Thursday, December 23, 2010

E.T. Phone Home...Coming Soon, Your iPhone May Be Phoning Home to the Apple HQ

Remember the saying, "E.T. Phone Home!" back in the 80s?  An iconic movie.  At one point during the movie, E.T. exclaims he must phone home.  The young boy modifies a Speak and Spell toy so E.T. can phone home.

Well now your iPhone might be the next modified Speak and Spell!  Apple has filed a patent so your phone can phone home in the event that it is lost or it's human owner is lost.

When a professional criminal steals a phone, they typically pull the sim chip out and / or jailbreak the phone.

What is a jailbreak?  Jailbreaking is a techie term for basically breaking into an operating system to make it do things that are usually locked down.  It is often done by the actual owner.  For example, past jailbreaks on iPhones allowed people in foreign countries to use them before iPhone officially made them available in foreign countries.  Apple considers jailbreaking to be a breach of service warranty and highly discourages it.

Apple filed this patent because they feel this next step in technology is necessary to locating stolen phones. In the patent they mention they want to help customers better protect their sensitive information.
Among other things, the patent would allow the device to:
-record the voice of the device's user
-take a photo of the device's users's current location
-detect and record the heartbeat of the device's user
-scan the face of the owner

Some privacy advocates don't agree.  They believe this is another way for companies to collect information, in this case some is biometric, that can be used to track you.  There are some valid points:
1.  What if Apple is hacked and the hackers take your data?
2.  Does Apple have another purpose such as finding customers that have made their warranty invalid by tampering with their phone?

What's your opinion?  A great new advance in safety to assist with kidnapping and finding lost people?  Or, Big Brother's watching?

So what do you worry about more?  Steve Jobs checking in on you or the ability to protect yourself against a professional criminal that wants to tap into your mobile and digital life by stealing your phone?


"Steve Jobs Is Watching You: Apple Seeking to Patent Spyware", Julie Samuels, August 23, 2010.

"New iPhone Security Patent App: User Protection or 1984 iSpy?", Brian X. Chen, Wired, August 23, 2010.

"Apple Patent is for Push-Based Location Update", MacTech Blog, December 23, 2010.

They Say Those Closest to You Can Tell The Most About You - Did You Expect it to be Your Smartphone?

Your digital life is in your pocket, your smartphone.

Your smartphone holds:
Phone Numbers
Current Location
Unique Smartphone ID number

You take your phone everywhere.  In some regards, it may know more about you than your spouse or best friend.

So what happens when your phone blabs all your information or secrets everytime it connects to the internet?

The Wall Street Journal recently reviewed 101 smartphone apps for the iPhone and Android phones.

56 of the 101 apps transmitted the Unique Smartphone ID number to other companies without direct consent of the phone owner.  That unique number is tied to you as the owner.  That ID number gets segmented and mashed-up with other demographics to where a trained marketer could probably guess exactly "who" you are.

5 of the 101 apps sent age, gender, and other personal details.

If you use any of the following, you might want to think twice:
TextPlus 4
Paper Toss
Pumpkin Maker

Who is buying this data?  Google is one of the biggest receivers of this information.  They use it to power AdMob, AdSense, Analytics, and DoubleClick.

Even the delightful past time of playing Angry Birds sends your phone's ID to Electronic Arts, Inc.  They say it is not shared further.

The app makers say they don't pass along your name.  Makes me remember asking who dug into the appetizers on the table before company arrived and my son said, "Mom, someone in this house did it and I don't want to say his name but the person's name rhymes with bad."  He didn't actually say "Dad" but I had enough data to know who he was talking about.


"Your Apps Are Watching You", A WSJ Investigation finds that iPhone and Android apps are breaching the privacy of smartphone users, Scott Thurm and Yukari Iwatani Kane, Wall Street Journal, December 17, 2010.

2010 Dark Side & The Force Side...Trends to Watch for 2011!

2010 brought new and interesting things to do on the internet like the free game sensation “Angry Birds”…Wondering what 2011 might bring on the internet?

2010 - 5 Headlines from the "Dark Side" of the Internet
1.  Snooping:  We kicked off the 2010 year with an attack on Google labeled Operation Aurora where it appeared that email accounts of Chinese dissidents had been snooped through

2.  Traffic Jam?  Accidental hijacking of 15% of the world's internet traffic through servers in China

3.  Critical Infrastructure:  Stuxnet worm hits industrial control systems

4.  Wikileaks

5.  Devastating Consequences:  A young man is "outed" at college after being secretly videotaped and commits suicide

2010 - 5 Headlines from the "Force Side" of the Internet

1.  Saving Lives:  American Dan Woolley of Colorado Springs said his iPhone saved his life when he was caught in the Hotel Montana in Port-au-Prince afer the Haiti Earthquake.  He used the iPhone to treat his injuries and to take steps to avoid going into shock.  He also mapped his surroundings and moved to a safer spot while awaiting rescue.  (See Mashable's story by Barb Dybwad called "Haiti Earthquake Survivor:  'My iPhone Saved My Life' ").

2.  Entertainment:  Angry Birds becomes the top dowloaded game.

3.  Voices Heard:  A man has his jail sentence commuted when his legally purchased guns were not properly registered when he moved to NJ.  His girlfriend launches a major campaign via Facebook telling his side of the story and it gets attention and he goes free.

4.  Shoppers unite! - crowdsourcing and free applications come together to put the power of competitive shopping, researching, and rankings in the palm of your hand, your smartphone, when you hit the stores.  Apps like RedLaser and TheFind give the consumer the shopping edge.

5.  Charity Hits Social Media:  Jumo, Causes, and Crowdrise provide a great platform for fundraising, connecting with others that have similar charity interests, and allows anyone from individuals to non profits to raise money for good causes.

The top trends for next year -- highlighting the fun side and some tips to stay safe from those pesky cybercreeps and cybercriminals.

Expect to see more of this:  SMISHING.   
We’re all used the term Phishing – Phishing is when cybercreeps send you an email trying to get you to click on bad links or open documents which install malicious software on your computer.  
"Smishing" is a mashup of phishing with the SMS feature on your phone.  Examples of recent smishing scams:  a bogus message on a smart phone that makes it look like it came from your bank, or store, or the phone company.  The message typically asks you to click on a link or asks you to call into a number.   If  you see a message like this, look up the number first before calling to make sure you are not a victim of smishing.  

1. Email declines, Messaging increases and Leetspeak, those short text messages, will be more mainstream   

The Death of Email has been predicted but according to my inbox, it is still going strong.  Statistics do show that email has "peaked" in popularity.  Visitors to Yahoo and Hotmail mail sites peaked in 2009 and are declining.  Gmail traffic is up.

Fun side:  Young people are adopting online chats and text messages.  Facebook offers instant messaging and is dabbling in email like services.  Leetspeak:  it’s hip, it’s quick, it’s easy to use and saves your fingers from typing.
a. What is Leetspeak?  Leetspeak, or text messages, are those abbreviated messages you may use when you are texting someone.  Most people use  them on Facebook, in emails, Twitter, and other places online.  Examples:   “IMHO” In my humble opinion or “LOL” Laugh out loud.
b.  Want to translate it?  Go to

Dark side:  But there is a dark side, when kids and young adults using texting terms  or even sexting terms to keep you from knowing what they are up to.  

a. How to Protect Yourself:  Talk to your kids.  Ask them what their texting means if you do not know or look it up by typing it into a search engine.  Example:  The top status check or phrase used in for Facebook in 2010?  It was “HMU”!  As in Hit Me Up.  Parents need to be aware!  It could just mean give me a call but it could hold additional meanings.  HMU even beat out phrases like “World Cup” “iPad” and “Justin Bieber”.

2. Location, Location, Location  

Fun side:  This is the year that we can all know where each other is at any point in time, and down to our specific satellite coordinates.
a. How?  The location information, or geocoding, is captured in your digital videos, digital photos, check in software, and more.  This is a fun way to “bump” into people and keep up with friends and family.

Dark side:  People know where you or your kids are…as well as where they are not.
a. Example:  Facebook has a new feature that can automatically check faces, compare them to previously tagged faces, and suggest the name of the person in the photo.  Handy tool?  Yes, and no.
b. How to Protect Yourself:  If you have young children and adults on Facebook, be careful about using names with their pictures.  You would not want pictures to be out of your control, posted on other people’s pages, with your kids names on them

3. Smart Phones become Mobile Life  

Fun Side:  With new features and new apps you have an amazing tool that fits in your pocket – your smart phone!
a. You will be able to leave your wallet at home and pay for things with it; you can play games on it; you can message and network with others; and you will be able to link all your social networking accounts together so you can keep up with everyone.

