Is Big Data a Big Danger?

By Carl Weiss

Big business calls it Data Mining.  Consumers think of it as an invasion of privacy.  Cybercriminals look at it as an opportunity to line their pockets.  What it boils down to is the fact that as you surf the web it leaves digital breadcrumbs that people can scoop up in an effort to make money.  If this bothers you, then you need to be aware of how your browsing habits can be used against you as well as what you need to do to minimize the electronic trail you leave every time you go online.

Drilling for Consumer Gold

While the term “Data mining” was coined in the 1990’s, the actual practice of digital data storage and manipulation has been around for more than 30 years.  An outgrowth of database management and machine learning systems that were developed in the 1980’s, data mining was traditionally used to find patterns and relationships in order to predict buying habits.  In the early days of the internet, this was accomplished by getting the consumer to fill out online surveys that were designed to get them to divulge key buying and income information that could be used to deliver targeted advertisements. (If you ever entered a contest to win a prize online, you are familiar with this kind of tactic.)

However, with the advent of social networks and with the rise of web browsers that were designed to report on every keystroke (such as Google Chrome), it is no longer necessary to offer an inducement to consumers to ascertain their buying and browsing habits.  This explains why you continue to see ads for products after you search for them on most search engines.  If that was where the trail ended, most people would just shrug it off as the cost of doing business online. 

Far from being the be-all or end-all of the equation, the gathering and initial use of this data is only the tip of a vast submerged iceberg.  Because once this data is accumulated it is then packaged and sold on a worldwide basis to anyone and everyone willing to pay for it. 

Who Buys My Data?

The NSA, FBI and other government entities pay for access to mountains of data.

An August 24, 2013 report by the Wall Street Journal stated that,

Microsoft, Google, Yahoo and Facebook all supply user data to the NSA based on secret ordered from the Foreign Intelligence Surveillance court under a program known as Prism. Although U.S. law mandates compliance, the government usually helps pay for it.

While many of the companies that share data with the government, such as Microsoft, extol the fact that they only provide this information because they are legally ordered to, all of the major players not only accept compensation, they expect it.

A Yahoo spokeswoman referred questions to its Friday comment in the Guardian. “Federal law requires the US government to reimburse providers for costs incurred to respond to compulsory legal process imposed by the government,” the company told the newspaper. “We have requested reimbursement consistent with this law.”

We’re not talking chump change here either.  More importantly, who else do these internet edifices share or sell their data with?  Well, it all depends on who you ask.  Take Google, for instance.  While the world’s largest search engine is tight lipped when it comes to who they share or sell information to, in a 2008 article in the German magazine Stern, the magazine bought a list containing the names, addresses, dates of birth, occupations and phone numbers of hundreds of German citizens from the world’s most popular search engine. 

The writer of the article actually picked up the phone and called the phone numbers on the list, informing each person who picked up how and where he had obtained the information.  Since Germany has strict laws regarding the protection of personal data, those who were contacted were outraged as was the German government, who subsequently sued Google.

http://translationmusings.com/2008/09/07/does-google-sell-its-users-personal-data/

Google wasn’t the only internet company sued over privacy issues by Germany.  So was Facebook, which was dragged into a lawsuit by German authorities in 2011 over its use of face recognition software on its services.

Of course in the United States there are no such legal speed bumps in the data mining superhighway.  More to the point, not only is your personal information available, but what is amazing is the sheer volume that is being collected. And while search engines and social networks can be tight lipped when it comes who can use their data, there are other companies that are quite up front when it comes to selling the personal data of every man, woman and child in the US.

Two companies, Acxiom and Epsilon, are a couple of the largest data mining operations in the world.  To quote Wikipedia, “Acxiom has been described as "one of the biggest companies you've never heard of.  In addition to collecting information about people, the company helps marketers anticipate the needs of consumers. According to the documentary "The Persuaders." As the world's largest processor of consumer data, Acxiom has identified 70 types of consumers with its segmentation product PersonicX.”

Here’s some data on Acxiom: In the third quarter of 2012, Acxiom’s revenue was $281 million, which was down 2% from the same quarter a year before.  For the fiscal year that ended March 31, 2011, Acxiom’s revenue was up 5.5% to $1.16 billion.

