Monday, February 13, 2006

Security/Privacy on the Net

I promised to write about one of the sessions that I attended at the Security & Privacy conference last week. This particular one was put on by a lady by the name of Linda from Microsoft. She's in charge of product safety and her topic was on how products are not designed to provide the user community with safe usage. For example, lots and lots of folks are blogging on the Net but yet privacy/security does not seems to be integrated with the various tools.

As an example, she showed how quickly she can identify and pin point the identity and location of a specific blogger just from information posted on that person's blog. In just about 9 minutes, she was able to identify the full name, address, telephone number, high school and close friends of this female teenage who had posted a couple of pictures on her blog. Of course Linda did not publish the information but rather had blacked out the sensitive information. This is of course quite scary as someone else who have other intents could also track down the teenager. The teenager and family was contacted and shown how she still can blog and yet still remain anonymous. This is in no way restricted to kids and teenagers. Linda went on to another case of a 47 year woman who wrote too much personal information and this time, it only took 2 minutes to track her down.

Bottom line: If you are blogging or know people who are blogging, please have a review to before publishing to see whether there is a risk of unknowingly providing more information than you intent which could come back and haunt you. There is also the possibility of people you know who would publish information about you. As an example, posting of photos.

If you are interested in seeing the presentation as well others from the Security & Privacy conference, check out the following site. NB: Presentations will be available March 1/2006.

No comments: