Moglen: Facebook Is a Man-In-The-Middle Attack 376
jfruh writes "In an email exchange with privacy blogger Dan Tynan, Columbia law professor Eben Moglen referred to Facebook as a 'man in the middle attack' — that is, a service that intercepts communication between two parties and uses it for its own nefarious purposes. He said, 'The point is that by sharing with our actual friends through a web intermediary who can store and mine everything, we harm people by destroying their privacy for them. It's not the sharing that's bad, it's the technological design of giving it all to someone in the middle. That is at once outstandingly stupid and overwhelmingly dangerous.' Tynan is a critic of Facebook, but he thinks Moglen is overstating the case."
they just figured this out? this is a revelation? (Score:5, Insightful)
as with most social sites, search engines, free email services, you are not customer, you and your relationships are product
Re:they just figured this out? this is a revelatio (Score:4, Insightful)
More like it's payment for services. Did anyone sign up to facebook thinking it was a charity to help people make friends?
Re:they just figured this out? this is a revelatio (Score:5, Interesting)
Free food, water and a place to live?!? What could possibly go wrong?
Open door (Score:5, Insightful)
Re: (Score:3)
Re: (Score:3)
It amazes me that people think Moglen is overstating the case. He is not. Let's forget the datamining for commerce. Let's just think about what a simple post on a social network can do with ones life. People have been murdered over a post on social networks by goverments. People have been held in custody (hi USA) over posting a qoute from family guy... Moglen is right. Everything you post on facebook, twitter, hell any service that has an office in the USA will get into the FBI, CIA an SS databanks and you will get in trouble if you post something those warmongers don't like. Moglen is right. Using centralized, datamined networks is stupid and even more dangerous. It takes a lot of effort not to see that.
Actually, it is very easy to overlook this or ignore it (since it is so convenient). And unfortunately, it takes a lot of effort to open people's eyes so that they can see it.
Re: (Score:2)
As long as people are really aware of the issue, I'm not bothered. I consider everything posted on facebook to be completely public - the equivalent of making a statement to the news media. I then only provide information that I do not mind being associated with my identity by any organization. I apply the same thinking to posting on slashdot.
Re: (Score:2)
Re: (Score:2)
Re:Open door (Score:5, Informative)
Sorry, but I attended an FBI presentation last week, and the SA told us point-blank that Facebook was the greatest investigative aid ever. It used to take a warrant and months of hard work to figure out who someone was, what they did, who they hung out with, what kinds of things they talk about over drinks, and who supplies the dope to the party. Now it's a browser away and they don't even need a warrant.
Harvesting a million individual sites is more expensive and time consuming, and can be tracked and tampered with by the site owner. You could set up your own blog on your own server that spits out a red, white, and blue "Happy 4th of July, fellow patriots!" when viewed by an uninvited visitor, while spewing forth whatever brand of hatred you like when visited by your fellow clansmen. Breaking into this circle requires expensive undercover work. But Facebook will cooperatively deliver a full and faithful copy of whatever you dropped on their system.
By the FBI's own words, Moglen is exactly correct.
A bit too dramatic (Score:4, Insightful)
Re: (Score:3)
Besides the term doesn't apply -- in a man in the middle attack, the man in the middle needs to be invisible.
To the contrary: the term applies absolutely. You just need to apply it on the social level instead on the technical level. Who is aware about FB (and its use of the information), while using FB? While it is visible, it is not perceived by the users as being the man-in-the-middle.
Re: (Score:2)
I saw an update to facebook today that showed a pair of articles that a friend and I both read. I think the only reason it was in my feed was that my friend was also included. I was not logged in to facebook at the time, and followed a link from an independent site. Why did this information get broadcast to everyone I know ? I now have to go find the app that provided facebook the ability to do that, and eliminate it from my profile. There was no indication at the time I was reading that this was going to h
Re: (Score:3)
Re: (Score:2)
Those are from the Facebook Social Plug-ins that sites can choose to run. If you're logged out of FB and go to the site, it won't show you anyone on your Friends list. It's not an App on FB at all. http://developers.facebook.com/docs/plugins/ [facebook.com]
Re: (Score:2)
I think that Facebook is invisible some of the time. I know that it tracks you when you leave Facebook and visit other sites and a lot of web sites use a Facebook commenting system which is not labeled Facebook but the information ends up with Facebook.