“Most people know that basically everything that we do on the Internet is tracked, but data mining goes far beyond that.  When you use a customer rewards card at the supermarket, the data miners know about it.  When you pay for a purchase with a credit card or a debit card, the data miners know about it.  Every time you buy a prescription drug, that information is sold to someone.  Every time you apply for a loan, a whole host of organizations is notified.  Information has become an extremely valuable commodity, and thanks to computers and the Internet it is easier to gather information than ever before.” 

http://theeconomiccollapseblog.com/archives/data-mining-big-corporations-are-gathering-every-shred-of-information-about-you-that-they-can-and-selling-it-for-profit

Who Owns My Data?

The biggest problem for consumers is that for the most part, they do not own their data.  If you subscribe to any social network, blog or portal you need to read the find print in their user agreements.  Because if you do, you will find out that while you are free to post information about yourself and your friends, you do not in fact own it.  The operators of the social networks, blogs and portals do. 

The only way to be sure of who owns what is to actually read the user agreements that are part and parcel of every browser, search engine, portal and social network.  How many of us ever do that?  This is important since the terms of use change from year to year.  Google has made a number of sweeping changes to its privacy issues over the years. (No wonder, since they spend a great deal of time defending their data collection habits in court.) In the current iteration under the heading of “Information We Share” is the following:

We do not share personal information with companies, organizations and individuals outside of Google unless one of the following circumstances applies:

·         With your consent

We will share personal information with companies, organizations or individuals outside of Google when we have your consent to do so. We require opt-in consent for the sharing of any sensitive personal information.

·         With domain administrators

If your Google Account is managed for you by a domain administrator (for example, for Google Apps users) then your domain administrator and resellers who provide user support to your organization will have access to your Google Account information (including your email and other data).

Have a Cookie

The real elephant in the room is the fact that for the most part, companies and/or individuals who want to track your every movement online do not have to even ask your permission.  All they have to do is get you to accept their cookie.  These cookies are not as sweet as they sound.  All they are is a subroutine that is designed to collect information from your computer, tablet or smartphone.  The way they get onto your system is simplicity itself.  You open the door and let them in.

Have you ever downloaded a “Free App?”  Have you ever signed up to play a “Free Game?”  Have you ever entered a “Free Contest?”  If the answer is yes to any of the above then you may have accepted a cookie onto your system that is now free to roam and collect as you point and click.  Some people have so many cookies on the loose in their machine that it slows it to a crawl.  Sound familiar?

How Do You shake the Bugs Out of the Rug?

While the cleaning mechanism varies from browser to browser, there are ways to clean the digital carpet.  If you are using Chrome, click on the master control button on the far right of the browser.  (It’s the one that has three parallel black lines.)  By clicking on this button and then hitting history you will be able to clear out both your browsing history and any cookies that you have picked up along the way. (You can also hit Control H.)  While this won’t prevent other cookies from attaching themselves to your device, it will shake out those already onboard. (You can also buy third-party web scrubbers such as AdvancedSystem Care, that will not only shake the bugs out of the rug, but it will also add an additional layer of adware protection to help you keep these freeloaders out of your system.)   You can also switch to search engines such as duckduckgo.com that does not track your browsing/search habits.

Better still is to opt for a more proactive approach.  This entails being more careful about where you click and what you accept for free.  In terms of browsers, you can either find a browser (such as Komodo Dragon) http://www.comodo.com/home/browsers-toolbars/browser.phpthat does not collect user information.  Or, if you are a dyed-in-the-wool Chrome user, you can hit the same master control button and opt to open a “New Incognito Window.”  While using this option will eliminate some of your browsing traces such as search history and cookies, according to Google, it still doesn’t protect you from:

Going incognito doesn't affect the behavior of other people, servers, or software. Be wary of:

• Websites that collect or share information about you
• Internet service providers or employers that track the pages you visit
• Malicious software that tracks your keystrokes in exchange for free smileys
• Surveillance by secret agents
• People standing behind you

While changing your browsing habits may seem so much like work, when you realize all the many ways that your personal information can be compromised by others, the last thing you want to do is help them dig a hole from which you cannot hope to escape. 

