Posts in Social media

5825408292_11759e3304_o

Kaisu who is working for us is also studying tourism. Her paper on knowledge of and behavior related to information security amongst young travelers was released in May, and is very interesting reading. The world is getting smaller. We travel more and more, and now we can stay online even when travelling. Using IT-services in unknown environments does however introduce new security risks. Kaisu wanted to find out how aware young travelers are of those risks, and what they do to mitigate them. The study contains many interesting facts. Practically all, 95,7%, are carrying a smartphone when travelling. One third is carrying a laptop and one in four a tablet. The most commonly used apps and services are taking pictures, using social networks, communication apps and e-mail, which all are used by about 90% of the travelers. Surfing the web follows close behind at 72%. But I’m not going to repeat it all here. The full story is in the paper. What I find most interesting is however what the report doesn’t state. Everybody is carrying a smartphone and snapping pictures, using social media, surfing the web and communicating. Doesn’t sound too exotic, right? That’s what we do in our everyday life too, not just when travelling. The study does unfortunately not examine the participants’ behavior at home. But I dare to assume that it is quite similar. And I find that to be one of the most valuable findings. Traveling is no longer preventing us from using IT pretty much as we do in our everyday life. I remember when I was a kid long, long ago. This was even before invention of the cellphone. There used to be announcements on the radio in the summer: “Mr. and Mrs. Müller from Germany traveling by car in Lapland. Please contact your son Hans urgently.” Sounds really weird for us who have Messenger, WhatsApp, Facebook, Twitter, Snapchat and Skype installed on our smartphones. There was a time when travelling meant taking a break in your social life. Not anymore. Our social life is today to an increasing extent handled through electronic services. And those services goes with us when travelling, as Kaisu’s study shows. So you have access to the same messaging channels no matter where you are on this small planet. But they all require a data connection, and this is often the main challenge. There are basically two ways to get the data flowing when abroad. You can use data roaming through the cellphone’s ordinary data connection. But that is often too expensive to be feasible, so WiFi offers a good and cheap alternative. Hunting for free WiFi has probably taken the top place on the list of travelers’ concerns, leaving pickpockets and getting burnt in the sun behind. Another conclusion from Kaisu’s study is that travelers have overcome this obstacle, either with data roaming or WiFi. The high usage rates for common services is a clear indication of that. But how do they protect themselves when connecting to exotic networks? About 10% are using a VPN and about 20% say they avoid public WiFi. That leaves us with over 70% who are doing something else, or doing nothing. Some of them are using data roaming, but I’m afraid most of them just use whatever WiFi is available, either ignoring the risks or being totally unaware. That’s not too smart. Connecting to a malicious WiFi network can expose you to eavesdropping, malware attacks, phishing and a handful other nasty tricks. It’s amazing that only 10% of the respondents have found the simple and obvious solution, a VPN. It stands for Virtual Private Network and creates a protected “tunnel” for your data through the potentially harmful free networks. Sounds too nerdy? No, it’s really easy. Just check out Freedome. It’s the super-simple way to be among the smart 10%.   Safe surfing, Micke   PS. I recently let go of my old beloved Nokia Lumia. Why? Mainly because I couldn’t use Freedome on it, and I really want the freedom it gives me while abroad.   Image by Moyan Brenn  