Overstating? (Score:2)
If it looks like an apple, and it tastes like and apple, and if it turns into an apple tree after you bury it, it is an apple.
Language isn't that hard.
I enjoyed reading your post (Score:5, Funny)
where is your like button?
Moglen put it into the best elevator pitch (Score:5, Interesting)
Moglen is absolutely correct and I am very impressed by this great analogy: Facebook (and some other "social" media) is a man-in-the-middle attack; it's just not a technical hack but a social hack. Best 20 second explanation ever.
Google might very well join them soon - if they use profiling on gmail conversations.
I would pay $2/month... (Score:2)
.... for a social networking platform that does not track/store/analyze/use my personal data or relationship information.
Any takers?
Something tells me that the 'free' fee for facebook has everything to do with its popularity. Some of us would pay, but many people have culturally come to understand that so long as something is 'free', anything can be given up for it.
Re:I would pay $2/month... (Score:4, Insightful)
they would take your money AND track you.
Re: (Score:3)
Re: (Score:3)
You want a "social networking" platform that doesn't track or use any relationship or other personal data? What exactly would it do then? That seems counter to the very idea of a social network.
Moglen? (Score:2)
This is the guy who also said that clang was built "entirely to undermine freedom".
Why does anybody listen to this nutter?
Stupid much? (Score:2)
How shortsightedly-inane-for-the-sake-of-a-headline can you get? At least making a facebook account and having your data shared is an option.
According to the author's logic, the United States Postal Service, for the service of getting our mail delivered, has EVERY SINGLE ONE OF OUR PHYSICAL ADDRESSES, regardless of whether we opted in to begin with! Holy shit.
Re: (Score:2)
How shortsightedly-inane-for-the-sake-of-a-headline can you get? At least making a facebook account and having your data shared is an option.
According to the author's logic, the United States Postal Service, for the service of getting our mail delivered, has EVERY SINGLE ONE OF OUR PHYSICAL ADDRESSES, regardless of whether we opted in to begin with! Holy shit.
Bad analogy. The USPS does not have the contents of the letters that they have delivered to you. FB has.
of course (Score:2)
i would not trust most of the internet, especially facebook, myspace, twitter, and google & yahoo
Facebook's, handling personal info, a MitM attack? (Score:2)
By that logic, my ISP, my cellphone and land line phone companies, the Social Security Administration, my health insurance company, my doctors, my tax accountant, my employer and even the executor of my will are Man in the Middle attackers too.
Man, I feel safer already!
BTW, there are two misnomers in the world today. Security and privacy.
Privacy doesn't exist. If someone wants to know all about you, they can. The reason for that is because of security.
That doesn't exist either. Security is nothing more than
Facebook Dangerous? Really? (Score:2)
Overstating ? (Score:2)
The equation the guy proposes, looks sound. Moreover, observational data supports the equation. There is nothing overstated in that.
Facebook is de facto the evil intermediary in between people, just like how record companies are the evil, unneeded intermediary in between artist and the fan.
Gee whiz, could that be why.... (Score:2)
http://www.computerworld.com/s/article/9164978/Narus_develops_a_scary_sleuth_for_social_media [computerworld.com]
Narus is developing a new technology that sleuths through billions of pieces of data on social networks and Internet services and connects the dots.
The new program, code-named Hone, is designed to give intelligence and law enforcement agencies a leg up on criminals who are now operating anonymously on the Internet.
In many ways, the cyber world is ideal for subversive and terrorist activiti
It's called a "trusted middlemen" (Score:5, Insightful)
The name is "trusted middlemen", and anybody claiming it is an attack is doing yellow journalism.
It is true that the more people you have to trust, the worse off you are. It is also true that trusting a corporation can be quite worse than trusting an individual (but then, it can be quite better in other points of views). It is also true that trusting corporations that already showed that they don't deserve any trust is even worse. But equating it to a man-in-the-middle attack is a lie. Plain and simply, a lie.
