Privacy tips for social networking, apps and geolocation
by Andrew Wild - CSO at Qualys - Tuesday, 29 January 2013.
Many people confuse data privacy and data security. While there are similarities, privacy and security are not the same thing. Data security focuses on the confidentiality, integrity and availability of information and information technology resources, whereas data privacy is about an individual’s ability to retain control over his or her personally identifiable information (PII).

Privacy tips

As individuals, we should ensure we are responsible “digital citizens” when using the Internet. Part of this responsibility includes understanding how to configure and manage the privacy settings for the Internet services that we use. This includes social networking services like Facebook and Twitter. Social networking services tend to change their privacy options frequently, so it is important to ensure you understand how you have configured the privacy settings for the social networking services you use.

In the case of Facebook, they have recently introduced a powerful new search feature called Facebook Graph Search. This new feature will improve the ability to search and find information; however, it can increase the likelihood that other people can find your information through the search if your privacy settings aren’t set correctly. You must be sure your privacy settings are properly configured so that your personal information (posts, photos, likes, etc) doesn’t end up as a search result for someone you don’t wish to have access to your data. The EFF has an informative article about how to protect your Facebook privacy from the new Graph Search.

In addition to social networking, many of us are now using applications on our smart phones and tablets. Some of these applications are able to access privacy data from the device on which they run. One example of this is “location settings” for applications. The ability to have the application know your location can improve the application’s functionality and ease of use, but it can also put your privacy at risk. Many devices have the capability to restrict an application's ability to determine the user’s geographical location (also known as “geolocation”). Mobile devices often use a built-in GPS along with wireless hotspot proximity to determine location. You should carefully consider sharing geolocation information with applications, especially on devices used by minors. Decide which applications should have access to location services and disable access for all others. Does the game app you’re playing really need to know where you’re physically located? Think about it.

Geolocation privacy concerns are not limited to apps though, as most smart phones include built-in cameras that have the ability to include geolocation metadata in each digital photograph captured by the device. Unless you disable the location awareness setting for the phone’s camera, every photo you take and share will contain geolocation metadata that can be examined by anyone with whom you share the photo.


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th