Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/a26f9f83/public_html/articles/includes/config.php on line 159
How To Give Away Your Personal Information > NetSparsh - Viral Content you Love & Share

How To Give Away Your Personal Information

Identity Theft and Your Personal Information
--------------------------------------------
Identity theft is apparently the "in thing" these days. By media accounts, hackers and evildoers lurk everywhere trying to steal your personal information. In the past few months, one company after another is being forced to admit customer data has been lost or stolen.

In many cases, they have then come forth repeatedly over the next few weeks, or even months revising the estimated number of impacted customers. To date, I don't think any have ever lowered those numbers.

Identity Theft and Respected Companies
--------------------------------------
Generally speaking, these aren't fly-by-night organizations. These are respected companies who we've come to trust. In many instances, the loss wasn't even the work of a "malicious hacker" or other mystical force beyond their control; it was simple carelessness. The frequency of such reports of identity theft is making it difficult for consumers to feel confident in those with whom we do business. Customers are outraged that companies are not doing more to protect their information from the forces of evil.

You and Your Personal Information
---------------------------------
What about you? How are you at keeping you personal information under wraps? Some of these high profile incidents were the result of a trivial mistake that could have happened to anyone, including you.

Let's consider two events that didn't make the front page of C|Net or CNN.

The Keys To The Castle
----------------------
I consult for a client who doesn't trust me. It's nothing personal, they don't trust anyone. Whenever I visit this site, I am forced to contact the client throughout the visit to have them type a credential, or password, to grant access to a server or router. It's really annoying.

I really respect this client.

They don't really know me; I'm "the consultant". They're taking the proper steps when dealing with a consultant, providing the absolute minimum amount of information required. They would never give me unsupervised access to the network, and certainly wouldn't consider giving me passwords to their servers or routers. Not on purpose anyway.

Then there was the day I was working alongside the client and needed to reconfigure a router to complete a task. It's a long walk to the client's office to get the password for that particular router. Yes, this is a client who apparently has a unique password for every piece of equipment they own. Conveniently the client does keep a password protected file on a USB key that contained the needed information. The client was completely appropriate and even asked permission before using my laptop to fetch the file. I consented, and even made the gesture of turning away while he unlocked the file and retrieved the required password.

Have you ever used Google Desktop Search? It's a very cool, and aptly named, program that is a Google for your PC. It will index your files and make them searchable through a fast, flexible, and easy to use interface. It'll even cache the contents of files so if you move it off your hard drive, you'll still be able to see the contents of what was once there. Normally it does all this in the background when you computer is sitting idle. It also does it anytime you open a file.

Your Personal Information Is The Prize
--------------------------------------
You guessed it. Logins, passwords, public and private IP addresses. You name it, I had it. The client who would never give me a single password had turned over all of them at once.

What kind of wondrous data was now available? Personnel records, salary data, trade secrets? Maybe, if this was a corporate client. What about an academic, a University even? Student records, financial aid forms, and grant information. The possibilities were endless.

I promptly deleted the cache. The customer didn't want me to have the information, nor did I.

Would You Hand Your Credit Card To A Stranger?
----------------------------------------------
The previous example showed how simple it is to inadvertently reveal a large amount of data. It's funny how easily a person can dismiss this type of loss. After all, it's not your data, right?

So let's get a bit more personal.

Convenience And Computer Security Are Rarely Compatible
-------------------------------------------------------
I have a good trust relationship with my next client. She is quite comfortable with me administering and securing the corporate network. When it comes to her personal credit card information however, well, not so much.

Pretty much every web browser available these days has quite a few convenience features designed to make your day to day "net experience simpler". One of these convenience features came into play in this example, specifically the Firefox browser's auto-completion feature.

Not too long ago, I was tasked by this client to make arrangements for transfer of an internet domain to their ownership. Not a difficult task, she could have handled it herself. She was quite a capable computer user; she just didn't want to be bothered with the process.

I set aside 20 minutes to go through her domain registrar's step-by-step transfer wizard. I summoned the client to explain the details of the transfer displayed on my laptop screen. Facing the payment options screen the client asked if she could proceed. I relinquished control of my laptop and she entered the credit card information required to complete the transaction.

