It has been an interesting week in Cyber world. Mark Zuckerberg, the CEO of Facebook has had his own personal page and pictures hacked into and released. There are two interesting points about this. Firstly, on the positive side, Mr Zuckerberg actually has enough confidence in his creation that he has a page. Secondly, on the negative side, there are obviously a lot of people that don't like him.
Telstra this week faced a major problem as it was identified that parts of its database were open for all to see. The estimate of people affected range from 100,000 to over 1 million depending on whose spin you listen to. Telstra did the right thing and immediately shut down parts of Bigpond. Of interest was that when I phoned Telstra to find out what was happening, the first person said that they had no idea and that it wasn't a Telstra problem. I phoned a second time. This time I was routed to a call centre in the Phillippines. She was far more frank and said that Telstra had been hacked, they had immediately shut down the system to protect people's data and that it could be three days before the system could be restored.
I am impressed that Telstra actually did what they did.
Vodafone on the other hand had massive outages on Friday across Melbourne. There didn't appear to be any clear answer from the company as to why.
In the end, it raises an interesting point about hackers. I would suggest that there are at least three types.
The first I would compare to a firebug. They hack for the hell of it to see if they can do it. They are not really too concerned about the consequences.
The second is the professional. They are looking for things, people, bank accounts etc.
The third is organised crime. They hack for a range of purposes including identity theft.
The fourth I would suggest is some Governments who actually employ people to do it.
Interesting times.
Stephen Wilcox
Australian Lawyer
Saturday, 10 December 2011
Saturday, 3 December 2011
Cyber Birthdays - Who gets the presents?
One of the interesting things about online activity is the inevitable question for the date you were born. Indeed, even offline activities such as obtaining information about your utility bill, bank account or any other phone based inquiries will generally request your birthday. This can be by voice recognition or keypad entry (two digits for the day, two digits for the month and four digits for the year).
Often, when applying for anything over the telephone, there may be a period where an automated machine reads out the terms and conditions of whatever you are applying for. The Government legislated to protect individuals in this regard such that any term or condition that was unfair was removed.
Virtually anything you do online such as purchasing an airline ticket or joining a site (say EBay) requires you to tick a box agreeing to terms and conditions. Does anyone read them?
I have logged onto Facebook to try and find their terms and conditions. This is not an easy task. Even their own search engine does not bring up their terms and conditions as the first hyperlink as one would expect.
Even more interesting is that I have not logged onto Facebook for over a month. I immediately received an email from Facebook stating 'Sorry that you've been having trouble logging into your Facebook account'. This is an odd message considering that I haven't.
When setting up a Facebook account, you are required to enter your date of birth. Indeed it is a term of use that this is up to date at all times. Why it would change I am not sure.
Initially I assumed that the relevance of this was so that when your birthday came around each year, Facebook (which it does), sends out reminders to all of your friends that it is your birthday. Whilst this is a charming aspect of the site, the real reason for the use of your birthday is set out in the terms and conditions.
The term states 'Your birthday allows us to do things like show you age-appropriate content and advertisements'.
Of further interest is 'Other information we receive about you'. This includes:
'When you post things like photos or videos on Facebook, we may receive additional related data (or metadata), such as the time, date and place you took the photo or video'
This is an oxymoron. Metadata is defined to mean 'data about data' or 'descriptive statistical information about the elements of a set of data'. The wording 'data (or metadata)' literally means 'data (or data about data)'.
Even weirder:
'We receive data from the computer, mobile phone or other device you use to access Facebook. This may include your IP address, location, the type of browser you use or the pages you visit.'
Presumably this is only within the limits of the Facebook 'sphere'. The clause then goes on (and I am not sure how the two are connected:
'For example, we may find your GPS location so we can tell if any of your friends are nearby'
I have not yet seen Facebook activate this. Why would they want it?
In any event, your birthday is not so that Facebook can send you a present. It is a data (or metadata) collection mechanism.
Finally, one would think that of more importance for your birthday is so that Facebook can scan and remove minors from the site.
Stephen Wilcox
Australian Lawyer
Often, when applying for anything over the telephone, there may be a period where an automated machine reads out the terms and conditions of whatever you are applying for. The Government legislated to protect individuals in this regard such that any term or condition that was unfair was removed.
Virtually anything you do online such as purchasing an airline ticket or joining a site (say EBay) requires you to tick a box agreeing to terms and conditions. Does anyone read them?
I have logged onto Facebook to try and find their terms and conditions. This is not an easy task. Even their own search engine does not bring up their terms and conditions as the first hyperlink as one would expect.
Even more interesting is that I have not logged onto Facebook for over a month. I immediately received an email from Facebook stating 'Sorry that you've been having trouble logging into your Facebook account'. This is an odd message considering that I haven't.
When setting up a Facebook account, you are required to enter your date of birth. Indeed it is a term of use that this is up to date at all times. Why it would change I am not sure.
Initially I assumed that the relevance of this was so that when your birthday came around each year, Facebook (which it does), sends out reminders to all of your friends that it is your birthday. Whilst this is a charming aspect of the site, the real reason for the use of your birthday is set out in the terms and conditions.
The term states 'Your birthday allows us to do things like show you age-appropriate content and advertisements'.
Of further interest is 'Other information we receive about you'. This includes:
'When you post things like photos or videos on Facebook, we may receive additional related data (or metadata), such as the time, date and place you took the photo or video'
This is an oxymoron. Metadata is defined to mean 'data about data' or 'descriptive statistical information about the elements of a set of data'. The wording 'data (or metadata)' literally means 'data (or data about data)'.
Even weirder:
'We receive data from the computer, mobile phone or other device you use to access Facebook. This may include your IP address, location, the type of browser you use or the pages you visit.'
Presumably this is only within the limits of the Facebook 'sphere'. The clause then goes on (and I am not sure how the two are connected:
'For example, we may find your GPS location so we can tell if any of your friends are nearby'
I have not yet seen Facebook activate this. Why would they want it?
In any event, your birthday is not so that Facebook can send you a present. It is a data (or metadata) collection mechanism.
Finally, one would think that of more importance for your birthday is so that Facebook can scan and remove minors from the site.
Stephen Wilcox
Australian Lawyer
Subscribe to:
Posts (Atom)