no restart after the installation or uninstallation.

Ghostery is a similar add-on. The core difference is that IPvFox displays all connections, while Ghostery concentrates on advertising and privacy related connections.

If you do not want your friends to find out that you have a secret crush on Justin Bieber, you may want to make sure that the history is deleted by the time they use your computer. Plus, you may reduce the amount of data that Google has stored about you at the same time.

It needs to be noted at this point that it is not possible to access another YouTube user’s video watch list. You should also make sure to log out of public computers so that no one gets access to your data.

There are actually two ways to find out about videos that a user has watched on YouTube. First by looking at the my viewing history page on YouTube which is only available if you are still logged in on YouTube. Second by looking at the browser cache. The second method works for as long as the browsing history is not deleted manually or automatically.

Here is how you delete both histories.

1. Delete YouTube Viewing History

Go to the YouTube website and log in if you have not done that already. Locate your username in the upper right corner and click on the Videos in the menu that opens up. You can alternatively open the following page directly. The page lists all the videos that you have watched on YouTube.

You can remove individual videos from your history by selecting them and clicking the Remove button afterwards, or all videos with a click on Clear all viewing history.

The browsing history of your web browser is the second location where others might find out about the videos that you watched recently on YouTube. You basically need to clear your browsing history and cache to make sure that no one can take a look at the data.

The Login Helper website has a nice guide called Web Browser Maintenance that explains how you do that in all popular browsers.

Facebook some days ago announced changes to the way tagged photos would be handled on the site. Instead of being posted directly to the wall, these photos are now moved to a preview area where the user who was tagged on them can accept or delete the posts.

The same is now true for photos uploaded by a Facebook user. Instead of allowing just anyone to tag your photos or posts, you are now in a position to review the tags to either approve or reject them.

It is now on the other hand possible to tag friends or anyone else on Facebook thanks to the new preview before publishing system.

Facebook is also making it easier for users to control the profile visibility. Instead of having to navigate to sub-menus to make changes to the visibility of specific profile elements, it is now possible to use inline profile controls to handle the settings directly with a click of the mouse button.

In addition, the new visibility button has been made available on each post as well to make it easier for users to understand who they are sharing that post with.

The blog post at the official Facebook blog lists additional enhancements to the sharing and visibility options on Facebook. The new changes, as tiny as some may be, make a lot of sense. Especially the tag preview feature is a godsend, as it allows me to block unwanted posts on my Facebook wall.

Let me know what you think of the changes.

Why do I say this, because rather ironically that very same day I’d also published my own free Facebook guide, “The Facebook Privacy Guide“.  I’ll let you decide which one you prefer but I’ll give you the run down on my own eBook.  It’s completely FREE and a 36 page essential guide to everything you need to know to protect your online privacy from unscrupulous people, current and future employers, advertisers and malware writers.

I’ve included a great many Quick Tips throughout the book and it’s all in glorious full colour with large text and screenshots throughout.  I’ve used the same accessible and non-technical language I was praised for with my Microsoft Press book “Troubleshooting Windows 7 Inside Out” to make the book useful to people of all ages from children and teenagers to adults and the elderly.

It’s a complete and essential guide to keeping yourself, your personal information and your photos and videos safe from prying eyes and those who would use it for unwarranted purposes.

There’s more than just that though, I’ve included details on how to spot and keep yourself safe from Facebook spam and malware, and also how to create safe and secure usernames and passwords, not just for Facebook, but for every website you visit.

Facebook currently has around 750 million users worldwide and has been heavily criticised in recent years for very lax privacy, including one change that automatically made every user’s private information visible to search engines.  This was one of many privacy problems with the world’s most popular social networking site that caused a public outcry, and the company had to quickly change the settings again for all users.

You can see some images from the eBook below and if you find it useful I do ask that you please pass the link on to your friends and family.  You can download The Facebook Privacy Guide from our sister site Windows7News.com.

/p>

]]> http://www.ghacks.net/2011/08/22/download-ghacks-editors-free-facebook-privacy-guide-ebook/feed/ 4 http://www.ghacks.net/2011/08/11/dont-want-your-photo-to-be-used-for-linkedin-advertisements-do-this/ http://www.ghacks.net/2011/08/11/dont-want-your-photo-to-be-used-for-linkedin-advertisements-do-this/#comments Thu, 11 Aug 2011 06:52:57 +0000 Martin Brinkmann http://www.ghacks.net/?p=48912 I have to admit that I’m not a LinkedIn user. I probably should have an account with my Internet business and all, but then again, it feels to me like yet another network that I have to spend time on. So, no LinkedIn for me.