Web Browsers Cache Your Personal Information
--------------------------------------------
Most modern web browsers, for convenience, will cache information entered into web forms. The intent is to be able to recall this information if it's requested by another form. The following day, I was in the process of registering another domain with the same registrar and was surprised, for half a second, when the payment screen pre-populated using the same information used the day before. In addition to the credit card information I also had my client's personal home address, and telephone number. This was quite a bit of personal information the client never had any intention of giving me.

So What's Your Point?
---------------------
These two examples are very different but do share two important attributes. First, data the client intended to keep private was revealed to me. Second, the reason for the "compromise" of the data was due to the "victim" working with said data on a computer they neither owned nor were familiar with. Under different circumstances, the end results could have been quite devastating.

Conclusion
----------
When using a computer system you do not own, perhaps at a kiosk, or Internet Café, be aware that the computer itself is going to remember a lot of what you've done as part of basic functionality. Additionally, most entities that are going to provide you with access to a computer, including your employer, probably have systems in place that could collect additional data you don't desire to share. Even WiFi hotspots that allow you to use your own notebook or PDA to surf the web while sipping coffee can be a potential information collector.

The moral of the story is, when dealing with computer systems that aren't your own, never handle data or documents that you wouldn't want left behind unprotected. In all odds, once you walk away from that computer, you've done just that.

About The Author
----------------
Erich currently specializes in providing network and security solutions for small to medium businesses that frequently have to resolve the conflict of need versus budget. His commitment to precision and excellence is eclipsed only by his fascination with gadgets, particularly ones that are shiny, or that blink, or that beep. Erich is a staff writer for http://www.defendingthenet.com and several other e-zines. If you would like to contact Erich you can e-mail him at erich.heintz@gmail.com or DefendTheNet@ParaLogic.Net.

In The News:

This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news

NBCNews.com

White House drafts more clearance cancellations demanded by Trump
Washington Post
The White House has drafted documents revoking the security clearances of current and former officials whom President Trump has demanded be punished for criticizing him or playing a role in the investigation of Russian interference in the 2016 election ...
Admiral who oversaw Bin Laden raid to Trump: 'Revoke my security clearance, as well'NBCNews.com
Ex-CIA Director John Brennan Strikes Back After Trump Revokes His Security ClearanceNew York Times
Why a retired Navy SEAL commander wants Trump to revoke his security clearanceUSA TODAY
Business Insider -Fox News -Washington Post -Wall Street Journal
all 1,932 news articles »

Vox

Trump reportedly plans to strip more security clearances to distract from the news cycle
Vox
What if every time there's a new Omarosa tape, the White House strips another security clearance, as it did with John Brennan? According to a new report, that might be the sort of scenario we're in for. The White House has drafted documents revoking ...
Inside the security clearance revoltAxios
The Russia Investigations: Trump On Collision Course With National Security WorldNPR
Intel trying to stay out of Trump's security clearance blow upCNN
NBCNews.com -WIRED -Business Insider -GovDelivery
all 2,088 news articles »

WIRED

Security News This Week: A Devastating Report on the CIA's Deadly Mistakes in China
WIRED
It has been unclear how the Chinese government knew who to target, but US officials told Foreign Policy this week that Chinese operatives compromised the CIA spy network thanks to flaws in what was supposed to be a secure communication system.


Week In Politics: Security Clearances
NPR
Heard on Weekend Edition Saturday · Domenico Montanaro - 2015 · Domenico Montanaro · Twitter. We have the latest on the week in politics, including President Trump's decision to revoke the security clearance of former CIA Director John Brennan.


CNBC

Security researchers say they can hack Medtronic pacemakers
CNBC
Security researchers say they've found flaws in the Medtronic pacemaker that leaves the life-saving device vulnerable to hackers and puts patients at risk. Billy Rios and Jonathan Butts say they've found vulnerabilities that compromise the pacemaker's ...

and more »

CoinDesk

Can Security Tokens Save Crypto From the Bear Market Blues?
CoinDesk
"Security tokens will save crypto." That's what Trevor Koverko, CEO of the crypto project Polymath, told CoinDesk at a blockchain technology festival in Toronto this week. There, tokenized dividends were the week's hot topic, even despite the bear ...


