Well, since it's hit home, now, let's see if the Facebook PTBs decide to get real with the privacy settings, making them much easier for the average user to use.

http://www.smh.com.au/technology/technology-news/randi-zuckerberg-stung-by-facebook-privacy-settings-in-photo-flap-20121227-2bwv8.html

Randi Zuckerberg stung by Facebook privacy settings in photo flap

Yikes!! hotdoge3, thanks for posting such thorough information (and links). It seems that online privacy is an oxymoron :( Although I've heard about hiding my proxy through programs such as HideMyAss.com (or hma.com), "Tor proxy," as noted above, is new to me, and may be a good alternative. It has a plugin for Firefox, and IE can be configured to use it as well.

http://www.guardian.co.uk/technology/askjack/2012/dec/13/keeping-your-privacy-online

How can I protect my privacy online?

Rob wonders if an 'automated watcher' is tracking his web use and sending relevant spam

DuckDuckGo is good way to protect your privacy

Within seconds of placing an order at Amazon I received two messages purporting to come from DHL saying "Processing complete successfully". I assumed they related to my Amazon order, but I noticed a couple of odd things: (a) that they were sent to (different) email addresses that I have only infrequently used, and (b) the attachment had two extensions: pdf and zip (DH'L_Express_Processing_complete.pdf.zip).

During the summer, after booking a hotel room, I quickly received two or three emails with the subject "Booking confirmation". They were obvious spams from the poor quality of the content.

I am used to spam, and know how to deal with it. What concerns me is the apparent link between my activities and the content of the spams. It makes me feel as if there is an automated "watcher" waiting to see if I use certain sites then sending relevant spam.

In this case, all the emails were spam, and the first one was part of a virus attack. A quick search on the attachment's filename finds Graham Cluley, our old friend from Sophos, identifying the malware as a Trojan (Troj/BredoZp-S) and warning against it.

Some websites now use software that can identify visitors by name, using tracking cookies (small text files websites store on your hard drive), internet addresses, and forms filled in at other sites. (See, for example, You're not anonymous. I know your name, email, and company, and Nowhere to hide: Advertisers can now stalk you across multiple devices.)

Google is the web's biggest advertising company and one of the most obvious trackers. It uses a huge network of ads that are shown across millions of websites, DoubleClick ad-tracking, the Play marketplace on Android phones and Google Search on Apple iOS devices – unless you opt out. It also looks as though the main purpose of its Google Plus website is to get users' real names and other accurate data, which Facebook has but won't provide to Google.

http://42floors.com/blog/youre-not-anonymous-i-know-your-name-email-and-company

You’re not anonymous. I know your name, email, and company.

Sumit Suman recently visited a site, did not sign up for anything, did not connect via social media, but got a personal email from the site the next day.

Here’s how they did it.

I’ve learned that there is a “website intelligence” network that tracks form submissions across their customer network. So, if a visitors fills out a form on Site A with their name and email, Site B knows their name and email too as soon as they land on the site.

http://www.extremetech.com/computing/143030-nowhere-to-hide-advertisers-can-now-stalk-you-across-multiple-devices

Nowhere to hide: Advertisers can now stalk you across multiple devices

Advertisers want to compile as much information about you as possible. Tracking where you go, what you click, and how you search is literally their business. They use that data to target ads directly to you, and feed relevant data to their partners. With the increasing use of tablets and smartphones in daily life, advertisers have been frustrated by a limited ability to correlate traffic from multiple devices to a single person. Well, there is some good news for advertisers, but bad news for privacy advocates. A company by the name of Drawbridge has developed a system that will analyze known data from devices surfing from the same location, and supposedly pick out which devices belong to which user.

If you looked up video games recently on your MacBook Pro in Chrome, you’ll get to see ads for Call of Duty on your iPhone.

Research has been done about how much data popular websites send to third-party companies, and the results are staggering. “… the Journal examined what happens when people logged in to roughly 70 popular websites that request a login and found that more than a quarter of the time, the sites passed along a user’s real name, email address or other personal details, such as username, to third-party companies.” Filling out forms truthfully, even on relatively popular and “safe” sites, can be very bad for your privacy.

How to prevent third parties from tracking you
If you’re really worried about being tracked, you can use a Tor proxy to mask your identity by obscuring your browsing activity. The use of VPNs from other parts of the world will help reduce the ability of the advertisers to use geolocation to target you effectively.

