|M A R C H 2 0 1 0|
SOFTWARE EVOLUTION, INDEED!
By ARUN MARBALLI
Evolution! I am not talking about the Darwinian form of evolution but referring to its related sibling software evolution. Like life, software also has a way of evolving – perhaps because software is a product of human endeavor and humanity is a product of evolution – although there is a school of thought out there that considers evolution as nothing more than a blasphemous figment of imagination attributable to the scientific community – but I digress. The point I am making is that as anti-malware software evolves to thwart increasingly sophisticated malware, the malware itself evolves to stay one or a few steps ahead of those that would deny its sustenance. In my last column, I mentioned the tactic used by some cyberspace miscreants to scare up business by installing fake Trojan anti-virus products and attempting to hold the user hostage with real-looking (and scary) but fake messages of malware infection. As people have grown wiser to this stunt, these wily folks have evolved their attacks to include a real-looking live online support option that brings up a chat session with a real person who then uses his/her inter-personal skills (albeit via a keyboard based chat session) to dispel any suspicions of foul play and pry money out of a reluctant victim. Evolution indeed!
Sometimes, users open themselves to attack by subverting vendor provided safeguards. Classic cases of this involve what are called “jail-broken” iPhones. The process of jail-breaking involves disabling certain features of these smart phones that tie it to one service carrier and permit installation of only approved Apps. What users of these jail-broken phones do not realize is that in “jail-breaking,” they disable up to 80 percent of the phone’s security features, thereby rendering it vulnerable to attacks from hackers who scan for open phone ports and install evil payloads. There have been numerous reported cases of worms installed on these devices and some where nothing was physically installed but data (including Address books, Notes and Text Messages) on the iPhone was surreptitiously copied to a spying computer and the iPhone users did not even know they had been hacked. Talk about exposing yourself in public! Suddenly, what to many appeared to be a “cool” thing to do is in reality a foolhardy thing to attempt.
Speaking about exposing personal information in the public domain – the biggest and perhaps the most common location in cyberspace that people these days put out a lot of information about themselves is Facebook. Following widespread criticism, Facebook has recently deployed a new set of privacy features. However, just the availability of these features is not sufficient to increase the level of privacy in this environment; there also is need for due diligence on the part of the users to understand the features and use them appropriately. Some of the settings that are worth looking into are (1) the “What your friends can share about you” Section of the “Applications and Websites” Category in “Privacy Settings;” (2) The ability to hide your list of friends by unchecking the “Show my friends on my profile” setting; (3) As a user you can control who can see any part of the content you post; (4) The “Privacy Settings” also enable you to control who may contact you; (5) This is perhaps the most important one – with the “Search” option in the “Privacy Settings” you can control how much or how little of your posted contents can pop up in Google and other Search engines. Two things to keep in mind when considering Facebook privacy are that when Facebook transitioned to these new privacy controls, all settings for Users were set to Facebook recommended settings – unfortunately, the recommended settings are at the lowest levels of privacy; and in Facebook vernacular, “Everyone” literally means EVERYONE.
Finally, while we are on the subject of privacy, are you a subscriber of Netflix? If you are, then you are probably familiar with the magical process that Netflix uses to recommend movies to you with estimated 5-star predicted ratings based on your prior movie-rating history. Well, this process is not magical at all but is driven by some fairly complex predictive-analysis software. According to a report in the Wired Magazine, it appears, not too long ago, Netflix embarked on a contest in which they invited contestants to vie for a prize by generating a movie recommendation algorithm that had to be at least 10 percent better than the one Netflix currently used. To do this, they provided “anonymized” data (data from which personal identification information has been removed) of a sample of members to the contestants. Despite the anonymization, a couple of University of Texas researchers were able to identify one the Netflix members included in the sample. Now, Netflix is considering the second phase of this contest in which they plan on providing additional information such as age, tastes in movies and ZIP Code and Wired estimates that armed with this level of information it is possible to track down a member on the Internet with 87 percent accuracy. Now, consider the fact that Google has stored information such as the Who, Where, When and What from every search submitted to the search engine since inception – literally trillions of search entries. Where does that leave your privacy? Do you think there is any semblance of privacy on the Internet? What do you think?
Arun Marballi has worked in the Information Technology arena for more than 20 years with extensive experience in software development, process design and network/workstation management. For comments, questions, tips or suggestions, e-mail email@example.com.
Contact InformationAnything that appears in Khaas Baat cannot be reproduced, whether wholly or in part, without permission. Opinions expressed by Khaas Baat contributors are their own and do not reflect the publisher's opinion.
The Editor: firstname.lastname@example.org
Send mail to email@example.com with questions or comments about this web site. Copyright © 2004 Khaas Baat.
Khaas Baat reserves the right to edit and/or reject any advertising. Khaas Baat is not responsible for errors in advertising or for the validity of any claims made by its advertisers. Khaas Baat is published by Khaas Baat Communications.