Five Breaches To Your Privacy in 2014 That You Might Have Missed
By Philip Bates, Make Use Of, 30 December 2014.
By Philip Bates, Make Use Of, 30 December 2014.
As you may know, 2014 hasn’t been a good year for privacy. An ever-increasing pool of people are interested in you.
Numerous publications revelled in the private lives of celebrities, but 2014 was also the year the spotlight shone on the general public. Can we learn anything from these breaches?
They say that if you don’t pay for something, you are the product. Here’s how your privacy was infringed upon in just 12 months…
1. The NSA
What Happened?
We all know our governments keep tabs on what we do, but it’s the extent of their interest in us that sometimes comes as a shock. Last year, we investigated PRISM, the National Security Agency’s surveillance program, and found out that even your emails aren’t private.
This year, it turns out that showing any interest in online privacy at all will get you on the NSA’s Watch List. And yes, because you clicked on this very article, your name is likely to be jotted down.
Your business is their business. It’s as simple as that.
Is It Still An Issue & What Can You Do About It?
It’s absolutely an on-going issue. Fortunately, while the NSA admits to collecting data on basically everyone, they only track a limited number of individuals who are clearly looking to break the law.
Except “suspicious activity” hasn’t been defined. It’s this grey area that makes so many people nervous.
We looked into bypassing PRISM and the like…and concluded that “you cannot escape international intelligence agencies.” Encryption will probably just get you higher up on the NSA’s list of people to watch. This is a scary world we live in.
2. DRIP
What Happened?
Naturally, it’s not just the US Government checking up on our activities: the British Government decided to react against a ruling by the European Court of Justice in April, and halfway through 2014, the Data Retention and Investigatory Powers Bill, nicknamed DRIP or the ‘snooping law’, was rushed through parliament.
DRIP forces Internet providers to retain data for up to 12 months, at odds with the European Convention on Human Rights. Information from your telecommunications is stored, ready for use by the government or service providers (for market research purposes) for 12 months - or even longer if the Powers That Be decide it’s worth keeping hold of.
Is It Still An Issue & What Can You Do About It?
This remains a very real concern for UK citizens.
Courts across Europe (including Germany, the Czech Republic, and Bulgaria) rejected mass data retention as unconstitutional, and even Labour MP, Tom Watson, argued that DRIP was “democratic banditry resonant of a rogue state.”
But it’s now too late to do anything.
Sure, some kicked up, but they were soon buried under column inches about ‘bigger news’ like Operation Yewtree. As ever, the spin was that, without DRIP, “innocent lives may be lost.” Mention terrorism and all sorts of things can be brushed under the rug - whether that’s so-called ‘Emergency’ powers, or occupational torture. With that outlook, it’s hard not to argue that an Act like DRIP is inevitable.
3. The Usual Suspects
What Happened?
Just how do they keep track of us all? Quite simply, we volunteer information about ourselves!
Most of us, for instance, use Google. It’s a great search engine. It also collects data on you. Google knows where you live, what you’re interested in, and can root through your Gmail. If that wasn’t bad enough, you’re very easy to profile.
Social networks do it too: using those social share buttons can reveal your online trail, but it’s not the sole seemingly-innocent activity that might be more trouble than it’s worth.
Tinfoleak is an effective way of scaring Twitter users by presenting an alarming amount of data about them, including where they live, interests (via hashtags), and how often they’re interacting with certain people.
Then there’s Facebook. The masses of photos some upload is astonishing. Perhaps this is a sign of our growing obsession with self, but it can also be submission of privacy - especially if your photo privacy settings aren’t monitored. The tagging ability can be particularly concerning. It’s easy to believe that Facebook is a spy in your household.
Is It Still An Issue & What Can You Do About It?
Services like Google, Facebook, and Yahoo are sure to monitor your behaviour throughout 2015 (and likely 2016, 2017, 2018…), just as they have in 2014. It’s these sorts of sites that have been sharing data with security-surveillance organizations.
You can’t really take full advantage without sacrificing a little privacy. You’re not powerless, however: there are ways to protect yourself on Facebook, for instance; use private browsing (there are many benefits to that); enable privacy plug-ins; or switch to a search engine that doesn’t track you, like duckduckgo.
4. Heartbleed
What Happened?
Quick update on #heartbleed: We’ve patched all of our user-facing services & will continue to work to make sure your stuff is always safe.
- Dropbox Support (@dropbox_support) April 8, 2014
This was a huge shocker back in April. Using https:// has always seemed safe, but it was discovered that there was a vulnerability in OpenSSL so-called-secure servers. Discovered by Google, in collaboration with Codenomicon, Heartbleed caused a lot of panic, egged on by overzealous media incorrectly shouting “virus!” from the rooftops.
As it exposed a major flaw in a large part of the Internet and wasn’t confined to one particular operating system, it’s perhaps one of the greatest threats to security, but also your privacy.
Popular sites affected by Heartbleed included Instagram, Pinterest, and WordPress, as well as Yahoo and Google’s email services. Mumsnet alerted its users that passwords and private messages might have been acquired by attackers, and many others were advising users to change their passwords (and create more secure ones).
Is It Still An Issue & What Can You Do About It?
Many sites issued statements either stating they’d not been victim to Heartbleed or that the vulnerability had been patched. But if you use the same password for different sites and haven’t changed them since April’s panic alert, third-parties might still have access to your details - maybe even your emails.
Mashable has a great list of services affected by Heartbleed, so make sure you check that out. Or for smaller sites, this is an excellent search tool that’ll likely put your mind at ease.
Otherwise, it’s a waiting game to find out what information has come from Heartbleed.
5. The Snappening
What Happened?
Launching in September 2011, there are now 100 million monthly active Snapchat users. The app lets you take a photo, add a caption, and send it to someone, only for it to supposedly be deleted seconds afterwards. That sort of service lends itself to some very intimate moments, as you can imagine.
Now, we don’t have to imagine. Those with dubious interests stumbled upon The Snappening, a large leak of images from apps similar to Snapchat, notably Snapsave. Early reports stated that up to 20,000 accounts had been breached (fortunately, the hack wasn’t as large as originally stated), with images appearing all over the net, but especially on 4chan.
4chan, of course, is the message board notorious for Celebgate, which saw nude photos of celebrities like Jennifer Lawrence and Kate Upton hit the public domain; The Snappening is a similar breach of privacy, only to the general public.
There was a worrying amount of glee on show at the peepshow into people’s lives, but the big concern was that many images could be classed as child abuse photos. Snapchat admits that the majority of its users fall between the ages of 13 and 17.
Is It Still An Issue & What Can You Do About It?
They’re out there now, sadly. But we should all learn from this. We need to value our privacy more and be very careful with what we share and with whom.
And be extra attentive with services that save photos, whether they be Snapsave or even just social networking. Using the aforementioned Tinfoleak, you can even download every picture on a Twitter feed effortlessly.
Let’s Keep This Between You And Me
Privacy is something we should all hold dear, but on the Internet, it’s something we simply don’t get; it’s likely that 2015 will continue this trend, even if it is something that users really need to get a grip of.
Regarding DRIP, The Guardian columnist, Simon Jenkins satirically stoked the flames: “the innocent have nothing to fear. Only the guilty can object.”
If you have nothing to hide…
No comments:
Post a Comment
Please adhere to proper blog etiquette when posting your comments. This blog owner will exercise his absolution discretion in allowing or rejecting any comments that are deemed seditious, defamatory, libelous, racist, vulgar, insulting, and other remarks that exhibit similar characteristics. If you insist on using anonymous comments, please write your name or other IDs at the end of your message.