I recently stumbled upon a story over at Connection Agent. The story basically revealed that LinkedIn had automatically opted-in all their users to a setting that allowed them to use their user’s names and photos for third party advertising.

Now, the core problem with these kind of things is that they are usually diametrical to what users want. This would not be a problem if the service would be opt-in only, so that users could make the decision whether they wanted their names and photos to potentially appear in third party advertising. Then again, no one would probably do it if that was the case.

Steve describes on his blog how users can opt-out of the third party advertising. They need to click on their name on the LinkedIn homepage and select Settings from the drop down menu that appears automatically.

On the Settings page they need to select Account. They then need to locate Manage Social Advertising in the column next to Account and de-select the box next to “LinkedIn may use my name, photo in social advertising”.

Once done you are opted-out of third party advertising.

Now, the real problem here is LinkedIn’s sneaky way of enabling this for all their user accounts. The move sounds great from their perspective and will surely please their stock holders. The majority of users may never realize that the option is there, and those that do are probably only opting-out and not closing their accounts because of this. They may be a bit disgruntled but this settles over time.

LinkedIn basically does what Facebook has done before them; Enable a feature for all users automatically that the majority of users, if they knew about it, would not opt-in for.

If you are on LinkedIn and do not want your name or face to appear in an ad that you have no control over whatsoever, I suggest you opt-out of it immediately.

Update: LinkedIn has posted a response called Privacy, Advertising, and Putting Members First on their blog. While the company does not seem intent to change social advertising from automatic opt-in to manual opt-in, they have announced that they will make changes to the ad units.

Wallace denies the charges which carry a jail term of up to 10 years and has been released on $100,000 bail by the authorities.

Prosecutors have said that Wallace earned “substantial revenue” from selling the personal data harvested by his app which propagated by posting itself to the walls of the friends of victims.  The spam was sent, and the personal data harvested between November 2008 and March 2009.

Facebook successfully sued Wallace in 2009 and a federal judge ordered him not to access their service.  Prosecutors are claiming this is an order Wallace ignored and violated on countless occasions.

Facebook is not the only service to have been hit by Wallace.  In 2008 he lost a civil prosecution brought by MySpace for sending junk messages on their network.

Facebook spam and malware apps is clearly a growing problem that isn’t going away.  Malware writers and criminals are taking advantage of the lack of knowledge most computer users have about what the threats to their personal data are, and how to look for them.

It is getting more and more common to see fake videos posted to walls, apparently by friends, with subjects such as “Daddy walked in on her” or “World’s worst hen night prank”.  The simple rule to follow with video is that the video, when clicked directly, will play in the wall view.  If it takes you to another page, even if it looks like Facebook and asks you to click to allow it permission it’s malware.

This is the same for all other malware links on the service.  If you suspect you have already authorised malware on your Facebook account follow these simple instructions to remove them.

1. Click on Account in the top right of the Facebook screen
2. Next click on Privacy Settings
3. Under Apps and Websites click Edit your settings
4. On the next page in the Apps you use section click Edit Settings
5. Here you can revoke permissions for all but the most essential Facebook apps that you like to use

It is also wise never to include your home address, home telephone number or mobile telephone number in your profile as this is information that is most valuable to spammers.  If your friends want to know your personal details they’ll always ask you in a secure direct message and you can tell them directly.

It is also wise to check your general Facebook privacy settings with you can do in Account > Privacy Settings.  Here you can see if your personal information is shared just with your friends, their friends or with everybody on Facebook.  Any information shared publicly will also be visible to search engines and could include sensitive information about you.

It is because Facebook have tightened privacy controls in the last year that we’re seeing more and more malware apps that want permission to access your personal information.  Giving an app permission is the same as making the writers of that app a friend, as they will then have access to all the information about you that you put on the social network, including photographs and status messages.

By far the safest way to protect yourself on Facebook is not to put sensitive and personal information there in the first instance.

Google Profiles are part of Google+ with options to show or hide profile data. Up until now it was possible to maintain a private profile, which basically meant that no one but the Google account owner could access it.

Google notes that nearly all profiles are public, but that there are some that are not. And it is those that the company targets. In a somewhat surprising move, Google announced that they would delete all private profiles after July 31, 2011.

Users with private Google profiles have two options. They can do nothing which leads to deletion, or they can modify their profile to make at least the full name and gender public.

For that, they have to visit their Google Profile and modify the visibility of those items.

