When Adam Savage, host of the popular science program “MythBusters,” posted a picture on Twitter of his automobile parked in front of his house, he let his fans know much more than that he drove a Toyota Land Cruiser.
Embedded in the image was a geotag, a bit of data providing the longitude and latitude of where the photo was taken. Hence, he revealed exactly where he lived. And since the accompanying text was “Now it’s off to work,” potential thieves knew he would not be at home.
Security experts and privacy advocates have recently begun warning about the potential dangers of geotags, which are embedded in photos and videos taken with GPS-equipped smartphones and digital cameras. Because the location data is not visible to the casual viewer, the concern is that many people may not realize it is there; and they could be compromising their privacy, if not their safety, when they post geotagged media online.
Mr. Savage said he knew about geotags. (He should, as host of a show popular with technology followers.) But he said he had neglected to disable the function on his iPhone before taking the picture and uploading it to Twitter.
“I guess it was a lack of concern because I’m not nearly famous enough to be stalked,” he said, “and if I am, I want a raise.”
Still, Mr. Savage has since turned off the geotag feature on his iPhone, and he isn’t worried about the archived photo on Twitter because he has moved to a new residence.
But others may not be so technologically informed or so blasé about their privacy.
“I’d say very few people know about geotag capabilities,” said Peter Eckersley, a staff technologist with the Electronic Frontier Foundation in San Francisco , “and consent is sort of a slippery slope when the only way you can turn off the function on your smartphone is through an invisible menu that no one really knows about.”
Indeed, disabling the geotag function generally involves going through several layers of menus until you find the “location” setting, then selecting “off” or “don’t allow.” But doing this can sometimes turn off all GPS capabilities, including mapping, so it can get complicated.
The Web site ICanStalkU.com provides step-by-step instructions for disabling the photo geotagging function on iPhone, BlackBerry, Android and Palm devices.
A person’s location is also revealed while using services like Foursquare and Gowalla as well as when posting to Twitter from a GPS-enabled mobile device, but the geographical data is not hidden as it is when posting photos.
A handful of academic researchers and independent Web security analysts, who call themselves “white hat hackers,” have been trying to raise awareness about geotags by releasing studies and giving presentations at technology get-togethers like the Hackers On Planet Earth, or Next HOPE, conference held last month in New York.
Their lectures and papers demonstrate the ubiquity of geotagged photos and videos on Web sites like Twitter, YouTube, Flickr and Craigslist, and how these photos can be used to identify a person’s home and haunts.
Many of the pictures show people’s children playing in or around their homes. Others reveal expensive cars, computers and flat-screen televisions. There are also pictures of people at their friends’ houses or at the Starbucks they visit each morning.
By downloading free browser plug-ins like the Exif Viewer for Firefox (addons.mozilla.org/en-US/firefox/addon/3905/) or Opanda IExif for Internet Explorer (opanda.com/en/iexif/), anyone can pinpoint the location where the photo was taken and create a Google map.
Moreover, since multimedia sites like Twitter and YouTube have user-friendly application programming interfaces, or A.P.I.’s, someone with a little knowledge about writing computer code can create a program to search for geotagged photos in a systematic way. For example, they can search for those accompanied with text like “on vacation” or those taken in a specified neighborhood.
“Any 16 year-old with basic programming skills can do this,” said Gerald Friedland, a researcher at the International Computer Science Institute at the University of California , Berkeley . He and a colleague, Robin Sommer, wrote a paper, “Cybercasing the Joint: On the Privacy Implications of Geotagging,” which they presented on Tuesday at a workshop in Washington during the Advanced Computing Systems Association’s annual conference on security.
The paper provides three examples of so-called cybercasing that use photos posted on Twitter and Craigslist and a homemade video on YouTube.
By looking at geotags and the text of posts, Mr. Sommer said, “you can easily find out where people live, what kind of things they have in their house and also when they are going to be away.”
“Our intent is not to show how it’s done,” he said, “but raise awareness so people can understand their devices and turn off those options if they want to.”
ICanStalkU.com, developed by the security consultants Larry Pesce of the NWN Corporation in Waltham , Mass. , and Ben Jackson of Mayhemic Labs in Boston , uses a more direct approach to warning about the potential dangers of geotags. The site displays a real-time stream of geotagged photos posted on Twitter; the person who posted the photo also gets a notification via Twitter.
“The reaction from people is either anger, like ‘I’m going to punch you out,’ or ‘No duh, like I didn’t already know that’ or ‘Oh my God, I had no idea,’ ” Mr. Pesce said.
In the latter category was Cristina Parker of El Paso , who sells appliances part-time at Kmart and also manages social media for small companies. ICanStalkU.com notified her last week that a photo she had posted on Twitter of her Chihuahua , Zipp, also revealed where she lived.
“I immediately tweeted back to find out what I can do about it,” said Ms. Parker. The site sent her a Web link to instructions on how to turn off the geotag function on her LG Ally smartphone. “It’s definitely good to know for me personally and because of my social media work, too,” she said
Because of the way photographs are formatted by some sites like Facebook and Match.com, geotag information is not always retained when an image is uploaded, which provides some protection, albeit incidental. Other sites like Flickr have recently taken steps to block access to geotag data on images taken with smartphones unless a user explicitly allows it.
But experts say the problem goes far beyond social networking and photo sharing Web sites, regardless of whether they offer user privacy settings.
“There are so many places where people upload photos, like personal blogs and bulletin boards,” said Johannes B. Ullrich, chief technology officer of the SANS Technology Institute, which provides network security training and monitors the Internet for emerging security threats.
Protecting your privacy is not just a matter of being aware and personally responsible, said Mr.Sommer, the researcher. A friend may take a geotagged photo at your house and post it.
