Friday, February 26, 2010

Our prognosis becomes true: Recognizr is there

Hey, didn't we discuss the possibility of people pointing their mobile at you and retrieving your social data from the Internet ? (Read this and this for our detailed prognosis). 

We  thought this would take one or two years to become true. But it is there already. Based on Polar Rose a new service "Recognizr" was just announced.

Now think about your strategy how to protect your privacy.

Welcome to the future. 

Monday, February 15, 2010

Obfuscate your search history

Some time ago I wrote that Google knows a lot about you just by looking at your search history. Just remember Google flue prognosis. This is relevant for companies who's strategy might implicitly be revealed by searches of employees as well as for average persons whose most private interests can be revealed.

When have you last searched for "Dating" or a "New job" ?

However there is a way to protect yourself against this. It is a bit similar to the mechanism we described to protect you from the facebook data monster. For every search request you do, make several fake searches. By this method you obfuscate your searches and hide them in the noise of fake searches. It will be very difficult for Google to sort out the "real" search requests and the fake ones.

Additionally we have in mind an easy mechanism how to automate this obfuscation. A browser plugin (for individuals) or the Internet gateway (for companies) could generate random additional search requests for each normal search. You search once for "Dating" and the plugin will generate about ten additional searches with random search terms. Results from the fake searches will be suppressed and not shown to you. You will only see the relevant search while the plugin protects your privacy in the background.

We think this would be an easy and powerful mechanism to protect your search privacy and we are even thinking about building a small Firefox plugin as a demo and open source it.

What do you think ?


Friday, February 5, 2010

What is the best way to protect your online personality?

We have seen that even avoiders of social-networks will be contained in the global data collection frenzy. 

Non-facebook members are already captured with their connections; accidental-foto-captures of you will be tagged with your name in the future and certainly your search personality and history is already being captured.

So how can you protect your personality in the world of the alltime-connected-social-networks ?

Basically there are three methods:
  • Deletion: Find every single instance of data about you and try to get it deleted. Obviously this approach is rather difficult.
  • Management: Maintain the data that you want people to find about you. Create public profiles and make people find mainly your "official" information. Manage your image.
  • Obfuscation: Lay a smoke screen of wrong- and fake-data over your real data. Push wrong data to the databases
The above methods are clearly not the preferred mechanisms of users. The preferred mechanism of the majority of the Internet users is to ignore the issue. The majority of people hope that avoiding the "bad data monsters" will save them.

Passive avoidance will not help. Freely choose your strategy from above, but you have to become active, if you want to protect your personality in the online world. Otherwise strangers will manipulate your online personality however they like.

Compare it to the front of your house, wouldn't you want to influence how it appears to people ? 


Thursday, February 4, 2010

Protect your Location Information by using UMTS - Surf Sticks

Did you ever wonder how some websites know your location ? This is a very good example of a service doing this: Locate your IP

Basically the principle is based on using your IP address and comparing it to other addresses in your area while relying on some assumptions about your Internet providers IP address allocation. Read some details in: Accuracy of Geolocation

A very easy way of protection is to use an UMTS-Surf Stick. While the mobile operator might be able to locate you even under this circumstances, your IP address will very likely not reveal your location to any Internet service anymore.

Not sure if this is of any use to anybody. Put I though this to be interesting anyway. Is there any basic flaw in this reasoning ?

What Facebook knows about non-members

Recently a German site (heise) reported that facebook collects substantial information about non-members, just by storing and consolidating data which is entered by other facebook members. For example you might end up in their database, only by some of your friends uploading their entire address book. If multiple of your friends do this, facebook might even derive your complete social graph.

As every mail address is certainly stored in several address books somewhere, facebook might pretty soon have data about every single person on earth (ok maybe not everybody, but at least everybody with online activity).

So what can you do about this ? I see only one mechanism: obfuscation.
So if you want to protect your privacy, then build on the data they already have:
  • create a facebook account
  • link to lots of your friends
  • and make sure to link to plenty of wrong friends, (be sure plenty of them will accept),
  • then enter a lot of wrong data about you,
  • and choose very wrong data,  so that all your friends will know that your account is rubbish
And why create only one wrong account...create dozen wrong accounts.

Let us screw the facebook database and get some basic privacy by obfuscation !
Lets not complain about missing privacy but do something for it.
We will make their data worthless ! (ok, please hear the ironic subtext to this)

Any good tips, how to mess with data ?