Giving The Shaft To Data Mining And Obsfucating IBM & Twitter's Privacy Intrusion on Your Life

Those b*st*rds are going too far. Even though I am a data miner, I have a great concern as a data privacy advocate. Essentially Twitter & IBM are teaming up to mine your Twitter Stream to monetize your posts. They will take your tweets and try to sell crap to you, or worse, sell your data to other companies.

Here's how it will work. If you post that your mother died, you will see a crematorium or undertaking ads. Tweet about spending some time in the hospital, and you might pay a higher health insurance premium because they will sell that info to insurance companies.  The same about driving fast. Tweet about your kid going to college, and you will get a full court press on everything from college choices to clothes for university life.

It sucks. It just isn't right. You have three choices.  You can vote with your feet and leave Twitter. I have already left Facebook and LinkedIn. Twitter is my last stand.

You can carry on, but in a previous blog post, I mentioned that the most dangerous thing about Big Data Mining, is that data mining can make assumptions about you that simply aren't true, and you may be categorized into a list that you don't want to be on. It could affect your job, your security clearance, your credit score or who knows what.

You could self-censor, but censorship is wrong, even self-censoring.

I like the last option - f*ck with the machine learning, and deep learning and data-mining.  How? Obfuscate.  Here are a few things that I will do.

1) Disable all location services for tweets.
2) Disable all location services that your smart phone takes. It writes the location into the EXIF data. It also writes date and time and camera type, etc.
3) Google for a free EXIF editor, and remove all EXIF data from your pics.
4) Do not put your actual location in your bio. For example, I follow a dude, who's location is : Where I Have To Be
5) Put in a fake town where you live. If you have a dog named Rover, put down that you live in Roverville.  You can still keep your same state.
6) Never use your middle name or initial. It's just one more authentication factor.
7) When social media streams are mined using NLP or Natural Language Processing, an important part of that is finding "possessive determiners".  Don't use them.  Possessive Determiners are words like my, your, her, etc.  If you tweet "Its my birthday", even the dumbest NLP data mining machine can pick it up. However if you say "Welcome to Birthdayville, Population Me", not even the smartest NLP machine can pick that up. Get rid of possessive determiners in your Tweets.
8) Practice Typoglycemia.  http://en.wikipedia.org/wiki/Typoglycemia  Here is an example that would totally screw up a deep learning machine:

"I cdn'uolt blveiee taht I cluod aulaclty uesdnatnrd waht I was rdanieg: the phaonmneel pweor of the hmuan mnid. Aoccdrnig to a rseearch taem at Cmabrigde Uinervtisy, it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoatnt tihng is taht the frist and lsat ltteer be in the rghit pclae. The rset can be a taotl mses and you can sitll raed it wouthit a porbelm. Tihs is bcuseae the huamn mnid deos not raed ervey lteter by istlef, but the wrod as a wlohe. Scuh a cdonition is arppoiatrely cllaed Typoglycemia .
"Amzanig huh? Yaeh and you awlyas thguoht slpeling was ipmorantt."

9) User slang. If your gas pedal foot itches to drive a BMW, call it a beamer or a beemer and don't capitalize the word.

10) Use alternate spelling. Ime a bygg phan of Neel Yoongs mewsic.

11) Throw in rand o m   s pac es   in yo ur  sente nce.  Or e*ven the od*d star will do.

12) Never tweet your age, your spouse or partner (I see married to @sweetiePie all the time) or any other information.  It is okay to list your employment of academic institution and that leave a lot of room to fool the NLP machines if you work at the Big Blue, or teach @ the Yard (thanks to the Harvard profs that follow me -- appreciate it).

Using these simple tips will cause the data mining and perceptrons scanning your feed to take a pass on what you type. Now is the time to bowdlerize or obfuscate your account.

I think that the bigger answer, is to startup a new hybrid of Twitter and Facebook that guarantees information privacy. But in the meantime, let's be careful out there as to what we post.  And remember, its not that difficult to deke out smart machines.