If you’re sick and tired of advertisers watching your every move, you can take these steps, and you’ll be in a much better situation. However, the most important way to keep your information out of the hands of these third parties is to refrain from giving it out in the first place. Whenever possible, use fake names and burner email addresses to keep accounts from being correlated with a single person. There’s no guarantee that the brilliant minds behind these analytics and advertising companies won’t be able to thwart your efforts, but these steps will make their jobs a lot harder.

http://abcnews.go.com/Business/identity-theft-2013-battle-data/story?id=18039470

Identity Theft in 2013: Battle for Your Data

In 2013, we'll have to make a choice: Either we acknowledge we're at war and push back hard, or we keep pretending nothing's wrong -- and pay the price.
Frankly, this situation is insane. Practically every day, someone flags risks and makes dire predictions -- all deadly accurate, by the way -- but unless there's a class action suit pending, or an entire grid in darkness, no one seems to give a damn. Check your credit report? Only one out of five really do. Encrypt your database? "Encryption is hard." Friends, the barbarians are no longer at the gate, they're in our homes eating off our best china -- yet we can't be bothered to deal with them. The signs of things to come are everywhere -- but like a man crossing a highway blindfolded, we refuse to see what's coming.

This year the situation must change. For the next few minutes, I invite you to take off the blindfold and look reality right in the eye.

A war is being waged both here and abroad against our people, our economy, our institutions, indeed, our way of life. But until we take that seriously and respond strategically, we're in for a serious can of whoop-ass. Even a fool can see where the enemy is headed

folks are talking the talk, but few are walking the walk.

malicious programmer sneaks a malware-bearing app past smartphone gatekeepers and millions of users realize the honeymoon is over.

Note that Europe already suffered the first large-scale attack on financial accounts via mobile phones: Eurograbber, a mobile SMS keylogger scam that pumped 36 million euros out of 30,000 European bank accounts. Make no mistake, we're next.

Mega breaches of government data.
If anyone learned a lesson, it was the criminals.

This is war -- and whether the attacks come from hackers in Latvia, agents in Beijing, a botnet stretched across the globe, or the quiet employee in the next office, the adversary is the same, as is the M.O. These guys have one more thing in common: They play for keeps. So should we.

http://www.newsmax.com/SciTech/facebook-german-names-lawsuit/2012/12/18/id/468228

Facebook Rejects German Demand to Allow Fake Names

Facebook will fight a German privacy watchdog's demand to allow users to register with fake names, insisting Tuesday that its current practice fully complies with the law.

The California-based social networking site has long required users to register with their real names – a policy that the data protection commissioner of Schleswig-Holstein state says is in breach of German law and European rules designed to protect free speech online.

The commissioner, Thilo Weichert, ordered Facebook on Monday to rescind its real name policy immediately.

"We believe the orders are without merit, a waste of German taxpayers' money and we will fight it vigorously," Facebook said in a statement.

http://www.msnbc.msn.com/id/3078835/t/online-privacy-fears-are-real/

online privacy fears are real

A 20-year-old woman stalked through the Internet and killed. Thousands of e-commerce customers watching as their credit card numbers are sold online for $1 apiece. Internet chat rooms where identities are bought, sold and traded like options on the Chicago Board of Trade. These are the horror stories dredged up by privacy advocates who say the Net’s threat to personal privacy can’t be dismissed as mere paranoia. And, they say, we’ve only seen the tip of the iceberg.
consumers generally want to share as little as possible.

Complicating matters further are criminals who break into Web sites, steal the information and use it for personal gain.

Advertising firms, who stand to gain as much as any from personal data collection, have absorbed the brunt of complaints from privacy critics. But Rick Jackson, once a marketer and now CEO of privacy technology firm Privada Inc., thinks ad firms like DoubleClick are serving as an unwitting smokescreen for the real privacy problems.

“There are a lot more people tracking you than you think,”
“The data world is a very powerful and lucrative marketplace with a lot of players involved.” For evidence, he points to a Washington Post story that revealed that 11 pharmaceutical companies - including Pfizer Inc., SmithKline Beecham PLC, Glaxo Wellcome PLC - had formed an alliance and were tracking every click consumers made across their sites, then comparing notes. Consumers were never told.

“Everybody points to advertising. That’s just the tip of the iceberg,” Jackson said. “We as consumers don’t have any knowledge of what really goes on out there.”

At its heart, the Internet privacy problem is a paradox.

The Net was born as an open research tool, and thus was never designed to allow privacy or security. But at the same time, the Net seems to offer perfect anonymity, and most users behave as if they cannot be seen.

