Results tagged “Facebook”

One of my personal guidelines with computers and IT is that if I accidentally receive credentials or access possibilities to other people's accounts I do not take advantage of it without consent of the owner.

Usually I get access to such information because I'm fixing computer and software problems for friends, relatives and acquaintances. But from time to time I receive account information which I didn't subscribe or enter. In the past few years it started slowly but became more over time and shown a very specific pattern: it all involves one of my mail-accounts and it seems that there is somebody out there who has a very similar mail account with only a single letter difference. And this person seems to regularly create accounts and get its own mail-address wrong. Several attempts to notify this person or get into contact were unsuccessful. At one point I even got my hands on a phone number but I never reached anyone with it.

There are still too many services and websites out there which do not require a confirmation click via email but just create an account without checking if provided mail-addresses are correct. I wouldn't mind a single mail which I don't respond to and be through with it but life isn't that easy.

I'm now pretty much fed up with the constant notifications, reminders ("...please come back to XYZ...") and mails involving such erronous subscriptions to services and websites. Especially Facebook seems to be pretty stubborn and manages to escape my filters constantly but also a pile of gaming-accounts and logins to some other websites have accumulated.

In a short while I'm going to shut down all the accounts using my mail-address. For that I'm going to request a password-reset, log in to those accounts and deactivate them (if possible). I'll try to keep information sniffing at a minimum but if I see additional possible contact info maybe I'll do another contact try. Nevertheless all accounts which show no further activity (e.g. another credential reset by the "other" user) for some time then will be shut down permanently.

Gah, I hate to do this but you left me no choice...

Update 2014-03-01: Deleting a Facebook account is nothing short of complicated. All that Facebook offers (more or less) directly available is the possibility to deactivate your account. But this is in reality just snake oil as your account still exists and allows further logins and data profiling and just hides almost everything from others. To really and permanently delete your account one has to dig deep, and I mean really really deep, in Facebooks help and info pages to almost accidentially trip over this link:
https://ssl.facebook.com/help/contact.php?show_form=delete_account
With this link you can tell Facebook to really delete your account and all associated data which they at least promise to do after a 14 day cooldown period where you can still decide to change your mind. Which I won't do as I didn't even sign up myself in the first place...

|

A few days ago I have been told again that my blog lacks the 'Like' button. Since that has not been the first time that I received this request and I had a few spare hours yesterday I decided to give it a go.

But I didn't want to include the social networking buttons of the most common networks without further care. From other webpages I know that some 'Like' buttons add significantly to the load and display time of websites if they are not very multimedia intense. I consider my blog to exactly fall into that category and therefore I want to avoid to double page loading times just for adding some tiny icons. Furthermore, in the mist of the Snowden/NSA revealations, I do not want to the visits of my postings to be automatically tracked by a multitude of different companies all over the internet.

Granted, I use Google Analytics for tracking the visits to my blog and individual posts to find out which area draws the most interest and how much traffic in general is receiving at my blog, but I set the "anonymizeIp"-parameter in my tracking to disallow the storage of detailled visitor IP addresses for Analytics processing. Yeah, I know it's not 100% anonymous and you still have to trust Google to respect this setting independend of their promises, but for me that's the acceptable balance between cost and benefit.

Back to the social network integration. To value the visitors experience and proactively counter the NSAs tracking abilities I decided to use a 2-staged approach in my blog. This means to Like/Tweet/+1 one of my postings or see the number of tweets/+1's (doesn't currently work for FB) one has to "activate" the specific button with a single click in advance. If this activation is not performed, no data or request is sent to the respecting server/company.

In my blog I use the solution of the Heise publisher, 2 Klicks f�r mehr Datenschutz, which they provide free for usage on their project page. It took me some time to integrate it on my blog, mainly because the sourcecode which they provide is not compatible to recent versions of jQuery and already a bit out of sync with integration changes by the social network buttons. The version used on http://heise.de is more up to date but not yet reflected on its project pageI wrote a notice about that to the writers of the plugin but have only received an automatic reply so far. We'll see...