Chance of something going wrong? (Score:4, Insightful)
Every time an article related to real-life security (i.e., fighting terrorists) appears, Slashdotters come out of the woodwork to say that there have been an average of 300 US deaths in the past 10 years from terrorism, more people die from car wrecks and smoking, etc.
Same thing here: out of all the evil that MIGHT come from sharing on FB, how many people actually lose jobs, have government agents show up at their door, etc?* For 99.9999% of people sharing on Facebook, there might be a few somewhat-bad things that happen (most likely someone finding out more than you would have liked) but probably not too much more common than what spreads through traditional gossip anyway. I imagine very few bad-with-a-capital-B things happen. Most people will die without having experienced first-hand (or even second-hand) any disasters from sharing on Facebook, belonging to supermarket loyalty clubs, etc.
I'm not saying there's nothing wrong or potentially bad, but like most other things in life it just won't matter to most people.
* And in cases where it DOES happen, I'm sure most belong in the category of "you shouldn't have been doing that (or at least not talking about it)"--crimes, affairs, etc.
Re: (Score:3)
Thank you for pointing out that /. commenters tend to have a consistant view on issues. The "anti-terrorism" *cough* fake security *cough* is really a huge erosioun of privacy and gets condemned. Facebook is a living privacy erosion monster and gets condemned. We here at /. luvs our privacy, now get the fuck off my lawn and stop peeking in my windows.
Products are replacing protocols, and for a reason (Score:5, Insightful)
The point is that more and more companies offer products that replace open protocols with open servers and clients. Email is/was SMTP with millions of servers and client applications implementing that protocol. No room to make money apart from selling bandwidth. The web as we know it is HTTP with millions of servers and clients and while there is ample room to make money it's not actually a product.
Facebook and Twitter aren't protocols. They are products, owned and controlled by companies that does all of this to make money and to achieve this they offer what people want, not what's sound and reasonable from a technological POV.
If you have a closer look at this you will find that there are reasons for this shifting picture: All the good old protocols were designed from a very technical point of view, or from the point of view of technical users. Email is complicated to set up, there's a reason for many people (if they still use email at all anymore) using some webmail service. It also doesn't do very much except sending messages and small files around. It offers no way to actually find people. The web (based on the Hyper Text Transfer Protocol) just transfers files containing clever markup and doesn't care for anything else. All of this fine and dandy from a technical POV but just doesn't address very much of what "normal" people actually want to do.
I really can't be angry about what Facebook does, because: We (as geeks) just totally failed to come up with protocols and tools for an infrastructure that would've been able to address the needs of casual users. Instead we insisted that webmail is silly and a full-featured MUA the way to go. In Usenet we were fighting HTML content and fake names even as Usenet (as a communication platform) went under. And there was never anything that even tried to implement a net-wide address book or useful calendaring. All these missing things left a gaping hole that companies like Facebook just exploded into like a gas into a vacuum.
It's easy to hate Facebook and to praise geekdom, but we just miserably failed. We were (and still are) more fascinated by the tools instead of what people might want to do.
It's one of men-in-the-middle (Score:4, Insightful)
And the public doesn't seem to care much. Remember that little skirmish about Politico.com buying analysis from FB on public and private message mentions of republican candidates to "evaluate sentiment"? A few people complained for a bit about not being able to opt-out and then it all died out (despite questions on randomization of results etc).
Add to that clickstream selling by ISPs, and attempt to gather and sell your information pretty much by everyone (heck, yellow pages delivery opt out form demands phone number and email [hyperom.com]) and people seem to be simply tired of fighting it.
Your loss of privacy on facebook is like (Score:3, Interesting)
your loss of money on lottery tickets. It is a voluntary tax in ignorance. Facebook (and the lottery people) know that there are huge numbers of ignorant people out there who are willing to part with something valuable for something of very little (or no) value simply because they don't understand what they are parting with and what they are gaining/losing.
Oh yeah, and Windows is malware.
Re:So is every ISP (Score:5, Insightful)
Your ISP does not see the information you transmit if it's encrypted, or email, chat, etc.
Facebook CAN see the messages you send, even if your communication to and from facebook is encrypted.