“A lot of people think about privacy but don’t really care until something happens to them personally,” said Beth Givens, director of the Privacy Rights Clearinghouse. “It’s like freedom. You don’t appreciate it until it’s gone. If you are a victim of identity theft, you experience a change of world view, you realize how little control you have over your world.”

RealNetworks, maker of popular video software, was twice accused of surreptitiously telling its programs to “phone home” and tattle on users surfing habits to the firm. Mattel Interactive had to admit it embedded phone home software called “Broadcast” in its Reader Rabbit software. Surf Monkey, which prevents children from accessing inappropriate sites, also transmits data like user IP addresses back to its maker.

In a June survey, most of the top 90 sites surveyed had polices indicating personal information would not be shipped to third parties. A follow-up survey in November revealed that most site policies now indicate firms retain the right to sell the information to outside parties, leaving the burden on consumers to “opt out.” In fact, only 30 percent of the 90 sites surveyed guarantee they won’t sell information

Privacy Rights Clearinghouse, disagrees, saying the problem from cyber-criminals is hardly 21st-century hype, since stealing digital information is so much easier than tapping phone calls or grabbing letters from a mail box. It’s also much more thorough.

http://www.technewsworld.com/perl/section/privacy/

http://www.technewsworld.com/story/76715.html

Google Play Takes Away Reviewers' Mask of Anonymity
Google has begun to require that reviewers on Google Play be signed in through Google+.
"Users who wish to remain anonymous can either sign out of their accounts and not receive the enhancements,Google will only allow user comments in Google Play accompanied by user's Google+ name and picture.

http://www.technewsworld.com/story/76320.html

Facebook Scans Private Conversations to Pad Likes
Facebook apparently has its own polling logic. Based on its perusal of users' private conversations, it assigns Likes to websites. You share a link with a friend -- you Like it. Maybe you even Like it twice. "Facebook appears to be data mining activities that users clearly intend to [keep] private," said tech analyst Greg Sterling. "This is another privacy misstep for Facebook."
never mind that the link you're sharing may concern something you abhor. Call it a case of Like fraud.

This is all the more worrisome to users because Facebook is culling links from seemingly private messages and converting them into very public Likes. This raises the question of whether private information could be made public

http://www.technewsworld.com/story/76866.html

Stallman and Ubuntu: Sticks and Stones and a Blogosphere Brawl
Spying was probably "not the idea behind the Unity tool," said Google+ blogger Gonzalo Velasco C. "I think they are struggling to become a nice 'normal user' OS, with some helping, commercial tools." Nevertheless, "it's mandatory for a GNU/Linux distribution to warn the user, and easily allow them to switch on/off such a tool. I hope Canonical rethinks that tool."

It was only a few weeks ago that the Linux blogosphere's Punchy Penguin Saloon suffered its latest round of damage thanks to the recent skirmish over the GPL, but now the popular establishment of questionable repute is actually shut down for a week for repairs.

The cause this time?

Yet another blogosphere brawl, needless to say, focusing this time on Ubuntu and its newly installed "surveillance code," as legendary Free Software Foundation founder Richard Stallman called it in a recent blog post.

"If we can only say, 'free software won't spy on you, unless it's Ubuntu,' that's much less powerful than saying, 'free software won't spy on you,'" Stallman explained.

'Just a Bit Childish'

If you've spent five minutes in the Linux community you're no doubt already aware that debate is never in short supply.

As if on cue, "FUD" was the term Ubuntu community manager Jono Bacon chose to describe Stallman's comments in a blog post of his own shortly thereafter.

"This just seems a bit childish," Bacon added.
'It Was Wrong of Me'

Fast-forward three days, however, and Bacon issued an apology.

"Unfortunately, sometimes I end up saying some things I wish I hadn't, as is the case here," Bacon wrote in a fresh post last Monday.

'They Made a Big Mistake'

"I tend to prefer Jono's handling of the situation, but at the same time there is something profoundly wrong about what Ubuntu did here," Google+ blogger Kevin O'Brien told Linux Girl.

"To me, it all hinges on it being opt-out instead of opt-in," he explained. "The fact that they did it as opt-out means that by 'the tyranny of the default,' lots of people are going to be sending their information without intending to, or even in many cases without knowing that they are doing it.

"I want Canonical to be commercially viable, but I think they made a big mistake on this one," O'Brien concluded.
'It's Mandatory to Warn the User'

Indeed, "I am very concerned about such issues," began Google+ blogger Gonzalo Velasco C.

At the same time, however, spying was probably "not the idea behind the Unity tool," he added. "I think they are struggling to become a nice 'normal user' OS, with some helping, commercial tools."

