Is Your Wireless Carrier Tracking Your Surfing Habits (Maybe)
Oh what your mobile phone carrier knows and tracks about you! A one-page document from the Justice Department‘s cybercrime division shows how cell phone companies record and retain your call and surfing activity (calls, text messages, web surfing and approximate location). Here’s a summary of how each company retains your information (full details in the image below):
- Verizon Wireless – rolling one-year records of cell tower usage & what phone accessed what web site
- AT&T / Cingular – ongoing records of cell tower usage since July of 2008
- T-Mobile USA – doesn’t keep any data on Web browsing activity
- Sprint Nextel’s Virgin Mobile – 3 month record of text content
- Other than Virgin Mobile and Verizon, none of the carriers keep texts but they keep records of who visited a particular web site.
- Verizon keeps some information for up to a year that can be used to ascertain if a particular phone visited a particular Web site
- Sprint Nextel’s Virgin Mobile keeps the text content of text messages for three months. Verizon keeps it for three to five days. None of the other carriers keep texts at all, but they keep records of who texted who for more than a year.
- AT&T keeps up to seven years of records of who texts who — and when, but not the message content. Virgin Mobile keeps that data for two to three months.
Skype’s Apple Mac Client Has a Dangerous Flaw
It was recently discovered that there is a significant security hole in the Skype design for Apple Mac users. While logged in to Skype, a security researcher discovered a zero day vulnerability (meaning that the software developer, Skype, doesn’t know that the security hole even exists). This hole can give a hacker temporary remote access to the victim’s Mac via Skype. In other words, it means that someone else can take control of your computer while you are logged into Skype.
Solution: For now, I recommend you update your software with the fix made available on April 14th. To do this, get into your software and click on Skype -> Check for Updates, or you can download the software here. Make sure you check for an even newer update in the coming weeks.
Skype has been alerted to the problem and released the following statement:
“Last month, we were contacted by Pure Hacking, a group of ethical hackers in Australia, who reported what they believed to be a zero-day vulnerability in Skype for Mac 5.x. This vulnerability, which they blogged about earlier today, is related to a situation when a malicious contact would send a specifically crafted message that could cause Skype for Mac to crash. Note, this message would have to come from someone already in your Skype Contact List, as Skype’s default privacy settings will not let you receive messages from people that you have not already authorized, hence the term malicious contact.
Facebook Email: Putting Every Last Egg in One Basket
Facebook wants a piece of every social interaction you have, which is why they are poised to offer you a free email account, just like Gmail or Hotmail.
Facebook’s newest features (email and eventually a built-in search engine) are aimed at making their website your one-stop shop for all things internet. Rumor has it that at 10:30am PT, Facebook will offer their existing users email addresses. And millions of existing users will take them up on their offer because it will be cool to have a Facebook email account and because we are all in short supply of email accounts to check 24/7. Other sources are saying that Facebook will soon be offering a search engine as well.
As of December 2009, Gmail had over 1.8 million monthly users. Facebook currently has more than 500 million active users – even if a fraction of them use Facebook’s webmail in place of Gmail, it will significantly decrease Google’s hold on the industry. And Hotmails, and Yahoo’s. Why check 3 sources of information (mail, social networking, search) when you can simply check one?
Google Maps Street View: Removing Your House
According to Google CEO Eric Schmidt, if you are looking for more privacy, then you should move.
His callous remark came during a discussion on Google Maps Street View cars, which were found to be illegally collecting e-mails, passwords and surfing habits while photographing your neighborhood.
Appearing on CNN’s Parker Spitzer a week ago, Schmidt made a bold statement that was eventually edited out of the broadcast. He said that said individuals who did not want the Street View cars to snap photos of their homes should “just move.” Schmidt then told The Hollywood Reporter, “As you can see from the unedited interview, my comments were made during a fairly long back and forth on privacy. I clearly misspoke. If you are worried about Street View and want your house removed please contact Google and we will remove it.”
You can have your house removed from Google Maps Street View. Here’s how (see video):
- Go to maps.google.com.
- Locate your house by typing its address into the search box and pressing Enter.
- Click the red push-pin marker representing your house on the map.
- Click Street View.
- Adjust Google Maps Street View by clicking the left and right arrows on the Street View image until you see your house.
Privacy Means Profit: Lock Your Business Docs
The following is an excerpt from John’s latest book Privacy Means Profit. To learn more and to purchase the book, visit our website www.ThinkLikeASpy.com.
Locking up sensitive documents is one of the most important and underutilized ways to protect company data. Of the individuals surveyed by the Ponemon Institute, 56 percent state that over 50 percent of their company’s sensitive or confidential information is contained within paper documents. Since 49 percent of all breaches involved paper, locking up what cannot be eliminated or destroyed is essential. To get you firmly into the business mind-set of thinking like a spy, start with this simple three-step classification process:
1. Classification: Set up a classification scheme. For example, you might have four levels of access: public, internal, classified, and top secret.
- Public documents are the only documents meant to be seen by outsiders (the public). This might include sales and marketing materials, websites, public filings, and the like.
- Internal documents are those appropriate for employees of the company to see, but inappropriate for outsiders. These are generally not high-risk documents, still it’s better to keep them confidential, just in case.
- Classified documents are a security risk if the wrong people see them, either internally or externally. Only certain employees and executives would have access to these documents (see step 2). Classified documents might include human resource files,customer lists, product development papers, department financials, strategy frameworks, and so on.
Facebook: Press 2 For Law Enforcement
I received an email last night from a well-known TV anchor wanting my input on a new Facebook issue. He’d read that when calling Facebook Headquarters, the automated attendant comes on and gives you options to reach each department, and the second option was to press 2 for “law enforcement.”
It could seem odd to many, but it’s true. If you call the Facebook Headquarters (650-543-4800) and reach the switchboard, the 1st option is “For customer support, press 1″ and the second option is “For law enforcement, press 2″. Law enforcement comes ahead of business development, marketing, press, and employment verification in the list of options.When you press 2, the next message says: “This message is only for members of law enforcement. Please note that due to a very large volume of incoming calls, the current call back time is two to four business days. For a faster response, please leave your work authorized email address… A member of Facebook’s security team will email in a timely manner.” Which means that Facebook is very busy fielding calls from law enforcement.
The anchor, and the rest of us, want to know why!
Sileo In the Media
Privacy Project Newsletter
Tools and tips for bulletproofing yourself against identity theft, data breach and corporate espionage. Subscribe to the newsletter and get John Sileo's 7 Survival Strategies for Starving Data Spies for FREE!