Facebook Privacy Slip-up - Randi Zuckerberg Family Photo

Now isn't this rich with irony.  Randi Zuckerberg posts a private family photo to Facebook and the privacy policy doesn't protect it.  They were poking each other with the new Facebook Picture Poke.  The picture goes public and Randi is not pleased.  Randi is the former marketing chief of Facebook and should know better.

Inquiring minds want to know though -- where is the lovely Mrs. Mark Zuckerberg in this photo?  Maybe she and Mark are not into poking any more?  Just saying ..

Blocking Extensions for Chrome

(click for larger image)

Regular readers of this blog will know that I am a privacy freak. I also use Google Chrome which is the safest, fastest, best browser in the marketplace.

I just got a new laptop, and I had forgotten to add my privacy extensions. However I was reminded when an old highschool friend sent me an invitation to join her on Facebook, and since she had my email address, the Facebook code read my contacts and suggested other friends that were not connected to her, but were to me.

Since I get my email through my browser, I decided that it was time to add the privacy extensions. I added Disconnect.me, Ghostery and Do Not Track Plus. I also added Ad Block, but I had to disable it, because I couldn't read how much money that I was making on the ads for Google Adsense.

However, I am quite pleased with the performance of the blocker privacy extensions for Chrome. So far, the worst offender for tracking in my experience, is the CNN.com website.

As an added feature for today, you get a fearless prognostication. Facebook stock is going to tank today. The closing price was $20.38 and I'm willing to bet that it will close lower today.

Facebook's Socialcam app shows friends what you watch - FOX Carolina 21

Facebook's Socialcam app shows friends what you watch - FOX Carolina 21 (Click to read) If you ever needed another reason to quit Facebook, here it is.

DISCLAIMER: I AM NOT A REGULAR OF FOX NEWS or EVEN A FAN !!!!!!!!!! However this article is interesting.

More Reasons Why To Quit Facebook and LinkedIn

Man, I am looking smarter and smarter every day for quitting Facebook and LinkedIn. Can you imagine that your credit rating will suffer for something that you have posted on LinkedIn or Facebook?

Here is the URL of an article of Privacy Violation on these social networking sites:

http://www.smeweb.com/index.php?option=com_content&view=article&id=3722:facebook-inc-data&catid=62:news&Itemid=101

And here is a reprint of the article in case it goes off line:

Credit agency plans to use Facebook Inc data to form credit ratings

Monday, 11 June 2012 11:25

Schufa is also looking into using information from other sources including Twitter and Linkedin.

Schufa, Germany's largest credit agency, is planning to use data from Facebook Inc (NASDAQ:FB) to form credit ratings, according to leaked documents says to consumer advisory body Which?

As well as pulling information from Facebook pages the agency is looking into using information from other sources including Twitter, Linkedin and Google Street View to assess individual credit ratings.

The documents, leaked to German broadcaster NDR, suggest the agency is planning to use 'crawling techniques' like those used by search engines to find relevant information with aim of 'identifying and assessing the prospects and threats'.

Mark Batistich, a member of the Which? Legal team, said: "Whilst it's not exactly clear what credit checking companies such as Schufa intend to do with data obtained from Facebook, it is certainly possible, at least in the UK, that using such information without consent could be in breach of the Data Protection Act, and also the Facebook Terms and Conditions, which set quite stringent guidelines on what can be done with information obtained from that site."

The plans have drawn criticism from the German consumer protection minister Ilse Aigner as well as justice minister, Sabine Leutheusser-Schnarrenberger, who both said the plans went too far.

Make Money from LinkedIn Passwords Hacked

A few weeks ago, I mentioned on this blog that I have quit both Facebook and LinkedIn. That looks like a pretty prescient and smart move now, in spite of the fact that prophets are never accepted in their home country.