August 24, 2015
suicide

It’s amazing how advertising can power huge companies. Google has over 57 000 employees and some 66 billion US dollars in revenue. And Facebook with 12 billion and 10 000 employees. These two giants are the best know providers of ad-financed services on the net. And modern advertising is targeted, which means that they must know what the users want to see. Which means that they must know you. Let’s take a closer look at Facebook. We have already written about their advertising preferences and I have been following my data for some time. Part of the data used to target ads is input by yourself, age, gender, hometown, movies you seen etc. But Facebook also analyzes what you do, both in Facebook and on other sites, to find out what you like. It’s obvious how the tracking works inside Facebook itself. Their servers just simply record what links you click. Tracking in the rest of the net is more sinister, it’s described in this earlier post. Your activity record is analyzed and you are assigned to classes of interest, called “Your Ad Preferences” by Facebook. Advertisers can then select classes they want to target, and the ad may be shown to you based on these classes. You can view and manage the list using a page that is fairly well hidden deep in Facebook’s menus. Let’s check your preferences in moment, but first some thoughts about this. Advertising may be annoying, but it is the engine that drives so many “free” services nowadays. So I’m not going to blame Facebook for being ad-financed. I’m not going to blame them for doing targeted ads either. That can in theory be a good thing, you see more relevant ads that potentially can be of value to you. But any targeted ad scheme must be based on data collection, and this is the tricky part. Can we trust Facebook et al. to handle these quite extensive personal profiles and not misuse them for other purposes? It’s also nice that Facebook is somewhat open about this and let you view “Your Ad Preferences” (Note. Not available in all countries.). But that name is really misleading. The name should be “Facebook’s Ad Preferences for You”. Yes, you can view and delete classes, but that gives you a false sense of control. Facebook keeps analyzing what you do and deleted classes will reappear shortly. I made a full clean-up a couple of months ago, but now I have no less than 210 classes of interest again! This is really amazing if you take into account that I block tracking outside of Facebook, so those activities are not contributing. And I have a principle of not clicking ads in any on-line media, including Facebook. And liking commercial pages in a very restrictive manner. But the thing is that Facebook has realized that people dislike ads. “Suggested posts” or “Sponsored posts” are in fact masqueraded ads and any interaction with them will record your interest in the classes they represent. I have to admit that I do click this kind of content regularly. And where did that suicide thing come from? No, I’m fine. I’m not going to jump off a bridge and I’m not worried about any of my dearests’ mental health. I have not interacted with any kind of Facebook content related to suicide. Except that I can’t know that for sure. Facebook tries to give an open and honest image of itself when presenting its Ad Preferences settings and the possibilities to manage them. But this rosy picture is not the full truth. The inner workings of Facebook advertising is in reality a very complex secret system. When you interact with something on Facebook, you have no way of knowing how it affects your profile. Something I have clicked was apparently associated with suicides even if I had no clue about it. Ok, time to take the Facebook personality test. Let’s see what kind of person they think you are. Follow these instructions: Go to Facebook and locate an ad, a “sponsored post” or a “suggested post”. These items should have a cross or a down-arrow in the upper right corner. Click it. Select “Why am I seeing this?” from the pop-up menu. This screen contains some interesting info but proceed to “Manage your ad preferences”. Review the list and come back here to tell us what you think of it. Delete the inappropriate classes. Deleting all may reduce the number of ads you see.   So let’s see what people think about this test’s accuracy:   [polldaddy poll=9023953]   So using Facebook’s Ad Preferences as a personality test may be entertaining, but not very accurate after all. You should probably look elsewhere for a real test. The catch is that you can select what test to take, but not how others collect data about you. Someone else may rely on this test when evaluating you. You have actually granted Facebook the right to share this data with basically anyone. Remember this clause in the agreement that you read and approved before signing up? “We transfer information to vendors, service providers, and other partners who globally support our business, such as providing technical infrastructure services, analyzing how our Services are used, measuring the effectiveness of ads and services, providing customer service, facilitating payments, or conducting academic research and surveys.” You did read it before signing, didn’t you?   Safe surfing, Micke   Image: Screenshot from facebook.com  