Carl Weiss is president of Working the Web to Win, a digital marketing agency in Jacksonville, Florida.  He is also co-host of the weekly radio show of the same name which is broadcast live every Tuesday at 4 pm eastern on BlogTalkRadio.

Are You Ready for the Internet of Everything?

By Carl Weiss

“Open the pod bay door, Hal.”

Everybody who has ever seen the sci-fi classic 2001 A Space Odyssey remembers the climactic faceoff between Astronaut Dave Poole and HAL the artificially intelligent computer that ran the spacecraft and ultimately tried to do in its crew. What made the scene so riveting was the fact that it was clearly the computer and not the astronaut who had the upper hand.  The reason that I bring up this bit of trivia is due to the fact that when I hear all the talk circulating in the media about the “Internet of Everything,” I am immediately reminded of this pivotal scene where a computer that was built and programmed specifically to assist human beings inevitably does just the opposite.

To the uninitiated, the Internet of Everything was credited to Kevin Ashton who coined the term in 1999.  At its core, what it refers to are devices that in essence can sense their environment and communicate with other devices as well as with their owners and other people.  Already there is a smattering of smart appliances on the market, such as smart thermostats that automatically adjust the temperature based upon the user’s schedule and smart refrigerators that text you when you are running low on milk. But what most people are unaware of is the fact that appliance manufacturers, car builders and even textile producers are all looking to jump onto the bandwagon.

The reason for this is twofold:

1.      In the first place, both the costs and size of sensors, controllers, power supplies, memory and wireless transmitters is falling at a rapid pace.  (Combining these components into an existing appliance or piece of apparel is already below $30 in many cases using off-the-shelf components.) 

2.      As Google knows all too well, there’s money to be had in the sale of online advertising.  In the not-too-distant future you can expect your smart shirt to not only report to you and your doctor the state of your health, but you better bet that you will start receiving emails and texts for pharmaceuticals that purport to correct a condition or enhance performance. (If you think that TV ads can be annoying, just wait until your prescription medicine bottle and t-shirt starts working for Madison Avenue.)

Clearly the desire for smart devices is being touted by industry.  It’s also being pushed by the federal government, who is pushing for what’s known as V2V or Vehicle-to-Vehicle technology that is going to forever change the way you operate a motor vehicle.  While today’s cars and trucks are computerized, until now the only thing that these computers did was make sure that the engine was running properly.  With V2V, what is going to happen is that your car will become self-aware via sensors that are designed to detect and react to traffic in real time.  Try to enter an intersection where another vehicle is headed and the car will hit the brakes.  Try to merge into a lane where a truck is fast approaching and the car will take evasive action.  While this technology is being touted as a safety device, like every other technological innovation that has come down the pike, there is a dark side to it.

Just as with other internet-ready devices, V2V technology is designed to communicate with other vehicles wirelessly.  This opens the door for hacking.  While hacking your smart refrigerator may result in the milk spoiling, could hacking your V2V equipped car be an entrée for everything from digital road rage to kidnapping. Who knows?

What is a certainty is that smart devices are here to stay.  As opposed to waking up one morning to find yourself surrounded by self-aware appliances, it’s more likely that like the personal computer the paradigm shift will start slowly and then ramp up within the next three to five years.  Already devices and subscription services are starting to show up, such as AT&T’s digitallife service that offers to protect and automate your home for one low monthly price. 

Their YouTube video shows ma and pa sitting on the porch when the kids pull up. After telling their dad that they stopped by the house, Dad asks, “Did you leave the house in good shape?”  The twenty-something kid replies, “Of course.”  At which point, dad reaches into his pocket for his smartphone, which he uses to turn on the home’s cctv camera, turn off a faucet that was left running and lock the front door. (View the video below.)

My point is, once home automation becomes as turnkey as cable subscription services, the race will be on by businesses large and small to stake a claim. Remember all the entrepreneurs that entered the dial-up ISP business back in the late 90’s.  Of course, unlike these early Internet pioneers, if these Internet pioneers experienced technical difficulties such as their servers going down or when they got hacked, it was more of an inconvenience than an emergency.  If the new wave of home automation experiences a glitch, would it be possible that your home could aid and abet a burglar, or heaven forbid, would it be possible that you won’t be able to gain entry to your own premises?