Re:So is every ISP (Score:5, Informative)
Your ISP does not see the information you transmit if it's encrypted, or email, chat, etc.
If you're taking a paranoid view, a slight clarification is needed here. Your ISP does not see the unencrypted information you transmit if it's encrypted, or email, chat, etc., as long as they do not have the means to decrypt that data.
Re:So is every ISP (Score:5, Insightful)
Re:So is every ISP (Score:5, Interesting)
If you send encrypted information through your ISP, they can't read it.
If you send encrypted information THROUGH Facebook, they'll remove it calling it "spam". I tried this and, supposedly, they censor all encrypted messages, only allowing clear text, unencrypted messages on Facebook. It's like they say "Don't distribute encrypted information through our service. Since we can't read it, there's no profit in it for us."
Eben Moglen is absolutely correct that Facebook is a man-in-the-middle service attempting to fool dumb people into disclosing their personal information and secrets.
Re: (Score:3)
or maybe they don't want people distributing binaries or running a number station on their service, for liability reasons.
not that i disagree necessarily; i just don't think facebook has very sophisticated text mining (yet).
Re:So is every ISP (Score:5, Informative)
You don't get to 500 million users without understanding the contents of every message. Text data mining is actually one of the simplest things to implement and can provide a wealth of attitudinal data about products and services.
My Facebook rep has gone into some of their programs for targeted display of ads. I haven't asked her too much about how it would work, but the message she keeps driving home with me is that they can target ads based on how much someone likes something. She says this is based on more than what someone clicks on.
Re:So is every ISP (Score:5, Informative)
it depends what you mean by text data mining. yeah, you can grab keywords, and there are some simple clues about proximity of certain simple adjectives, and you can sort of associate certain vocabularies with income and spending habits, but the R^2 is pretty low. text mining is far, far away from "understanding the contents of every message." even google does a shoddy job; many of its text mining-based ads are silly and even insulting.
most of the marketing-juice comes from (surprise, surprise) the social network. facebook has trained people (maybe not you, but probably many of your "friends") to advertise themselves! if you're 1 hop away from 6 people who all explicitly "Like"d some expensive imported chocolate or coffee, that will probably tell me a whole lot more (marketing-wise) about you than any 100 of your messages, even if i had a human being reading every one of them, which text mining is nowhere near.
Re:So is every ISP (Score:4, Interesting)
yes, but facebook rate limits messages also! with a coding scheme as sparse as that, you'd be lucky to send a kilobyte per hour.
Re: (Score:3)
that's true, but even then facebook will recompress your jpeg even if it's the "right" dimensions. they might even being do this expressly to defeat steganography (in addition to saving disk); research would be required. the standard steg algs can't survive a recompression, although should be doable in principle.
Re: (Score:3, Funny)
Agree. 100%
I'm Starting With The Man-In-The-Middle
I'm Asking Him To Change His Ways
And No Message Could Have
Been Any Clearer...
Re: (Score:3)
In fact, an ISP that *does not* log this info will not be around log. The reason is that a competant ISP will keep packet logs for at least a couple days in order to catch a blackhat. Bigger ISPs might keep logs for 3 months so they have something when they get a motion of discovery (similar to mugging money -- got nothing to show to the guys in suits with the constable, say buh-bye to your business, because your biz will be then the defendant named in short order.)
Re: (Score:3, Insightful)
Re:So is every ISP (Score:5, Insightful)
Your ISP can see which websites you visit, how long you spend there, how often ....
Yes, but it is not part of their business model to do that.
People would be quite out-raged to receive an email from their ISP, that reads: ... P.S.: Has your daughter looked at planned parenthood?
Based on the web-sites you visited, we recommend following companies to you.
Re:So is every ISP (Score:5, Insightful)
Stated another way...
Your relationship with your ISP: You are the customer.
Your relationship with Facebook: You are the product.
Re:So is every ISP (Score:5, Informative)
Unless you live in the UK, in which case if you use BT as your Internet provider they intercept all your communications. They then break down your data by protocol, using "deep packet inspection", and profile each subscriber for advertising purposes. All totally illegal yet done to tens of thousands of subscribers without their knowledge, not that BT cared. You can read more here [telegraph.co.uk].