August 13, 2015
AshleyMadison

The user register of AshleyMadison has been hacked. You don’t know what that is? Well, that’s perfectly fine. It’s a dating site for people who want to cheat on their spouses. Many dislike this site for moral reasons, but there is apparently a demand for it. The Canadian site has some 37 million users globally! Some user data has already been leaked out and the hackers, calling themselves Impact Team, have announced that they will leak the rest unless the site shuts down. So this hack could contribute to many, many divorces and a lot of personal problems! "We will release all customer records, profiles with all the customers' sexual fantasies, nude pictures and conversations and matching credit card transactions, real names and addresses." The Impact Team This is one hack in a long row, not the first and certainly not the last site hack where user data is leaked. But it is still remarkable because of the site’s sensitive nature. Think about it. What kind of information do you store in web portals and what bad could happen if that data leaks out? If you are cheating on your spouse, then that is probably one the most precious secrets you have. Disclosure of it could have devastating effects on your marriage, and maybe on your whole life. Millions of users have put their faith in AshleyMadison’s hands and trusted them with this precious secret. AshleyMadison didn’t misuse the data deliberately, but they failed to protect it properly. So it’s not that far-fetched to say that they cheated on the cheaters. What makes the AshleyMadison hack even worse is the site’s commercial nature. Users typically pay with a credit card issued in their own name. They can appear anonymously to their peers, but their true identities are known to the site owner, and stored in the database. So any leaked information can be linked reliably to real people. The sad thing is that the possibility of a leak probably never even crossed the mind of these 37 million users. And this is really the moral of the story. Always think twice before storing sensitive information in a data system. You must trust the operator of the system to not misuse your data, but also to have the skills, motivation and resources to protect it properly. And you have very poor abilities to really verify how trustworthy a site is. This is not easy! Refraining from using a site is naturally the ultimate protection. But we can’t stop using the net altogether. We must take some risks, but let’s at least think about it and reflect over what a compromised site could mean. This hack is really interesting in another way too. AshleyMadison is a highly controversial site as cheating is in conflict with our society’s traditional moral norms. The hack is no doubt a criminal act, but some people still applaud it. They think the cheaters just got what they deserved. What do you think? Is it right when someone takes the law in his own hands to fight immorality? Or should the law be strictly obeyed even in cases like this? Can this illegal hacking be justified with moral and ethical arguments? [polldaddy poll=8989656]       Micke   Image: Screenshot from www.ashleymadison.com  

July 21, 2015
Mikko Hypponen What Twitter knows

At Re:publica 2015, our Chief Research Officer Mikko Hypponen told the main stage crowd that the world's top scientists are now focused on the delivery of ads. "I think this is sad," he said. [youtube https://www.youtube.com/watch?v=pbF0sVdOjRw?rel=0&start=762&end=&autoplay=0] To give the audience a sense of how much Twitter knows about its users, he showed them the remarkable targeting the microblogging service offers its advertisers. If you use the site, you may be served promoted tweets based on the following: 1. What breakfast cereal you eat. 2. The alcohol you drink. 3. Your income. 4. If you suffer from allergies. 5. If you're expecting a child. And that's just the beginning. You can be targeted based not only on your recent device purchases but things you may be in the market for, like a new house or a new car. You can see all the targeting offered by logging into your Twitter, going to the top right corner of the interface, clicking on your icon and selecting "Twitter Ads". Can Twitter learn all this just based on your tweets and which accounts follow? No, Mikko said. "They buy this information from real world shops, from credit card companies, and from frequent buyer clubs." Twitter then connects this information to you based on... your phone number. And you've agreed to have this happen to you because you read and memorized the nearly 7,000 words in its Terms and Conditions. Because everyone reads the terms and conditions. Full disclosure: We do occasionally promote tweets on Twitter to promote or digital freedom message and tools like Freedome that block ad trackers. It's an effective tool and we find the irony rich. Part of our mission is to make it clear that there's no such thing as "free" on the internet. If you aren't paying a price, you are the product. Aral Balkan compares social networks to a creepy uncle" that pays the bills by listening to as many of your conversations as they can then selling what they've heard to its actual customers. And with the world's top minds dedicated to monetizing your attention, we just think you should be as aware of advertisers as they are as of you. Most of the top URLs in the world are actually trackers that you never access directly. To get a sense of what advertisers learn every time you click check out our new Privacy Checker. Cheers, Jason

May 15, 2015
nano freedome

When an enigmatic and groundbreaking artist started making waves on Youtube, the public was simultaneously curious and in awe of this new type of sonic assault, detached from any specific genre, culture or style. nano draws on life experience accumulated in NYC and Japan to create a truly global aesthetic. nano’s music transcends the confines of nationalities and ethnicities, and reflects nano’s “no national borders” motto. Despite being the product of a united and connected world, nano chooses to be shrouded with a veil of mystery and privacy. Like we here at Freedome, nano believes that personal privacy is a choice and the only person to control it should be YOU YOURSELF. We created Freedome because we LOVE the digital and connected world we all live in. We love it so much, that we want to give everyone the tools to enjoy it to the max by not having to worry about the negative sides that come with it. It’s all about choice and keeping control. A lot of your personal information is shared without your approval, and we should be able to share everything you want without fear of your stuff being stolen or used against you. Just like nano, we think that sharing your passions and keeping your privacy are not mutually exclusive. To celebrate our mutual  love for privacy and a connected world, nano has teamed up with Freedome with a special exclusive song, which can be found here. Join our global troop of digital freedom fighters. Your privacy, your choice.