“Open the front door, Hal!”

Need I say more?

 Carl Weiss is co-host of Working the Web to Win which is streamed on both BlogTalkRadio and YouTube.  

Eye Spies - Who's Watching You in the age of Digital surveillance?

By Carl Weiss

 

You see them at intersections, on buildings and at the mall.  Casinos are chock full of them, as are banks, department stores and the corner 7-11.  At least one world-renown author has written a book about a society beset by them and the current President of the United States recently spoke about them when he said, "In the abstract, you can complain about Big Brother and how this is a potential program run amok, but when you actually look at the details, then I think we've struck the right balance."

The author I mentioned is George Orwell, who penned a novel about the very thing that President Obama was talking about.  Nineteen Eighty-Four was the novel that depicted a police state bent on tracking the movements and thoughts of its citizens. The novel’s rallying cry was one of, "Big Brother Is Watching You."  This is the very same Big Brother that the President called by name in one instance only to shrug it off at the next.  

Oh Brother!

While the Commander in Chief was talking specifically about the exploits of the NSA, what most people do not understand is that the spy agency is only the tip of a vast surveillance iceberg that operates with impunity on a worldwide basis.  Sometimes its product is being watched by various federal, state or local government agencies.  Sometimes it is perpetrated by big business.  At other times it can be under the control of everyone from snooping ex-husbands or wives, to nosy neighbors, prying teenagers or criminal elements that intend on doing you harm. 

The fact of the matter is that it’s almost too easy to spy on the public these days.   Not only are surveillance cameras cheap to own and operate, but they are now built into every laptop, tablet and Smartphone on the market.  Many automobiles come from the factory with them already installed.  There are even industries built around installing them in and around homes and offices.  Since most of these devices are Internet-enabled, this means that off-the-shelf software is all it takes to hack into and take control of these cameras.

Eyes See You

Think that sounds more than a little paranoid?  Tell that to Miss Teen USA Cassidy Wolf, who was blackmailed by a hacker who used her laptop’s webcam to take nude photos of her without her knowledge.  The hacker used what’s known in the industry as a remote administration tool (RAT) that is able to not only remotely operate a victim’s webcam , but it can also disable the little light that lets someone know that their webcam is on. (And to think that not too long ago celebrities had only to worry about pushy paparazzi trying to catch them in compromising situations.)

In September, the FBI arrested a 19-year-old man named Jared Abrahams from Temecula, California, on charges that he hacked into the social media accounts of several women, including Wolf, and took nude photographs of them by remotely controlling their webcams. He then allegedly contacted the victims and threatened to post the pictures on their social media profiles unless they sent him more nude photos and videos or did what he demanded for five minutes in Skype video chats. http://www.macworld.com/article/2081940/researchers-older-mac-webcams-can-spy-without-activating-warning-light.html

RATS

While ratting has gotten much of the notoriety when it comes to using a target’s own camera to spy on them, it is not the only way to break and enter digitally.  One of the easiest ways to break into a computer is via email.  Just before Christmas 2013, staffers from the Electronic Frontier Foundation (Dedicated to Defending Your Rights in the Digital World) received an email purportedly inviting them to a conference in Asia hosted by Oxfam International.  The email directed EFF’s staff to click on a pair of links that purportedly contained information regarding the conference.  When they realized that the links were not hosted on Oxfam’s domain, but resided instead on Google drive they smartly did not click on the link which in all likelihood contained malware.

EFF has written extensively about the worsening situation for bloggers in Vietnam, supporting campaigns to free high-profile bloggers such as Le Quoc Quan and Dieu Cay, and criticizing the Vietnam’s Internet censorship bill.  Vietnam’s Internet spying campaign dates back to at least March 2010, when engineers at Google discovered malware broadly targeting Vietnamese computer users. The infected machines were used to spy on their owners as well as participating in DDoS attacks against dissident websites. 