Nevertheless, "it's mandatory for a GNU/Linux distribution to warn the user, and easily allow them to switch on/off such a tool," Gonzalo Velasco C. opined.

'Unquestionably Spyware'
'The Only Way One Can Make a Living'
'The Market Will Decide'
Is there any alternative to trusting corporations?

"I doubt it," Pogson told Linux Girl. "The market will decide whether FLOSS wins there, and so far GNU/Linux is doing exceedingly well just based on price/performance."

http://www.technewsworld.com/story/76835.html

Facebook Gives a Little, Gets a Little With New Privacy Settings

Facebook has changed its privacy controls after conducting a vote on the matter that was doomed from the start to be irrelevant. Facebook claims the tweaks to its system will make it easier for users to access and understand their privacy settings, and that may be true. However, it also appears that users' timelines will be more searchable, which may be a key reason underlying Facebook's move.
For example, a new icon on the toolbar will allow users to ask three questions: Who can see my stuff? Who can contact me? and How do I stop someone from bothering me? For further information, users go to the Privacy Settings page, which will be repositioned below the Security option under Account Settings.
New Search Tool?

Not all of the changes are welcomed by privacy advocates. Users will not be able to keep their timelines out of the search tool, for instance.
Just Stay Off Facebook

The fact is, the only way for Facebook users to keep their information private is to stay off Facebook

"If Facebook were completely honest," said Levinson, "it would say 'don't put anything on Facebook or any online system if you want it to be private.'"

http://en.wikipedia.org/wiki/Privacy_law

http://thehardrightnews.com/high-tech-invasion-of-your-privacy-rights/

I cringe every time I hear people refer to Apple or Microsoft or Google as tech companies. Don’t be ridiculous! Google searches are a single algorithm, one equation.

The only improvements Google has made in a decade are subliminal ways to track you and your searches. Their “secret code” has created a detailed profile of you. They tailor all your search results so you find what you want faster and buy it faster with fewer clicks so merchants get a higher click through rate on their advertising.

Apple’s products track where you are every second of every day.

Microsoft regularly downloads so many “updates” to your PC you have to wonder what’s going on.

Why do we have to buy a whole new machine (I shutter to even call Windows a machine) every 2 years? So 100,000 Chinese programmers can re-write a billion lines of code with each new “upgrade”? With ten thousand new bugs that a million hackers around the world can use to make my life miserable?

The only solution is not to use all this technology crap anymore.
& Get off the InterNET

http://www.stuff.co.nz/national/politics/7898326/Report-damns-ministry-over-security-breaches

Report damns ministry over security breaches

At the time it was revealed an independent report highlighted the risk with the kiosks in April last year and a beneficiary advocate had raised concerns last November.

The report out today showed the Dimension Data report in April 2011 "clearly highlighted security issues that needed to be addressed including the lack of network separation".

"These findings were not appropriately followed up, addressed or escalated for management visibility and action which meant that the risks remained substantially unaddressed."

http://tvnz.co.nz/national-news/acc-makes-another-privacy-blunder-5166145

ACC makes another privacy blunder

The Accident Compensation Corporation has sent details of a client's criminal history to someone else, in another breach of privacy by the scandal-plagued company.

Waikato truck driver Bruce Liddington, received details of another ACC claimant's criminal history in the post along with his own personal details.

"His name on the top, his date of birth, and underneath that, his prison terms and sentencings, his dates he went in to the dates he finished," said Liddington, explaining the details of what the document contained.

http://www.nzherald.co.nz/politics/news/article.cfm?c_id=280&objectid=10843091

Another Winz privacy breach revealed

Mr Wills' sickness benefit was stopped last year after he was told he no longer met requirements because he hadn't provided an updated medical certificate.

He had already delivered a medical certificate and updated forms to his local Winz office and received a date-stamped receipt for the documents, but was told he had to do it again.

He complied and sent them in again.

Several days later he received an envelope with the original medical certificate and other missing documents in it.

"It had a wee note from someone simply signing themselves as 'J' - saying that these were amongst documents that had been sent to them," Mr Wills said.

"Whoever it was, it was very nice of them to drive by and pop them in my mail box."

In a second case a Wanganui man said he went to Winz for a work seminar and was given a folder with job listings. He said it contained a document with another client's personal information.

In a third incident, Whitirea student Jean Eltringham was given another client's details in a pile of papers during a meeting at a Kapiti Winz office in August.

http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10842677

Winz spends up on fashion so you can get a job

A recent university graduate on a benefit told the Herald she received about $1160 under the scheme this year.