Phillip.
Re:So is every ISP (Score:5, Interesting)
I wonder if you could make a firefox plugin that encrypts all posts to facebook, also detects other peoples encrypted posts and if you have their pub key decrypts them to view. Could also have something similar that encrypts images to a valid jpg/gif/png what ever but only decrypts again if you have the key.
Re: (Score:2)
So basically PGP for facebook?
Re:So is every ISP (Score:4, Insightful)
(It is probably a good thing that no one has pointed out to them that 100% of terrorists breath air. They would probably regulate that or put all people who breath air on the 'no fly' list...)
Re: (Score:3, Insightful)
You could do this pretty easily, the problem is most people who use facebook don't care about their privacy and the people who would use this would soon lose the need for it when all of their friends blocked them because their pictures are f'd up and everything they post is garbled.
Not to mention, if the majority of FB users started doing this, they will share their key unencrypted over status updates and PMs.
Re:So is every ISP (Score:5, Insightful)
Re:So is every ISP (Score:5, Insightful)
We had this. It was called the web. Anyone could put up a website. Even host it right out of their own home. But it was a pain even for many advanced users, and impossible for many normal users to figure it out.
Re:So is every ISP (Score:5, Informative)
Re:So is every ISP (Score:5, Insightful)
Re: (Score:3)
I post about this each time it comes up (and some google fanboys mod me down since they can't stand the truth).
I buy parts at electronics places like mouser.com, digikey.com and so on. very well known, famous, respected, trusted parts sellers. large companies buy from them. anyone doing r/d that has any soldering aspect, goes thru a place like that eventually.
yet, you can't order parts or shop for parts *entirely in their site* without a google ads or syndication or some other google domain coming into p
Re: (Score:3)
A lot of companies use Google tracking instead of internal log analysis. You should be able to block the Googlebugs safely (for now).
Re:So is every ISP (Score:5, Insightful)
I'm not a huge fan of Facebook for numerous reasons, but IMHO, this whole "oh noes -- Facebook is reading my texts!" alarmism is really rather disingenuous. C'mon -- you're posting comments on a public web site. It's more like talking to your friends in the hallway back in your high school days than a telephone call. If you really expect privacy on Facebook, then you are dangerously naive.
Re:So is every ISP (Score:5, Insightful)
The assertion that "Facebook is a man in the middle attack" is utter bullshit. an "attack" would imply that Facebook is doing something that the user does not want to do.
The reality is that facebook/myspace/google+ et al. is a service in which the user willingly sends their information to them, and then they happen to share such information with some connections.
People do that willingly, people willingly sign up to facebook and send such information to facebook. The people who do not want to share information with facebook do not do it.
Re:So is every ISP (Score:5, Informative)
I do think it's a widespread ethical view that these utility-like services shouldn't use the information for their own gain. In the phone era, that was formalized with fairly detailed rules; AT&T couldn't just randomly listen in on your phone calls and use it to sell advertising profiles to mail-order catalogues. In the internet era technology is moving faster than people/law can keep up with.
Re:So is every ISP (Score:5, Insightful)
Rather it seems we have to have special whole new laws because "via the internet" or "with a computer" needs to be tacked on. I'd say this is the larger problem.
Re: (Score:3)
Gosh, you must be brain dead (Score:2, Insightful)
Utility services? I PAY for my utilities, and the phone companies especially charged through the nose. You PAY, you are the customer. You get it for free, you are the product.
So unless you propose paying a monthly fee and a usage fee and a signup fee and a rental fee for your facebook usage, shut the fuck up with your idiotic notion that you companies got to provide you with free services and not make a single penny of you.
And if you don't like facebook, DON'T use it. It is not hard, I am not using it right
Re:Gosh, you must be brain dead (Score:4, Insightful)
Things you do in public aren't private. More news at 11. Face it, the only thing that Facebook changed about that was exposure. You didn't give a shit before because it wasn't cool back then to hate on Facebook. If you don't want people to know about that stuff, either don't do it, or be a social shut in and prevent people from taking pictures. This applies regardless of the existence of Facebook.