Of course the majority of the public are not on the blacklist of unfriendly governments.  So why should the average Joe or Jane worry about their privacy being invaded by hackers?  Because some hackers make a tidy living from this kind of activity, that’s why.  And I’m not talking about sextortion here.

As long as there have been homes and businesses there have been burglars.  In the past, thieves had to risk being detected while they cased a home or a neighborhood in search of targets of opportunity.  (This is why the neighborhood watch was invented.)  The problem in the digital age is that thieves no longer have to prowl the neighborhood to determine a victim’s patterns.  That’s because your home or business may become their unwitting accomplice.

Instead of a Midnight Snack, Could Your Fridge Abet a Midnight Attack?

The latest things to hit the market are smart appliances.  Everything from smart lighting and entertainment centers, to wireless security devices and the networks upon which they operate are subject to being hacked.  As a rule, if you can use your Smartphone to set your home’s thermostat, open your garage door or let you view your home when you are away, then so can a thief.  While “Smart Homes” are all the rage, a number of people in the know consider them to be a major chink in your home’s security armor. 

Could hackers gather information from smart lighting, entertainment, or security devices – or the networks on which they communicate – to determine patterns of when you are home, when you are likely to have company over, and when your house is empty?

http://www.forbes.com/sites/josephsteinberg/2014/01/27/these-devices-may-be-spying-on-you-even-in-your-own-home/

Internet enabled appliances, which run operating systems like Windows or Android, can be co-opted by hackers’ malicious code in the same way your computer or phone can be hijacked. Once taken over by the hacker software, the appliance is used to send spam (containing virus links, for example) or to mount denial-of-service attacks. A hacker who had co-opted multiple Internet-equipped refrigerators and garage door openers could use their combined power to inundate an Internet target with email or other malicious activity.
Read more at http://www.wnd.com/2014/01/is-your-fridge-sending-malicious-emails/#1fRkHMH7DX8YpXIC.99

So does the prospect of your fridge spying on you weird you out?  Then just wait until you hear what the government has in store for your car.  Called Vehicle-to-Vehicle Technology, or V2V, it is being touted as a way of making driving safer by enabling vehicles to communicate with one another in real time.  This means the addition of such things as motion detectors, radio beacons and, you guessed it, cameras that are designed to help drivers avoid collisions by either warning them audibly or forcibly taking control of the vehicle to avoid a crash.  Anyone who has seen Minority Report knows what else this technology could be used to accomplish.)

Transportation Secretary Anthony Foxx said the Obama administration decided to announce its intention to require the technology in new vehicles in order to "send a strong signal to the (automotive industry) that we believe the wave of the future is vehicle-to-vehicle technology."

Read more: http://www.abc15.com/dpp/news/national/v2v-technology-us-unveils-plan-for-cars-of-the-future#ixzz2sJcamcLp

Shop Til You Drop?

This is on top of all the automated surveillance systems already being used in shopping malls and big box stores. Not only do shopping center eyes in the sky watch for shoplifters and observe employees, but they can also be equipped with face recognition software, or be programmed to observe and track shoppers as they window shop and make purchases.  More disturbing still is the fact that coming to a mall near you is a new technology that will allow store owners to tailor ads displayed in strategically placed kiosks that match a shoppers demographics.

Shoppers at the new International Finance Center Mall in Seoul can find their way around the four-story complex by approaching one of 26 information kiosks. When they do, they also are being watched. Just above each kiosk's LCD touch screen sit two cameras and a motion detector. As a visitor is recorded, facial-identity software estimates the person's gender and age.  The system's makers, two companies from South Korea's SK Holdings Co. conglomerate, plan to allow advertisers to tailor interactive ads on the kiosk by those attributes.

http://online.wsj.com/news/articles/SB10000872396390444897304578044322254166986

So to sum it up, when it comes to who’s watching you in the digital age, a better question is, "Who isn't watching?"  I mean, you can’t take a walk, you can’t go shopping, you can’t take a drive and you can’t stay home without being observed, categorized and computed.  Or, to put it bluntly, when it comes to eye spies, it turns out that George Orwell was an optimist.

When he isn’t hiding under his desk, Carl Weiss is cohost of the BlogTalk Radio and YouTube video series Working the Web to Win.