Social Networking Privacy

Originally published in The Clarion | November 24, 2010

Before social networking websites became prevalent, it was quite uncommon for ordinary folks to establish a presence on the Web. Sure there were sites like Tripod and Geocities that enabled the ordinary Web user to obtain a free account and publish a website, but these sites did not provide the key ingredients to make things easy. There was no structure, no point-and-click and done interface, and most importantly there was no good way to intermingle my site with yours and everyone else. All of that changed with MySpace, followed by Facebook.

With the introduction of MySpace and Facebook, the Web was forever changed. No longer was the Web populated with only businesses, organizations, universities and politics. Social Networking revolutionized Web content and for the first time gave every Web user a presence, in an easy-to-use point-and-click interface. The social networking aspect of sites like MySpace and Facebook was new and fresh, and people of all ages bought in (for free of course). Just like anything else though, with frills come concerns – and in the case of social networking sites, the highest of all concerns is privacy.

The number-one privacy concern of social networking sites, in my mind at least, is the authentication method used to establish, maintain and “connect” one person to another. If you have an account on a social networking site, you know very well that most require an eMail address to be used as the user name for the account. For some people, this is not a big deal. Actually, I know of people who obtain a new eMail address just for things like their social networking accounts. On the other hand though, this is not usually the norm.

Consider this – how important is your eMail address to you? Do you receive messages from your financial institutions via eMail? If your eMail address credentials were suddenly stolen, to what degree would your personal information be compromised? Take a moment and consider all of the various forms of information you send and receive via eMail. Now ask yourself if using that same eMail address for your worldwide Web presence on a social networking site is a smart thing to do. I’ll let you come to your own conclusions. As I mentioned a couple weeks ago, there is always someone just around the corner waiting for an opportunity to compromise your identity. With social networking websites, this concern is more crucial than ever. Next week we will consider more detailed security issues with social networking websites.


eMail Security

Originally published in The Clarion | November 17, 2010

Life without eMail in today’s society is virtually unimaginable. Whether you use eMail for personal reasons, for business or both, there is no disputing the convenience of using eMail as a communications tool. eMail services come in a variety of forms, yet all use the same basic protocols for transferring messages from sender to recipient. No matter what eMail provider you use, caution should be of extreme importance when communicating with your co-workers, customers, family and friends electronically.

eMail security can be broken down into two categories. The username/password combination and message content are both sources of concern regarding eMail security. Considering your username/password combination, common sense plays a priority role. Many eMail providers have implemented tighter controls on the username/password combination over the last several years to help protect the integrity of the eMail system and individual user accounts. For whatever reason, many people feel like they cannot remember anything but basic passwords. This is simply a recipe for disaster. Without some sense of control parameters for username/password combinations, it is not unusual for some people to use very basic passwords for their eMail accounts. The most absurd example is when someone chooses to use their username as their password. Unfortunately this happens regularly and almost always results in the eMail account being compromised. Other examples of poor password selection include using a username spelled backwards as the password, using basic dictionary words as the password and using a spouse or pet’s name for the password.

A general rule-of-thumb for eMail password selection is that a password should be at least eight characters in length and alphanumeric (containing both letters and numbers). More secure guidelines for choosing a password include using both upper- and lower-case letters and special characters. A combination of all of these choices almost always makes for a good, secure and almost impossible to guess password combination. Sometimes making up a simple, easy to remember sentence and using the first letter of each word in that sentence (throwing in capitalization and numbers in place of similar-sounding words) for an eMail password is a very viable choice.

Another misconception regarding eMail is one that can very easily compromise one’s personal or business information. Contrary to popular belief, eMail services are not a secure method of communication. A simple rule to use in considering whether to send a piece of information via eMail is this – if you don’t want someone other than the intended recipient of the message to see it, simply don’t send it. Telephone or face-to-face communication are always more secure methods of exchanging information compared to eMail. Personal information including account numbers, usernames and passwords should never be sent via eMail. In our electronic society, there is always someone out there just waiting to intercept personal information for their gain. With some caution and a lot of common sense, your personal information can be easily protected when using eMail as a communications tool.