Dark Side:  Your mobile life is a target.  Criminals go where the action is and your phone is a popular target for cybersnooping, scams, and theft.
b. How to Protect Your Smart Phone & Your Mobile Life:
1) Know your WiFi:  Avoid free WiFi on your phone when possible.  Many people will use free WiFi when using their phone for surfing or browsing – meaning you are leaving your mobile life open for everyone to peek in!
2) Lock it:  Password lock and protect your phone.
3) Update it:  Treat your phone like a computer because it is one!  Keep the operating system up to date.
4) Bogus App Alert:  Stay away from downloading apps unless you know it is legitimate
5) Phone Locator Software:  Ask your vendor if they have a locator service that allows you to track your phone and pinpoint it if lost and perhaps even wipe the device using a command from your home computer

Three Simple Rules to have fun but also be safe:
1. STOP:  Don’t broadcast your location to strangers – assume your phone and camera always are unless you turn that feature off
2. LOOK:  Don’t click on email links or call a number provided to you in an email without on any device you own without looking at another source first
3. LISTEN:  The common sense you apply to the physical world still applies to the internet – if you would not do something offline because of safety, you shouldn’t do it online

For Locator Apps to be able to find your lost or stolen Smart Phone, talk to your vendor BEFORE you phone is lost or stolen.   You will need to register it and test settings.

Want to know what was hot in 2010?  Here is a sample of some trends that were tracked on the internet.

Top Searches for 2010 Highlighted by Google: 

Top Searches for 2010 Highlighted by Bing: 

Top Trends for Phrases and Status on Facebook from 2010:

Top Trends for Twitter from 2010: 

The Top 100 FREE Smart Phone Apps By PC Magazine:,2817,2366292,00.asp 

Apples Top 10 Paid For Apps in 2010 By Area Cell Phone: 

Wednesday, December 22, 2010

Steps to Recovery: Someone's Facebook and E-Mail Account Hacked?

If after reading this you have a suggestion, please send it along.  I would like to continue to improve this list over time for people that are victims of a hacking:

1.  The unfortunate thing about e-mail and facebook is it is all "free" so help is tough but available.  They do have fraud forms to fill out.

See also:

This is what Facebook says to do about the hacked account and money transfer scheme:!/help.php?page=1010

2.  Also, this might have happened through a PC virus.  Please stop using home and work PC until they are checked out.  Call your PC support desk or seek out a local expert to assist you with your computer to find and isolate the virus.

Microsoft provides free virus and spyware removal support to Windows customers who think they have an infected computer.

Call:   1-866-PC Safety for phone support.
Online:   Microsoft customers can also visit for
free online virus and spyware removal.

Apple provides help to computers users that believe their Mac may be infected.

Call:   1-800-APL-CARE (1-800-275-2273)
Online: Set up a phone appointment or,
request an in-person appointment at your closest
Apple Store’s Genius Bar: .

3.   IMMEDIATELY change passwords to  bank accounts.  Actively monitor  bank and credit card accounts.  Look for suspicious charges, even if they are for very small amounts.

I recommend online alert services where you can set up alerts to notify you if a transaction takes place or if a transaction is over a certain amount.  Go to your online banking page for more information.

As a precaution, also FREEZE the credit file.  Request alerts on your credit reports.  .


North Carolina offers a free credit freeze for victims of identity theft.  Check your state for more information.  For how NC works, go to the following website for more information:

Engage local law enforcement authorities.  They are committing fraud.

a.  File a report at the FBI's

b.  Contact the Federal Trade Commission.

Federal Trade Commission:
Call:   877-IDTHEFT or 877-438-4338

Also contact for more information.

Tuesday, December 21, 2010

I Whip My Hair All Around - Do We Know the Impacts of Net Neutrality?

If you only have 2 minutes to get up to speed - A Visual +  5 points on the FCC Order - Net Neutrality:

Want to send an email to your grandkids?  Press send.  
You'll get nearly the same response time as when your neighbor watches a YouTube video of "I Whip My Hair All Around" by Willow Smith.  

Basic Definition of Net Neutrality:  Think tiny smart car on the road vs. an 18 wheel semi tractor trailer.  Both are vehicles on a highway and are treated the same - same access, same costs...except what has more muscle and true right of way?

Side Note for WiFi -- For those of you that hop on free WiFi, thanks for slowing down the entire coffee shop's network while you look at the "I whip my hair all around" video by Willow Smith followed by Justin Bieber's "Baby" - you know who you are!  Not that I use free WiFI, but some of my friends do.  Not to worry yet, so far the FCC leaves wireless/cellular access largely the same in the FCC Order. 

Bottom Line:
I am holding final judgment until we can read the final FCC Order but my concern is the loser in all this is YOU.  I think you will end up paying more for the services you already have today & the rules will be more confusing.

After Reading the FCC's Press Release - What You May Get:
Rule 1:  Transparency:
-Landline providers have to give more transparency into download speeds and usage limits
-Landline providers have to publish how they manage network congestion - if they slow you down so they can speed up Google maps during peak travel times, they have to say so

Rule 2:  No Blocking & Rule 3:  No Unreasonable Discrimination
-Landline providers prohibited from blocking or slowing down content
-AT&T's home internet service could not block something like Skype or Fring because they see it as a competitor

Rule 4:  Wireless Companies shall...Oh, there is no rule #4!
-Wireless companies are, for now, less restricted because the FCC felt they needed the flexibility to handle their congestion problems

5 Points:
1.  The Internet is considered to be the foundation for 1/6 of the Nation's economy.  Any new regulation, legislation, or policy should be debated openly before we jeopardize an economic engine.

2.    Whether or not there is constitutional authority to "govern", "regulate", "legislate" the internet, via Net Neutrality, is not clear and should be reviewed and discussed.

3.  Both sides of the political aisle  are unhappy with what they think is in the FCC Order.  The FCC Order has not been published publicly, so we do not know all the details.

4.  Most people believe Net Neutrality exists today and free market principles are shaping consumer and vendor behaviors.
a.  Net Neutrality means different things - ask 50 people, you might get 50 answers.
b.  At a very basic level, it typically means all internet content and access is created equal regardless of whether it is a light burden or a bandwidth hog.

5.  FCC Order may or may not stand:
a.  It does have support from some internet giants and the White House
b.  Congress did not support earlier write ups by the FCC.  Over 300 Members of the current Congress and Senate signed a letter opposing FCC Internet regulation.  Congress has legislative powers to overturn the FCC Order, if they wish to do so, via funding as well as the Congressional Review Act; and
c.  The Court System via the U.S. Court of Appeals for the District of Columbia told the FCC they do not have jurisdiction back in a case brought by Comcast when the Court rendered their decision April 2010.
d.  Reaction in the vendor community is mixed:  Verizon concerned; AT&T said the new order was not ideal but they will work with it; and Google thinks it's a great first step but does not go far enough.

Bottom Line - Regardless of the final outcome, the prediction is:
a.  pay attention to where this leads to make sure you are informed and your voice is heard;
b.  be careful what you wish for, whenever mandates are involved, the costs are passed along and eventually are paid by the end consumer - you.

If you have 10 minutes - here is a little more information:
1/6 of the Nation's economy - is impacted by the internet.  While we are all busy with year end activities at work and festivities at home, the FCC is passing an Order for Net Neutrality.   Depending upon who you listen to or what you read, this is finally the great and fair equalizer of the internet or the end of the internet as we know it.

Bottom line:  Net Neutrality as policy, regulation, legislation, or an order should not be rushed, it should be vetted openly with healthy and vigorous debate, and we should learn lessons from past regulation and de-regulation efforts before we move forward.

Net Neutrality - It sounds like something we should all want, right?  A Neutral Internet.  Something akin to Lady Justice who wears a blindfold so all individuals have objective and equal justice without fear of favoring any group.

This write up attempts to provide some background on the various views on the Net Neutrality platform so you can decide for yourself if you like the idea, if you are concerned, or if you are net neutral on net neutrality.

In many ways, we already have Net Neutrality.  You can access any web site you want on an equal basis.  Type in the website name you want to see and presto, you've got it.  Some sites may be slower loading than others but usually that is based on the capacity of the company's web server and design.

Five Fast Facts Regarding the FCC Order:
1.  We do not know what the FCC Order looks like.  We have an inkling but it has not been released to the public.
2.  Opinions are diverse "for" and "against" the FCC Order.
3.  When you read the opinions "for" and "against", there are many points on both sides of the argument that make sense, at least in the abstract.
4.  We can only guess at what the FCC Order, if allowed to be enacted and enforced, will do to current business models and future innovation.
5.  Both sides of the political aisle have voiced they are unhappy with the FCC Order - Democrats say it does not do enough and Republicans say it is a Federal Government overreach.

