The Basics of Digital Privacy
eBook - ePub

The Basics of Digital Privacy

Simple Tools to Protect Your Personal Information and Your Identity Online

Denny Cherry

Share book
  1. 152 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

The Basics of Digital Privacy

Simple Tools to Protect Your Personal Information and Your Identity Online

Denny Cherry

Book details
Book preview
Table of contents
Citations

About This Book

Who's watching you online? These days, it's hard to be sure. But the recent Edward Snowden revelations of NSA data mining and the constant threat of identity theft from criminals mean your privacy is in jeopardy.

The Basics of Digital Privacy teaches you how to protect the privacy of your data and your identity while surfing, searching, and interacting with others in a virtual world. Author Denny Cherry teaches professionals how to keep huge databases secure, and he will introduce you to the basic concepts of protecting your identity, your financial data, and your personal information from prying eyes while using your computer and smartphone. You'll learn how to stay connected and conduct business online, while protecting your privacy with every keystroke and click.

The Basics of Digital Privacy gives you clear, non-technical explanations of how to safely store personal information online, create secure usernames and passwords for websites, and participate in social media without compromising your privacy. Learn how to find out who's watching you online, and what the law has to say about your privacy rights. A great resource for anyone who ventures into the online world on a daily basis!

  • The most straightforward and up-to-date guide to privacy for anyone who goes online for work, school, or personal use
  • Real-world examples show you how cyber criminals commit their crimes, and what you can do to keep your identity and your data safe
  • Written by author Denny Cherry, who teaches top security professionals how to protect huge databases of information
  • Learn the best ways to create secure passwords, chat, text, email and conduct business online without compromising your identity and your personal data

Frequently asked questions

How do I cancel my subscription?
Simply head over to the account section in settings and click on ā€œCancel Subscriptionā€ - itā€™s as simple as that. After you cancel, your membership will stay active for the remainder of the time youā€™ve paid for. Learn more here.
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlegoā€™s features. The only differences are the price and subscription period: With the annual plan youā€™ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is The Basics of Digital Privacy an online PDF/ePUB?
Yes, you can access The Basics of Digital Privacy by Denny Cherry in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Syngress
Year
2013
ISBN
9780128001523
Chapter 1

Storing Your Personal Information Online

Abstract

This chapter talks about what information you should and shouldnā€™t be storing online.

Keywords

Facebook; challenge questions and answers; online

Information in This Chapter

ā€¢ How much information you should share with companies
ā€¢ Risks of sharing too much information online
ā€¢ Knowing how companies protect your information
ā€¢ Cookies and websites
This chapter talks about the risks of storing information online and how we can mitigate some of those risks.

Storing your personal information online

In the modern world, we all end up storing information online, even if we donā€™t know that we are. Every company that you do business with stores information about their customers, including you, in a computer on their network. Every website that you visit on the Internet be it from your desktop computer, laptop computer, cell phone, library computer, and Internet cafĆ© is storing information about you in some form or another. That computer or system of computers in some cases runs a database that allows the customer service, sales, marketing, etc., staff to find customer information, run reports on purchase history, etc. Even when you do business with companies in person and not via the Internet, you will have information stored about your purchases within their systems.
The perfect example of this is the customer loyalty cards that are given out by grocery stores. These cards are very useful for us the customers because it gives us access to discounts that we wouldnā€™t normally have access to without having to cut coupons and remember to bring them in. The information that the store gathers via these loyalty programs tells them everything about their customers, their shopping habits, and so on.
Note
What companies can do with this information
One of the most famous problems that has become visible to the general public happened with the large retailer. Target started sending coupons based on personal shopping habits that they tracked via their loyalty program. One specific customer, who lived with her father, began receiving coupons for prenatal vitamins and baby supplies. The father was quite upset that Target was sending his daughter, who was under the age of 18, these coupons so he went to the local Target store and complained to the store manager. The daughter then had to explain to her father that she was indeed pregnant.
The way that Target had been able to figure this out was by analyzing her store purchases on her loyalty program card called data analytics.
You can read more about this use of data at http://basicsofdigitalprivacy.com/go/target
Understanding just how much information companies track about their customers, both their online customers and their offline customers, is critical to understanding how you as the customer can protect yourself against data and identity theft. Understanding how the companies collect and use the information about you the customer allows you to make informed decisions about what information to give companies and when. In a lot of situations, you can just give the company false information to get through the process without giving them a way to track you. A perfect example is when asked for your phone number at checkout, give them all zeros, or when asked for your zip code, give them the zip code of the store instead of your home.
The problem with it comes to protecting our own privacy is that we as people by our nature want to be friendly and accommodating. Companies are able to take advantage of this by asking for information that we are usually all too willing to give away, even if we shouldnā€™t be. Companies may not always make it very obvious that they are collecting this sort of information. Often, they will get you to give the company this information as part of the security questions that are used to later verify that you are you when you forget your password. However, many of the questions that companies use can be easily enough found by simply looking at social networking sites (which we will be talking about in this chapter and Chapter 5).

