You may remember last December when Facebook began prompting users to make their shared content and status messages publicly visible. With the announcement, Facebook founder, Mark Zuckerberg, encouraged Facebook users to follow suit by changing his own "old" privacy settings and posting this statement: 

For those wondering I set most of my content on my personal Facebook page to be open so people could see it. I set some of my content to be more private, but I didn't see a need to limit visibility of pics with my friends, family or my teddy bear :)

A few months later Facebook pushed the privacy boundaries again with its latest program, “Instant Personalization”. This service allows other web sites to customize user experience by giving them access to user’s Facebook data. And no, it's not an opt-in program like the other one.

This new direction in privacy policy represents quite a shift from Zuckerberg's previous stance when he termed privacy control as "the vector around which Facebook operates."

A Change in Tactics

Not only did Facebook change its approach to privacy, it also changed its approach to implementing these new directions. 

With the Instant Personalization program, Facebook embraced the "we know best" mentality further and omitted the prompts altogether.  Users found themselves already opted-in without the need to trouble themselves with giving consent. Sure, you can still opt out, but Facebook warns you that you'll be forfeiting a "richer experience as you browse the web".  

No, I'm not making this up.

Why Have Things Changed?

So why the change in direction?  What elixir did Zuckerberg drink to make him adopt Google CEO, Eric Schmidt's mantra, "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place"?

Zuckerberg's Facebook page offers this simple explanation: 

"i'm trying to make the world a more open place."

In a video interview with TechCrunch founder Michael Arrington, Zuckerberg elaborated on this idea further by promoting Facebook's willingness to stay flexible and embrace ever-changing "social norms".

It starts to get interesting at about 2:50 as Mark elaborates on Facebook's view of your privacy:

In case you don't want to watch the video, here are the relevant quotes:

We view it as our role in the system to constantly be innovating and be updating what our system is to reflect what the current social norms are.

A lot of companies would be trapped by the conventions and their legacies of what they've built, doing a privacy change - doing a privacy change for 350 million users is not the kind of thing that a lot of companies would do. But we viewed that as a really important thing, to always keep a beginner's mind and what would we do if we were starting the company now and we decided that these would be the social norms now and we just went for it.

Facebook's Real Motivation

However, if I'm making my guess, I'd say the interests listed on his Facebook profile  tell the REAL story:

•  "Openness" - openness to increasing Facebook's marketshare & revenue

• "Breaking Things" - like Facebook's previous privacy policy

• "Revolutions" - creating his own in an attempt to dethrone Google

• "Information Flow" - the more your information flows around the web, the higher Facebook's revenue

• "Minimalism" - minimizing your concerns 

Let's cut to the chase...

Facebook sees an opportunity to control the web the way no other company - not even Google - can. It has 400 million users (and growing) and it will leverage those users (and their data) to control what people see and how they interact on the internet. That's an amazing opportunity which could make Zuckerberg one of the most powerful (and richest) people in the world.

Now do you see why some privacy concerns aren't going to deter Facebook or the venture capital people that back them?

Now don't get me wrong... I love Facebook and will continue to frequent the site. In fact, I may have even chosen to opt-in for a service like "instant personalization". But that aside, Zuckerberg isn't kidding anyone here. As far as this writer is concerned, this is all about increasing revenue and Internet dominance.

What Can You Do to Protect Yourself?

Last week, PC Magazine published a nice little slideshow tutorial offering 8 steps on how to better protect yourself from the privacy pitfalls of Facebook. Unless you're planning on abandoning Facebook altogether, I highly recommend checking it out...just recognize upfront that your tutorial won't be personalized!

We’re proud to announce a new tool. This one will scan ranges for these printers and then attempt to print the hell out of them haha.

You can download it here: http://planaheist.com/usertools/massprint.tar

via http://ahprojects.com/c/itp/thesis and http://jwz.livejournal.com/1213497.html

If you hadn't heard, identity theft company LifeLock agreed to pay $12 million dollars to settle charges from the Federal Trade Commission and 35 states. The FTC felt that LifeLock ads were deceptive and overstated the protection provided by the service.

Personally, I think the charges are valid and I had to chuckle a bit when I read this email from CEO Todd Davis sent out to his partners. Mr. Davis certainly has his public relations firm working overtime to write something like this.

Here's the Message:

Take a read for yourself. I've got a few more comments below.