Bottom Line - My Prediction is a Hit to Your Wallet:
I believe the stage is set for your internet access pricing to go UP, regardless of where the FCC Order goes.
a.  For the users that like steady and slow- your access might be free or you will just get less service for your current fee.
b.  Moderate to power users:  Want to watch your favorite sports team or look at a "how to" video on YouTube?  You will probably need to upgrade your service in the near future to a higher price to get the access you already enjoy today.

Open Debate Is Needed:
The issue of Net Neutrality and what it should or should not cover needs open, honest debate and all parties need to be heard because the internet, right or wrong, is now part of the backbone of our infrastructure.  When private sector meets public sector, where does the role of Government begin and end, especially for the internet?

Net Neutrality Definition - Layman's Terms:
1.  What is "Net Neutrality"?  Initially, the core of the concept is that everyone has equal and same access to the internet.  Regardless of who you are and the content you seek, speeds and access are the same.  Smart Cars and Semi Trucks use a road differently but get same and equal access for the same monthly price.

2.  What is the FCC Order regarding Net Neutrality?  We do not have the final language yet but we have had some sneak peaks and some guesses.  Based on the information we know so far the definition could be:  
a.  The FCC dips its toe into regulating internet content when it is accessed via an internet cable but not via wireless or mobile; and
b.  The FCC can now require transparency from companies regarding their network management practices; and
c.  There will be 2 internet lanes - fast for those that pay the toll and a slow lane for free access.

3.  What we think the FCC Order includes:
1.  Internet providers must allow access to all kinds of web content (that is legal)
2.  Internet providers cannot slow delivery of some kinds of content while putting others on the fast track but they would have flexibility to deal with network congestion as long as they disclose how
3.  #1 and #2 requirements would not apply to mobile devices that are connected to wireless networks
4.  Providers must disclose their network management practices

Note:  The FCC says it will not publish the order for several days to work through edits and reviews.

Opposition to the FCC Order:
Who is "opposed" to the current FCC Policy?  Interestingly enough, both sides of the political aisle.  Some Democrats think the FCC "sold out" to internet companies and many Republicans and Independents think this is a Federal Government overreach.  

What is the current debate about?  There is a new FCC Order called, "Preserving the Open Internet".  It has not been published for the public to see, the FCC will not ask for your opinion, and you can complain to your elected officials but they do not get a chance to vote on FCC Policy.  It might end up being something great but why do it behind closed doors?

Points to Consider:
1.  Does the Federal Government have a constitutional authority to regulate the internet?  

2.  Should the Federal Government have regulatory authority over the internet?  If yes, how deep does it need to or should it go?

a.  If yes, What Federal Government jurisdiction should the internet fall under?  The internet is a "highway", a way to "communicate", you can conduct "commerce", store information, use it instead of the "USPS".  

FCC is phone, TV, wire (not wireless), cable...Internet is kind of all of the above and kind of not.  Federal Highways have Department of Transportation.   The internet is NOT a Federal Highway.  

2.  Should the voters decide, through their elected officials, the rules for the internet?  In other words, is this better handled in the Legislative branch of our Government?  Or, does this truly reside only within the reach of a Federal Government agency?  Or neither?  Is there another option that you think is better?

3.  If the FCC Order stands, does this open the door for more Federal Government intervention into the Internet?

4.  I submit 5 practical rules for consideration when it comes to regulating the internet.  If we are going to "regulate" the internet, I respectfully submit that maybe the rules should be:
a.  easy to track & easy to enforce
b.  easy for the every day lay person to understand
c.  truly deter the "bad guys"
d.  fostering growth, innovation, and competition opening doors to new and existing companies
e.  not just a ruse to create a new tax or to put arbitrary burdens on internet users or companies

The Minister of Communications in the UK, Ed Vaizey, has looked at implementing rules and, according to the Guardina, he is watching closely to see where this path takes the U.S.

Quote from the FCC Chairman:
“We must take action to protect consumers against price hikes and closed access to the Internet—and our proposed framework is designed to do just that: to guard against these risks while recognizing the legitimate needs and interests of broadband providers,” FCC Chairman Julius Genachowski, FCC blog post.

If you have more than 10 minutes...Additional Background Information --

The Federal Communications Commission - the FCC was established in 1934 to regulate interstate and international communications by radio, TV, wire, satellite, and cable.    The internet is not really "cable" or "wire".  It is a new infrastructure and it is more than "communications". 

Mr. Genachowski and President Obama have known each other for years.  Mr. Genachowski was an editor for the Harvard Law Review when President Obama was the President of the publication.  They played informal basketball together and have stayed in touch since their days at Harvard.  Mr. Genachowski also chaired the Obama election campaign’s TMT group (technology, media and telecommunications).   White House visitor logs show at least 11 personal meetings between Mr. Genachowski and President Obama.

April 2010:
In April 2010, the U.S. Court of Appeals for the District of Columbia ruled that the FCC does not have the authority to mandate that broadband providers give equal treatment to all web traffic flowing over the internet.  The case came before the court by Comcast Corp.  In 2008, the FCC ordered it to allow subscribers using BitTorrent to do downloads.  Comcast argued they did not have the authority to tell mandate what they could allow or disallow.  Comcast had limited access for downloads that used BitTorrent because BitTorrent can swallow up capacity and create bandwidth issues.  The ruling was unanimous in Comcast's favor.  

December 2010:
On December 21, 2010, the FCC voted 3-2 to create an FCC Order that regulates the internet under the banner of Net Neutrality.

In their press release, the FCC cites Section 706 of the Telecommunications Act of 1996 as a provision that gives them authority:  "This provision directs the FCC to encourage the deployment on a reasonable and timely basis of advanced telecommunications capability to all Americans...."shall take immediate action to accelerate deployment of such capability by removing barriers to infrastructure investment and promoting competition in the telecommunications market..."

Voices of Opponents & Supporters

Internet Freedom Advocates do not think it goes far enough.

Watchdogs at the Electronic Frontier Foundation are afraid the FCC Order will squash new innovation and new company launches due to legal and costly barriers to entry.

Senator Al Franken, D-Minnesota, was on the floor lambasting that the plan does not go far enough.
He feels that if the rule passes Verizon can cut off access to Google maps and Google apps, even if they are not as good.

One of the FCC Commissioners is very concerned about the direction of the FCC on the Net Neutrality program.  His name is Robert McDowell.  Here is a quote from his explanation of his concerns were were published December 19, 2010 in the Wall Street Journal:

"...Ample laws to protect consumers already exist. Furthermore, the Obama Justice Department and the European Commission both decided this year that net-neutrality regulation was unnecessary and might deter investment in next-generation Internet technology and infrastructure.
Analysts and broadband companies of all sizes have told the FCC that new rules are likely to have the perverse effect of inhibiting capital investment, deterring innovation, raising operating costs, and ultimately increasing consumer prices. Others maintain that the new rules will kill jobs..."

You might be able to place the current Congress as an opponent to the FCC program.  Earlier this year, a large and bipartisan majority of Congress asked the FCC to stop pursuing policy and let Capitol Hill run with it. 

If the FCC Order moves forward and Congress desires to overturn it, they may be able to use the Congressional Review Act.  This Act allows Congress to vote down a regulation if they can pass a joint resolution.

"Today's action could - and should - have gone further," said Michael Copps, one of the other two Democrats on the commission. But, he added, the regulations do represent some progress "to put consumers - not Big Phone or Big Cable - in control of their online experiences."

"Internet Gets New Rules of the Road", Amy Schatz and Shayndi Raice, Wall Street Journal, December 22, 2010.

"FCC Acts to Preserve Internet Freedom and Openness", FCC Press Release,, December 21, 2010.

"Net neutrality: US expected to ratify new rules on internet access",  Josh Halliday,, December 21, 2010.

"Why you NEED to Care About Net Neutrality", Jeremy A. Kaplan, Fox News, December 21, 2010.

"The Net Neutrality Coup", John Fund, The Wall Street Journal, December 21, 2010.

"F.C.C. Is Set to Regulate Net Access", Brian Stelter, New York Times, December 20, 2010.

"Get Ready for the Two-Speed Internet", John Johnson,, December 21, 2010.

"The Internet Splits in Two", Dan Lyons, The Daily Beast, December 21, 2010.

"Why is FCC's 'net neutrality' order still a secret?", Amy Gahran, Special to CNN, December 21, 2010.

"Net neutrality compromise won’t calm new Congress", James Pethokoukis, Money & Politics columnist for Reuters Breakingviews, December 21, 2010.

