Tag Archives: social networking

Privacy is always better through sepia-tinted glasses

Facebook-Acquires-Instagram

Instagram has done one thing well. And no it’s not turn HD 8MP snaps of man plus dog’s meals in to Polaroid-esque travesties of blurriness, reminiscent of ‘70s snappers. What the photo filter app-maker (or photo-sharing and social-networking service if you sign up to marketing hyperbole) has done though is highlight that there isn’t a total sense of apathy and disinterest in security and privacy amongst the greater public, they just need something to care about – a sepia-toned champion if you will.

As word of a renewed privacy policy swept across Twitter, Tumblr, and Pinterest, the cool kids were up in arms, albeit at the duress of coattail-riding ‘celebrities’ like Kim Kardashian (a more orange than sepia skinned hero granted, but we take what we can get). How can you not own a photo you took on your own phone? There is one school of thought here that rationalises the situation – you own the unaltered photo which you took; but as you’ve over-exposed/scratched/generally ruined it with their app, then the output belongs to Instagram. By their logic, any image manipulation produces a new photo that is the property of the editor. That’s the kind of proprietary nonsense that even Apple’s legal team would turn their noses up at. This isn’t something anyone wants – my HTC has similar filter editing built in, and plenty of HDRs and digital cameras do their own image and balance correction on-device. Whilst we’re on the subject of what you can do ‘on-device’, in what world did Instagram think it was a good idea to not let users take pictures offline? Seriously?

Despite what Instagram, Zuckerberg, or anyone else claims the true intention of the shift was, the subsequent backtrack was unsurprising both in its speed and scope of the policy turnaround. For a company fresh off the back of a $1bn acquisition and enjoying the associated buzz of riding the crest of the Facebook wave, the whole move was a PR disaster and the damage has already been done. If you believe some news outlets, the app has lost half of its daily user base as a result of the debacle, and competitors have stepped up to try and fill the ‘vintage filter’ void.

But is it fair to blame companies like Instagram, YouTube, Facebook, et al for tying to monetise their offerings? After all they host literally petabytes of users’ content. It isn’t just servers that cost, but staff, cooling, and ground rent. And really, what were they going to use those pictures for? Which third parties were they hoping to sell them to? As nice as that shot of a sun-drenched deckchair on Brighton beach is in black and white, it’s not like stock photo repositories are going to be teeming with low-res shots of your shenanigans for sale. Let’s face it, Instagram got jealous of Facebook and LinkedIn with their user content advertising, and got caught up in the ‘we should be doing that too’ mentality that is synonymous with social media… except they forgot to offer an opt-out like those other bastions of user privacy (eventually) did.

So there’s one very important lesson Instagram has given us – users care about privacy and security when they have a vested interest, if it’s something they use out of choice rather than necessity, they are more than ready to get up-in-arms about it. Well actually there are multiple lessons, but if there’s one more fortune cookie of wisdom here… It might be best to explain the purpose of a policy before rolling it out, even if it’s just for awareness, hearts, minds, and warding off mutiny.

Advertisements

Something phishy is going on in Facebook

What would a world be like without Facebook? The mere question sends an icy shudder down our collective spines. It has become so embedded not only in our personal lives, but has rooted itself into the identity of different facets of society. From political parties to charities to big corporate giants, Facebook has become integral to their message.

Of course there are other social networking sites out there, all of which are user-friendly, engaging and full of interesting features – note, Google recently revealed that its own social offering, Google+, now has 90 million registered users – but none of them have had the same impact as Facebook. Heck, it even got made into a movie and a very good one at that too.

This all adds up to making Facebook particularly vulnerable to exploitation and cyber attacks. With that many people connected and overly candid about their private lives, perceptive criminals have been able to, for example, break into homes, steal identities and gain access to bank details. The worrying thing is that this openness is a sign of the age.

“People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people – and that social norm is just something that has evolved over time,” Mark Zuckerberg, the co-creator of Facebook once said.

One thing to be aware this year is a new phishing scam unique to the social networking site. The basic premise is that fraudsters are posing as Facebook security in chats. David Jacoby, a Kaspersky Lab expert, warns that not only are these scammers attempting to steal identities, but credit card information and security questions. Moreover, the move highlights a new approach to phishing.

“This Facebook phishing attack is pretty interesting because it does not just try to trick the victim into visiting a phishing website,” he wrote. “It will reuse the stolen information and login to the compromised account and change both profile picture and name.”

Once an account has been hijacked, the profile is modified and all contacts are sent a message warning them that their account will be deactivated. It asks people to click a link which redirects them to a sham Facebook page where it asks for key login details. After which comes the ‘juicy bit’ asking for credit card details (including your security code).

Not only is it all so sophisticated, it exudes authenticity. This scam and others like it showcase the product of, dare we say it, extensive research and hard labour. The disturbing thing is that they’re becoming more popular, and unfortunately capturing people off-guard.

Although Facebook is fully aware of the security threats it faces on a daily basis – “We have spent several years developing protections to stop spam from spreading and have sought to cooperate with other industry leaders to keep users and their data safe,” it said in a recent statement – more needs to be done to educate users about how to keep their data and personal information secure. We as professionals can do our best to develop strategies to negate the impact of such scams, but to truly succeed; we need vigilance from those outside of the industry as well. Together we can make Facebook a virtual home as comfortable as that of our tangible abodes.

Get Tweeting for Recruitment

It seems like there was never a time when Twitter wasn’t around, such is its ubiquity in contemporary society. From the general public posting ramblings to celebrities waxing lyrical about their lifestyles to the government keeping the public updated about its various endeavours (many of which no doubt centre on the economy!), this social media site has grown exponentially in the last few years.

Twitter has, in short, transformed the way we interact with one another, how we communicate news and information in general and how businesses and organisations conduct their operations. Its success is owed to its simplicity and unmediated real-time nature, USPs that manage to appeal to a wide demographic of people.

The IT security market is no stranger to this medium, which is ideally suited to recruitment. Whether it’s used to source or post job vacancies in, for example, the information security, technical risk or IT forensics professions, or as a means of networking with industry specialists, Twitter is the perfect tool for businesses and prospective employees to connect.

When using Twitter as a recruitment service helpful tips might include utilising hashtags so that tech-savvy professionals looking for work can easily find a job in their given field. For example, let’s say someone is looking for positions in information security – Acumin would post the following “#infosecjobs” in a tweet with an appropriate link to a specific job. This creates an easily searchable trend,  which simply cuts out all the clutter and connects agencies to professionals in a simple and efficient way.

Organisations wanting to headhunt professionals in their sector can take advantage of the many Twitter offshoots, which offer unique ways of engaging with the medium. Take for example http://www.wefollow.com, a user-generated Twitter directory which like the service itself, operates on a simple interface.

Equally, there are ample aggregators out there specifically aimed at bringing together jobs in the information security and risk management sector, which can be discovered by conducting a simple search. Check out, http://www.twitjobsearch.com as just one example of this.

Professionals and agencies working in any given sector can keep a real-time conversation going through their own tweets, @ replies, and retweets. It can be a great tool for keeping abreast of industry developments by following businesses and specialists within the sector. There is a lot of following on Twitter and features such as suggested follows and browsing others’ connections make targeting appropriate sources easier.  To this effect a budding IRM professional might demonstrate gravitas and expertise through posting comments and links about relevant developments in their sector, content an employer might chance upon which also enhances the poster’s own brand.

It’s about the two-way conversation – are you tweeting today?

Follow us on Twitter: @Acumin