Your Online Privacy: Because Your Privacy Matters!

Rule 8: Respect other people's privacy - Core Rules Of Netiquette

The Core Rules of Netiquette are excerpted from the book Netiquette by Virginia Shea. Click on each rule for elaboration.

* Introduction

* Rule 1: Remember the Human

* Rule 2: Adhere to the same standards of behavior online that you follow in real life

* Rule 3: Know where you are in cyberspace

* Rule 4: Respect other people's time and bandwidth

* Rule 5: Make yourself look good online

* Rule 6: Share expert knowledge

* Rule 7: Help keep flame wars under control

* Rule 8: Respect other people's privacy

* Rule 9: Don't abuse your power

* Rule 10: Be forgiving of other people's mistakes

Read: Core Rules Of Netiquette

"I Can Be Your Facebook Stalker"

I was surfing the net and came across this nice piece of video by Penn Masala called The Facebook Skit. I must say that it is a pretty interesting piece of video which tries to summarize how your privacy can be violated from Facebook. Funny, cute, well edited and excellent.

Businesses Loose Millions In Productivity Over Social Networking Sites

Does your company have Internet Access Policy? Is the policy ever enforced? Do you know where your employees are going on the internet while they are "working"?

According to employment law firm Peninsula, 233 million hours of productivity are lost every month as a result of employees "wasting time" on social networking. So while you think that the employee sitting in the corner cube is deep in research, he most probably is browsing the social sites and making "friends."

Some organizations are using Facebook and other social sites as motivational sites, many or rather most companies see such sites as waste of employer time, money and resources and are taking steps to block access to such sites. Over and above the fact that such social sites are waste of time when accessed during work hours, they are also harborers of unwanted downloads, and such downloads generally contain viruses, keyloggers or spyware.

Lesson Learnt: Organizations should make every effort to block access to sites that can cause a loss of productivity or could open their It infrastructure to unwanted threats from the outside.

Read: Facebook 'costs businesses dear'
Read: Should you ban social networking sites at work?
Read: Employers urged to ban social networking websites.

Technorati Tags: Face

Pornographic Images, Social Abuse & Bullying Found On Social Sites

.... and you thought bullying was restricted to school and playground only. Welcome to the digital era where teens are being bullied and subjected to social abuse on the internet. A study of two of the most frequented social sites MySpace and Bebo by a UK based company Computing Which found pornographic images, evidence of bullying and also inappropriate advertisements on the sites.

As per a recent article posted on BBC News, researchers found a "sinister" side of the social sites and found out that accounts could be created with relative ease and no age check was mandated to make sure the person creating the account was as old as was being projected.

Researchers also found that the sites did not enforce any privacy restrictions and relied only on users reporting any kind of abuse.

Lesson Learnt: Keep an eye on that MySpace or Bebo or any other social networking site account of your kids. You as parents have a right to know their password and make sure you log on to the account frequently to see who they interact with. Also, as parents make sure the computer being used by your teen is kept in a public area of your home, so that you can keep an eye on the happenings.

Read: http://news.bbc.co.uk/1/hi/technology/5344722.stm

Pictures Lifted From Matrimonial Website Used For IPO Scam

Over the past few years many Matrimonial (aka dating sites in the west) sites have cropped up. These site promise to find the best mate you can ever find, for you. For those of you who are from the west, should know that arranged marriage is a common thing in some Asian countries and many a times marriages are arranged without the bride and the groom having even seen each other. It is a trend in these countries for the parents to look for a suitable bride or groom for their grown up sons and daughters. With the growing trend of Matrimonial sites cropping up by the hundreds all over the web, it is an easy place for parents to look for a suitable match.

Unfortunately, it is also an easy place for scammers to lift your picture and other basic details to be used for unauthorized purposes. This is exactly what happened in India, when some scammers lifted some pictures and some basic information from a very popular Matrimonial site called shaadi.com and used the information to subscribe to upcoming IPOs (Initial Public Offer). The CBI (Central Bureau of Investigation) chargesheeted 22 people including bank employees for running the scam. As per CBI one persons picture was used to create as many as 15 accounts under different names.