Not the same thing (Score:5, Insightful)
It's not the same. Obviously, we have to depend on companies every day. But if we don't like a car company, or a traditional ISP, we can switch to another car or ISP. Facebook is different. If you leave, you leave the ability to connect to many of the people that you connected to via Facebook.
I own my own domain name, and use email and blogs to communicate from a site whose name I own. I do depend on companies to support my DNS and webservice. But if I don't like what those companies do, I can switch or do it myself. I have a Facebook account, but I don't normally use it; it just creates too many problems.
We all need suppliers; that's not the problem. The problem is dependency, that is, being (practically) unable to switch. Being dependent on an external company really is a risk.
Re: (Score:2)
Its quite possible to use Facebook to exchange information which allows an exchange of contact information through any of a variety of mechanisms external to Facebook, including face-to-face contact, that can then be
Re:Not the same thing (Score:4, Insightful)
Facebook is still not compatible with anything else online, and it's huge, so in many ways it is a monopoly. Otherwise, you might as well say nothing is a monopoly as long as you still have smoke signals and the pony express.
Re:Not the same thing (Score:5, Interesting)
Re:Not the same thing (Score:5, Interesting)
I've been "online" since '93, and have hosted my own sites and DNS, etc; Whats funny is when people who didn't even use email until the early 2000's found out I'm not on FB they act like I'm some kind of luddite. Thats how many people view the whole web 2.0 experience. They can't be bothered with email and websites when the warm and cozy FB gives them everything they want. It's the Walmart of the net. Zuckerberg's fantasy of an "all seeing eye" http://en.wikipedia.org/wiki/Sauron [wikipedia.org] is coming to fruition.
"I've been "weaving" since 1793, and have designed my own patterns and tailor-store advertisements, etc; What's funny is when people who didn't even use a needle until the early 1800's found out I'm not using a loom, they act like I'm some kind of Luddite." That's how many people view your post.
Now, me, I totally get where you're coming from, but it *is* a Luddite-ish stance. Kids these days lump email in with non-anon ftp, telnet, and gopher. You'd be better off telling people to use social media responsibly than to tell them to eschew it.
Re: (Score:3)
With all these smart, knowledgable geeks here trying to educate you on what you're missing in it, you're still going to go there? Because everyone else is, if for nothing else. Holy stupid, Batman.
... what?
I'm astonished people *want* to give their personal lives over to an apparent/effective monopoly so it can sell them to advertisers, and all you get in return is,
I got back in touch with people I hadn't been able to contact for decades (or for shorter periods of time). As you said yourself: everyone is using it. Also, I think you're not properly informed about how much info you *have* to give FB to have an account. I'm fairly stingy with the data I upload, and I know people who are stingier than I am (no pics, no info beyond name, don't allow anyone to post to their wall, etc. The only useful thing FB has on them is their list of FB friends, which is usually ver
Re:Not the same thing (Score:4, Informative)
Facebook realizes that MySpace failed by preventing people from leaving.
That's why Facebook is aggressively making deals with Internet sites to -require- Facebook to access that site.
That's right, if your Facebook account is suspended BY Facebook or if you quit Facebook, you are effectively banned from using other websites that have this arrangement with Facebook. Even if you PAID for that other website service, too bad.
Spotify comes to mind here, but Facebook is pushing lots of other sites to make Facebook login "exclusive" there also.
Re: (Score:3, Informative)
No. being dependent on a company that one doesn't pay is a risk. Like you said yourself, hosting your own domain is no problem because if you don't like the service, you can complain or switch. The problem with Facebook is that the users are NOT the customers, they pay nothing, and as a result, have no support and no say in the quality of the service. Relying on a service that is "free" is truly risky (and horribly naive, as well).
Re:Not the same thing (Score:5, Insightful)
THe problem is not exactly the switch...and whomever else they so desire.
I have to agree with you here. My biggest complaint with Facebook is that other people I know may include comments about me, photos of me, etc. on their posts, and unless I keep tabs on Facebook, I have no way of knowing what information about me is being collected. THAT, IMHO, is the biggest privacy issue with Facebook. However...
