in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Hard Disk Encryption: "Please Rob Me" Site Shows How Innocuous Information Is Not Trivial

And now for something completely different...from what I usually blog about.  A Dutch group has created a site called pleaserobme.com (please rob me dot com) that essentially goes through twitter posts and plucks only those tweets that "check-in" using Foursquare.  Essentially, you can tell when someone's not home, and that's great information for would-be burglars.

Foursquare

I've got to say this is the first time I've heard of Foursquare.  According to Wikipedia, it's a "location-based social networking website, software for mobile devices, and game. Users "check-in" at venues using text messaging or a device specific application."

I guess the idea is that, if you're at a particular bar or something, and a friend sees that he's also in the neighborhood, he can just kind of drop by and say hello.

The problem, though, is that the act of checking in, and making the information public and easily available, also means that pretty much anyone can keep tabs on where you are.  And how much more public or far-reaching can you get than Twitter?

What Does This Have To Do With Disk Encryption?

Nothing, and yet, everything.  Obviously, it makes no sense to encrypt the above data: social media sites and services like Twitter and Foursquare are meant to be public.  Sharing information is a given.

On the other hand, it plays into the observation I made in yesterday's post about the "hidden dimension": Just because the information seems innocuous at first glance doesn't mean it cannot be easily tweaked and used for nefarious deeds.

Consider e-mail addresses.  No one really thinks of it as private, sensitive information.  You'd be crazy to do so; I mean, if you kept your e-mail address truly private, you'd probably never receive any e-mail.  However, consolidate 10,000 of the same, and suddenly there may be a way to use it for criminal purposes.

Companies (OK, most companies) make it a policy to encrypt or hash client passwords, but don't extend the policy to other data such as e-mail addresses.  The idea is that, if their security perimeter is breached, passwords are sensitive information while e-mail addresses are not.

But, as I pointed out in yesterday's post, plain-vanilla e-mail addresses can be used for carrying out scams as well.  It seems to me that anytime you've got a large enough database of any type of data identifying people, you should really take a look into securing it.


Related Articles and Sites:
http://www.csmonitor.com/Innovation/Horizons/2010/0217/Please-Rob-Me-and-the-problem-with-social-media
http://news.bbc.co.uk/2/hi/technology/8521598.stm

 
<Previous Next>

Disk Encryption Missing On USB Memory Stick For Budget Travel

Laptop Encryption Software: Laptop Tracking 75% Effective For Recovery?

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.