She was given $160 for clothing and transport when heading to a job interview in Wellington and after being offered the job was given another clothing allowance worth $500 for her first week of work.

She bought a winter coat, jeans, a shirt, scarf and cardigan from Glassons and shoes from Number One Shoes.

After she got the job she found out she didn't get paid until she'd been working for a fortnight, so $500 more was put in her bank account to tide her over until pay day, because "the benefit payment stops as soon as you sign the contract".

http://salient.org.nz/features/how-to-rip-off-winz

Has your old cell phone died? If you are on the unemployment benefit, pay WINZ a visit. Tell them you are looking for work, and they’ll give you a new one (if you haven’t got a landline).

“If you pay your power bill and that means you have insufficient money for food, then you can get a food grant.”

And if your head is lacking hair and you look so disfigured that you need a wig, you can apply for that too.

I miss that one but did not need to pay back $3000 as I said I have no money they said ok we for get it. PS $3000 was a over pay mean by wins muck up.

http://gizmodo.com/5945993/no-your-private-message-are-not-public-on-facebook/

You might have read somewhere today that Facebook made your pre-2009 private messages public on your own Timeline. And on your friends' Timelines! This would be a huge scandal, except it's not true at all.

http://www.makeuseof.com/tag/top-privacy-tips-facebook-timeline-applications/

The Top 5 Privacy Tips For Facebook Timeline Applications

http://www.makeuseof.com/tag/remove-spam-apps-ensure-app-privacy-weekly-facebook-tips/

How To Remove Spam Apps & Ensure App Privacy [Weekly Facebook Tips]

http://www.makeuseof.com/tag/roundup-5-mustknow-critical-facebook-privacy-tips/

ROUNDUP: 5 Must-Know Critical Facebook Privacy Tips

http://www.makeuseof.com/tag/facebook-friends-lists-interests-circles-facebook-hack-tip-week/

Using Facebook Friends Lists For Interests Or Circles [Facebook Hack Or Tip Of The Week]

http://www.makeuseof.com/tag/3-things-you-need-to-know-about-photo-tagging-in-facebook/

3 Things You Need To Know About Photo Tagging In Facebook
Moreover, you can control Who sees tag suggestions when photos that look like you are uploaded. This is key because Facebook has a powerful face recognition software that will recognize you in new photos based on old photos your face was tagged in. If you do not ever want to be tagged automatically, set this to no one.

http://www.makeuseof.com/tag/permanently-delete-facebook-account-weekly-facebook-tips/

How To Permanently Delete Your Facebook Account [Weekly Facebook Tips]

http://www.jackcola.org/blog/123-how-to-delete-and-start-your-facebook-from-scratch

How Do You Delete Your Facebook Account And Start From Scratch
By following this tutorial, you will be able to use your same email address, Facebook username, and password, but you will lose everything such as status updates, posts, comments, pictures and friends.

http://www.v3.co.uk/v3-uk/news/2215992/rsa-europe-2012-facebook-use-has-eroded-online-privacy-forever-claim-security-experts

RSA Europe 2012: Facebook use has eroded online privacy forever, claim security experts
LONDON: The huge use of social networks like Facebook means internet users have already lost any chance of online anonymity, according to security experts from Symantec, RSA, Jericho and Qualys.

Symantec chief technology officer Greg Day said that users who have already posted basic information on Facebook would find it tough to remove it in the future.

"People are realising what they're posting online and want to retract back. People want to remove their date of birth from their Facebook page, but it's already out there," said Day, speaking at the RSA Europe conference on Wednesday.

Qualys chief technology officer Wolfgang Kandek went on to warn that the ongoing presence of the data online can allow companies and criminals to learn other key details.

"If you have date of birth, sex and postcode you can identify the person from 85 percent in the Western world," said Kandek.

RSA programme chairman Herbert Hugh Thompson added the data could cause lasting damage to social network users outside of the digital space.

"It's fascinating when you think about hiring discrimination especially in US, where you can't discriminate on key things like sex, age, race," said Thompson.

"If you start to search for someone, you naturally find out some of these things. It's such a slippery slope."