"The FCC's Threat to Internet Freedom", Mr. Robert M. McDowell, Wall Street Journal, December 19, 2010.

"Report:  'Net Neutrality' Set to Become New Reality' ", Meredith Jessup, The Blaze, December 20, 2010.

"Divided FCC Adopts Rules to Protect Web Traffic", Joelle Tessler, AP, December 21, 2010.

"Preparing for the FCC's Net Neutrality Vote", Jonathon M. Seidl, The Blog at The Blaze, December 20, 2010.

"Don't Tangle the Web With Rules", Investors Business Daily Editorial, December 17, 2010.

"U.S. court rules against FCC on Net neutrality", Joelle Tessler, Associated Press, April 6, 2010.

Friday, December 17, 2010

A CyberHamburgler Hits McDonalds!

A Hamburgler hit McDonald's asking "Where's the beef?!" and found it.  Only this Hamburgler is clearly a data-tarian, he stole email addresses and birth dates of customers that signed up for deals and discounts.  Thankfully, social security card numbers were not part of the breach.  The data management is outsourced and no word yet on how this happened.

Keep in mind these breaches happen from time to time.

Walgreens recently had customer email addresses breached.


"Real Hamburglar Hacks McDonald's Database, Steals Tasty Info", Fox News - Reuters, December 14, 2010.

Strong Passwords

I taught a class on Internet Safety to 3rd graders.  We talked about examples of creating strong passwords and how to vary them across accounts.  We had fun doing it by making up phrases and turning them into crazy passwords to use.

By the way, are you a user on  If so, are you one of the 100,000 people out of their 1.3 million users that had your user id and password posted online for the world to see?

Just to be on the safe side, here are a few tips you may want to use:
1.  Vary your password across different sites
2.  Make up a phrase and use the first letter of each word alternating lower and upper case
3.  Add numbers and special characters for effect

"FBI Investigating Hack", Fox News, December 14, 2010.

Worried Whether You Say Too Much on Facebook? Now You Can Check...

There is a new site that can help you see just how much you and others might be oversharing.

The site is .

I warn you that you will be astonished by what people post, the pictures they provide, and their comments are out in the wide open.

Type into the search box:  "Divorce" and people are chronicling their messy ends to their messages.  You see their name and their profile picture.

Take some time to type in the names of your loved ones to make sure there are not any issues that you were not aware of.

From the makers of the site, here are the goals posted:

What’s the goal?

1. Raise awareness regarding the dangers of Facebook, and public online identities

2. Entertain myself and others

The makers of the site also explain their perspective on "Privacy" in this statement:

I’m not exposing anything that isn’t already public, searchable, and index elsewhere… I just put a different User interface on it and made it a little more search-friendly for the previously stated purposes.


"Site Exposes Facebook Overshares", Phil Villarreal, The Consumerist, December 15, 2010.

ACH Fraud Hits Texas - One County Government is out $200,000

$690,000 and $200,000.  That's the dollar amount of fraud that just hit Gregg County, Texas.
$690,000 was the heist.  $200,000 was the amount that could not get recovered and the County is left with the loss.

The culprit?  A computer in the tax office became infected with Zeus, that nasty little trojan that steals online banking credentials.

The fix?  They have restored back to paper deposits to avoid future cyber theft.

Quote from the Government Information Security Article:
"As long as I'm tax collector, we will never go back to sending out money electronically again," Mr. Kirk Shields, Gregg County's tax assessor and collector.

Schools, Municipalities, and Businesses are not protected under Regulation E, which protects consumers.

In Fall of 2010, Senator Charles Schumer, (D-NY) asked the Senate to consider a bill that would extend Reg E to protect schools and municipalities.

This still leaves businesses unprotected.

"ACH Fraud Hits Texas County", Government Information Security Articles, Linda McGlasson, December 15, 2010.

Lewis and Clark Now Have Help - Mapping by the Masses on MapQuest

Google Maps has been asked or told to offer opt out options for removing places of residence from their maps around the globe.  As that happens, a new service pops up, MapQuest by the people.

MapQuest has ventured into crowdsourcing.  They are allowing the "crowds", people online, to edit maps online.

Anyone can register to be map contributors.  Any rogue editors will be monitored by the community itself.

One can think of some amazing uses, especially in emergency situations.  After a natural or man made disaster, being able to notate maps with damaged roads and bridges, or to add details that would be important to loved ones and rescue teams.

Google Map has something like this in other countries but not in the U.S.

If you want to take advantage of mapping by the masses, use

"New MapQuest site shows U.S. maps for, by the people", USA Today, December 16, 2010.

Productivity Tool or Privacy Buster? You Decide.

Facebook photos are very popular.  Facebook photo usage rivals the dedicated photo sharing sites.  Facebook announced this week that it will make it easier than ever to identify friends in photos uploaded to  Facebook by using facial recognition software to suggest people to tag.

Sounds like a much easier way to inventory photos.  However, if you don't want YOUR name suggested on other profiles when they upload photos, you have to turn YOUR privacy settings for this feature off.

Otherwise, pictures of you at the neighbor's costume party might be tagged with your name for your co-workers to see!  

Consumer Bill of Rights for Internet Data Collection

The Commerce Department announced that it wants to see a consumer bill of rights on internet data collection.

The proposal draft said it would be voluntary.  The private sector could choose whether or not they would participate.  If you do participate, enforcement of the "bill of rights" would be overseen by the Federal Trade Commission.

This is a follow on to the discussion about calling for a "do not track" option.  The adjusted approach addresses the concern that the Federal Government not create a mandate that could put some companies out of business before they can even launch because they cannot adhere to the regulations.

The Commerce Department also proposed creating a "Privacy Policy Office" within Commerce to help with privacy issues on the internet.

According to the Commerce Department, almost 2/3 of American adults have changed their privacy settings on social networking profiles to manage what they share online.


"Commerce Department calls for consumer bill of rights on Internet data collection", Washington AP, December 1, 2010.

"Obama administration calls for online privacy bill of rights", David Goldman, CNN Mony, December 16, 2010.

Thursday, December 16, 2010

New Cybersecurity Coordinator to Assist in Protecting Information

The State Department announced this week that they will create a coordinator for cyber security to help protect classified materials.

The announcement was covered globally and you can see posts in the international newspapers such as the Hindu Daily, Saudi News Today, Telegraph in the UK.

Cybersecurity - It is a joint effort

Cybersecurity is a joint effort.  The Federal Government cannot solve the problems without help from the Private Sector.  The Private Sector does not have the full threat picture to go it alone.

There are a plethora of forums where the Federal Government and the Private Sector come together to share ideas and information to help fight the good fight.  But, is it enough?  Are these forums effective?  What is your opinion?

One announcement that hit the media this week was that a research agreement was signed between financial services companies, insurance companies, NIST (National Institute of Standards and Technology), and the Department of Homeland Security's Directorate called S&T (Science and Technology).

The MOU (memo of understanding), which is a signed agreement, says they will collaborate on research.

Federal News Radio quoted Aneesh Chopra, the Federal Chief Technology Officer as saying, "Financial services-banking and credit card transactions, insurance, trading and funds management, and many other business and consumer financial activities-are increasingly provided online," ... emphasizing the importance of collaboration.

White House Cybersecurity Coordinator and Special Assistant to the President, Howard A. Schmidt, posted on his blog, "As a result, threats to these services are threats to individuals, companies and the nation. Ensuring these online services are reliable, accurate, safe and secure against threats is a shared responsibility of the public and private sectors alike. Many of the innovations emerging from the partnership will extend beyond financial services to online health services, the Smart Grid, and the nation's water, transportation, and other critical infrastructures."

Press Release by NIST:  "Financial Services Sector Signs Cybersecurity Research Agreement with NIST, DHS",  Contact:  Evelyn Brown, December 8, 2010.

"NIST, DHS to partner with financial industry on cybersecurity", Jason Miller - Executive Editor, Federal News Radio, December 7, 2010.

Blog Post, Office of Science and Technology Policy, Executive Office of the President, Howard A. Schmidt, December 6, 2010.

Friday, December 10, 2010

When A Bully Games the System - Store Owner Bullies Customers to Win More Business

An eyeglass store owner in New York is accused of bullying customers as part of a bizarre marking campaign.

The NY Times quotes from a blog post supposedly written by the store owner:
“Hello, My name is Stanley with,” the post began. “I just wanted to let you guys know that the more replies you people post, the more business and the more hits and sales I get. My goal is NEGATIVE advertisement.”

Perhaps this strategy was working?  Evidently when searching for eyeglass brands, names, places to order online, his store was indeed popping up in the coveted spot:  on page #1.

