It’s not just professional cybercriminals you should be hiding your sensitive data from. It’s also some of the most commonly used applications and powerful institutions in the computer world, who are either taking your data without your consent or doing a bad job at protecting it.
That fact was made clear by some recent news stories:
- Google has been collecting passwords and e-mail messages, it is claimed. Apparently, Google’s roving Street View cars that present neighborhood views of locations across the world, have been intercepting local Wi-Fi communications. A lawsuit has been brought in France, but the practice goes on in a number of countries. Google’s response: Yes we collect the info, but it’s fragmentary, and we don’t use this stuff. Trust us.
- Twitter recently settled a suit with the Federal Trade Commission, admitting that allowed hackers to take control of several Twitter accounts, including those of President Obama and Fox News. The agreement sets up an independent security auditor that will assess how the company is doing, The company has vowed to take measures to prevent “unauthorized access to nonpublic information and honor the privacy choices made by consumers.”
- Social networking giant Facebook faces a number of class-action lawsuit over its callous disregard for customer privacy, by making so-called private information on user accounts easily available, both to the general public and to marketers. The controversy was inflamed by Facebook founder Mark Zuckerberg’s public pooh-poohing of anyone’s privacy concerns, the company’s default setting of having the default set at no privacy at all and its policy of making that hard to change.
- AT&T is, for now, the sole mobile source for iPad 3G users in the United States. Well, it didn’t take long. A group of hackers easily obtained the e-mail addresses of 114,000 iPad owners, using a security hole in AT&T’s website. Fortunately, in this case the hackers were part of a group that it specializes in exposing security vulnerabilities, and they quickly informed AT&T, who fixed that vulnerability. The conclusion: AT&T should have a lot of expertise on board, but they left a door wide open. How many more are there?