Thompson went on to warn that the issues around social network privacy come as a part of wider concerns regarding European data laws.

http://www.v3.co.uk/v3-uk/news/2215664/rsa-europe-2012-privacy-regulations-blamed-for-hampering-antihacker-fight

RSA Europe 2012: Privacy regulations blamed for hampering anti-hacker fight
LONDON: Well-meaning activists and laws designed to protect people's privacy are hampering businesses and security vendors' ability to defend against cyber attacks, according to security vendor RSA.
RSA executive chairman Art Coviello claimed that well intentioned policies have stopped security experts making adequate changes to their defence models to protect their data, while simultaneously punishing them when breaches do occur.
"The CIO of a leading manufacturing company in the EU told me the government has laws that state he must protect personally identifying information in his possession or run the risk of strict fines and penalties," said Coviello.
"However, if he implements the policies he needs to protect that info, he could inadvertently break laws designed to protect his workers' privacy. He can't win."

http://www.hamiltoncomputerclub.co.nz/links.html

See More serious privacy tools

http://www.tweaktown.com/news/23358/tor_traffic_can_now_be_disguised_as_skype_traffic_to_fool_government_censors/index.html

Tor traffic can now be disguised as Skype traffic to fool government censors
Tor is a popular program which enables people behind heavy government censorship to view the entire unobstructed internet. It's basically a proxy server which encrypts the outgoing packets so that they can't be snooped on. Unfortunately, these data packets can still be identified so the traffic can theoretically still be blocked.
tor_traffic_can_now_be_disguised_as_skype_traffic_to_fool_government_censors
Computer scientists have now come up with a way to mask these data packets as Skype traffic. This makes it near impossible for the government to block the data packets. If a government were to block Skype, there would be a massive outcry from other governments and the citizens themselves.

I deleted the direct links to "spokeo" and "beenverified".
When you want to use those sites, please read the reviews before and be hesitant to give them your private data.

graylox

http://www.wariscrime.com/2012/03/15/news/why-social-media-is-killing-your-online-privacy/

With Google at over 2 billions users, Facebook at over 845 million users, and Twitter at over 300 million users, these companies have data stores which are literally worth billions of dollars. They use this information to sell ads on their own network (e.g., Facebook generated $3.2 Billion last year in advertising revenue — not bad huh?), or sell the information to companies like DataSift.
Facebook starts sending ads to your “friends” based on this information, and even uses your name and photos in the ads. And soon, all of that information will end up in the hands of DataSift.
If you want to see the end result of all this lost privacy, go to Spokeo and enter in your name and state.

http://www.mywot.com/en/scorecard/spokeo.com

If You Aren’t Part of the Solution, You Are Part of the Problem

If you go to Spokeo’s Privacy page (where you can find out how to remove your records from their service) you can see all the ways they collect information about you for their service — namely, by aggregating data from the following sources:

Phonebooks
Social Networks
Real Estate Records
Marketing Surveys
Online Maps

http://news.cnet.com/8301-31322_3-57388097-256/in-the-world-of-big-data-privacy-invasion-is-the-business-model/

Meanwhile, it's absolutely ludicrous that the U.S. can't provide us with privacy and data protection laws that are at least as strict as those in Europe.

http://www.mywot.com/en/scorecard/beenverified.com

http://en.wikipedia.org/wiki/ChoicePoint

http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1

The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say)
The upshot, according to this official: “Everybody’s a target; everybody with communication is a target.”

http://publicintelligence.net/do-you-like-online-privacy-you-may-be-a-terrorist/

A flyer designed by the FBI and the Department of Justice to promote suspicious activity reporting in internet cafes lists basic tools used for online privacy as potential signs of terrorist activity.
Pay cash, Encryption. (pdf to download).

ok in XP but my WOT not work so I get Chrome SRWWare Iron & Iron Portable can get at portableapps.com.

http://www.comodo.com/home/browsers-toolbars/browser.php

Ran this through installation in the XP Mode VM, choosing the Portable option during install. I still recorded 423 new registry entries, BUT, copying just the program folder to other Windows installs it is indeed portable -- seems to work fine in XP & win7, with no recorded changes to Windows, so maybe the biggest hassle is installing to a VM or using something like Timefreeze or Returnil if those 400 new entries would bother you.

Now just have to try it out & see how it compares to the Chrome portable versions I've been picking up at portableapps.com.

http://www.h-online.com/security/news/item/Dropbox-left-login-door-open-for-4-hours-1264195.html

Dropbox left login door open for 4 hours

Dropbox has admitted that an erroneous code update on Sunday 19 June allowed logins without authentication and allowed users to access files held by other users of the file synchronisation service. This occurred at 9:54PM UK time and the error went undetected for just under four hours until Dropbox discovered it (at 1:41AM); a fix was deployed in five minutes and all logged in sessions were dropped.

The Dropbox story continued...