Lesson Learnt: Be careful when posting your picture online on any dating or matrimonial site. If you must post a picture, make sure it is small, taken from far off and preferably a side pose.

Read: Photos from marriage website used in IPO scam

Are Your Passwords Easy To Guess?

Considering the fact that I have been in the IT field since the time I moved from diapers to undies, I can say with authority that 95% of users I have dealt with lack the basic concept of what a password should be.

I have seen users write down their passwords on sticky notes and put it on top of their monitor, and when asked why is it there, the standard reply is ... "oh so that I don't forget it," but they fail to think that it is easy for others to read also, unless of course the person reading is blind.

Don'ts For Online Passwords

Your password is your key to something, just like you would not trust someone you don't know with your house keys or car keys, you should not trust anyone with your password.
Your dog's name or the name of your first born son, daughter, granddaughter, grandson is not a password.
Writing your password on a yellow sticky or pink or blue sticky and putting it on your computer monitor is a dumb thing to do.
Even dumber thing to do is to write on the sticky your username and password.
Don't yell your password for your IT guy from across the hall, he might be hard of hearing but not deaf.
Don't give out passwords to anyone who calls you to say that he is an IT guy and needs your password to fix something. 98% chances are that the guy on the other end of the line is a hacker who is employing "social engineering" to get unauthorized access to systems.
By the way did I tell you that your pets name or your kids names are not passwords? They are signs for hackers which say "Come Access My Systems"
Don't use auto store of username and passwords in your browser or on your computer. If your machine gets stolen, the thief will have access to everything private of yours.

Do's For Online Passwords

Your password should be a minimum of at least 6 - 8 characters and MUST be a combination of letters and words. Even better if it has a special character ($%*^#) in it.
Your password should never be easy to guess or something that can be cracked easily. Basically, your password should not be a dictionary word.
NEVER EVER give your password away to ANYONE.
DO NOT loan your passwords to anyone. No matter how good a friend the person is, you never know what damage the person can do with your password now or at a latter date.
Change your passwords every 60 days if not every 30 days and do not repeat them.
If you do have a memory issue and want to write your password down, write it on a small piece of paper and keep it at the bottom of your purse. Never write the userid and password on the same piece of paper.

In of the companies I worked for, the CEO had a password which was the nickname for the persons spouse and had never changed in years. Is that a good password policy for someone who should be the one implementing the policy?

Please remember that most of the security compromises that take place are due to lack of or weak passwords. Always have a strong password and follow some basic ground rules for making one.

PS: NEVER WRITE YOUR ATM PIN NUMBER ON THE BACK OF YOUR ATM CARD....DUH!!!!

New Computers Loaded With Junk Software

So my friend decided to buy a new laptop. He did extensive research online looking for the best laptop that met his needs. He compared CPU, RAM, Hard Drive, CD/DVD Writers, Screen Size, Screen Resolution, Warranty, Keyboard Size, Number of Ports and of course the Price of the laptop. Finally he found one that met his budget with almost all his requirements and would be the best to do what he needed to do. He came home with his spanking new laptop and turned it on to play with his baby.

Two hours after turning the laptop on, I got a call from him. He wanted to know how to get rid of all the junk software that came pre loaded with his new $1500 laptop. He wanted to get rid of everything that was not meant to be there, but had been preloaded by the manufacturer for advertising and collecting personal information and don't forget selling third party applications.

Why do manufacturers add on useless junk software on the machine pre-installed? If I am buying a machine I do not want links to Quicken and AOL and Yahoo and Money and Every-Known-To-Man-Toolbar, do I?

By pre installing the junk software the hardware manufacturer is trying to entice the user to subscribe or buy or try the software the buyer did not want in the first place or had wanted.

So the next time you or your friend buys a machine, the first thing to do as soon as you turn it on is to follow the following steps:

1. Click on Start ---> Settings ---> Control Panel
2. Double Click Add/Remove Programs
3. Click Install / Uninstall tab or click the Change or Remove Programs button
4. In this section you will see a listing of programs that are currently installed.
5. Go through the list and highlight the program you see as Junk which came pre installed or any program that you do not think should be there, and click the add/remove or uninstall option.
6. Repeat step no. 5 for every program you do not want. Some uninstalls may need a restart before you can remove more.

