Social Network Users Have Ruined Their Privacy

Steve Kerrison writes "'There's little point in worrying about ID cards, RFID tags and spyware when more and more people are throwing away their privacy anyway. And the potential consequences are dire.' I've written an article on the dangers of social networks and how many users seem to forget just how public the information they post can be. This follows a warning sent out by the CS department of Bristol University, advising students that they risk lost job opportunities, getting in trouble with their parents and more, if they don't take care. The warning, however, really applies to all social network users, be they college students or over-zealous blog posters."

Re:Keep in mind

[Anonymous Coward]

Perhaps, but privacy and freedom are not the same thing.

Freedom concerns the ability to make choices and take action. Privacy concerns other people knowing things about you which you might not want them to.

Re:@Generation

[silentounce]

Kudos to being on slashdot at age 16-17, but please tell me that you're really some creepy old guy or a dog posing as a teenager. I don't think I can take the fact that some born in 1989 is posting on slashdot. And seriously, you should do everything you can to erase all links between your online persona and your real one. Have two, it's fun. You can be careful what you say with your real one, and do what you like with the other.

On the internet, no one should know you're a teenager.

Re:Keep in mind

[Potor]

if knowledge is power, then there is only a theoretical difference between freedom and privacy. what people know about you severely affects your ability to act.

Stupid people won't learn.

[bryanp]

This little tidbit from the blog of a LEO (sheriff). And yes, his boss knows about it and he doesn't say anything in it that he wouldn't want the whole world to know.


Had a young gentleman put in an application at work last month. Looked sharp! Sounded sharp! Folks everywhere were all sorts of happy.

Unfortunately, the officer doing the background checks put the applicants name into Google and came up with his MySpace account.

Tip for the Wise: if you're going to apply at a Law Enforcement agency, take the paean to the Mighty Marijuana Plant off your MySpace page, along with the albums dedicated to photos of you imbibing the Wonder Weed in various ... interesting ... locations, hmm-'kay?

Re:Leakage

[jc42]

The same sort of leakage can occur with a blog, on an ordinary personal page, or via a much-forwarded email message.

Actually, it's quite a lot worse than that. It's quite easy for things on your computer that you consider "hidden" to become public knowledge.

For example, I've had many discussions with people over ways to hide things online, so that you can access them if you know the URL, but the URL can't be found by any method other than guessing. The best-know is hiding stuff behind an index.html file, but there are other methods.

A problem with this is illustrated by recent discussions of leakage via the google toolbar. This is a useful tool, and lots of people use it. But there have been many reports from people doing web testing (and thus watching the server logs) of an interesting phenomenon: If you have the google toolbar installed, and use your browser to access a "hidden" web page on your server, you will sometimes see a visit by Googlebot to that URL soon after, often within a minute or so. And soon after that, a google search will find things in your "hidden" page. Google "google toolbar googlebot" for more information.

What's going on is that the google toolbar is running as part of your browser, and it has access to the browser's data. This includes the URLs of all the pages you visit.

I mentioned this case first because it's not a Microsoft product, and I didn't want to distract people by starting off with MS bashing. But, of course, MS is notorious for leaks like this, and they're generally not accidents or bugs. When the very first MS internet capabilities came out, engineers quickly reported seeing unexpected modem activity when "nothing was accessing the Net". Investigations showed that the activity was due to listings of the contents of the disk being transmitted to a .microsoft.com address. Similar behavior is known within pretty much every release of MS's systems. If you're running Microsoft software, you should assume that anything on your computer is accessible to Microsoft any time you're connected to the Net. Not understanding this is simply naive.

In a similar vein, there was the fuss a couple of years back, when msn.com was caught extracting things (mostly images) from customers' "private" data (mostly email) and using them in advertising. The first reaction was for msn.com to point out that the TOS stated that any data on their servers was their property, to do with as they wish. They quickly realized that this was a major PR blunder, and publicly backed off. But again, if you think they aren't doing such things now, you're just naive. You should expect that any ISP will behave this way if they think they can get away with it.

We also had a lot of discussions here of the Sony CD rootkit. Who would have thought that just "playing" a CD would install spyware in your computer? Well, we now know, and some of us are a bit less naive.