Just found this interesting article in my mailbox, written by Woody Leonhard on the Windows Secrets webpage:

Re-examining Dropbox and its alternatives

Some excerpts:

You may find those(TOS) terms chilling, but Dropbox does make a compelling argument in its favor by comparing its Privacy Policy with those of Apple, Google, Skype, and Twitter. Apple and Google store data online and have similarly broad-reaching policies. Skype and Twitter aren’t quite so broad, fitting the nature of their service.

Depending on your level of security comfort (or paranoia), you have four possible choices if you want to synchronize data in the cloud:

You can use Dropbox, realizing that the staff of Dropbox has the capability to read your data and send it to duly constituted authorities in some jurisdiction or another. If you understand the situation and it doesn’t bother you, more power to ya!

You can encrypt your data before Dropbox gets it. The people at Dropbox recommend TrueCrypt, which runs on Windows, Mac OS X, and Linux. In general, all you have to do is put a TrueCrypt-encrypted file inside your Dropbox folder and change one setting on the TrueCrypt file. Dropbox has a forum thread that describes the approach and some of its problems. Suffice it to say that most people find it works easily. The major downside? It doesn’t work on mobile devices, and file uploads and downloads might take longer.

You can use one of the integrated Dropbox third-party routines that perform encryption and decryption. At this moment, SecretSync and BoxCryptor are the best-known representatives of the genre. Both work with the Dropbox API and allow you to encrypt and decrypt the data with your own keys. Dropbox still encrypts the files (a second time), but should the occasion ever arise where Dropbox or some nefarious person uses the Dropbox key, the resulting file will still be scrambled — and you’re the only one with the key.

Please do read the full story on windowssecrets.com.(and maybe vote for it)

So...YEAH ,still sticking with my Dropbox...with and without secondary encryption :)

http://dereknewton.com/2011/04/dropbox-authentication-static-host-ids/

Under Windows, Dropbox stores configuration data, file/directory listings, hashes, etc in a number of SQLite database files located in %APPDATA%\Dropbox. We’re going to focus on the primary database relating to the client configuration: config.db. Opening config.db with your favorite SQLite DB tool will show you that there is only one table contained in the database (config) with a number of rows, which the Dropbox client references to get its settings. I’m going to focus on the following rows of interest:
email: this is the account holder’s email address. Surprisingly, this does not appear to be used as part of the authentication process and can be changed to any value (formatted like an email address) without any ill-effects.
dropbox_path: defines where the root of Dropbox’s synchronized folder is on the system that the client is running on.
host_id: assigned to the system after initial authentication is performed, post-install. Does not appear to change over time.
After some testing (modification of data within the config table, etc) it became clear that the Dropbox client uses only the host_id to authenticate. Here’s the problem: the config.db file is completely portable and is *not* tied to the system in any way. This means that if you gain access to a person’s config.db file (or just the host_id), you gain complete access to the person’s Dropbox

http://www.stuff.co.nz/technology/digital-living/5018617/Journo-arrested-at-IT-security-conference

A Fairfax journalist was arrested by Queensland Police yesterday after an article he wrote about vulnerabilities in Facebook's privacy controls.
He was later released without charge but police retained custody of his iPad.
Christian Heinrich, demonstrated how he had gained access to the privacy-protected Facebook photos of the wife of the HackLabs director, Chris Gatford.
Mr Heinrich told Fairfax Digital he gained access to the photos to show that people who use social networking sites should not trust their privacy settings.
Grubb reported that it was well-known in the IT security community that the two security experts did not get along.

http://www.stuff.co.nz/technology/digital-living/5019865/Facebook-trade-in-female-images

Facebook trade in female images
Images of scantily clad women are being widely circulated without their knowledge through a private "men's only" Facebook group

http://www.zdnet.com/blog/igeneration/dropbox-deceived-users-over-security-files-are-open-to-government-searches/9959

Data held in Dropbox was and still us vulnerable to inspection by U.S. authorities.
You shouldn’t use Dropbox if you have something to hide.
Dropbox, one of the favourite cloud synchronisation services available for free, ‘deceived’ its users about the security and encryption of its cloud storage services.

http://www.theregister.co.uk/2011/05/16/dropbox_ftc_not_good_enough/

"Dropbox's customers face an increased risk of data breach and identity theft because their data is not encrypted according to industry best practices,"

Well, "the authorities" are not the biggest threat in our part of the world (at least that's what I hope) but that's different in other countries.
What I understood from these articles is the fact, that others as well could have access to the users' data, because the employees could decipher the passwords.
I have read elsewhere, that most security breaches are not caused by hackers but by employees.

graylox

Thanks Graylox.. some mighty interesting and educating stuff to read.

Still ,I'm quite happy with the Dropbox facilities... even with the new TOS and its 'file deduplication'.