April 22, 2015
Facebook, I love you, newsfeed

You should know that Facebook can play with your emotions. If you're reading this you're probably aware that your Facebook feed doesn't simply serve you the latest posts from the friends and pages you follow. Given that most of us follow hundred -- if not thousands -- of people, places and brands, a real-time feed would dramatically  change the Facebook experience. And it would likely greatly reduce engagement, which is the site's life force. But if you do know this, you may be in the minority. A new study from a team of researchers from University of Illinois at Urbana-Champaign, California State University, Fresno and the University of Michigan found that most of a group of 40 Facebook users, 62.5 percent had no idea that their feed is filtered by the world's largest social network. And not knowing that actually seemed to have negative affects on users' psyches. “In the extreme case, it may be that whenever a software developer in Menlo Park adjusts a parameter, someone somewhere wrongly starts to believe themselves to be unloved,” the researchers wrote. The study used a tool to create an unfiltered feed that showed them what they'd been missing. While they weren't thrilled how Facebook decided which friends posts they'd see, "[m]ost came to think that the filtering and ranking software was actually doing a decent job," Fusion's Alex Madrigal writes. In 2014, Facebook partnered in an academic paper that revealed it had manipulated users feeds to adjust how many positive and negative posts they saw. It found that moods were contagious. Positive feeds led to positive posts and vice versa. Users agree to such manipulation in Facebook's terms and conditions -- which you clearly know by heart -- but the revelation still led to a huge backlash. In the recent study, participants found that being aware they were being fed stories by Facebook's algorithm "bolstered overall feelings of control on the site" and led to more active engagement. So if you didn't know a formula was guiding your interactions before you probably already feel better. But there's more you can do if you want to make sure Facebook is showing you the things you actually want to see. 1. Be proactive. Go directly to the pages of the people, companies and artists you want to see more of then engage. Like posts or comments. Comment yourself. Share posts. Facebook's motivation is to keep you on the site as long as humanly possible--and it's very good at it. If it's not showing something you'd enjoy seeing, it probably would like to. So let it know. 2. Choose "Most Recent" posts.     In the left column of your home page, click on the arrow next to "News Feed". If you select "Most Recent", your experience will likely be less filtered. Though you still should not to expect to see every post that ends up on the site. 3. Go to News Feed Preferences. Click on the down arrow that's on every Facebook page and select News Feed Preferences. The goal here is to unfollow anything you're sick of seeing so you get more of what you do want. Or re-follow people or things you've missed. 4. Tell your feed what you like.         Facebook wants you to take an active role in adjusting your algorithm. That's why every post in your feed has a dim down arrow that you can select. If something really bugs you, tell Facebook you don't want to see and Unfollow the person or page. If you really love it, you can "Turn on notifications" which guarantees that every future post ends up in your notifications -- that little globe on the top navigation. Your notifications can act as a secondary newsfeed to make sure you don't miss posts from your favorites. 5. Switch to Twitter and Tweetdeck. If you want complete control over your newsfeed, you're never going to get it on Facebook. Even Twitter is moving away from this method of feeding content for a pretty simple reason, it needs more engagement. Given that Facebook and Twitter employee dozens if not hundred of programmers and experts paid to make their sites captivate you, they figure they're better at it than you. If you want to prove them wrong, Twitter's Tweetdeck app, which works in your browser, still offers unmediated newsfeeds so you can feed your own brain. Twitter isn't quite as personal or ubiquitous as Facebook -- but it is the next best thing. Try it out and see if you feel more loved. Cheers, Jason [Photo by Geraint Rowland | Flickr]

