Posts

Showing posts with the label privacy

Press Esc to Exit Full Screen never goes away

I noticed in my video viewing that when I set the view mode to full screen, the message "Press Esc to Exit Full Screen" is never going away. I tried searching Google, and while many people have asked the same question, there was no clear answer. Through some experimentation, I learned that in locking down my Flash Player (see New "Cookies" and your Privacy ), I introduced this new issue. Apparently the Flash Player wants to store information as third-party content in order for the message to go away. You need to go to the Global Storage Settings panel and check "Allow third-party Flash content to store data on your computer." Interestingly, you can keep the storage setting on "None", and it will still work. (Remember, the Flash setting for your installation is reached by going to a website, with each tab having its own URL. There is no application you can open locally to make configuration changes. Learn more here .) This seems like a real mista

New Survey on Privacy and Tailored Advertising

The NY Times has posted a recent survey on tailored advertising (“ Contrary to what marketers say, Americans Reject Tailored Advertising and Three Activities that Enable It ”) released by professors from the University of Pennsylvania and the University of California, Berkley. It was not a surprised to learn that 2/3 (66%) of Americans do not want online tracking. It was a surprise to learn how many did not understand our privacy laws – most assumed they provided more protection. First I want to dig into the perceptions of our privacy laws as reported in the survey. If a website had a privacy policy, 62% of the respondents thought that meant that your collected data couldn’t be share with other companies. Another 16% didn’t know. Therefore, only 22% knew that a privacy policy was information the website provides on how they may or may not be using collected data about you. Other misconceptions in regards to privacy policies were as follows. If a website has a privacy policy… 54% assum

How Safe Is Your Data?

Yesterday I worked on a project where I needed to export many of our company contacts. I also expect to be out on medical leave soon, and suspect that there may be a need for someone else to access my computer while I'm away. This made me think about how secure is my sensitive data -- whether my own or the companies. After reviewing my files, it turns out I've been a bit sloppy -- there were definitely some files on my hard drive that if my laptop was stolen, customer data could be harvested. Mind you it would take some effort, but all the same, the data was accessible. So, I moved those files to my TrueCrypt volume or I deleted them. As you may recall from a March 2008 blog post , TrueCrypt is a free open-source software that you can run on your computer to provide encryption for your files. The nice thing about TrueCrypt is that the encrypted volume looks and feels just like another hard drive -- anyone can use it. The other security practice I was already using was keeping m

New "Cookies" and your Privacy

Image
On Monday this week (Sep 14, 2009), the Electronic Frontier Foundation (EFF) released the first article of a three part series on how we're being tracked on the web today. After a review of cookie technology as originally designed, the EFF article discusses new forms of cookies. The article is rich with links to more detailed sources. What I would consider the most concerning of technologies is the use of Adobe Flash cookies. Unlike the traditional browser cookie, there is no easy way to delete cookies that are stored by websites using Flash as their storage mechanism (more on this below). I'll also add that all the new "Privacy Browsing" features in the current release of browsers apparently do not always clear all your tracks. If you found this feature helpful in your web browsing, its worth digging deeper into the limitations, and not take the vendors claim of privacy without investigating yourself. I'm not anti-cookie. In fact I think it's extremely impor

Your biggest privacy concern could be from your own ISP

Over the last 6 to 12 months there has been several battles between ISPs, users, and the government. ISPs want to choose what type of content can run on their network and how fast it should be delivered. One such example is Comcast's blocking of P2P traffic . During their FCC investigation, Comcast changed this practice, though after being ruled that it was actually illegal practice, Comcast is now challenging the ruling . For Comcast to block just P2P traffic, it had to scan all the activity on your connection to identify what part of the traffic was P2P. In the Comcast ruling, the FCC implied that it would be legal to monitor user traffic so that illegal content could be blocked such as child pornography and copyrighted material. While we would all like to see child pornography and other nefarious activity stopped, this would require the ISP to inspect everyone's content, from banking to love letters to new job applications and everything in between. It would be interesting t

How safe is your laptop?

Image
Dell recently release a report (30-Jun-08) on loss of laptops at airports, and a whopping 12,000 are lost every week. For class B airports such as LAX, JFK, Dulles, the average is 286 laptops per week per airport. In addition, over 50% of those surveyed said their laptop contained sensitive information. Sixty-five percent of the same survey group said they do not take any special precautions to protect their data. In addition, 42% of the respondents do not have their data backed up. What are you doing to protect your laptop and its data when you travel? Of course if you are a Dell customer, the now have some offerings to help address this problem. About.com offers 8 tips for travelers with laptops . The rules for inspecting your laptop when coming in and out of the country has recently changed too. Did you know that your laptop can be seized at the border for inspection for no reason at all? International travelers entering the United States face potential inspection and seizure of t

Telcos Need to Inspect Your Data Packets to Filter Content

Daniel Berninger posted a great article on GigaOm about how Internet bandwidth providers would need to inspect your data packets to provide non-neutral routing. More importantly than having net neutrality, Mr. Berninger points out the privacy issue of this behavior -- something that telcos are forbidden to do with telephones. So why should they be allowed to with Internet data? I believe he makes a good point. In addition to being no different than telephone calls, it reminds me of the AOL mistake of publishing search data of more than 650,000 users. In the wrong hands, which they could not ever guarantee it wouldn't be, would provide data about everything you do, all your account information, your hobbies, and any other information you want to keep private. Remember that Thelma Arnold was the first person (publicly) found from the AOL data -- and this was only search data, not websites, account numbers, and other data you enter into websites. Perhaps it is time to use the sam

Deleted Data Isn't Really Gone

informit.com posted a great article on how to retrieve deleted data from memory cards. They did an experiment where they purchased 14 memory cards from eBay, and in most cases, were able to retrieve deleted data. Statistically, this indicates that 78% of the cards we obtained on eBay contained recoverable data. In total, we found 240 pictures, 17 movies, and a wide range of files from the card with computer files. This was a follow up from an exercise in 2004 where they bought 10 used, formatted hard drives. In both cases, unless you know how to completely erase your data, they are suggesting physical destruction. Fortunately, deleting the data is not too difficult or expensive. If you are a Windows XP Professional owner, then you already have the tools needed to ensure your drive is clean. All you need to do is click Start — Run and type in cmd. Then at the command prompt, type in the following: cipher /w:[drive letter]: Where [drive letter] should be replaced by the media card driv