Does it matter if Facebook knows you went to Ashley Madison? Google already knows this information if you searched for it on Google, or if there was a Google Ad on Ashley Madison. Does it matter if Facebook knows you went to FetLife (NSFW), if you searched for it on Google (or Bing or Yahoo for that matter); they already know that you were at least interested in the fetish lifestyle. Surfing Porn at work, along with social media, videos, and other non-work related stuff, odds are highly likely that your managers or at the very least HR already knows about it along with IT Staff. It is trivial to identify an IP address that is downloading stuff off Bittorrent or P2P systems (regardless of who is driving the computer, the IP address can be found easily). The fact is we all do crazy stuff at times, and if you are doing it on the internet, then someone somewhere knows about it.
Odds are highly likely that your ISP is tracking everything you do because there are in place data retention laws that can be pulled by anyone with a court warrant.
Think that ISP’s won’t cooperate, and then read this article about how a proxy system will cooperate with law enforcement.
Fact is we are monitored, cataloged, and data correlated every time we go on the internet for any reason at any time across any system we interact with. Through hacking or through court warrant this information can and often does become public record. If you doubt this then talk to any divorce attorney out there, what is the first thing they pull, everything that has to do with the internet for both parties seeking the divorce.
Which is why I have been following the latest Oh my God! We are all going to Die! Viewpoint of the latest rollouts from Facebook, and the community reaction to it. Yes, many of us do surf porn, many of us do social networking at work, and many of us at times have downloaded a song on Bittorrent or P2P because we could not find it anywhere else. Yes, many of us engage in things that from a socially acceptable viewpoint might and in some cases have gotten people canned from their jobs.
If you have ever held a security clearance for the government then you already know you are living in a fishbowl, there really are no secrets from anyone about you, your life style, and what you are doing in your off time. If you have ever had a polygraph exam, then you know exactly what I am talking about here. For those of you who have not, your life is examined from stem to stern, your family, your friends, your contacts, your neighbors, and everyone else around you has an opportunity to chime in about you, who they think you are, and why you should or should not be deemed trustworthy.
Social media is a similar kind of fishbowl; all you have to do is look at Failbook out on lolcats to see what I am talking about. We post things willingly and without thought about everything not quite realizing that just about anyone else can read what you posted, if not on Facebook, then on Failbook.
Now comes the idea that anything you hit on the internet will be logged into Facebook as we hit the page. What bothers me about the community reaction is that they seem to have lost the understanding that there are already 3rd party tracking cookies, advertising that tracks, logs and log files from proxy systems to network systems to the actual server itself that do the same thing. If you used Google to get there, they already know that you are looking for “how to bring back romance into your marriage” or “how to have an affair”. All these systems already know you have a porn problem, or a fetish problem, or some other problem that employers are going to take a dim view of. That data is already in the hands of other people, and in some cases we are already posting this to Facebook of our own free will and lunacy.
While I highly respect the commentary on the Facebook timeline issue, that same data is already in the hands of many companies. They use this data for a number of things from selling to buying to developing nearly complete profiles of what you are doing on the internet, and by inference what you are really like.
Can we all manage to live in a fishbowl? Is the Facebook timeline an end to “privacy”, sure there are going to be issues and some people want to keep some things private not realizing that there is already enough log information and tracking information out there to know that you are doing things that in polite society would be frowned upon.
Or are we just stumbling through a dark house with tired arguments and knee jerk reactions to the juggernaut that Facebook has become. So many companies already have huge amounts of data on us; does one more company really in the grand scheme of things truly matter? Cookies are involuntary admissions we were somewhere, is that a violation of my privacy when that data is tracked hundreds of time across dozens of companies? How is this different from Facebook other than Facebook is in your face about it, while other companies do it on the sly where the user does not see it.
I just have to ask this one because right now what I am reading is all FUD, not that we are not dealing with respected and highly visible members of the community. But we are not arguing about a fundamental user privacy bill of rights on the internet, we are arguing about one more company knowing a lot about us by what we do online, like there are not hundreds of companies doing this already, without our consent, and in many cases without our knowledge. If we really want to do something about this, we will stop doing the standard information security FUD oh my GOD, we will do our jobs, we will inform without embellishment or casting fear, and help people/companies come up with appropriate solutions or develop guidance to help people address the issues.
In the meantime ordinary people can pop some popcorn, put your feet up because we are in for yet another round of knee jerk information security professionals telling us how we are all going to die because of Facebook. Stay tuned for next week, because it will be some other company or some other hacker, or the republicans, or the democrats, or bankers, some other whatever.
- Failbook (consultkeith.com)
- Facebook Timeline: Something that Google+ Can’t Do Much About… (techpluto.com)
- The new Timeline, Facebook and why this isn’t Semantics: a short analysis / apas.gr (apas.gr)
- Facebook’s Timeline will be boon for hackers (manageddotcom.wordpress.com)
- Here’s What Facebook Timeline Looks Like (techcrunch.com)
(Cross-posted @ Techwag)