Nevertheless, the integration on my blog is finished so far and some other Javascript code has also received a small overhaul. The loading time of my pages shouldn't be too much affected, there is only a small visual inconsistency left. If you don't notice it, don't bother. Maybe I'll manage to fix it, otherwise not much harm is done, at least in my opinion.

|

This is a late post on the never-ending discussion about the data privacy inside large companies, especially such data-centric ones like Google and Facebook (see later in the post). In this posting I'm referring mostly to Google and Facebook but be aware that similar discussions and many related topics are not at all limited to these companies and I just take the most known ones as an example. I'm writing this because it gets more frequently in the recent weeks that I'm involved in talks and discussions about privacy issues on different internet services, so here I try to write down my own position. I'm trying to back most of my comments with references here (be sure to check them out if you want to understand my point of view) but of course I'm already biased so take this as my completely personal opinion as of the end of 2010!

Why I have trust in Google

Google had to take a heavy hit when it publicly announced that it had found out that there was payload data from unencrypted WLANs stored during their StreetView programme and recently because people sent email and passwords over unencrypted WLAN.

For me, contrary to aparently most other opinions, this causes Google to rise in my trust because I'm very sure that any other company which had a similar incident would do everything to prevent public knowledge of this. Not so Google. They proactively stepped forward, disclosed the data acquisition accident and invited public authorities to come in to review and check the collected data before they are deleting it without further processing.

The company must have known very well that these actions would impact its image but this didn't stop it from further cooperation in almost any aspect of this incident. For example an evaluation of official british privacy groups found no evidence of personal data in the StreetView logs although this was again stated as a disappointment (german) by other data protection groups later on. Google also let an external company review the whole process of the data acuisition and processing for the StreetView programme which came to the conclusion that the whole process did at no point analyze or process recorded data from connections in the WLAN. It really did only enough processing of the WLAN headers to be able to locate the WLAN, which was the whole point of this programme.

Collecting WLAN data and positions is common practice and many companies have specialized in the area of geolocation via WLAN IDs (eg. SkyHook and even Apple itself), yet only Google is ranked high in the news for data breach while almost nobody criticises these other companies or thinks of real attackers who are surfing the streets and scanning unencrypted WLANs for importand data. For software developers and engineers it's almost clear that the data breach of Google was really just an oversight (german) during the software development and I certainly salute Google to bite the bullet for a whole industry branch. It even takes complaints from its competitors who think that during this public criticism on Google is the right time to take the chance and join beating the rival.

In my opinion Google was (and still is) one of the most respectable companies if the topic is about data security. There were of course other minor accidents with data privacy but almost every time they reacted fast and closed the holes or changed the processes within a very short timespan. As of my knowledge there has only been one incident where an internal maintenance employee who, because of its maintenance activities had access to users' data, abused his rights and accessed users' data without their consent or internal maintenance reasons. Google did react on this but I think it could have done faster and with a more clear statement.

As a final hint, if someone is really interested what data Google collects for each person hop over to the Google Privacy Center and read the small and (in my opinion) quite clear (compared to any other) privacy statement. There you also have the possibility to access the Google Privacy Dashboard where you can yiew and manage almost all the data stored with your account, change the Google ads preferences or even opt-out of it and disable the statistics collection by Google Analytics. It even maintains a publicly availale list of requests from governments to Google for removing content or providing user information.

Why I have no trust in Facebook

Try to find such features on sites like Facebook. In fact Facebook already has a quite impressive list of similar privacy issues, ranging from simple data collection features for crawlers (which is still available to this date) to collecting data of users without accounts on Facebook (german). Although Facebook has often said to tighten up their privacy settings and make it easy for users to adjust them it's still a very complicated process to strip down your privacy options and requires constant review of your sharing settings when you don't want to keep the default settings and share your data with the whole world. There already have been privacy support applications created which assist you in checking and correcting Facebooks privacy settings via easier interfaces. How sick is this? Some people even think to the extend that Facebook should just give in and simply sell your data right away.

Of course Facebook serves its original purpose, connecting people and sharing information, quite well and it may be the ideal tool for many people to do so. But in fact, I doubt that most of the users on Facebook are really aware to which extend Facebook really collects and connects information which is provided in known and unknown means by its users.

My conclusion

In the end I'm always a bit confused and disappointed when people state that they don't trust a certain big company because of "privacy reasons" without having a real justification at hand to do so and then maybe even take this discussion to their Facebook, Twitter or MySpace. I personally still give Google a magnitude of trust in advance of sites like Facebook and from my current point of view there is not much possibility to change my opinion or see me creating an account on this site in the near future.

|

1

Archives