Security Basics

Originally published in The Clarion | November 10, 2010

As more and more of us become dependent on the various communications technologies of the 21st Century, concerns of privacy and the protection of our personal information become increasingly important. Our society over the last few decades has seen a shift from one of trust to one of increased states of caution. With the introduction of Internet and Web technologies into our homes and businesses, never before has our personal information been more at risk. Similar to a student’s locker combination in high school, technology users must protect personal information from the ever-present cyber bullies.

Using the locker password analogy, we must consider content to see just how important security and confidentiality is in the Internet realm. If a bully were to get my locker password, he would have full access to the contents of my locker – my books, notebooks and backpack. Common sense tells us that the bully has no interest in my textbooks. He has his own, and of what interest are textbooks to a bully anyway? My notebooks on the other hand, may be of some interest to him. Since he spends most of his time harassing others, the bully sees my well-kept classroom notes would be of some value to him. They may contain just enough information that he could use to squeak by in his classes. A method to his end goal – escaping the restrictive confines of high school, it’s fair to say my notes are most definitely of value to him.

Let’s now consider the backpack that is hanging from a hook in my locker. For a bully, this is a potential goldmine. Any number of items could be in the backpack, including my car keys, money and any number of other valuable items. By securing a simple three-digit locker combination, the bully now owns me. My lunch and gas money are now his, as are whatever other personal articles I chose to keep there. If he is brave enough, he now also has my vehicle. Definitely not a good scenario for me.

Applying this example to Internet and Web technologies of today, it should be very clear how important securing our electronic belongings really is. By obtaining one simple key (locker combination) the bully instantly owned me. Electronic credentials are no different. Take a moment to consider all of the different electronic credentials you may have. A short list might include an email username and password, online banking account credentials and access information to your social networking account. Now consider how many different accounts you have on the Web. Many of us have more than one email address, maybe a couple banking accounts and a handful of websites where we purchase items from. Are your credentials for all of these accounts secure? Is your username and password combination for all of these accounts identical or somewhat similar? Consider this – and make a habit of changing your passwords regularly. If you’re like me, you simply cannot afford not to.


Free Web Content

Originally published in The Clarion | November 03, 2010

Since its inception, content on the World Wide Web has been primarily free to acquire. From the early text-only pages to the feature-rich sites today, I know very few people who actually pay for online content. There are various subscription sites along with content providers who charge a monthly fee or provide services on a pay-as-you-go basis, but they are by far the exception. Most every site that has subscription services still provides free content in some manner. Considering traditional media outlets and the continued transformation of Web content, a valid concern has recently emerged about the future of free content on the Web.

Because of the popularity of the Web, traditional media outlets have had to add web content to their portfolio of offerings. Sometimes a necessity and sometimes to supplement advertising revenues, magazines, newspapers, radio and television stations have transitioned to the Web over the years. I am sure it would be challenging to find a traditional media outlet that does not have some sort of Web presence. In fact, some media outlets – primarily print publications – have closed the doors on their traditional publications and have become Web-only enterprises. By doing this, the publication can operate on fewer resources (including personnel). But, unless they offer a paid subscription service, they suddenly become fully dependent on advertising dollars for revenue. Time will tell how this shift in publication works for those enterprises who have ditched their traditional means of providing content to their readers.

The question comes up then, am I (or are you) willing to pay for media content on the Web? Over the years, as long as a Web user had a functional computing device and Internet access, the world was literally at his or her fingertips. The openness of the Web has always implied a free realm where any data imaginable, from history lessons to real-time breaking news is only a few keystrokes or mouse clicks away. Just because things have always been free doesn’t necessarily mean they always will be.

Those of us who have cable or satellite television service have always paid for the content we wished to consume. As content providers increased the per-customer rate they charged the television providers for their content, subscribers have steadily had to pay increasing monthly fees. What if this scenario makes its way to the Web? The idea may not be so far-fetched and quite possibly has already begun. Satellite radio is a good example of a traditionally always-free medium that suddenly became a pay-for service. Sure, broadcast radio stations are still on the air and can be consumed at no charge to the listener – but I feel it’s fair to say the subscription-based satellite radio companies are doing quite well. Only time will tell what might happen to free content on the Web – just don’t be surprised when you wake up one morning and have to slide your debit card before reading the latest news from your favorite Web outlet.