Important Message From Todd Davis, LifeLock CEO

Dear Valued Partner: As you know, because of LifeLock's efforts since 2005, more Americans now know of the risks of identity theft, and more importantly, have taken steps to help protect themselves. I am proud LifeLock has had tremendous success in helping to protect consumers' identities. LifeLock first gained national attention through an innovative advertising campaign in which I published my real Social Security number. Our advertising campaign was created at a time when there were absolutely no guidelines in place that governed the identity theft protection industry. I published my Social Security number because of my confidence in LifeLock's ability to proactively protect me and the knowledge that if my identity was misused, LifeLock would help fix the problem for me - as it would for any member. Unfortunately, some regulators felt these early advertisements gave consumers a false sense of absolute confidence that they could never become victims of identity theft. As a result, LifeLock has agreed to a set of advertising standards that establishes, for the very first time, federal and state regulatory guidelines for the entire identity theft protection industry. It is important to note that this agreement resulted from a review of practices from years past and has absolutely no impact on our current advertising, the LifeLock protection members currently receive through your valued partnership, or LifeLock's role as the leader in identity theft protection. In announcing the agreement, FTC Chairman Jon Leibowitz wished LifeLock well and expressly stated his conclusion that LifeLock now has a legitimate business model going forward with honest advertising. In fact, LifeLock has been in full compliance with the FTC agreement announced by Chairman Leibowitz for nearly a year. LifeLock remains as financially strong as ever and is committed to our single-minded mission to help members protect their identities. As part of the FTC agreement, consumers who are not fully satisfied with the LifeLock® service due to its past advertising can request a refund through the FTC. Significantly, we believe the FTC action explicitly recognizes that LifeLock is the leader in identity theft protection and provides real value to consumers. LifeLock helps reduce the risks of identity theft and will continue to educate consumers on the risks of identity theft. Further, you can rest assured that LifeLock has taken the strongest measures to protect members' data, measures which are certified both as ISO 27001 and PCI-DCS Level 1 compliant - the highest standards for information data security. We thank you for your partnership and your continued trust in LifeLock. As always, our number one priority is keeping members safe. If you have any further questions about your partnership, please contact your LifeLock Account Manager.   Sincerely, Todd Davis CEO

Our Comments...

They Have Updated Their Service. This is Good.

The current LifeLock service certainly appears to be better than their previous service - which was based mostly on placing fraud alerts (which you could do yourself for free), putting you on the credit opt-out list (which you could do yourself for free), and providing a million dollar guarantee. We applaud LifeLock for updating their service, though it appears getting sued (and losing) by Experian to stop placing fraud alerts probably factored into their planning.

"Innovative" Is Not a Word I Would Use for Publicizing Your CEO's SSN

This sentence from the email absolutely drives me crazy:

LifeLock first gained national attention through an innovative advertising campaign in which I published my real Social Security number.

Their advertising was not innovative. It was stupid, irresponsible, and sent the wrong message to consumers about protecting their personal data. Calling it "innovative" doesn't sound like Mr. Davis is too sorry about this completely wrong-headed advertising campaign.

Blame the Government

When you don't want to take responsibility for your actions, most people like blaming someone else. Mr. David tries to blame the government for his company's shortcomings:

Our advertising campaign was created at a time when there were absolutely no guidelines in place that governed the identity theft protection industry.

Common sense says plastering your CEO's SSN all over magazines, newspapers, internet, television and radio is probably a bad idea if you're serious about educating people on the dangers of identity theft. You don't need "guidelines" from the FTC or anyone else to point that out. They wanted to create an attention-getting and "innovative" advertising campaign, and they did it. Please don't blame the government when you're told it was a bad idea.

Language Only a Politician Could Love

In the end,  I understand why LifeLock would send out something like this. They need to reassure partners that everything is fine and that none of this was their fault. It just upsets me when I read double-talk like this:

Unfortunately, some regulators felt these early advertisements gave consumers a false sense of absolute confidence that they could never become victims of identity theft.

 Hmmm... where did those consumers get that false sense of absolute confidence? Maybe it was our "innovative" advertising? Nah, couldn't be. It was those bad regulators who just don't see the truth.

Bottom Line - Apologize and Be Forgiven

I don't see an apology here. I'd feel better about LifeLock if they would apologize. What I see is more breast-beating and blaming. It's too bad. LifeLock is the biggest identity theft service and they got there because of the millions of venture capital dollars they've spent on advertising and their "innovative" marketing. They could apologize without jeopardizing their #1 status, but I don't think it will happen in my lifetime.

Includes items such as:

• GPS Jammer
• Cell Phone Bugs
• VHF/UHF Jammers
• Bug detecting
• and more.