This process will help you get rid of the unwanted junk that came pre-installed on your new machine.

Take control of your machine, don't let the hardware manufacturers dictate what you can or cannot have on your machine, that you paid for.

Gone Phishing?

Yes Phishing not Fishing.

(phishing) (n.) The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the users information and sometimes identity.

So the next time your friends ask you to go fishing, make sure you clarify if it is fishing or phishing. Obviously you would not want to go phishing with them, would you?

US State Department Letter Informing Me Of Winning The Lottery ... Call Bangkok!

I have to quickly finish writing this post today, as today is my lucky day. I am a winner today and I need to run out and buy my lottery ticket. The first email I got today was from the US State Department that I had won a lottery and I had to call Thailand and pay 755$ (not $755) and email usagcls@thaimail.org with any questions. Remember the email came with a total genuine State Department Seal and the whole nine yards.

The big question here is that I never applied for any such lottery so since when did people start winning lotteries without even buying tickets?

I checked their website www.greencardforall.org and it is a total fake. The site has only one purpose, to collect money and personal information from users.

--------------------------------

Office # 1793
14781 Memorial Drive
Houston, TX 77079 USA
From the U.S. Department
of State Bureau of Consular
Affairs Visa Services:
www.greencardforall.org

Dear Winner.

Congratulation! You are among those selected randomly as one of the lucky winners of the U.S Green Card in DV-2007 diversity immigrant program for fiscal year 2007. Please retain this letter and take it with you to your visa interview when needed.

Approximately 100,000 individuals were selected for further processing; Therefore, it is most important that you carefully follow these instructions to increase your chance of possible visas issuance.

Please read and follow all the enclosed instruction very carefully. ALL FORMS AND CROSPONDENCE must send to the Asia pacific consular center by email attach at the above E-mail address. Please notify the Asia Pacific consular center of any change in address, addition or deletion of any other information which you believe may effect your application.

Always contact our consular center office in Bangkok for guidelines and direction.
If is should be necessary to contact the Asia pacific consular center by telephone you must always refer to your name and the case number exactly as the appear below.. Your case number should be clearly written in the upper right hand corner of ALL documents and the correspondences sent to the Asia pacific consular center.

Below are the requirements needed:

1) Scanned two copies of your recent passport photographs, members of your family passport photo should also be scanned if you are traveling with your family members.

2) Scanned copies of your international passport &I.D card, members of your family international passport &I.D card should also be scanned if you are traveling with your family members.N.B Your family member above the age of 16 requires an international passport for travel.

3) Administrative/Processing Fee of 755$ each.

NOTE: Participation is free. USAGC Organization charges for its professional and expertise service we give you. Our professional includes: application service, information check, correcting of wrong or invalid data, support in different language, correct completion of the application, and submission of application on time and to correct address. USAGC ensure that your application will not be disqualified. For more information send us your questions.

Case number: 2007BK21783000
PA Name. **************
Preferences Categories: DV DIVERSITY
Foreign State Chargeability: THAILAND
Post: BANGKOK

Contact the Asia pacific consular center immediately with the listed information’s stated here.
Contact Person: Mr. Lewis Taylor
Telephone number: + 66-8 1499 4471 (24 hours operator)
Office Tel: + 66 (2) 2653-429 (online:9: am close at 5:30 pm)
Tel Fax: + 66 (2) 2653- 6291
E-mail : usagcls@thaimail.org

... and you thought facebook was safe?

Over the past few months investigators have done extensive testing of the privacy and safety measures of Facebook. Unfortunately, Facebook which once was considered to take user privacy very seriously, flunked the testing. Investigators posing as underage users were able to make contact with other users for various reasons. New York State AG wrote in his letter to Facebook, while subpoenaing Facebook, “My office is concerned that Facebook’s promise of a safe Web site is not consistent with its performance in policing its site and responding to complaints,”

Read more about what the AG had to say and what Facebook thinks about it: http://www.dmnews.com/cms/dm-news/legal-privacy/42573.html