- "if you're reading this article, chances are good you have a page on Facebook, too. More than 150 million Americans already use the site, and the number grows daily because Facebook makes it so easy to keep up with friends, family, and colleagues, discover great content, connect to causes, share photos, drum up business, and learn about fun events. To deliver this service, Facebook and other social networks collect enormous amounts of highly sensitive information—and distribute it more quickly and widely than traditional consumer data-gathering firms ever could. That’s great when it helps you find old classmates or see ads for things you actually want to buy. But how much information is really being collected about you? How is it being used? And could it fall into the wrong hands? To find out, we queried Facebook and interviewed some two dozen others, including security experts, privacy lawyers, app developers, and victims of security and privacy abuse. We dug into private, academic, and government research, as well as Facebook’s labyrinthian policies and controls. And we surveyed 2,002 online households, including 1,340 that are active on Facebook, for our annual State of the Net report. We then projected those data to estimate national totals."
Sunday, May 06, 2012
If any organization ignores what their employees (the troops) are doing, chaos reigns. You should log everything and then search for anomalies. Most importantly, you need managers (NCO's?) to actually look at the reports and take appropriate action.
Post-Manning, Army wants to monitor your computer activity
May 5, 2012 by admin
Joe Gould reports:
In the wake of the biggest dump of classified information in the history of the Army, the brass is searching for ways to watch what every soldier is doing on his or her Army computer.
The Army wants to look at keystrokes, downloads and Web searches on computers that soldiers use.
According to Smith, the Army will soon shop for software pre-programmed to detect a user’s abnormal behavior and record it, catching malicious insiders in the act. Though it is unclear how broadly the Army plans to adopt the program, the Army has more than 900,000 users on its computers.
Read more on Army Times.
Sit down and we'll open another can of worms... Government (both state and federal) want health information. Good news: It allows them to recognize and respond to epidemics early enough to save a lot of lives. Bad news: They become a very large (and apparently ill prepared) target for hackers.
By Dissent, May 5, 2012
Eleanor Sundwall has a well-written commentary about the Utah Dept. of Health breach that I hope people read as she articulates how entities respond to a breach may leave the victims of a breach feeling even more victimized. You can read her commentary on the Salt Lake Tribune.
Eleanor’s story raises another issue, however. She writes:
In March, my 21-month-old daughter underwent surgery at Primary Children’s Medical Center. Even though she is privately insured, the medical center apparently gave her identity and health information to the Utah Department of Health’s Medicaid program.
Why did the medical center disclose her information to the state’s Medicaid program? Is that a HIPAA violation? Although she does not pursue that aspect, it’s something I would want to know more about, particularly since the information was subsequently stolen.
[From the article:
The health department does not appear to have the same interest in protecting its constituents as it does its reputation. The agency should have sent a signed, clearly written letter to the victims of this unprecedented security breach. Its failure to do so sends a message that the state agency would like to distance itself from its responsibility to protect the identities of the people it serves — many of whom are children. [This is the natural and perhaps unchangeable nature of a bureaucracy Bob]
How do the rules change when a Social Network decides to stop being neutral?
"Apparently Robert Scoble tried to post a long comment on Facebook only to have a message pop up saying 'This comment seems irrelevant or inappropriate and can't be posted. To avoid having your comments blocked, please make sure they contribute to the post in a positive way.' If true, this is huge. For one the self-moderating system of comments has always been the rule so far. And with countries like India rooting for the pre-screening of content and comments, is Facebook thinking of caving into these demands?"
Facebook says there's a more innocuous explanation: namely, that the comment triggered a spam filter.
“We need to closely monitor our students to ensure they know we closely monitor them, because that ensures they understand they have no privacy. It's for the children!”
"Suzy Harriston wanted to be friends on Facebook. The profile said she was from Clayton [Missouri] and had more than 300 friends, many of them from Clayton High School. No one seemed to question who Harriston was. That is, until the night of April 5, when a 2011 grad and former Clayton quarterback posted a public accusation. '"Whoever is friends with Suzy Harriston on Facebook needs to drop them. It is the Clayton Principal," wrote Chase Haslett.' Suzy Harriston quickly disappeared from Facebook, and Louise Losos, the principal, subsequently took a leave of absence, and then resigned."