March 31, 2015
New MERCEDES

A new Mercedes. Nice. Or maybe an Audi R8? That would be cool. But hold it! Don’t sell your old car yet! Liking and sharing that giveaway campaign on Facebook will NOT give you a new car. Those prizes doesn’t even exist. They are just hoaxes. Internet and Facebook is full of crap, junk, rubbish, nonsense and gibberish. Nobody knows how many chain letters there are spreading some kind of unbelievable story. False celebrity news, bogus first-aid advice, phony charity campaigns and this kind of giveaways. We tend to think about these chain letters as hoaxes, pretty harmless jokes that doesn’t hurt us. But that’s not the full story. A hoax can be harmful, like the outright dangerous first aid advice that some people keep spreading. But a car giveaway is probably a harmless and safe prank, even if it’s false? No, not really. These chain letters are actually not traditional hoaxes, they are like-farming scams. There’s no free lunch, you don’t pay for Facebook with money but with your private data. The like-farming scams work in the same currency. You will not lose any money even if you like the page and share it. Instead you will participate in building a page with a lot of supporters, which is valuable and can be sold later. Needless to say, you will not get any of that money. Here’s how it works. Any business has a problem when starting on Facebook. An empty page without likes isn’t trustworthy. So the scammers set up a page containing anything that can go viral. A promise to get a luxury car works well. They just have to tell everyone to like the page and to share it as much as possible, to keep the chain reaction going and get even more likes. The scammers wait until there’s enough likes before they clean out the content, rename it and start looking for a buyer. The price is in “$ per k”, meaning dollars per 1000 likes. A page with 100 000 likes could sell for over $1000. So sharing the page can make quite a lot of money for the scammers if you have a lot of gullible friends, who in turn have a lot of gullible friends, and so on … The downside for you is that the likes stick even if the page is redesigned for some totally different purpose. Your face will be an evangelist for the page’s new owners and show up next to their brand. And you have no idea about what you will be promoting. I have friends who are anti-fur activists. You can probably imagine what one of them would feel when discovering that she likes a fur-coat designer! And finally some concrete advice. Review your list of old likes regularly. Remove everything except those things you truly like and want to support. When you encounter a giveaway post like this, check the involved brand’s main page in Facebook by searching for the brand name. You will in most cases notice that the giveaway is a totally different page that just is named similarly. That’s a strong scam indicator. Use common sense. From the above you get an idea about what likes in Facebook are worth. Does it make sense to give away luxury cars for this? Don’t participate in scams like this. It might feel tempting, but remember that your chance to win is exactly zero. Spread knowledge every time you see a scam of this kind. Comment with a link to this post or the appropriate description on Hoax-Slayer or Snopes.   Those sites are by the way fun and educating reading. I recommend spending some time there getting familiar with other types of hoaxes too. Read at least these two articles: Facebook car giveaway on Snopes and Facebook like-farming scams on Hoax-Slayer .   Safe surfing, Micke  