“You need to educate yourself and your friends but in the end, you really have no control,” he said, adding that he was considering writing a program to troll the Internet for photos with geotags corresponding to users’ home addresses.
“I’m beginning to think there may be a market for it.”
Purpose
Friday, August 13, 2010
Wednesday, August 11, 2010
Home Security--Protect Your Firearms and Valuables!
A gun safe is a good measure to have when it comes to safeguarding your firearm(s), ammunition and valuables as well, even important documents (wills, birth certificates, passports, etc.) I recommend having the gun safe in a convenient location, preferably a relatively cool, dry place. Most of us have it in our bedroom, whether it is a rifle gun safe or hand gun safe by the dresser. The majority of burglars are not prepared or able to defeat a decent gun safe. A gun safe also demonstrates, in the event of a firearms related lawsuit, that you took all reasonable precautions to secure your gun(s).
Make sure your gun safe is locked whenever you leave the house and frequently if you have children. The last thing you want is to be surprised by a burglar and cause harm to you and/ or your family with your own gun(s). If it is possible to do so in your state, get a carry permit and make it a point to arrive home armed. If you surprise a burglar, you need to be able to control the situation immediately. Otherwise you become a statistic…a victim.
Most importantly, make sure that you and your family understand the proper and safe use of guns! You can never say this enough!
The majority of gun safes are fire retardant and one can buy them at your local sporting goods store like Academy Sports or your local Wal-Mart. Do a little research and you will get the best gun safe that suits you and your gun.
The push button electronic combination locks have a feature in case the battery goes dead, where you can use a key. All free standing safes will have the ability to bolt the safe to the wall. Some people think if they have enough weight in the safe, it can't be move. This is not true. Thieves will often have knowledge from day workers or maintenance people on the existence and location of gun safes and will enter with a hand truck (dolly) and move the safe. Another option may to be place in a closet and put a good dead bolt lock on the closet door.
Monday, August 9, 2010
Cell Phone Security
Your cell phone. It's your lifeline! It's your phone book! It's your portable photo album! So, okay, maybe it's time to invest a little time theft-proofing your cell just in case it gets stolen. While the best protection is commonsense stuff (for example, keep your phone in a zipped purse or the front pocket of your jeans) there are a bunch of other measures you can take.
1. Know Your Phone. Note down your phone number, SIM number and/or IMEI number, the make and model, and your provider name and 800 number. If your phone ever disappears, you'll have all the essential info at your fingertips for reporting it stolen (to the police, your provider) or advertising it as lost (via Craigslist, your local paper).
Remember: call your provider immediately that you realize your phone is missing. One cell phone thief can rack up horrible long-distance charges in just a matter of hours, so deactivate your account or have the number disabled as soon as possible!
2. Lock it With a PIN. Most cell phone thieves want instant but short-term access to your phone service, not so much the phone itself. After all, they know once you discover it's missing you will cancel service on the device, rendering it basically useless.
So here's a sure way to ruin a thief's day: keep your key pad locked with a security PIN number. They won't be able to make calls or access your personal information ... and in the meantime you'll have time to notify your provider of the theft and have your account deactivated.
3. Store Personal Info with Caution. Speaking of personal stuff, one way to protect against damaging -- or just plain embarrassing -- identity theft it to simply limit what kinds of personal information you keep on your phone. Think of it as the only no-fail, low-tech security option.
4. Consider Anti-Theft Software. Companies like Gadget Trak now offer software that aims to put you in control of your phone remotely should it be lost or stolen. Other software, like iHound, use GPS technology to help you locate your missing iPhone or iPod Touch. If you keep everything on your portable device, this is an option you should look into for peace of mind.
5. Don't Assume the Worst. Could be your phone is just lost and some fine citizen is out there wanting to return it to you. There's the downside to locking your phone with a PIN: said fine citizen can't access your phone book to track you down. Oops! Solution: consider programming your cell to display your email address or home phone number even when the keys are locked.
1. Know Your Phone. Note down your phone number, SIM number and/or IMEI number, the make and model, and your provider name and 800 number. If your phone ever disappears, you'll have all the essential info at your fingertips for reporting it stolen (to the police, your provider) or advertising it as lost (via Craigslist, your local paper).
Remember: call your provider immediately that you realize your phone is missing. One cell phone thief can rack up horrible long-distance charges in just a matter of hours, so deactivate your account or have the number disabled as soon as possible!
2. Lock it With a PIN. Most cell phone thieves want instant but short-term access to your phone service, not so much the phone itself. After all, they know once you discover it's missing you will cancel service on the device, rendering it basically useless.
So here's a sure way to ruin a thief's day: keep your key pad locked with a security PIN number. They won't be able to make calls or access your personal information ... and in the meantime you'll have time to notify your provider of the theft and have your account deactivated.
3. Store Personal Info with Caution. Speaking of personal stuff, one way to protect against damaging -- or just plain embarrassing -- identity theft it to simply limit what kinds of personal information you keep on your phone. Think of it as the only no-fail, low-tech security option.
4. Consider Anti-Theft Software. Companies like Gadget Trak now offer software that aims to put you in control of your phone remotely should it be lost or stolen. Other software, like iHound, use GPS technology to help you locate your missing iPhone or iPod Touch. If you keep everything on your portable device, this is an option you should look into for peace of mind.
5. Don't Assume the Worst. Could be your phone is just lost and some fine citizen is out there wanting to return it to you. There's the downside to locking your phone with a PIN: said fine citizen can't access your phone book to track you down. Oops! Solution: consider programming your cell to display your email address or home phone number even when the keys are locked.
Subscribe to:
Posts (Atom)