Being Privacy Conscious |
Article is yet to be rated |
|
| Author:
| Fu
|
|
| Submitted: |
28-Nov-2004 08:32:14 |
| Imported From: |
zZine (original author: fu)
|
| This article will instruct you on the basic realities of how delicate your personal information online is. The aim is to make readers more privacy conscious and aware, and to help them keep their information private from strangers on the Internet.
|
|
Social Engineering
Social Engineering is one of the oldest forms of 'hacking'. It is a method of obtaining information you otherwise would not be authorized to obtain. The problem with IRC and chat rooms is that people feel that they are quite safe behind their supposedly anonymous aliases, and can therefore tell strangers things about themselves, thinking that the person could never use this random information. It might not cross your mind to connect all the information you know about a person to get a bigger picture, because you are merely talking to them for the purpose of social conversation, but someone with an intent to determine who the person is could in fact, with some social engineering work, obtain some very useful information they would need to find out who the real person is behind the alias they are chatting with.
Getting Someone's ASL
The simplest way to obtain someone's Age, Sex, and Location is simply to ask. This is very common on public chat servers. People are always private messaging people they wish to have a chat with, and the first question is usually "a/s/l?" Now of course there is a high possibility that the person is lying about everything, but you would be surprised to see the level of honesty people have over the Internet. A way to avoid this would simply be to not give it out, or just give false information.
Getting Pictures
People send each other pictures all the time over the Internet. The main problem with this is that the person can see what you look like in person, and other information can be obtained from your surroundings in the picture. Therefore, they can figure out some things about you from objects you would have lying around. Again, these are things a normal person without any evil intent would not notice, but a stalker or someone who wishes to determine who the person they are talking to really is, could look over the pictures and piece together some very sensitive information about their victim. As a solution, you could crop out things from your picture to make sure that the person you are sending the picture to is only seeing what you intend them to see.
Domain Names/Sites and Your Privacy
Usually if someone you are chatting with runs or owns a website, looking up the registration information for that domain will have that person's information including their real name, address, phone number, and email address. Registrars these days do offer their clients' domains to be held in a private listing (for an extra charge), and most people simply do not ask for the service. A way for domain owners to avoid this in the past was to simply input fake information. However, new legal reforms now require domain owners' information to be accurate, so that in the event that the registrar attempts to contact the client, they will be able to do so. There is no way to really avoid this these days.
Registered Accounts
Someone may reference something from another site at which they have an account. You might be surprised at the information you can find if you look up their account there. Some people usually have some sites which they consider very personal and therefore have their correct information listed there. You could even look around for sites of similar interest, or search for similar aliases on different sites trying to match up the information. The victim, not thinking in a 'privacy aware' manner, would not think that someone they are having a friendly chat with would do such a thing. You should always be careful that your accounts on different sites do not reveal anything too unique about you.
Country or Approximate Location
In the event that a person does not give out their location, some social engineering, or simply observing the times in which they sign on, can help an attacker determine the approximate location of their victim. A lot of people are generally open about what country they are from. This is not really a big problem, but some people might like to avoid letting people know what their nationality is.
Combining Information and Trying to Obtain More
Combining all the different types of information we have talked about lets a person easily learn a lot about you. The attacker's goal is to gather all the information they can about you. The main problem is carelessness on the part of the victim. Freely giving out small pieces of information thinking that the person could not possibly pin you down with it isn't the problem. Rather it is the collective usage of that information, along with a little bit of digging by the attacker, which will pinpoint a potential victim. This is a very serious issue on the Internet nowadays, because people do not act paranoid enough on the Internet to conceal their identities. Some may not want to, and that is fair, but unlike talking to strangers in real life, you really do not know who you are chatting with on the Internet. It could be anyone.
Harm Through Information
Now once a person knows enough about you, like your address, your phone number, where you work, or some bank information, a lot of damage can be done. They could stalk you and your family, they could call your home and prank you, they could go to your workplace and watch you there. Now, of course not every person you meet online will be like this, but it is rather more sensible to not let yourself fall into this situation in the first place, simply by being more aware of how the information you give people on the Internet can harm you.
This article was originally published by CyberArmy.net in the CyberArmy Library.
|
|
You must be logged in to vote on an article
|
About Us | Privacy Policy | Mission Statement | Help
|