A few more quotes from the NY Times article just to drive the point home:

The NY Times asks "Profitable?"

“Very,” says Vitaly Borker, the founder and owner of DecorMyEyes, during the first of several surprisingly unguarded conversations.

“I’ve exploited this opportunity because it works. No matter where they post their negative comments, it helps my return on investment. So I decided, why not use that negativity to my advantage?”

This is disappointing but not surprising that a merchant would try to game the system.  I wrote a piece on my "word for the week" a while back about "Google Juicing" where celebrities or merchants pump up stories to juice the search results on Google, even if it is negative publicity.

On December 7, the Huffington Post reported that Assistant U.S. Attomey E. Danya Perry brought the owner of the store into custody.  He is being held without bail.  They also reported that U.S. Magistrate Judge Michael H. Dolinger says there was sufficient information to believe that Mr. Vitaly Borker was considered a danger to the community.

At this point, complaints have also been filed with the FTC.  Mr. Borker has been charged with cyberstalking, interstate threats, mail fraud, and wire fraud.  He could face up to 50 years in prison if found guilty of all the charges.

Google has announced that they are making changes to their algorithms to hopefully avoid this bullying form of Google juicing to get more business.

"Vitaly Borker ARRESTED:  Alleged 'Bully' Online Retailer Apprehended in New York", Larry Neumeister, Huffington Post, December 7, 2010.

"A Bully Finds a Pulpit on the Web", David Segal, New York Times, November 26, 2010.

Microsoft Announces More Privacy Controls

Microsoft announced that Internet Explorer 9 addresses the privacy concerns of its customers.  The feature is called "Tracking Protection".

Consumers will be able to list websites that they want to limit what can be tracked about them when they visit.  The product will show them a list of sites and customers can click to choose what is okay to track and what is not or block a site from tracking altogether.

The browser will not come pre-loaded with any lists but Microsoft says they will provide a forum for consumers to share lists with each other of sites they have noted for turning tracking protection on.
The beta version of IE9 is expected early next year.

You have features you can use today if you are concerned about your privacy.

Many browsers offer "opt out cookies"

Google offers an option under their ads where you can opt out of their tracking

It will be interesting to see what the advertising and marketing firms will need to do to stay relevant as various privacy schemes go into place.

"Providing Windows Customers with More Choice and Control of Their Privacy Online with Internet Explorer 9", Microsoft's website, December 7, 2010.

"Microsoft Builds Online Tracking Blocking Feature Into IE9", Ryan Singel, Wired, December 7, 2010.

Be Aware - Your Kid May Be a Target for Joining a Botnet

I did a research project and story for WBTV earlier this year about botnet herders and how they run marketing campaigns that lure and entice young people into their lair.  Some savvy kids know exactly what they are partaking in and love the thrill of it.  Some kids think they are doing "work from home" for lucrative pay.  Often, the parents seem to be the last to know.

If you are not sure what a DDoS attack does to someone's website, I love the description provided by Graham Cluley at Sophos.  He says to think of  "15 fat men trying to get through a revolving door at the same time".  Got an image?

There are websites and forums that are encouraging people to join a botnet and they are even kind enough to offer you tools to download so you do not have to even bother with any programming.  This is risky for many reasons, I will highlight a few here:

1.  Why would you trust a tool that was built to attack websites to reside on your computer?  What will it do to your computer?

2.  Legal issues are muddy in cyberspace but we do have legal precedent where people are tried, convicted and paying penalties and/or serving jail time.

Two examples:
a.  A 23 year old man learned this recently as his trial wrapped up and he received a 30 month prison sentence for launch attacks against Bill O'Reilly, Ann Coulter, and Rudy Giuliani.

b.  A 17 year old young man was arrested recently for using "Phenom Booter" which allows gamers to score more points and even block other gamers on the popular game "Call of Duty". The UK has a Computer Misuse Act which he was charged under.

"Are DDoS (distributed denial-of-service) attacks against the law?" and "Youth arrested over Call of Duty DDoS attack", Graham Cluley, Sophos NakeSecurity, December 9, 2010.

Link to: story on Botnet Herders for WBTV

What should we do when kids are behind cybercrime?

By now most of us have read the news that PayPal, Visa, and Mastercard had a rough week on the internet during the busy holiday season.  This was due to distributed denial of service attacks launched against their company websites.

The Dutch National High Tech Crime Team thinks they have caught their man.  Well, sort of, the alleged guilty "man" is just old enough to drive by U.S. standards but not old enough to vote or join the U.S. military.  The boy has confessed to taking part in the attacks and his computer equipment is under evaluation.

Because of the duration of the attacks, it is believed he did not act alone.  The Dutch Attorney general was quoted in the IDG News article as saying "probably thousands of computers" took part in the attacks.

So what should we do when our kids are behind cybercrime?  Just as we ask in the physical world, where did we fail to teach them right from wrong, what should our response be?

2 Steps to Prevention:
1.  Education - make sure children know that cybercrimes and hacking companies as if it were a sport are a crime
2.  Awareness - teaching parents to look for the signs that their kids are not doing school work or just reaching out to others but are pursuing cybercrimes

If they find this young man guilty as charged, should he be tried as an adult or child?

"Dutch Arrest 16 year old related to WikiLeaks Attacks', Jeremy Kirk, IDG News, December 9, 2010.

Wednesday, December 8, 2010

Toys with video cameras will have consequences

New Barbie doll has a video camera and easy uploads to the internet.  Sounds like a great way to capture your daughter's tea parties and play time to send to the Grandparents, right?

The FBI issued a warning about the Barbie concerned, that in the wrong hands, the doll and or video could have disastrous consequences.

The Barbie is one of many toys on the market with built in video.  What is your reaction to this FBI warning?

Best bet is to talk to your kids about responsible video taping & home ground rules about postings on the internet.

1 in 4 of you over 50 use social networking!

Move over net generation, you are not the only ones on social networking.

It's been shown in studies that people over 50 that can use a computer and access the internet appear to be less depressed then peers their age and it may also help with ongoing mental health because of the social access and ability to read information about events, hobbies and interests that might otherwise not be available.

AARP did a recent report of the 50+ set and found that this age group is increasingly embracing social-networking sites.  According to a polly released by the Pew Internet and American Life Project said usage has grown to almost 42% of this age group uses the internet with 1 in 4 engaging in social networking.

23% are using Facebook.

17% of this group said they are "extremely comfortable" with the internet and 23% are "very comfortable", only 9% said "not very comfortable" and 13% said "not at all".

This is all great news but it also leaves this group vulnerable to spam and scams.

In general, the "old school" rules still apply:
1.  Don't talk to strangers
2.  If it sounds too good to be true, it most likely is
3.  You don't take candy from strangers so don't open files or links sent to you by strangers

Top 3 scams to worry about for the 50+?
1-Opening "greeting cards", clicking on links, or opening files that are really spam or filled with viruses

2-Emails about sweepstakes and winning the lottery
3-Clicking on pop up windows that say the computer is not protected and by clicking the notification it will be

Protections for the 50+:
1.  Never click on links or open files, even if you know the sender, without asking them about it first
2.  Up to date virus protection, browser software, and operating software
3.  If you don't remember entering a sweepstakes or lottery, you probably did not
4.  Never send bank account information via email or social networking sites
5.  Consider an internet class at your local library or community college
6.  Ignore pop ups and set your browser settings to block pop ups will eliminate most of these pesky ads and scareware

The Senior's Guide to Computers


"Older Folks Get Into Social Media - An AARP survey of 50-plusers finds more than one in four using online social networking", Mark Dolliver, AdWeek, June 15, 2010.

"Social Media Use for Older Adults Continues to Rise", Roy Wells,, August 30, 2010.

Lady Gaga, Justin Timberlake, Ke$ha and Kelly Clarkson - hackers steal their songs

Two young German man, 18 and 23, have been accused of hacking computers to steal songs from superstars Gaga, Timberlake, Ke$sha, and Clarkson.

How did they do it?  Well for starters, both men live at home with their parents.  They allegedly installed a Trojan Horse into MP3 files and sent them to each of the stars' official offices.  Once their file was opened on the computers on the stars' networks, it allowed them to steal the songs and sell them.

The investigation is ongoing.

German hackers allegedly steal pop music, Mary Lane, Associated Press, December 3, 2010.

If you see something, say something - DHS program

The Department of Homeland Security has created videos of Secretary Napolitano that will play in hotels and retail stores.  They will start with 200+ locations and plan to spread it to 600 across the nation.

According to a Time News Feed article, there is a video for Walmart stores.  The video has Secretary Napolitano asking shoppers:

"If you see something suspicious in the parking lot or in the store, say something immediately. Report suspicious activity to your local police or sheriff. If you need help, ask a Walmart manager for assistance."