Kennebec Journal & Morning Sentinel

View from Away: A stunning lack of security in the Situation Room
Kennebec Journal & Morning Sentinel
For a place that most of us will never see firsthand, the White House Situation Room conjures vivid mental images: gleaming high-tech military coordination, late-night strategy meetings with global implications and, most of all, security. It was the ...

and more »

TMZ

Kim Kardashian West It's Not Easy Being Me ... Especially at Red Lights
TMZ
Kim was out and about in Miami with pals Larsa Pippen and Jonathan Cheban when she stopped at a red light and crowds started to swarm around her. She explains how her security has to jump out and hold people at bay, so the vehicle can move when the ...
Kim Kardashian shows off security WALKING alongside her car as they prevent fans from swarming vehicleDaily Mail

all 293 news articles »

KATV

Security deposit secured
KATV
But a month after moving out, Givens received a notice informing him that carpet cleaning, touch-up paint and the replacement of closet doors would cost him his entire $450 security deposit, plus $11 more. We asked: "How are you going to try and get ...


Vox

US sanctions Myanmar's security forces over Rohingya ethnic cleansing
Vox
The Trump administration has placed sanctions on several commanders and units of Myanmar's security forces for their roles in the “ethnic cleansing” of Rohingya Muslims and other minority groups in the country. On Friday, the Treasury Department ...
Treasury Sanctions Commanders and Units of the Burmese Security Forces for Serious Human Rights Abuses | U.S. ...Treasury Department
Senior Myanmar Officials Should Be Held Accountable for Crimes Against HumanityAmnesty International USA

all 532 news articles »
Google News

File Sharing - What You Need to Know!

File sharing on p2p is soaring despite the music and... Read More

How to Protect Yourself Against Online Criminals

Credit card fraud is a growing problem for online businesses... Read More

Virus and Adware - Fix them Both!

We all get the odd virus now and then, but... Read More

Top 10 tips for Safe Internet Shopping

Over £5 billion pounds was spent on online shopping in... Read More

Phishing and Pharming: Dangerous Scams

As soon as almost all computer users already got used... Read More

Is Your Music Player Spying On You?

In today's times spyware is a very serious issue and... Read More

Internet Scams: Dont be a Victim

As the number of people using the Internet as an... Read More

How Can Someone Get Private Information From My Computer?

From the "Ask Booster" column in the June 17, 2005... Read More

Whats All This I Hear About Firewalls?

At this point, if you've got the whole "turning the... Read More

Phishing: A Scary Way of Life

The Federal Bureau of Investigation has identified "phishing" as the... Read More

Phishing - Learn To Identify It

Phishing: (fish'ing) (n.)This is when someone sends you an email... Read More

Fishing for Fortunes. Scam!

Spelt phishing, but pronounced as above, this despicable act is... Read More

Personal Firewalls for Home Users

What is a Firewall?The term "firewall" illustrates a system that... Read More

Phishing: An Interesting Twist On A Common Scam

After Two Security Assessments I Must Be Secure, Right? ---------------------------------------... Read More

Arming Yourself Against Spyware

While clicking from site to site on the internet you... Read More

Spyware Symptoms

Spyware symptoms happen when your computer gets bogged down with... Read More

Phishing-Based Scams: A Couple of New Ones

Phishing in its "classic" variant is relatively well-known. Actually, 43.4... Read More

Wells Fargo Report Phishing Scam

First off I should explain what phishing is. Phishing is... Read More

8 Surefire Ways to Spot an EBAY Scam E-Mail and Protect Yourself from Identity Theft

Ebay is a great site and is used by many... Read More

Dont Miss Information Because of Misinformation

It has been said that with the wealth of information,... Read More

40 Million People Hacked - YOU as Identity Theft Victim

Saturday, MasterCard blamed a vendor of ALL credit card providers... Read More

The Saga of the Annoying Adware

When we think of adware, what comes to mind are... Read More

Top Spyware Removers Considerations

Only the top spyware removers are successful at detecting and... Read More

3 Simple Steps to Stay Safe from Spyware

There are several basic concepts to keep in mind when... Read More

Hacking Threats and Protective Security

The 1998 Data Protection Act was not an extension to,... Read More