The Internet is See-Through

If you're like me, you probably have a Facebook account.  In fact, everyone from your Ugandan sponsor child to your grandmother's cat is on Facebook.

For years I tried to resist its siren song, but like you, I was seduced by the promise of hundreds of friends, including everyone I ever went to high school with.  Which, by the way, means I am totally one of the cool kids now.  I even friended my mom. 

Facebook allows us to piece together a rough time line of events from the weekend, usually while frantically un-tagging ourselves from unflattering photographs.  Without it, whole generations of digital pigs would go unfed, fields of corn would be left to fallow, and wise guys everywhere would go un-whacked.  Astute insights like "my feet are cold" would be limited to those in our immediate vicinity.

Despite all this, there are those who think that sharing our personal information with thousands of our closest "friends" may not be a good idea.  Uh, don't you know that public is the new "social norm"?  Mark Zuckerberg said so.  And if I understood the movie The Social Network correctly, Mark's a stand-up guy.

So under the guise of journalistic integrity, I decided to interview one of these privacy advocates to find out just what he's smoking and if he can get me some.

We met up at a local pub, and got to talking.  While he evidently left his tinfoil hat at home, I knew his geek credentials were impeccable when he described Wikileaks as "chaotic good".  I had found the right guy, my very own Deep Throat.  If you don't know what that is, for the love of God don't Google it. 

DT, as he shall henceforth be known, told me that "the Internet is see-through".  Not comprehending in the least, I smiled and nodded, doodling in my notebook and taking a long drag of my beer.

Clearly not fooled, he explained what he meant.  We all have this impression that the Internet is some formless void, that our shared information is just lost in the ether.  That the websites we visit exist in some alternate dimension, nearly entirely separate from the physical world.

But data, all data, exists somewhere.  It is stored in countless computers and server farms, each of which has a physical location in the real world.  Our data, once shared, rarely every disappears. 

For example, being a member of the digital generation -- not to be confused with the Digimon generation of my little brother -- I have been surfing the web for over a decade.  That means there is potentially over a decade of data out there on my browser history (delete, DELETE!), the books I order, the games I play, the ads I click.

Our romanticized notion of the Internet as this formless anarchy has real implications.  Many of us, myself included, are not particularly judicious with the data we share, filling out myspace profiles (I'm dating myself here), publicly sharing our e-mail addresses on forums, gambling on online poker sites -- it's not gambling if you're good at it!

According to DT, it's not necessarily Big Brother that you should be concerned about.  The real danger comes from all the little brothers out there; the kind that are always spying on you when your friends are over, and that like to raid your piggy bank so they can buy more Digimon cards. 

He told me about the concept of "phishing", which apparently isn't about following the band Phish on tour but is actually a form of data mining.  Companies use information from your online activities to create targeted advertising.  As you can imagine, there are real financial incentives to knowing what you like.  Don't believe me?  Check out Google Dashboard.

Now, this in itself is not necessarily a bad thing.  Despite being an unmarried male, I can probably quote numerous tampon commercials word for word, which might be a good gimmick at parties but is ultimately just a good case for targeted advertising.  As DT points out, he is in the market for a car.  He wants to see car commercials. 

From my own experience, the moment my Facebook status changed to "single", I was inundated with ads for dating web sites and Russian mail order brides.  Yes, apparently I am that demographic.  Thanks guys, way to salt the wound.

The problem is with what DT calls "spear phishing".  This is when online entities use your information to target you directly for malicious purposes.  If someone has access to your Facebook account (and thus to everything from your interests and hobbies to the contents of your breakfast) it is potentially very easy to steal your identity.

No longer just the domain of Nigerian princes, hackers can use information about you to convince you to open suspicious e-mails.  You like soccer?  Check out this awesome World Cup video, you just need to download this plug-in first...

I don't know if it was the beer or not, but this guy was starting to make sense.  I mean, I like soccer!  The stakes were much higher than I'd realized.

So how can we protect ourselves?  DT's answer was not encouraging:

"Ultimately, it all comes down to motivation.  If someone is really motivated to get you, there's not a lot you can do."

Awesome.

DT did leave me with a glimmer of hope though.  He said it may be impossible to use the web without making one's self vulnerable, but you can certainly limit your risk.

It's all about limiting your "Attack Surface Area".  That is, not offering more information than is necessary to use your online services.  If you absolutely have to have a Facebook account, limit who can see your profile and consider using a pseudonym.  Also, be more judicious about who you "friend" online.  Maybe don't add that girl you knew from elementary school.

As DT points out, "you got along without her since the sixth grade.  I think you'll be fine."