If you visit the Mall of America, Amtrack, DC's Metro system, Walmart and other places you may see the video.


"Attention, Wal-Mart Shoppers, an Urgent Message from the Department of Homeland Security", Madison Gray, Time News Feed, December 7, 2010.

Monday, December 6, 2010

Facebook Launches New Look and Features

If you missed the show on 60 Minutes, no worries, with the internet, you are just a click away.  I've added a link to "Part 1" of the Interview with Mark Zuckerberg.

Facebook in less than 7 years is a global phenom.

In their offices they have the word "Hack" prominently displayed.  Keep in mind that "hacking" something in the computer engineering community is a compliment.  The word has been hijacked by bad guys and their dastardly deeds on the internet.

Interesting way they approach their staff to create and launch new features:
a.  Facebook engineers stay up all night, with their CEO Zuckerberg, doing "hackathons" to practice their craft and come up with new ideas within that time frame.

b.  Another way, the engineers get tasks assigned, go to a war room, and then they get a time limit to complete everything.

Mr. Zuckerberg has launched a new layout for profiles:
1.  Old way:  you see everything posted pretty much in date/time order
     New way:  you put your bio up at the top of the page

2.  Old way:  photos could be a tab or in posts
     New way:  scrolling photos right away under your bio

3.  New:  You can list the important people in your life on the left hand side of the page

4.  New:  History of your relationship with any of your Facebook friends

5.  New:  Graphics of what is important to you

6.  New:  Sports section of the teams you like to follow

Want to update your Facebook account to the new profile look now?  Go to:
Link to upgrade to the new profile

Facebook founder, Zuckerberg, said they will not share this information with advertisers.
They do have a large inventory of interests.  However, applications on Facebook have been found to share this information.  Zuckerberg said they shut down those applications when they find out about it.

60 minutes questions how Facebook exists if it cannot invade your's really about transparency.

The FTC is looking into it, private Privacy Groups, and the Hill are looking into it.  Facebook has hired their own lobbyist to help them with policies.

Facebook said over 200 million of their users access the application via mobile devices.

Newest product:  take your text messages, emails, and instant messages...what do you call it?  Facebook calls it "Messages" and considers it a virtual switchboard.  It is considered to be a potential email killer.

Example used in 60 Minutes:
Type "Prius" on Google and you get public information.  Type "Prius" on Facebook and you see what your friends have to say about it.

I used it to check into opinions on lego sets and other toys.

Facebook has been poaching from Google's talent base - 10% of the staff are former Google employees.

Watch the show on 60 minutes at this link:;contentAux

Friday, December 3, 2010


A new service is online called Jumo.

Jumo wants to  “do what Yelp did for restaurants,” said Chris Hughes, the leader behind Jumo.
If Chris Hughes' names sounds familiar it is because he was part of the digital side of President Obama's campaign and he was one of the founders for Facebook.

Jumo will track charities and projects.  News articles, tweets, YouTube videos, feedback will all be linked to the various charities and projects.

Not sure where to donate money or if a charity is really doing what it says it does?  Jumo can help with that.

Have a cause you love but unclear how to get connected, involved, and how to help?  Jumo can help with that too.

Have a mission or cause of your own and need to get started?  You can set up a page on Jumo.

$300 billion was donated last year to charities and non profits.  6% of that was via the internet.  Will Jumo be the killer app that brings more donations of time, talent and money via the internet?  It'll be fun to watch.

Europe launched an antitrust investigation into Google

If history is an indicator, Google should be concerned.  When Europe set its sights on Microsoft and Intel, both cases were protracted and complex, costing both sides money and time.  The European Commission has now opened an investigation against Google.

Google controls more than 80% of the online search market in Europe and roughly 66% of the market in the USA.

At the heart of the inquiry are complaints that Google unfairly favors some businesses over others, especially competing search services.

"Europe Opens Antitrust Inquiry Into Google", James Kanter and Eric Pfanner, New York Times, November 30, 2010.

Google Admits Trespassing and Pays a Settlement

Google Streetview collected photos in Pittsburgh.  Normally this involves the Google car driving past your house snapping photos.  One Pittsburgh couple says, they literally crossed the line.  Aaron and Chrstine Boring sued because their house is not on a public street but on a private road.  Their lawsuit said the Google car could only have taken the photos is they traveled to their house via a private road that was marked with a "No Trespassing" sign.

Google's defense was that the Boring home could ask for it to be removed AND the county real estate tax site had a similar photo.

Globally, Google Street View has fans and detractors.  English countryside villagers formed a human chain to block the Google car.  Germany demanded that citizens have the right to fuzz out their house or ask in advance to not have their house image included at all.

The settlement to the Borings?  $1.

"Google admits trespassing in Pa., pays couple $1", Joe Mandak, AP, December 1, 2010.

Mega-D, We're not talking vitamins here, we're talking spam

The U.S. Charges a Russian Man With Spamming

Oleg Y. Nikolaenko, a 23 year old man from Russia, has been charged with violating an international spam law.  Internet security experts estimate that, on some days, his spamming software was responsible for 1/3 of all spam mail.  They believe he is linked to the "Mega-D" which is considered a major global spam producer.  It is estimated that 500,000 or more computers are infected with Mega-D and are sending spam mails around the globe.

How they caught him:
An undercover FBI agent ordered Viagra through an email sent by Nikolaenko's operation.  When the agent received bogus herbal pills, the cyber squad from the FBI was pulled in to investigate internet fraud.

Their initial tip came from catching a man who was conspiring to sell counterfeit Rolex watches.

Of course, other spammers just want to fill the void left behind by the arrest of Nikolaenko.

Sources:  "Russian accused of mass-spamming charged in US', Dinesh Ramde, AP, December 1, 2010.

An Internet Curfew for South Koreans May Be Enacted

South Korea says it is worried about their youngsters becoming internet addicts.  Their answer?  Create a ban that makes it ILLEGAL for internet service providers to provide online gaming access to users under the age of 16 between 12 midnight and 6 am.

Many South Korean students are in school until midnight due to the demands of the school day, studying, and extracurricular activities.  So, essentially, this bans game playing.

They are also considering parental tools to help parents set limits on the maximum number of hours young users are allowed online each day.

The bill will be reviewed by their Parliament this month.

What are your thoughts?

"South Korea to Set Internet Curfew",, December 2, 2010.

Spending is up by 9% on Federal Information Security Spending

According to Mr. Chabrow of, the Federal Government will spend $13.3 billion on cybersecurity purchases from vendors within the next 5 years.  This equates to an annualized growth of 9% .

By the end of 2010, Federal Government will have purchased Information Security totaling around $8.6 billion.

Protecting information, critical infrastructure and assets is critical.  There has been a 445% increase in cyber threats in the last 4 years which may make a 9% growth rate look like a bargain?

What is your opinion?

Food for thought:
1.  Spending money on security technology does not equal security.
2.  Many security breaches are because of people; technology can help build a safety net when people make mistakes, but investments in people and process are also critical.
3.  How much spending is "enough"?  It is essential that industry continue to provide approaches to help organizations calculate the return on investment.


"Fed Infosec Spending Seen Rising By 9% a Year.  Study: U.S. to Earmark $13.3 Billion for Cybersecurity Wares by 2015", Eric Chabrow, Executive Editor,, December 1, 2010.

Do Your Computer, Phone and TV Fingerprints Leave You At Risk?

10 Billion - That's the estimated number of computers, phones, and TV set boxes around the world.  Advertisers want to know what these devices, and the users behind them, are doing so they can sell, sell, sell.

Consumers are becoming more aware of cookies and internet mailing lists and have been taking steps to protect themselves from being profiled by advertisers.  A way around user controls is to use a technology known as device fingerprinting.

The Federal Trade Commission (FTC) is working on a privacy policy to protect consumers and has hinted it will include a "do-not-track" mandate as part of the policy similar to the "do not call" list for telemarketers.

According to the Wall Street Journal's article, BlueCava, Inc. has used device fingerprinting to catalog 200 million devices and they have a big hairy audacious goal to catalog 1 billion by next year.

How Fingerprinting Works:
1.  When your phone, TV box, or computer turns on, items such as the clock, software, screen size, web browser, and what the device talks to makes it unique.
2.  Tracking companies use the digital behavior to create a profile of the device.
3.  Based on what the device broadcasts, and where it goes, the fingerprinting company builds a profile about the user behind the device.
4.  Once the device is fingerprinted, it is assigned an ID number that can be used for tracking

What Can You Do About It?
For now, very little.  You can try to throw of fingerprinting by frequently changing settings on your computer that may be very annoying to you and might not be effective in throwing off fingerprinting.