(Related) “I don't care if the parents approve and monitor, compared to the government they have no rights! It's for the children!”
Principal threatens to report parents of underage Facebookers
… one school principal thinks that there are so many underage kids on Facebook and other social-networking sites that the parents need to face official consequences.
Paul Woodward, the principal of St. Whites School in the Forest of Dean, England, believes that 60 percent of the kids in his school use social networks. The trouble is that his school caters only to children between the ages of 4 and 11. Facebook's minimum age is 13.
So, as the Daily Mail relates it, he wants to report parents of these kids to child-protection services.
This might seem drastic to some, but Woodward seems convinced that social networking is exposing children to inappropriate material. [Someone suggested that government monitoring is unwise? Bob]
At some point, anyone can begin to grasp the obvious.
May 05, 2012
Consumer Reports - Facebook & your privacy
Who sees the data you share on the biggest social network? Consumer Reports magazine: June 2012
[What conclusions did they reach?
Some people are sharing too much.
Some don't use privacy controls.
Facebook collects more data than you may imagine.
Your data is shared more widely than you may wish.
Legal protections are spotty.
And problems are on the rise.
Chain-Link Confidentiality: A HIPAA-Like Approach To Online Privacy
One major problem with online privacy is that there is really no enforceable chain of confidentiality. So when a third-party service makes your information available to another party, things can get complicated. A new paper by Samford University law professor Woodrow Harzog argues that traditional privacy laws aren’t the best ways to protect private information online. Instead, he suggests an approach that’s more like the U.S. HIPAA rules that currently govern how private health information can be shared between your health provider and third parties. The system he proposes would be based on established principles in confidentiality and contract law.
… For the more lawyerly and in-depth discussion of this, take a look at Harzog’s paper here.
A country that quickly (and illogically?) responds to fear.
"Japan's last active reactor is shutting down today, leaving the country without nuclear energy for the first time since 1970. All 50 commercial reactors in the country are now offline. 19 have been completed stress tests but there is little prospect of them being restarted due to heavy opposition from local governments. Meanwhile activists in Tokyo celebrated the shutdown and asked the government to admit that nuclear power was no longer needed in Japan and to concentrate on safety. If this summer turns out to be as hot as 2010 some areas could be asked to make 15% power savings to avoid shortages, while other areas will be unaffected due to savings already made."
Apparently, cellphones and texting weren't killing enough people.
"I guess is was inevitable, now that BMW is letting you view and make tweets from behind the wheel, but is it really a good idea to let people run smartphone apps from their dashboard monitor? I guess for navigation you could run your favorite map-app there, but there is nothing to stop people from running other apps on their dashboard too. It might be better than texting from the handset, but I'm not sure I want people playing Angry Birds while they drive."
Interesting, but quite incomplete. We need to tap into the student's 'informal thesaurus of tech speak.'
Coining Terminology for Life on the Web
… Some of the words and phrases many of us use to describe our behavior on the Internet did not exist just a few years ago. Others have taken on new uses. In a recent update, for example, the Oxford English Dictionary altered its lexicon, including the coinages “LOL”(laugh out loud) and “OMG” (oh my God).
I am seeing this “suggestion” with increasing frequency. It is interesting, but I've only seen it implemented successfully as 'refresher' training. I'm not sure I would hire someone who had only the specific bits and pieces of training required for a specific job...
Jailbreaking the Degree
… Currently, the degree is the only meaningful “unit” of education to which employers give any credence. Of this dependency, TIME magazine writes, “The tight connection between college degrees and economic success may be a nearly unquestioned part of our social order. Future generations may look back and shudder at the cruelty of it… It is inefficient, both because it wastes a lot of money and because it locks people who would have done good work out of some jobs.”
… The New Republic writes, “Online for-profit colleges haven’t disrupted the industry because while their business methods are different, their product—traditional credentials in the form of a degree—is not.”
… Clayton Christensen predicts, “I bet what happens as [higher education] becomes more modular is that accreditation occurs at the level of the course, not the university; so they can then offer degrees as collection of the best courses taught in the world. A barrier that historically kept people out of university [is] blown away by the modularization and the change in [course-by-course] accreditation.”