While it is still possible to hide most of the information, and even keep the profile from appearing in the search results, it is not possible to block direct access to the profile. Someone on a page with a link to the profile and someone with the direct url could access the profile.

All they might see is the user’s name and gender. Especially the mandatory gender display has lead to criticism of Google’s move to make all profiles public.

What’s the official reasoning for making all Google profiles public? According to Google the purpose of Google Profiles is to “to help people find and connect with you online” which is not possible if a profile is private.

The problem that most users seem to have is related to the public gender issue. Some argued that Google could use the information for advertising, which is a somewhat dubious argument, considering that Google has access to the profile regardless of your privacy settings.

I find it rather strange that less users seem to have a problem with their full name appearing on the profile, which in most cases can easily be used to identify the user’s gender. The only real problem I see is the Other option. But then again, one does not have to select other at all. Some won’t because of fear of discrimination.

What’s your take on this development? And what does your profile’s visibility look like currently?

On Google+, all you need to do is to create a circle for business and one for friends to separate the news stream for those groups.

I have not really seen many privacy related posts yet. This was actually one of the first things I did after signing in for the first time and creating a few sample circles.

If you are in a hurry, skip the following part and go right to Google+ Privacy in a minute or less at the end of the guide.

Google+ Privacy

Cick on your name in the upper right corner of the screen and select Account Settings from the context menu. Switch to Google+ to access the notification preferences.

All notifications are enabled by default and usually linked to the primary email address of the Google+ user. I suggest you look at the notification settings and modify them according to your needs. If you do not want to receive notifications at all, disable everything on that screen.

Once you are done switch to the Profile and privacy tab where all privacy related settings are found. The page links to a lot of subpages which makes configuration a lot harder than it should be.

The first thing that you may want to do is to click on the Edit visibility on profile button near the top to modify the public profile information.

This loads your Google profile in edit mode. Just click on an entry that you want to check. Do not want your circles to appear on your public profile? Click there and modify the settings accordingly. You can disable showing of your circles completely or hide only some circles from the public Google profile.

The icons in front of each entry indicate that item’s visibility:

A ball indicates that the item is visible to everyone, a circle that it is only visible to the user’s circle, and a link icon that it is visible to the extended circle (aka friends of friends on Facebook).

Once you are done editing go back to the Profile and Privacy settings.

Sharing lists a second group on the page. It actually does not offer that many configuration settings but links to certain features of Google+

The sharing defaults are set to the following according to Google:

Each time you post content, you specify the circles and individuals you want to share it with. For convenience, new posts default to the last set of people you shared a post with, but you can change that before you post.

Each post lists an indicator that is summarizing who that post is shared with.

Manage circles leads to the circle management window where you can create, edit and delete circles and move contacts around.

Edit Network Visibility opens the profile editor once more where you can edit the public display of your circles and users who have added you to their circles.

View incoming posts opens all incoming messages of users who have added you to their circles but who are not in yours.

Google+ is the third group under Privacy settings. Here you can configure photo tagging settings and configure your interests.

Edit photo settings loads the Google+ notification settings again which we have accessed at the very beginning. You can modify photo related tagging settings at the very bottom of the screen.

Sparks lets you select activities, news or items that you are interested in.

The last group on the screen Google Privacy links to Google account related privacy settings.

All privacy settings of Google+ are handled more or less on two screens. The different links on the Profile and Privacy configuration page is somewhat confusing.

Google+ Privacy in a minute or less

Here is what you need to do to configure your Google+ privacy settings in less than a minute.

Click on your name and select privacy from the context menu. On the Profile and privacy page click on Edit visibility on profile and change visibility settings for the items on the screen. Once you are done click on your name again and Privacy.

Switch to Google+ on the left sidebar and modify the tagging and notification preferences on that screen.

Et voila, you have successfully configured your Google+ privacy settings.

Posting Status Updates

When you post a status update you are asked to add circles or people that you want to share that update with. The settings here define who is able to see your status update. It is therefor important to make the right selection on that screen.

Have anything to add? Let me know in the comments. You can also post if you want me to try the “invite trick” to get you invited into Google+ (please note that it is not working all the time though).

Why? It should be clear that anyone can access public data, including companies, organizations and future employees. If they find something that they do not like, you can be sure that you won’t get that job that you wanted so badly. It can also have implications on your private life, bullying in class for instance or a divorce.

Forbes is reporting today that “the Federal Trade Commission gave a stamp of approval to a background check company that screens job applicants based on their Internet photos and postings”. The company gets hired to perform background checks by crawling social media sites, networks and other public sites for user information.