December 16, 2014
Facebook Terms and policies

You have seen them if you are on Facebook, and perhaps even posted one yourself. I’m talking about the statements that aim to defuse Facebook’s new terms of service, which are claimed to take away copyright to stuff you post. To summarize it shortly, the virally spreading disclaimer is meaningless from legal point of view and contains several fundamental errors. But I think it is very good that people are getting aware of their intellectual rights and that new terms may be a threat. Terms of service? That stuff in legalese that most people just click away when starting to use a new service or app. What is it really about and could it be important? Let’s list some basic points about them. The terms of service or EULA (End User License Agreement) is a legally binding agreement between the service provider and the user. It’s basically a contract. Users typically agree to the contract by clicking a button or simply by using the service. These terms are dictated by the provider of the service and not negotiable. This is quite natural for services with a large number of users, negotiating individual contracts would not be feasible. Terms of service is a defensive tool for companies. One of their primary goals is to protect against lawsuits. These terms are dictated by one part and almost never read by the other part. Needless to say, this may result in terms that are quite unfavorable for us users. This was demonstrated in London a while ago. No, we have not collected any children yet. Another bad thing for us users is the lack of competition. There are many social networks, but only one Facebook. Opting out of the terms means quitting, and going to another service is not really an option if all your friends are on Facebook. Social media is by its nature monopolizing. The upside is that terms of service can’t change the law. The legislation provides a framework of consumer and privacy protection that can’t be broken with an agreement. Unreasonable terms, like paying with your firstborn child, are moot. But be aware that the law of your own country may not be applicable if the service is run from another country. Also be aware that these terms only affect your relationship to the provider of the service. Intelligence performed by authorities is a totally different thing and may break privacy promises given by the company, especially for services located in the US. The terms usually include a clause that grant the provider a license to do certain things with stuff the users upload. There’s a legitimate reason for this as the provider need to copy the data between servers and publish it in the agreed way. This Facebook debacle is really about the extent of these clauses. Ok, so what about Facebook’s new terms of service? Facebook claim they want to clarify the terms and make them easier to understand, which really isn't the full story. They have all the time been pretty intrusive regarding both privacy and intellectual property rights to your content, and the latest change is just one step on that path. Most of the recent stir is about people fearing that their photos etc. will be sold or utilized commercially in some other way. This is no doubt a valid concern with the new terms. Let’s first take a look at the importance of user content for Facebook. Many services, like newspapers, rely on user-provided content to an increasing extent. But Facebook is probably the ultimate example. All the content you see in Facebook is provided either by the users or by advertisers. None by Facebook itself. And their revenue is almost 8 billion US$ without creating any content themselves. Needless to say, the rights to use our content is important for them. What Facebook is doing now is ensuring that they have a solid legal base to build current and future business models on. But another thing of paramount importance to Facebook is the users' trust. This trust would be severely damaged if private photos start appearing in public advertisements. It would cause a significant change in peoples relationship with Facebook and decrease the volume of shared stuff, which is what Facebook lives on. This is why I am ready to believe Facebook when they promise to honor our privacy settings when utilizing user data. Let’s debunk two myths that are spread in the disclaimer. Facebook is *not* taking away the copyright to your stuff. Copyright is like ownership. What they do, and have done previously too, is to create a license that grant them rights to do certain things with your stuff. But you still own your data. The other myth is that a statement posted by users would have some kind of legal significance. No, it doesn’t. The terms of service are designed to be approved by using the service, anyone can opt to stop using Facebook and thus not be bound by the terms anymore. But the viral statements are just one-sided declarations that are in conflict with the mutually agreed contact. I’m not going to dig deeper into the changes as it would make this post long and boring. Instead I just link to an article with more info. But let’s share some numbers underlining why it is futile for ordinary mortals to even try to keep up with the terms. I browsed through Facebook’s set of terms just to find 10 different documents containing some kind of terms. And that’s just the stuff for ordinary users, I left out terms for advertisers, developers etc. Transferring the text from all these into MS Word gave 41 pages with a 10pt font, almost 18 000 words and about 108 000 characters. Quite a read! But the worst of all is that there’s no indication of which parts have changed. Anyone who still is surprised by the fact that users don’t read the terms? So it’s obvious that ordinary user really can’t keep up with terms like this. The most feasible way to deal with Facebook’s terms of service is to consider these 3 strategies and pick the one that suits you best. Keep using Facebook and don’t worry about how they make money with your data. Keep using Facebook but be mindful about what you upload. Use other services for content that might be valuable, like good photos or very private info. Quit Facebook. That’s really the only way to decline their terms of service. By the way, my strategy is number 2 in the above list, as I have explained in a previous post. That’s like ignoring the terms, expecting the worst possible treatment of your data and posting selectively with that in mind. One can always put valuable stuff on some other service and post a link in Facebook. So posting the viral disclaimer is futile, but I disagree with those who say it’s bad and it shouldn’t be done. It lacks legal significance but is an excellent way to raise awareness. Part of the problem with unbalanced terms is that nobody cares about them. A higher level of awareness will make people think before posting, put some pressure on providers to make the terms more balanced, and make the legislators more active, thus improving the legal framework that control these services. The legislation is by the way our most important defense line as it is created by a more neutral part. The legislator should, at least in theory, balance the companies’ and end users’ interests in a fair way.   Safe surfing, Micke   Image: Screenshot from facebook.com

December 3, 2014