Based on the news today that 6 million LinkedIn passwords were published on a hacker blog in Russia, I feel that by quitting these two Internet time-wasters, I have greatly enhanced my security from identity theft.

You can read about the password breaches with LinkedIn here.

A few thoughts come up from this episode. In no obvious order:

• A lot of people use the same password for their email, bank accounts, Facebook and LinkedIn accounts. A breach of one, may be a catastrophic breach for some people.
• The other striking fact was that may users used linkedin as their password to LinkedIn. This sort of thing enabled the Russian hackers with small penises to break the SHA-1.
• LinkedIn was negligent in not "salting" the passwords with random bits to enhance the security so that the same passwords do not hash out the same every time.
• This is a prime opportunity for some young hotshot lawyer to sue the pants off LinkedIn in a class action suit for not protecting its users privacy.
• We trust these websites a lot with our identities, and when they fail to protect them, they should be made to pay for that negligent lapse. After all, they make money from the users who sign up. You would think that they would protect that revenue stream.
• A class action suit would work, because LinkedIn has some pretty heavy corporate hitters who value their identity privacy.
• This sort of thing spells opportunity for any geek who can solve the intrinsic problems of traditional user name and password credentials for websites.

And I can't go a day without mentioning my own personal bête noire -- Facebook. I am not sure if Facebook tightened things up with a complete https session, but various industry insiders pointed out that there are vulnerabilities in Facebook. If Anonymous or the diminuitive tallywhacker hacker Russians ever break Facebook security, it would greatly accelerate its inevitable destiny of becoming a penny stock.

The Black Hole Net ~ Dark Web 2.0

There will come a time when internet privacy will be the concern of everyone. Only the lower socio-economic classes of people with continue to use the internet in a promiscuous way. But I predict the evolution of a deep dark web called the BlackHoleNet. This will be like the black credit cards or Swiss trusts -- a place where those that can afford it, can surf the web in virtual assured privacy. What will the BlackHoleNet look like?

First of all, to get to it, you will enter an IP address with no domain name. A lack of a domain name means one less step of information gathering by the registrar. When you arrive at the site, it will be a blank page that has a happy face or an "Under Construction" banner. Nothing. Nada. No links. Nowhere to go.

Then you insert a USB key, or SD card or another removable memory device into a port on your computer. You refresh your browser, and another page opens up. No apparent links. However this page contains an Easter Egg. If you know where it is, it asks you to log in. You have made it passed the bastion server. You are connected to the bastion server with an encrypted tunnel. On top of that, the contents of the traffic are encrypted as well.

Once behind the bastion server, you have the dark net. No search engines. No DNS. You have to know the IP addresses. The browser is such that if you start scripting a series of IP addresses, the browser will never work again, nor will the credentials to the dark web.

Inside the BlackHoleNet, there is no SMTP email. Not everyone is aware that every single email sent is archived by the intelligence agencies of almost every First World government. Inside there is no general broadcast of email. One logs into a server, and the email goes from mailbox to mailbox, in the server. Each subscriber must tunnel into the server to get their mail.

If you have to send an external regular email, the email is passed to a tokenizer which creates a token of the identity of the sender. All geo-location stuff is stripped out, and the email is then sent over regular SMTP channels. When the email is answered, a server decodes the token and takes it to its appropriate inbox.

There is a Facebook-like social media app, but it is all private, and the app is prevented from selling data or advertising. All of this privacy is funded by subscription.

There are websites that one can surf without anyone collecting information on you. There are stores that sell products, and all transactions are handled by an anonymity broker. Both the seller and buyer pass their information to the broker, and neither one knows the particulars of the other. The anonymity broker is a trust, that is audited regularly.

In essence, there will be an exclusive private darknet that will not be accessible to governments, intelligence agencies, pornographers, spammers, pedophiles, British tabloid editors, Rupert Murdoch and other scumbags and all of the vermin that now infests the internet.

Coming to an IP address near you soon. Bring a couple of wallets to pay the subscription fee.