Open-source software is much less likely to contain spyware, but it's not guaranteed. The mozilla-suite browsers are open-source, but have you actually dug through the code? If not, you could easily be victimized by any new release, or by any plugin that you install. Granted, there are lots of people on the lookout for spyware in the most-used open-source software, but they might not have spotted the more subtle problems. And the google toolbar shows how easy it can be to trick users into opening their system up to outside access. MS isn't nearly the only culprit here. (They're just the most brazen and unapologetic. ;-)

Privacy sucks.

[MikeFM]

I think the reason why people throw away their privacy so easily is bcause privacy is a stupid concept anyway. What do you really gain from privacy? People can do what they want without other people knowing? Oh that's a good one - so instead of openly admitting and discussing things we allow silly tabboos to fester while we scurry around trying to hide our sins. We allow true crimes to stay hidden. We hide from ourselves and each other. Hell yes, gimme some of that.

Stop hiding in the shadows. Step into the digital sunlight and shout your secrets to the world. You'll find some criticism but with it you'll also find a lot of people with similar interests, problems, and lives. You'll find friends and lovers. You may even find a good job.

You don't have much choice anyway. We're quickly moving into a society where it's possible that you're being seen, heard, and tracked anywhere, at anytime, by anybody. That is both a curse and a blessing but it's just the way things are going to be. We'll all be better off if we let the skeletons out of our own closet, on our own terms, than if we try to fight and let someone else expose us.

Ready or not, you're no longer alone - ever.

A prime example

[Cloud K]

Recently there was a manager of a local shop, he'd been shipped in from another part of the country to open a new store in the town where I work. Or I should say, used to work as I just moved onto another job myself.

On his own private MySpace, he described the town as a "shithole". Somehow (mostly because it's one of those towns where everyone knows everyone else offline and online) this myspace entry got passed around and eventually quoted in the local newspaper. He subsequently received death threats from residents, caused a massive public outcry and got sent back to his hometown to be "dealt with internally" (presumably, lost his job.) Even though these were his own personal opinions on his own personal MySpace, those were the consequences.

It wasn't just him hurt - the general public being as stupid as they always are, they chose to harass other employees from the same shop who had nothing to do with his views and didn't necessarily agree.

One could easily argue that said town *is* a shithole, especially given the retarded way that its residents responded to what was a personal opinion on a social networking site that had nothing to do with the person professionally or his company. But in case anyone traces me back too (extremely trivial, I've given my website) - no, I'm not saying that it is ;)

The lesson? I don't know. I guess it would be - lifestyle choices, getting drunk etc really shouldn't be a major problem. Everyone acts stupidly now and again. But think extremely carefully before you openly slag off other people or places online because without the appropriate care it has a good chance of getting back to them and you will suffer the consequences. By all means call the town you work in a shithole, but for goodness sake do it using a screen name on a site where you can't easily be traced back to yourself as an individual. The more sensitive the comment, the more precautions you should put in place.

For the ultimate protection, never ever under any circumstances say anything that you don't want the entire world to hear and misinterpret. Now, that's practically impossible (I try to keep my personal website as close to that as possible though, and just a couple of weeks ago my interviewer commented on my weblog in the interview itself - I knew this was always likely due to the email address I use. It was positive. I got the job.) It's about weighing up the risks and whether you are prepared for the worst case scenario. If fragments of my previous paragraph got quoted (out of context) in the same paper, I'd be looking at similar problems - however given how late I am in posting a comment to this discussion, how few non-nerds bother to read Slashdot let alone the comments etc, I have made that calculated risk. In that worst case scenario, I'm ready to reply to the newspaper and point them to the full comment and make any necessary clarifications.

The bottom line is that it's all about judgement. You should think about how your comment can be taken by different people, what the consequences would be, what the likelihood of that comment being used against you actually *is* and either don't make the comment in the first place or take a *calculated* risk. Not just go spouting anything and everything on the most public site on the internet. Kids are not so good at making those judgements, but then nobody should be having a go at you later in life for something that you wrote when you were 13 anyway. I'm talking about adults here.