But what about data that is secured by an account, like Dropbox for file hosting? Two dangers come to mind: First hacking, which has been happening a lot lately. If hackers manage to break into a site, they can do all kind of things, including accessing your information and maybe even your files.

Second bugs that lead to data being publicly accessible. The latter has actually happened yesterday. Dropbox notified their users in a blog post that an update that they applied to their service had the result that for a brief period of time (according to Dropbox, Techcrunch states four hours) account log ins without the correct password were possible. Someone else could have accessed your Dropbox account during that time, which included accessing and downloading files hosted there.

Dropbox in the meantime has emailed all users who might have been affected by this.

If you need to sync or host files online, use encryption if the files are important to you. Check out BoxCryptor, Dropbox Realtime Encryption or SecretSync, Security Layer To Protect Sensitive Files On Dropbox for software reviews that do that automatically.

Closing Words

The majority of Internet users seem to lack an understanding of privacy, considering that many post public information on social networking sites like Facebook or Twitter, without giving a thought to possible consequences. The information are there for a very long time, which means that employees might base a decision to hire or fire on something that you have posted on Twitter or Facebook several years ago.

The majority of users does not really know about this. Most think for instance that deleting files will delete them completely, which is not the case. Here is a collection of five different locations and ways to find out more about a previous computer user. You can use the information on your own computer, to see if a third party could grab those information from yours as well.

1. Display Deleted Files

Deleted files are not directly deleted by the operating system. Even if you delete them directly or make sure to delete the trashcan as well. Why? Because it is faster to simply delete information about the file, than the file itself. While you won’t see the file anymore in your OS, it may still be fully accessible on the hard drive of the computer. Someone with the right set of tools could recover the files to get access to what you have been deleting.

Tools for the job:

• Disk Digger
• Glary Undelete
• Panda Recovery
• Recuva
• Undelete Plus

How to protect yourself:

Wipe the free disk space regularly. This overwrites the free space on the hard drive which makes standard file recovery impossible.

• Blank and Secure
• CCleaner
• Eraser

2. The Web Browser History

Web browsers are configured to record the web browsing history. This is done in databases in the program directory most of the time as well a cache that contains pages, images, cookies and other elements of visited websites. It is quite easy to use the cached information to see what sites a user has been visiting in the past and what has been downloaded to the computer.

Tools for the job

• Built-in web browser tools to access the history and cache
• The standard system file browser, e.g. Windows Explorer
• Firefox Cache Viewer
• Google Chrome Cache View
• Video Cache View

How to protect yourself:

You can configure web browsers to delete the cache regularly, for instance at every exit or every five days. Here is how you would do that in Firefox. Open the Firefox web browser and click on Firefox > Options, or select Tools > Options from the menu. Switch to the Privacy tab

You can either configure Firefox to never remember the browsing history, or use custom settings for the history. This way you could disable the browsing and download history, but keep cookies for your logins.

3. Recent Items

Another area where you might get a lot of information about computer usage is the recent items list. The operating system and multiple third party tools keep tabs on programs or files that have been opened recently. If you have not done anything with the OS or application yet, you may find previously opened files and programs by the system’s last user.

Tools for the job

You can access the information right in the application or the operating system. For Windows 7, you could for instance click on the start button and select Recent Items from the Start menu, or right-click an item in the taskbar to see its jumplist entries.

How to protect yourself:

You need to disable recent items either in a control panel of the operating system or in the third party application. For Windows 7, you would simply right-click the start orb and select Properties from the context menu.

Locate Store and display recently opened items in the Start menu and the taskbar to disable that feature.

Closing Words

The three method above are common options to analyze a computer system. Have other suggestions? Let us know in the comments.

The Electronic Communications Privacy Act Amendments Act of 2011 legislation that was introduced last month by Leahy that would, in many cases, require police to obtain a search warrant to access private communications and the locations of mobile devices. The one exception to this is that it does not require a warrant for police to look at your historical whereabouts as recorded by the movements of your cell phone, even if the location data is only a few hours old.

The U.S Department of Justice has argued in court in the past that warrant-less tracking should be allowed because Americans enjoy no “reasonable expectation of privacy” in cell phone’s previous locations. In April, the associate deputy attorney general, James Baker, with the Department, launched a frontal attack on the very notion of requiring search warrants for locations. Baker told a Senate panel that a requirement like that, either for historical or live tracking data, would hinder “the government’s ability to obtain important information in investigations of serious crimes.”

