Archive for the ‘Security’ Category
Yeesh. Okay, so I am not one to beleive the numerous “Facebook is stealing your phone numbers!!!” status message memes that get passed on every now and then. Most of them are hoaxes at best, attempts to get you to run malicious apps at worst. I ignore them and never paid those a second thought.
Turns out I should be more cynical about Facebook, too. I mean, I know that Facebook is the privacy equivalent of a sieve. I’ve spent a lot of time setting up my privacy/sharing settings, and have it fairly locked down.
Or so I thought. Turns out there are a lot of settings that I still don’t know about (like an option turned ON by default that pesters all of your non-FB friends every two weeks to join FB). And it turns out that the Facebook phone number stealing thing is actually legit!
I don’t know many times when I’ve been more wrong about anything this important.
Read through this article about the mobile phone number issue on Facebook (via nakedSecurity). Follow the links in that article for links to lock down your account more. And don’t use Facebook for anything – nothing at all! – that you wouldn’t want a complete stranger to know.
Google+ will have me for life if they keep their security settings transparent and easy to figure out. Or, in other words, if they are the anti-Facebook.
Yeah, the above link has to be commended for its awesomeness and its brevity. 8 simple steps (7 for those of us running Linux) to tunnel all Pidgin traffic over an ssh connection. Excellent. And kudos to you, lordm, for the suggestion of using the Pidgin OTR plugin, a most excellent piece of code that can encrypt and authenticate IM traffic.
Definitely bookmark the above page!
It’s always surprising some of the things that can be found on Google with a little digging. Personal email, intimate photos, credit card numbers, you name it, someone has had it indexed by Google. Each new search service that Google rolls out adds new ways to find some of this interesting information. And Google Code Search is no different. In fact, some have already used it to find WordPress usernames and passwords:
Being the curious beings we are, a friend of mine and I immediately started searching for passwords to see just how much Google was indexing. It didn’t turn up much in the way of anything “secret