Homebrew Military & Espionage Electronics

via consumerist.com

Employment History Reports
The Work Number
ChoicePoint (866) 312-8075
Acxiom
Abso

Tenant History Reports
ChoicePoint (877) 448-5732
First Advantage SafeRent (888) 333-2413
Tenant Data Services
RentBureau
UD Registry (818) 785-3905

Auto & Home Insurance Claim Reports
ChoicePoint
Insurance Services Office (ISO) (800) 627-3487

Credit Bureaus Reports
Equifax
Experian
Transunion
Innovis
Payment Reporting Builds Credit (PRBC)

Full File Disclosure/Personal Information Reports
ChoicePoint
LexisNexis

Check Writing History Reports
ChexSystems (800) 428-9623
TeleCheck (800) 835-3243.
Shared Check Authorization Network (800) 262-7771 Fax: (800) 358-4506

Health History Reports
Medical Information Bureau (MIB) (866) 692-6901

Prescription Drug Purchase History Reports
Ingenix MedPoint
Milliman IntelliScript

Social Security Statement
Social Security Administration

Purchase Returns History Reports
Retail Equation

Gaming Patron’s Credit History and Transaction Data
Central Credit

Other Reports
TeleTrack

Utilities & Telecommunications Reports
National Consumer Telecom and Utilities Exchange, Inc (NCTUE) Call 1-888-201-5643 for reports

(Thanks to Bob!)

SOURCES:
Do A Background Check On Yourself [Consumerist]
[Consumer Reports]
[PrivacyRights]
[Bankrate]
[Listergeant]
[MyFico Forums]
[CreditBoards]

http://consumerist.com/2010/02/get-all-your-reports.html

[Miguel A. Vallejo] wanted a portable spectrum analyzer for the 2.4GHz ISM band. No problem, there’s modules for that are easy to interface with a microcontroller and LCD screen. But carrying around a black project box doesn’t exactly scream ‘cool’ so he fit his spectrum analyzer inside of a cell phone. This made a lot of things easier for him; he already had a few old phones, he was able to use both the original battery and the original LCD screen, and a lot of the mounting work is already done for you. The only challenge was to fit his custom circuitry inside. By hacking off part of the CYWM6935 module and cutting some protoboard in the same shape as the original PCB he managed to get everything into this tiny portable package. Now he’s looking for a way to incorporate a charger, and an on/off switch.

If you don’t have an old cell phone sitting around you can try building a spectrum analyzer that uses a character display. But we’d suggest hitting up your friends for their old cellphones.  The screens are used in all kinds of fun projects.

via hackaday http://hackaday.com/2010/02/12/spectrum-analyzer-wedged-into-a-cellphone/

http://ea4eoz.ure.es/hsa.html

This is a simple bash script that uses nikto, nmap, nslookup, the Harvester, subdomainer and metagoofil for penetration testing and enumeration. This code is very straight-forward and you can do whatever you wish with it, but for god’s sake read the readme file. This is a rough first run so some things might break and the report files are all over the damn place and you might need to edit some stuff.

http://sourceforge.net/projects/reecon/

Suggestions, ideas, bugs?

Foil, not just for hats anymore!

Tinfoil is apparently not just good for keeping the lizard people from reading your thoughts from afar, with a little wit and the silver stuff you can also wreak havoc on those high security and dimple locks that are just a little too hard to pick sometimes. Now available in kit form, compliments of China(tm)

Article and video on Blackbag.nl

With the new year come the new worries about taxes - what kind of taxes will you need to file before April 15th, how much money will you have to pay, what bracket did you place in, etc. Unfortunately, you also need to worry about protecting your identity. As Privacyrights.org notes, your IRS information returns might constitute an identity thief's "dream."

None of us want to become a "dream" target for any kind of thief, let alone an identity thief. So while you're figuring out the right returns to send to the IRS, this is also a great time to take steps to ensure the protection of your identity.

Five Recommendatations for Keeping Tax Info Safe

1. Guard your mail. Once your mail leaves your hands, it's at the mercy of the people who handle it - so make sure you get it in the hands of the right people. Take your sensitive mail directly to the post office and make sure that when you check your mail, you don't leave it in your mailbox - you retrieve it as soon as possible after it's delivered or consider a locking mailbox.

   You should also look at a mail service like EarthClassMail.com - especially if you're away on travel or vacation.

2. Don't keep tax information loose around the house or car. Let's face it: there aren't many places you'll keep your tax information except a few places, like the house, car, or office. So make sure you don't get cavalier about these locations. Make sure you can lock important documents away at home and that you protect them in your car and office.
3. Only deal with legitimate government organizations. Whether you like it or not, you have to pay your taxes and you have to report your information to the government. But you don't have to report it to just about everybody else, so protect your information by dealing directly with the IRS and worrying less about third parties.
4. Protect your SSN. Your social security number is a big target for identity thieves, and since taxes contain your SSN, you're going to want to be careful about making sure they're secure. Do a search on your computer for your SSN and archive any documents onto a CD and delete the files from your computer.
5. Keep your accounts and papers tidy. It's harder to guard yourself if you're a hoarder with mounds of papers on his desk, so make sure that you keep things simple - this will help you find your important documents, which helps you protect them.