As his bill has no GOP supporters, Leahy has stated that he hopes to gain Republican support. “Otherwise,” he said, “we’ll have a heck of a time passing it.”

EPCA is notorious for being convoluted and difficult to follow, even for judges. The wording, reading like a hedge maze, currently means that Internet users have more privacy rights if they store data locally. This is a legal loophole that some companies are concerned could slow the shift to cloud-based services. Changing the law may streamline that process for some companies.
Over the last year or so, the Digital Due Process coalition has been urging Congress to update the law. The coalition is comprised of companies including Google, Loopt, AT&T, Facebook, and Microsoft, as well as liberal, libertarian and conservative advocacy groups, none the least of which is the Electronic Frontier Foundation.

The coalition embraces four principles, one of which is that a warrant signed by a judge needs to be required for the contents of private communications. A warrant should require to access location data. EFF has said that the bill Leahy introduced fulfills about 1.5 of the core principles they endorse.

Leahy appears to be genuinely serious about protecting the public’s right to privacy. He stated that next week, his committee would be holding a hearing on the administration’s proposal for cybersecurity legislation which was released last month. The aim of the proposal is to force companies to do more to fend of cyber-attacks. This is refreshing news in the wake of recent cyber-attacks from hactivists groups and bank heists.

Legislation that could actually require companies to be responsible for the private information they have access too? It’s a sad commentary on reality when such legislation would be required. What happened to the days when companies appreciated their clients and treated them with respect? That’s what it really boils down to, ultimately. Respecting and appreciating the people that make a business successful. One would think that protecting sensitive information like that would be a no-brainer but, as we’ve seen recently, that is not the case.

Perhaps legislation to enforce such a respect is in order. We can’t know for sure how effective it would be but it’s certainly a step in the right direction.

As far as legislation protecting the rights of citizen’s electronic privacy, it certainly seems to make sense. Why shouldn’t laws be updated to reflect the times we currently live in? When it comes to protecting the public’s privacy and keeping the public safe, there is a fine line to be drawn. However, a public that has no protection from its own law enforcement agencies isn’t a free public at all. Checks and balances are supposed to be the basis on which our entire government’s system runs. The people are entitled to those same checks and balances as well. Privacy is one of the hallmarks of freedom, after all.

Privacy is about user information. This can be data like names, addresses, emails but also indirect data like a user’s browsing habits, past purchases at an online store or a search history. Companies use the information for instance to track a user on the Internet to display targeted advertisements. But privacy can also be abused, say by malicious users who hacked into a company database to get all user names and emails, to communicate with those others afterwards (phishing comes to mind). Privacy can also be a local matter. A wife who does not want her husband to find out what she is doing on the Internet, parents who do not want their kids to see some of the sites they have been visiting.

Privacy add-ons cannot protect from all threats related to privacy. They cannot be used for example to delete your shopping history at Amazon or eBay. They can however protect you from the majority of dangers.

Firefox Privacy Preferences

Firefox has a few privacy related options that can be customized easily to improve privacy immediately. You find the settings by clicking on Tools > Options, or Firefox > Options in the menu. Switch to the privacy tab. The default setting here is to remember history. If you switch that to custom settings for history you get several new configuration options.

All of those settings are about local information, like the download or browsing history. If you do not want the browser to record the information, uncheck the box. You can also configure Firefox to clear the history on exit, which would mean that you have access to the history during sessions, but not after the browser gets closed down.

Helpful articles:

How To Clear A Browser Cache
How To Delete Cookies On A Computer
Configure Firefox To Delete All Cookies On Exit But Select Ones

Firefox Privacy Add-ons

Firefox offers many privacy related add-ons for download. This list includes only add-ons that are working under Firefox 4. The majority will work under Firefox 3 as well, I try to mention it if an add-on does not.

Email

TrashMail.net – Anti-Spam

Create a temporary email address for immediate use on the Internet. Handy for signing up on websites that you do not trust to keep your email address confidential, or submitting a comment on a site.

Alternatives are Less Spam, please, Bloody Vikings and Spamadvert.

Forms

Form History Control

Firefox records by default what a user enters into forms on web pages. While it is possible to delete all form history at once via the clear browsing data tool, it is not comfortable to delete select form entries. You can visit the form again, enter the first characters of the text you have entered, hover over the suggestion that pops up with your mouse and press the delete key on your keyboard to delete it.

Form History Control simplifies the process. It displays all form data that is currently stored in the browser. You can use it to view, edit and delete entries easily.