Sure, a car company might do just that but does a car company record the conversations you have in your car...whomever they so desire?
That's a flawed analogy. I didn't pay five figures to use Facebook; I knew going into the deal that Facebook mined information for targeted advertising in order to make a profit. Did you think that Zuckerberg built Facebook just out of the kindness of his heart? How else is he going to pay for servers and bandwidth and coders to add features to the site and, and, and...? On the other hand, I *did* pay five figures to buy my pickup truck. If Nissan tries to further subsidize the cost of my truck by eavesdropping on conversations while I'm driving, I'll find the best lawyer I can afford to smack them down for it. In other words, I have an expectation of privacy in my truck; I have significantly less expectation of privacy on Facebook. Quite honestly, I'm somewhat shocked that others are shocked when they find out that what they've posted on Facebook isn't exactly confidential.
Re:So is every ISP (Score:5, Insightful)
Sigh - straw man arguments are so tiresome.
These social sites are not your ISP.
These social sites are like inviting a business into your living room to eavesdrop on conversations with your acquaintances.
And for those who say "Who cares of I publicly post all my thoughts and relationships?" I have one question:
What would McCarthyism look like with the data available today?
Re:So is every ISP (Score:5, Insightful)
What would McCarthyism look like with the data available today?
You remember when your president had to publicly reaffirm he wasn't a muslim but a good god-fearing christian with good wholesome christian values ? McCarthyism never left.
You americans and your battles over symbols. You raise a big stink over irrelevancies like ID-cards and Facebook and meanwhile you've got the TSA, warrantless wiretaps, draconian copyright lawsuits, etc.
Re:So is every ISP (Score:4, Funny)
Sigh, people who start their comments with "sigh" are bordering on the ridiculous.
Especially when they are ACs.
Re:So is every ISP (Score:5, Interesting)
http://en.wikipedia.org/wiki/Phorm#BT_trials [wikipedia.org]
So people generally don't accept it when it is your ISP. They shouldn't (but ATM seem to) accept it with fb. How long that will last only time will tell - MZ will be happy once he has his billions - most things he has been saying of late in a "tech visionary" context are just complete nonsense, so I suspect he isn't in it for the long term.
Re:So is every ISP (Score:5, Interesting)
... we all depend on companies every day and trust them with our personal info. There really isn't an alternative.
I wonder why?
When I arrived to the US and received my SSN, I tried to take the message that was next to it seriously : "Keep this number safe and secret" / not word by word citation/.
Then I went to get bank account, set up account for gas / electricity, driver's licence, cell phone contract, everywhere I was asked for my SSN. Seriously, why can PEPCO, GEICO, WASHGAS, AT&T oblige me to reveal this information?
My guess is that people in the US have been slowly but surely trained to surrender sensitive personal information to third parties.
Re: (Score:2)
You can be paranoid about it. But the fact is that we all depend on companies every day and trust them with our personal info. There really isn't an alternative.
Why is there no alternative? FB is not really a required service you depend on.
Email and Internet access probably is a required service, but email is not centralized and monopolized, but using an open standardized protocol, Internet access at the other side is a classical man-in-the-middle problem - that's why ISPs are regulated (and at least in most countries forbidden to do man-in-the-middle actions) - and you can always use SSL and HTTPS to exclude your ISP from overhearing and profiting from your conve
Re: (Score:2)
So you take the view of Sun's Scott McNeally:
"You have zero privacy anyway," Scott McNealy told a group of reporters and analysts ...
"Get over it."
Re: (Score:2)
You have all the privacy you want, but you can't have your pie and eat it too.
Re: (Score:2)
I think the only way to maintain my privacy is to completely withdraw from society (like Ted Kaczynski). I would need to get paid only in cash and to buy things only with cash in stores without a surveillance system and not have any bank accounts. I couldn't own any property or cars, boats, etc. I couldn't use the Internet (except possibly through some paranoid onion router arrangement but never enter any personal information anywhere).
I don't know about you but this is just not feasible. I don't use Fa
Re: (Score:3)
"Actually the world you see now is probably the most privacy conscious that has ever existed."
Losing your privacy raises your consciousness.