Looks more like a craze trying to discredit Dropbox.

Anyway:

about government data requests...
Just so you know, we don’t get very many of those requests — about one a month over the past year for our more than 25 million users. That’s fewer than one in a million accounts.

I think most people can live with that.What do we have to hide anyway... :)

Then again I'm not talking companies and data mining by non authorized personnel.

No, I'm not trying to compete against hotdoge posting horror news ;)

Nevertheless, here is another privacy threat which grabbed this old paranoiac's attention:

Dropbox Lied to Users About Data Security, Complaint to FTC Alleges

How Dropbox sacrifices user privacy for cost savings

And the updated answer in the Dropbox Blog:
Privacy, Security & Your Dropbox (Updated)

Just another reminder, that there is nothing like privacy in the net.

graylox

http://www.wired.com/epicenter/2010/05/facebook-rogue/

Facebook’s Gone Rogue; It’s Time for an Open Alternative

Soon everybody — including your uncle Louie and that guy you hated from your last job — had a profile.

And Facebook realized it owned the network.

my kids are on facebook not use they name so if you go for a job can not look you up.

It has been said, repeatedly, what/what not to post on the different web sites, especially the social networking sites, and public forums/MBs. The more I read about Facebook, the less I put on my page, and the more I batten down the security hatches. Also, though, I don't discuss anything political online.

http://epic.org/2010/05/new-facebook-privacy-complaint.html

New Facebook Privacy Complaint Filed with Trade Commission
Today, EPIC and 14 privacy and consumer protection organizations filed a complaint with the Federal Trade Commission, charging that Facebook has engaged in unfair and deceptive trade practices in violation of consumer protection law.

TrackBack URL for this entry:http://privacy.org/cgibin/mt/mt-tb.cgi/939

http://epic.org/privacy/facebook/

What’s the difference between Facebook’s revised privacy settings and the old ones?

Under the revised privacy policy, Facebook now treats the following categories of personal data as “publicly available

information:”

• users’ names,• profile photos,• lists of friends,• pages they are fans of,

• gender,• geographic regions, and• networks to which they belong.

By default, Facebook discloses “publicly available information” to search engines, to Internet users whether or not they use Facebook, and others. According to Facebook, such information can be accessed by “every application and website, including those you have not connected with . . . .”

I thought that Facebook’s had a privacy policy… why doesn’t this protect users?

Facebook’s privacy policy doesn’t actually protect users, it misleads users into believing that their information is safe, while the site actually discloses information to third-party application developers and the public. Facebooks’ revised privacy policy mandates the sharing of large amounts of personal information, whether or not users what to share that information.

What’s so bad about friends lists being deemed “publicly available information?”
Dozens of American Facebook users, who posted political messages critical of Iran, have reported that Iranian authorities subsequently questioned and detained their relatives. According to the Wall Street Journal, one Iranian-American graduate student received a threatening email that read, “we know your home address in Los Angeles,” and directed the user to “stop spreading lies about Iran on Facebook.” Another U.S. Facebook user who criticized Iran on Facebook stated that security agents in Tehran located and arrested his father as a result of the postings. One Facebook user who traveled to Iran said that security officials asked him whether he owned a Facebook account, and to verify his answer, they performed a Google search for his name, which revealed his Facebook page. His passport was subsequently confiscated for one month, pending interrogation.

https://addons.mozilla.org/en-US/firefox/addon/60333/

The Firefox Addon for the GoogleSharing system. GoogleSharing ultimately aims to provide a level of anonymity that will prevent google from tracking your searches, movements, and what websites you visit.

By default, the GoogleSharing addon proxies requests for appropriate Google services to a GoogleSharing proxy that is operated and maintained by the GoogleSharing team. No user information of any kind (IP addresses or URLs visited) is logged by the proxy.

http://blogs.zdnet.com/security/?p=6291&tag=nl.e550

http://www.betanews.com/joewilcox/article/Which-is-eviler-Apple-Facebook-or-Google/1273166872

Which is eviler? Apple, Facebook or Google?

Three monopolies. All vying to be the next Microsoft. Will one of them succeed, and will it cost you dearly?

Hi copmom 2007 !! or did you mean 2009 !! not find

http://blogs.techrepublic.com.com/hiner/?p=3942&tag=nl.e101

Google promises Chrome is not phoning home with your Web data !!

http://www.v3.co.uk/v3/news/2254564/google-boss-dismissive-privacy

http://pcpandit.com/index.php/internet/stop-google-from-saving-your-search-queries.html