Is Fingerprinting Bad?
It depends upon your point of view.  A very good outcome of fingerprinting is in the prevention and detection of fraud.  If your device is fingerprinted and profiled for a behavior, fraudulent transactions are easier to discern such as the sudden request to do international wire transfers of all your money around the globe when you have never done a wire transfer before.

Fingerprinting companies insist they are not matching the browsing patterns back to a specific email address or name, although the technology is available for them to build this capability.

For now,  just keep up with the debate of "do not track" and just know that you are leaving digital fingerprints behind.  Someone is watching all those Reality TV shows , I think fingerprinting says it's you!

As always, would love to hear your thoughts.  Do you like the idea of fingerprinting to avoid and detect fraud?  Do you think opting out of fingerprinting should be part of the "do-not-track" option if that becomes available?


"Race is On to 'Fingerprint' Phones, PCs", Julia Angwin and Jennifer Vallentino-DeVries, Wall Street Journal, December 1, 2010.

Monday, November 29, 2010

Think You Are Not Using the Cloud? Think Again...

Microsoft has a new ad campaign showing 3 people, all working different jobs, that are "in the cloud" when they get a request about their business idea.  While still at their day jobs, they work "in the cloud", submit a response, and quit their day jobs to launch their company.

Many people that I talk to say they are not interested in using "the cloud", several are not sure what it is, and still more don't think "the cloud" applies to them.

If you think you are not in "the cloud" think again.

If you answer "yes" to any of the following, a digital aspect of your life is in the "cloud":
1.  Do your friends use Google mail?  Then their emails to you and your responses back are in "the cloud".
2.  Do you or your friends use photo sharing sites such as Flickr?
3.  Are you on Facebook, MySpace, or Twitter?
4.  Do you blog or post comments on a blog?

This is not intended to be a comprehensive of list but to illustrate a point, I think it might be easier to list what is not in the cloud these days when it comes to consumer applications and information.

The lightning speed at which cloud computing services can ask for, collect, and store your information is amazing.  Even more amazing is the ability to collate information about you with other information in an instant to create a profile that can be scary smart about who you are and what you like to do.

This information, in the wrong hands, creates a risk that is not fully understood by consumers.

Recent case in point, it was recently discovered that if your friends on Facebook played the Farmville game, that not only was their Facebook ID information sold to marketing and ad agencies, but yours was as well, even if you do not play Farmville.

Do you remember reading anything about that in the customer agreement you read and signed via a checkbox?

Tips to Protect Yourself:
1.  Man or Woman of Mystery:  Limit the personal information you share about you online.  If you post your birthdate, avoid the year and place of birth.  Do not use full names of your kids when sharing photos or other information about them on social networking sites.

2.  Thief or Grandmom Rule:  Even with privacy and security settings on the highest settings, people have had their profiles compromised.  If you would not want a thief or your Grandmom to know something about you, keep it offline.

3.  Inspect Yourself:  Go to your favorite search engine and set up a search alert with your name in it  and your kids.  This will help you track any posts that you may want to clean up.

4.  Keep It Confidential:  Never email or send through social networking sites your personal details such as credit card, SSN, bank accounts, account numbers.

Wednesday, November 24, 2010

U.S. Marshals Service - thousands of naked images on body scanners

When the new scanners came online at court houses, airports, and other places we were promised that images would not be stored or transmitted.

EPIC, the Electronic Privacy Information Center, filed a Freedom of Information Act (FOIA) request in August to determine if the promise was kept or broken.  There were 35000 images on the scanners and EPIC was given roughly 100 scans to review.  According to the report they found 100 naked images.

What they found were naked images captured on the scanners used by US Marshals Service at an Orlando courthouse.  Their findings can be seen on technology blog, Gizmodo, who posted the naked body images.

The images are not as graphic as the TSA airport scanners but EPIC did this for a reason.  They wanted to show that the technology is available that allows one to store, retrieve, and view the images later.

TSA says they have safeguards in place to prevent this from happening.


ABC News Report, November 16, 2010.

"One Hundred Naked Citizens:  One Hundred Leaked Body Scans",

New Facebook Spam Campaign Brought to You by Asprox

Facebook friends and fans beware!  A new Facebook Spam Campaign is on the loose.

The spam is spawning from a spambot named Asprox.  This is the gang behind a lot of the bogus emails purportedly sent to victims from DHL, FedEx, UPS, USPS spam.

If you get a pop up screen from "Facebook Support" it looks legitimate and the message makes you think that Facebook is really on the ball protecting you.

Facebook Service is notifying you that since spam was sent from your account, they changed your password for your "safety" and they ask you to open the zip file attachment for more information.

Here's your red flag - Facebook will not send you a note asking you to download a zip file for more information.

If you do download the file it has the Sasfis trojan in it which connects to domain name


M86 Security Labs Blog - research and the screen shot

Leading Cyber Official Says "Yes" We are At A Great Disadvantage for a Cyber Attack

Admiral J. Michael McConnell, the former Director of National Intelligence now at Booz Allen Hamilton was interviewed recently by Forbes.

He indicated that a cyber attack is inevitable.

When he was asked, "Are we at a greater disadvantage than any of our adversaries?" He answered, "
Yes, and there’s a very simple reason:  We’re more vulnerable because we’re more dependent [on technology]."

Mr. McConnell said change will only come about through dialogue otherwise it will happen after a catastrophe.

Mr. McConnell noted that intellectual capital is also at risk, not just information and money.

"Former Intelligence Chief Says A Cyber Attack Is Inevitable", Brian Wingfield, Business in the Beltway - Forbes Blog, November 23, 2010.

Geocode check in service GoWalla Goes to Disney!

Going to Disney may be a whole new experience.  Many kids like to buy pins and souveneirs.  GoWalla allows you with one swipe of your finger to check-in and collect virtual pins and badges on your smartphone while you walk around the park.  

The service will let you check, in advance, if junior is tall enough to ride the roller coaster.  It will also help you plan your day and map out the attractions you want to see.

GoWalla boasts 600,000 users today.  If the 120 million Disney visitors adopt GoWalla, that's a whole new game for this check in service.


"Gowalla Goes to Disneyland", Joshua Brustein, New York Times,  November 24, 2010

Will You Check Work Email Over the Holidays?

A new survey is out and over half of you say YES you will be checking work email over the holidays.  Xobni and Harris Interactive gave the following statistics:

59% of American workers will check email over the Thanksgiving and Christmas holidays
55% of the 59% will check it at least 1x a day
28% of the 59% will check it several times a day
42% of the 59% say it is important to check in over the holiday and some even admitted it was a welcome distraction.

For the Southern folk - the southerners are the most likely to check in boxes on holiday.

For bosses that want to be this holiday's Scrooge to keep in mind - 41% of Americans are annoyed when they get emails over the holidays


"Most Americans check work email over the holidays", Radhika Marya, Mashable, November 23, 2010.

Tech Firms May Get More Oversight

Recent breaches reviewed in testimony and briefings on the Hill have left Congress concerned that Tech Giants with gaps in their cybersecurity could be putting government websites and information at risk.  Some are proposing that the Department of Homeland Security should have the power to force Tech Giants and the owners of networks to secure themselves better.

What might this mean?

If the bill is too large and vast, this could impact tiny startups.    According to an article written by Jeremy A. Kaplan, the bill is called, "The Homeland Security Cyber and Physical Infrastructure Protection Act of 2010 or HR 6423" and the sponsor is Rep. Bennie G. Thompson, D-Miss.

The current draft of the bill gives DHS the power:
a.  to set security standards for the networks at privately held facilities
b.  they could levy penalties on websites DHS names as having gaps in cybersecurity

The current draft also creates a "Cybersecurity Compliance Division".

What is your opinion?

How do you feel about the technology company that may be providing the power behind a website that collects and displays your personal information?  Do you want tighter, the same, or less oversight of how your information is handled?

What should this look like?

Is the status quo acceptable?


"Bill Could Give Homeland Security Power Over Tech Giants",, Jeremy A. Kaplan, November 23, 2010.

Texting In Your Emergency - 911 Service to get Makeover

911 was established in 1968.  Americans call in roughly 650,000 times per day.

Sometimes maligned, I have been a staunch defender of 911 dispatch.  My family has had to use them 4 times over the past 15 years and the quick actions of the 911 person on the other end of the phone, saved my loved one's life.  One dispatcher even prayed with me as I thought I was watching a loved one pass away.  Thankfully, those awful moments are only memories and the loved ones are still with me today.