FormFox

Displays the form action on mouse over. The form action determines to which website or server the entered data is submitted to. This is sometimes used in malicious ways, for instance on phishing sites.

Tracking

AdBlock Plus

An ad blocking extension that can be extended with subscriptions to include privacy related protections to the web browser.

Better Privacy

Protects a user’s privacy by offering better Flash Cookie (LSO) handling in Firefox. Can remove Flash cookies automatically on exit, something that will be supported by Firefox soon by default.

CsFire

Protects against malicious cross-domain requests, including Cross-Site Request Forgery.

CsFire protects you against malicious cross-domain requests, by rendering them harmless. This means that CsFire will remove authentication information (cookies and authentication headers), which ensures that a cross-domain request can not have harmful or undesired side-effects.

Ghostery

Displays information about page elements used to track website visitors. This includes tracking pixels and scripts such as Google Analytics or Facebook.

PrivacySuite

A collection of tools that improve a user’s privacy on the web. This includes email and phone protection, blocking of online tracking, cookie controlling and privacy alerts that display trackers that are active on a site.

Selective Cookies Delete

Delete cookies on-demand and based on pre-defined rules. You can use the add-on to clean up cookies from specific sites, or all cookies but those from some websites.

A similar extension is Cookie Whitelist.

Tracker Block

Block companies from tracking you through cookies and Flash cookies. Blocks more than 300 different ad companies from tracking users on the Internet.

TrackMeNot

Uses random search queries to protect against search data profiling.

Misc privacy extensions

Boss Key and Buttons

A boss key to minimize the browser immediately.

Certificate Patrol

Displays certificate updates to give the user a tool at hand to verify the legitimacy of updated certificates.

HTTPS Everywhere

Can be used to force HTTPS connections to select websites, for instance to always connect via HTTPS to your email provider, favorite websites or financial sites.

HTTPS Finder

Informs the user if an https version of the website is available. Can create rules for HTTPS Everywhere.

Long URL Please

Turns shortened urls into their destinations so that it is possible to see the link target right on the site the short url was posted on.

Perspectives

Validates Firefox HTTPS security errors by querying select Network Notaries.

Stealthy

A web proxy add-on for Firefox. Use proxy servers to hide your real IP address or visit websites that would be blocked otherwise.

Proxilla Glype Proxy Client is an alternative, as is Phzilla and Go2 Proxy

Closing Words

Firefox users can improve their privacy with add-ons tremendously. The right selection depends entirely on their web use. Do you think an add-on is missing from the list? Let everyone know in the comments. Post your privacy tips there as well.

The bill, called PROTECT IP, would allow the Department of Justice to seek a court order against sites accused of copyright violations. The order would be served against ISPs, internet advertisers, domain name providers and search engines. The site thus targeted would be required to disappear as soon as possible.

Eric Schmidt said that Google would not support the bill if it were to be passed. He said: “”If there is a law that requires DNSs to do X and it’s passed by both houses of Congress and signed by the President of the United States and we disagree with it then we would still fight it.” … “If it’s a request the answer is we wouldn’t do it, if it’s a discussion we wouldn’t do it.”

On one hand, supporters of free speech are applauding Google’s stance. There are far too many stories of content creators who have had their content pulled due to DMCA violations that either were not violations or were an unfair use of a draconian law. Giving even more weight to that law seems unwise if your major concern is the freedom of information. Critics fear that the bill would give the government a way to vanish sites at will.

The central problem with Schmidt’s pronouncement is that Google’s stance has not been quite so clear in the past. Not long ago, the company was threatening to remove the Pirate Bay and other sites like it from AdSense, and attempting to stop block terms connected with piracy from the instant search function.

Even as recently as April, Google’s general counsel Kent Walker was in front of Congress testifying as to Google’s antipiracy solutions. He outlined what Google has done thus far, but did caution against strong antipiracy measures that might create problems of their own. He was not nearly as outspoken as Schmidt.

So, why the switch? Why is Google all of a sudden not quite so willing to give the boot to piracy sites? Could it have something to do with the fact that when it was in favor of restrictions on piracy sites, it was attempting to garner deals with the record industry for its music service? Now that it’s released the service without need for licenses, maybe it’s not quite so willing to play ball with the big label companies.

It’s refreshing to see someone willing to stand up to the government in favor of free speech. I only hope that Google’s motives have as much to do with rights as it does with their business strategies.

What are your thoughts? What do you think of Schmidt’s stance? What do you think of the US bill? Do you think the bill will pass?