How much information you share with companies

The companies that we do business with on a daily basis are collecting massive amounts of information about us on a regular basis. As of the writing of this book in the summer of 2013, there are no laws or regulations about how much information a company can collect about their customers.
The reason that companies collect all this information about their customers is for a couple of different reasons. The first, and the most common, is so that they can better target advertising so that there is a better chance of selling their customers additional products at a later date. This reason makes total sense when you think about it: companies make their money by selling us products. If they can figure out what products we want to buy before we know that we want to buy them, they have a better chance of selling us the products than their competitor does.
For example, if Best Buy is able to figure out that I need to buy a new Blu-ray DVD player before Target is able to figure out that I need to buy a new Blu-ray DVD player, and Best Buy is able to get me an ad for their new Blu-ray player that is available in the stores, then odds are that I will end up purchasing the Blu-ray DVD player from Best Buy and not from Target.
The second reason that companies collect information about their customers is much less likeable and enjoyable for their customers. This is when companies collect and store information about their customers so that the information that is collected can be sold to other companies so that the other companies can advertise to us. The easiest example of this practice is Facebook. With Facebook, we willingly give all our information over without any thought about it. Facebook then uses that information to more easily enable advertisers to display us ads on the Facebook website. In this case, we are no longer the customer, we become the product that is being sold.

Risks of sharing too much information online

When companies collect and store large amounts of information about us, that information becomes more at risk of being stolen by other people. The biggest threat to consumers when it comes to identity theft is that the information needed to steal someoneā€™s credit card information or their entire identity can be found in the computers of companies that those consumers do business.

Giving attackers the information that they need

As we share more and more information online about our lives on social networks like Facebook and Twitter, it becomes easier and easier for identity thieves to find out the information that they need to break into our accounts and take over our identities; we will be talking more about social networks in Chapter 5.
When we set up accounts with companies such as our banks, we set up a username and a password. When we do this, we keep these items secret so that no one else knows what these items are. However, there is a weakness with this system that becomes painfully easy to exploit and that is the fact that all of these accounts are set up to go with a specific e-mail address. That e-mail address is your e-mail address and is used to send you information about the bank and your electronic statements and to allow you to gain access to your account in the event that you forget what your password is. By their nature, e-mail addresses are not secret and are known by all our friends and family and may even be published on the Internet so that customers, old friends, and so on can contact us. The e-mail address that is posted online can also be used by attackers as the first step in gaining access to our bank accounts.
Once an attacker has figured out what your e-mail address is, finding out the website where your e-mail can be accessed usually isnā€™t all that hard. For example, if you have an e-mail address that ends in @earthlink.net, your e-mail can be accessed via the website webmail.earthlink.net. If your e-mail address ends in @gmail.com, then your e-mail can be accessed via the website www.gmail.com. Figuring out the website to access even rare domains is usually very straight forward.
On most public website sites, there is going to be a link that can be used to allow the customer to figure out or reset the password in the event that the password has been lost. Usually, this is done by asking a series of questions that only the owner of the account would know the answer to. When the Internet was first being used and this sort of challenge and response question concept was put together, this worked very well as no one was posting personal information online. However, as time has moved forward and social networking has continued to grow in popularity, the idea of challenge and response questions hasnā€™t really changed. Now, instead of the information to answer these questions being something that only the account owner would know, itā€™s a real possibility that the answers to these questions has been shared online on social networking sites.
Note
Challenge questions should be challenging
Recently, I was setting up a new bank account at one of the major banks in the United States. As a part of the process, they help you set up your username and password for the online banking system. While going through the process, the challenge and response questions were shown so that I could pick the questions that I wanted to use for my online access to the bank.
Every one of the questions that was shown was information that most people would share on Facebook, Twitter, or any other social network without thinking twice about it. Some of the questions that were on the list included questions like what city you met your spouse in.

Telling thieves when to break into your house

While social networks are great for telling our friends and relatives what is going on in our lives, our friends and family arenā€™t the only people that can view the information that we post on social networking sites. Most social networking sites are wide open by default meaning that anyone who looks at the site can find the information that you post on the site (we will talk more about how to set up security on social networking sites in Chapter 5).
As we post more and more information on social networking sites, we become more and more used to posting everything that we are doing online. However, when it comes to traveling, for business or pleasure, we need to be very careful how much information we post online. Likewise, we need to be very careful about posting our actual home address online. If we have posted where we actually live, and we also post when we are on vacation out of town, we have just told any potential burglars in our home area where our house is and the fact that itā€™ll be empty. If we post online that we are going to Hawaii for vacation as an example, a potential burglar can assume that the house will be empty for at least 4-5 days if not for a full week.
Note
M...

Table of contents