When 911 first hit the scene in 1968, many consumers were not even thinking about mobile phones much less texting.

In a recent review of statistics, the FCC found that 70% of 911 calls now come from mobile phones.  FCC Chairman, Julius Genachowski, announced the nationwide initiative this week.  Funding and timing of the initiative remain unclear but it is good that 911 is in the planning stages of the makeover.

What is your opinion?  Is this too little too late?

I would like to see the FCC also consider reviewing their processes so they can better leverage other technology such as:
a. importing geocoding from the cell phones placing the calls to better track kidnapped or victims on the move
b. perhaps even leverage popular check in software
c. ability to better leverage social networks such as Twitter for callers that are under duress.

What would your suggestions include?


"911 Getting 21st Century Update to Allow Text Messages",, November 23, 2010.

Friday, November 19, 2010

What's Your "Reputation Score" on Twitter? Wouldn't you like to know?

John Battelle asked Twitter founder, Evan Williams:  “How do you pick ‘Who to Follow’?,”.  During the course of his answer, Mr. Williams acknowledged that Twitter has a team of engineers and a system that creates a secret reputation score.  They use that to suggest who to follow.

“We might make it public,” he said regarding the score, “But it has to evolve more.”


"Twitter has a (Secret) Reputation Score for every User", Alexia Tsotsis, TechCrunch, November 17, 2010.

User Surveillance - Free or $25 bucks a head

Government surveillance has to keep up with the times.  You use Google and Yahoo for free, so why does your U.S. Government need to pay when they want to watch you?

Take heart, Microsoft does not charge.

Christopher Soghoian filed a FOIA (Freedom of Information Act) request to look at DEA spending on wiretaps and pen registers.  The wiretaps include phone and internet.  Pen registers show numbers and addresses.

By conducting his research, Mr. Soghoian determined that Microsoft does not charge but Google charges $25 and Yahoo $29 per person.

Most wiretap orders in the U.S. involve narcotics cases which fall under the DEA.

Sources:  "Google charges feds $25 a head for user surveillance, Microsoft charges zilch', Cade Metz, The Register,  November 18, 2010.

A Wake Up Call: Internet Re-Routed by Accident By Way of China

A service provider, IDC China Telecommunication, broadcasted inaccurate web traffic routes for roughly 18 minutes in April.  The inaccurate routes just happened to go by way of China's state-owned "China Telecommunciations".  Essentially sending bits and bytes from across the world through Chinese government controlled servers.

For the U.S., the bits and bytes that went across the servers belonged to U.S. companies, the U.S. government and the U.S. military.  Data from many companies and departments such as the U.S. Senate, NASA, and the U.S. Armed Forces traveled this path.

A commission was formed to investigate and no evidence was found that this was intentional.

There are lots of conspiracy theories but I find these to be counter productive.

The real questions to me are:
1.  What can companies and countries do to "own" their internet traffic supply chain?  Is it even possible or economically feasible?

2.  When accidents like this occur, what should the notification process be?

3.  What governance and assurance process could we (or should we) create to avoid a copy-cat situation that would be on purpose?

4.  How does one know for sure what was an "accident" vs. a test of capabilities?

"Report Looks at How China Meddled with the Internet", John Markoff, November 17, 2010.

The Federal Reserve Bank hacked - Secret Service Foils the Plot

Quote of note:
U.S. Attorney Loretta Lynch said this case is an example of how "cybercriminals continue to use their sophistication and skill as hackers to attack our financial and national security sectors."

A cybercriminal managed to hack his way into the Federal Reserve bank's computers and had also stolen 400,000+ credit card numbers.  Luckily for all involved the U.S. Secret Service nabbed the person believed responsible.  The man was arrested at JFK Airport, his name is Lin Mun Poo and he is from Malaysia.

The man was traveling to New York to meet with other cybercriminals.  He planned to sell the information he gained hacking the Federal Reserve and potentially the credit card numbers he had stolen.  His next plan?  He mentioned he was going to hit the ATM machines using the stolen credit card numbers.

During questioning they learned he also compromised the computers at a defense contractor.

The final tally of how bad his compromise of the Federal Reserve may not be known for a while but Federal Reserve officials said he was not able to steal money or data.

"Hacker Breaks into Federal Reserve:  Feds", Jonathan Dienst, NBC New York, November 18, 2010.

A Woman Goes to Labor Camp Over Twitter Post - China

A man and his fiancee posted comments on Twitter which mocked Chines protesters who smashed products made by Japan during a demonstration.

The man was carted away first and held for 5 days.  When he returned home, he learned from his fiancee's family that she had been taken away and sentenced to labor camp for one year.

The crime?  "Disturbing Social Stability".

Ms. Cheng, who is 46, also recently supported the imprisoned Nobel Peace Prize Laureate, Liu Xiaobo, on Twitter.

Ms. Cheng's lawyer, Lan Zhixue said, "This is ridiculous and a typical case of censorship jail.  People should not be put in jail due to their sarcastic words."

"China Sentences Woman to Labor Camp for Twitter Post", CNN Wire Staff, November 18, 2010.

New Tactics of Debt Collectors Using Facebook - Clever or Pitbull?

Most states have laws in place for consumer protections against debt collectors.  For example, many states would not allow a debt collector to begin calling everyone you know and defaming you to embarrass you into paying.

This blog post is not going to get into the virtues of or evils of debt collection.

A Florida debt collection firm allegedly used Facebook to track down a woman who owes $362 on her auto loan.  They allegedly sent the woman messages and told her family to please have her call the agency.

The woman is suing the debt collection agency.

What is your opinion?  Should debt collectors be allowed to use social networks as a means to reach people when they do not respond via phone or mail?  If yes, what should the boundaries be?  For example, debt collectors are only allowed to call during certain hours of the day.  What would the limitation be for social networks?

"Woman Says Debt Collectors Harassed Her on Facebook", Associated Press, November 18, 2010.

New Tactics of Debt Collectors Using Facebook - Clever or Pitbull?

Most states have laws in place for consumer protections against debt collectors.  For example, many states would not allow a debt collector to begin calling everyone you know and defaming you to embarass you into paying.

This blog post is not going to get into the virtues of or evils of debt collection.

A Florida debt collection firm allegedly used Facebook to track down a woman who owes $362 on her auto loan.  They allegedly sent the woman messages and told her family to please have her call the agency.

The woman is suing the debt collection agency.

What is your opinion?  Should debt collectors be allowed to use social networks as a means to reach people when they do not respond via phone or mail?  If yes, what should the boundaries be?  For example, debt collectors are only allowed to call during certain hours of the day.  What would the limitation be for social networks?

"Woman Says Debt Collectors Harassed Her on Facebook", Associated Press, November 18, 2010.

Good or Bad? Vending Machine in Japan Knows You

Remember the movie Minority Report?  As people walked by Billboards the advertising changed to meet the exact needs of the person walking by?  We have our first installment of this futuristic movie in Japan.

A Japanese vending machine is using facial recognition technology to "know" their customer.  Based on the facial recognition, the machine determines age and gender, then recommends a drink.  Better make sure I have my face cream and lipgloss on when I go! The firm said sales have tripled when compared to previous machines.

If a woman in her 20s walks up to the machine it will recommend a tea drink or a slightly sweet product.

If you go to Japan, there is a machine in place at the Tokyo train station.  There is a rollout plan to install 500 in Tokyo by March 2012.

What is your opinion?
Should it have an "opt out" feature?
What other budding capitalists will want to use this software?
If the technology cost is reasonable and reliable, could it be deployed as an alternative to help TSA with their procedures?

"Japanese Vending Machine Recommends Drinks to Buyers", Reuters, November 18, 2010.

"Check In" Software Dark Side - Troop Safety Implications

We have covered the fun and the dark side of location software on this blog before.

Examples of Check In Software:  Facebook Places, GoWalla, Foursquare, Loopt - once you check in, I can find you on a map.

Examples of Location Aware Software:  Twitter allows you to turn on your location when you tweet

Locate your friends & family easily
Earn rewards points
Special deals

Dark Side:
Reputation:  You may be broadcasting an image, based on where you check in, that you don't want to broadcast
Stalking:  Young people or women traveling alone open themselves up to potential issues

The US Air Force put out a warning recently to its troops to be careful when they use social media networks because many of the new features show exactly where you are when you use them. This is potentially devastating for U.S. forces in war zones.

To put it into perspective, we have roughly 95,000 troops in Afghanistan and approximately 50,000 in Iraq.

If you have loved ones serving overseas, thank them for their service and then show them this warning and ask them to be safe.

Sources:  "Air Force Warns Troops:  Don't 'Check In' to Wars", Associated Press, November 18, 2010.