I am glad that "I have nothing to hide (TM)" but I worry when I hear things like the two Brits who were sent back home from the US after our ever vigilant and effective Border Patrol found that they had Tweeted something like "destroy america and dig up marilyn monroe" which is apparently some kind of slang for "party hard". In our Brave New World, everything you say a
Re: (Score:2)
I must respectfully disagree with your statement. It's not being paranoid; it's looking realistically at what you give up to maintain "vanity" sites. As far as alternatives go, everything available to you prior to selling out to Facebook, Twitter, Google+ and the rest of the services people find so "convenient" in their lives are still there. Telephone (excluding texting), e-mail to individuals or groups of friends, real mail (cards, notes, etc. - I know, "how 20th century" (eyeroll)), actual face to fac
Re: (Score:3)
But the fact is that we all depend on companies every day and trust them with our personal info.
Very, very, true. I work for some of them. However.... it is worth noting that there are some pretty strong NDA's and SLA's in place that define exactly how we store the data, what we will do with that data internally, how we might use 3rd parties to provide service, our own backup policies etc.
Also, the companies I work for get paid by you. YOU ARE OUR CUSTOMER . With Facebook, YOU are the product, the advertisers are the customer.
Now it is not tremendously difficult to understand there is a huge differ
Re: (Score:3)
Then in his opinion, wouldn't email be the same? It's stored on some 3rd party mail server somewhere... and for that matter, wouldn't all form of electronic communication that gets copied/stored somewhere not under your personal control also be classified as a "man in the middle attack"?
No, email is not centralized (unless you refer to gmail and other BIG email providers). You know that you can run your own email server? - It's easy.
Re: (Score:2)
Yes, setting up your own mail server is easy. Operating it is a completely different story.
Re: (Score:2)
Then in his opinion, wouldn't email be the same? It's stored on some 3rd party mail server somewhere... and for that matter, wouldn't all form of electronic communication that gets copied/stored somewhere not under your personal control also be classified as a "man in the middle attack"?
The difference is, as I'm sure you are aware, that Email isn't shared with everyone. Even Google will only mine your Gmail to select which ads it will foist on your screen. It won't publish them or let some third (fourth?) party publish them.
That it might be possible to see an email flowing thru an ISP's mail server or that your ISP might be served a warrant to deliver your email to the authorities does not come near to what happens on Facebook. Facebook it by its very nature a public posting, from which [itworld.com]
Re:Email? (Score:4, Interesting)
Then in his opinion, wouldn't email be the same? It's stored on some 3rd party mail server somewhere... and for that matter, wouldn't all form of electronic communication that gets copied/stored somewhere not under your personal control also be classified as a "man in the middle attack"?
Gmail certainly is, its whole point is targeted advertising. Wonder how many of the Facebook tinfoil hat crowd has got a gmail address.
Re: (Score:3)
Re: (Score:2)
It takes retarded exaggerations and steals our comments.
It only steals them if you post as AC. Otherwise the remain your comments, freely posted, and ultimately your own responsibility, and they appear here because you GAVE them to Slashdot [geek.net], not because they stole them.
Step away from the keyboard and nobody gets hurt.
But I do understand your example of "retarded exaggerations". *cough*.
Re:Utterly stupid (Score:5, Insightful)
Most facebook users have no idea how deep the analysis of their data/relationships goes or the true privacy implications related. Don't assume too much about average joe.... average joe and janette are strapped with bills, jobs, kids, housework, overtime, stress, and american media psychosis... if understanding privacy and internet data mining isn't part of their occupation, there's a slim chance they know about it.
Re:Utterly stupid (Score:5, Informative)
If you use FB, you know that your friends and family will post personal information about you as well.
Worse: If you do not use FB, you know that your friends and family will post personal information about you as well.
Re: (Score:3)
If you use FB, you know that your friends and family will post personal information about you as well.
Worse: If you do not use FB, you know that your friends and family will post personal information about you as well.
This is why I don't have any friends, and avoid family.
Re: (Score:2)
Carrier pigeons are susceptible to attack via bird feeders. They simply harvest the information when the pigeons stop to eat.
You just can't win.