PRIVACYPETE.COM

How cool would it be to have a secret passage or a secret room in your house? This video shows you several different options:

There are several ways for you to do something like this:

1) Design in the passageway or the room when building a new house

2) Find a void in your existing house and convert it (many existing homes have voids under staircases, next to fireplaces, etc.)

3) Create a room or passage by adding a new wall

4) Hide an existing room by replacing its existing door with a disguised door, like a bookcase. The following video shows you how (relatively) easy this conversion could be:

HowStuffWorks

Initially available only to US users, geotagging is a new opt-in Twitter feature that lets you tag select tweets with your geographical location. Other folks see a user-friendly location name next to your tweet and can click it to reveal the location in Google Maps.

For privacy reasons, this feature needs to be turned on from your account settings in Twitter’s web interface. Once it’s on, you can tag tweets with your neighborhood, town, or exact point, on a per-tweet basis. It works pretty straightforward, just click the crosshair icon that appears below your update box when you tweet. If you’re using a location-aware browser like Firefox 3.6 or Chrome, it’ll ask you to confirm sharing your location with the web app.

Regardless of your chosen location granularity, your exact location is always saved in Twitter’s database. If you want to wipe out all location information from your past tweets, you can do so by clicking the “delete all location data” button on your settings page. In addition, clicking the X sign below a tweet hides location information until you re-enable it again by clicking the X symbol.

Twitter argued in a blog post that location sharing makes sense when you need to narrow down your search to just the tweets in your neighborhood:

Let’s say I’m at my office and I hear a loud boom. It sounded serious, so I search Twitter for “boom.” Among the first results could be someone who tweeted “Boom go the fireworks!” This could be anywhere in the world. However, if that person had activated the new tweet location feature then the neighborhood data under the tweet would read, “SoMa.”

Read more in Twitter’s blog post

This cool feature must be used with great precautions. There’s no doubt geotagging is a privacy advocates’ nightmare, especially for users who have their Twitter timeline set public.

Note that removing location information from your past tweets does not guarantee the information will be removed from all third-party application’s copies of the data or external search results. That said, please think twice before turning on this feature, especially if you’re on a public timeline. By making your exact location available on the web at large, stalkers could easily draw a map of where you’ve been simply by sniffing your name in search engines.

If you ask me, geotagging makes sense if your timeline is private and in certain rare circumstances. I, for one, won’t be geotagging my public tweets because sharing my geographical location with everyone on the web is way beyond my comfort level.

Hm2075 released the Wireless Key Grabber for the Backtrack 4 pre final on Remote-Exploit forums. The code for the tool with an explanation of how it works is available here.

This video is showing how to use Wireless Key Grabber. It requires lighttpd and it runs a fake wireless access point to grab wireless keys.whenever a user tries to connect to any website after connecting to this fake access point his browser is forwarded to a customised URL. Metasploit DLL injection is used to grab wireless key. This video was found on Cybexin’s Blog.

Google offers Web users a simple trade-off: Let the search giant track a substantial portion of your comings and goings around the Web, and it will offer you a free, superior online experience.

Now an independent security researcher who goes by the name Moxie Marlinspike is making Web users a counter-offer: Take Google’s giveaways and keep your privacy too.

On Tuesday, Marlinspike launched a service he calls Googlesharing, a plug-in for Firefox designed to give users access to Google’s online offerings while cloaking their identity from the company’s data collection tools. By hosting a proxy server with a collection of Google “identities,” the privacy software, which can be accessed at Googlesharing.net, will allow users to temporarily route their traffic through another computer that masks their identity by mixing their online actions with those of other users.

“Each identity looks like a normal user, but everything is mixed up between identities so Google can’t track any individual,” says Marlinspike. That means users can exploit any of Google’s offerings that don’t require logins, such as search, maps or news, without allowing Google to assemble a profile of their activities that can be used for advertising targeting—or, as some users might fear, information that could be subpoenaed by government investigators.

“It’s very hard to stop using Google,” says Marlinspike. “So we need to think about ways that we can use these things and still preserve privacy.”

Googlesharing is hardly the only tool that can flummox Google’s behavioral tracking system. The proxy system Tor, for instance, provides anonymity for any sort of Web browsing by siphoning a user’s data requests through not one but three servers.

ut that three-hop system—designed to protect users from even determined trackers like government officials—makes Tor especially slow, Marlinspike says. Googlesharing uses just a single hop, enough to foil Google’s data collection without significantly slowing down the service.

Other sites, like Ixquick.com or Scroogle.com, offer to relay Google search queries without exposing a user’s identity. But they offer only search, not the wide variety of tools Googlesharing would allow, from Google Shopping to Google Translate.

Googlesharing also adds another layer of security to search. Marlinspike uses Secure Socket Layer (SSL) encryption to protect the system so that not even a piece of malicious software on the user’s network can intercept his or her activities.

Still, there’s one person from whom Googlesharing doesn’t necessarily hide users’ activities: Marlinspike himself. To solve that dilemma, Marlinspike is also offering up Googlesharing’s code to anyone who wishes to create his or her own proxy. “If you don’t trust us, you can find someone who you do trust,” he says.

Even so, Marlinspike says users shouldn’t fear using his proxy either. That’s despite the fact that he has a history of publicizing hacking techniques that could allow cybercriminals to impersonate Web sites, even those that are supposedly secure.

But like many hackers, Marlinspike argues that those revelations were meant to make browsing safer by exposing vulnerabilities so they can be fixed. And he points out that he has far less to gain than an advertiser from exploiting your online history.

A Google spokeswoman responded in a statement that Google believes “transparency and choice are the foundations of privacy, which is why we give users meaningful choices about what information they provide to Google and to others.”

She referred users to Google.com/privacy and particularly Google Dashboard, which allows users to see and control data that the company has collected and associated with their registered Google account. And she pointed out that for users who haven’t signed in to a Google account, the company tracks cookies and IP addresses that are eventually anonymized, and that those logs are used to improve search results and maintain the security of Google’s systems.

Google Chief Executive Eric Schmidt reinforced some privacy advocates’ fears last month with a glib statement on the subject in a CNBC interview. “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place,” he told Maria Bartiromo. “The reality is that search engines—including Google—do retain this information for some time and it’s important, for example, that we are all subject in the United States to the Patriot Act and it is possible that all that information could be made available to the authorities.”

Marlinspike counts himself as a member of the Institute for Disruptive Studies, a Pittsburgh-based group of hackers he has described as “a radical think tank for hackers and co-conspirators who wish to operate outside of both the professional sphere as well as academia.”

Among the group’s priorities, Marlinspike says, are “security, privacy and technology that changes social relationships,” particularly technology that can reduce the influence of large corporations. Hence his efforts to help Web users avoid Google’s ever-widening gaze on our electronic activities for ad targeting.

“They’re offering more and more services that take control of the Internet itself, each one wrapped in these chirpy announcements about making the world a better place,” Marlinspike says. “It’s clear that’s not their only motive.”

Web site domain registrar and hosting provider Network Solutions acknowledged Tuesday that hackers had broken into its servers and defaced hundreds of customer Web sites.

The hackers appear to have replaced each site’s home page with anti-Israeli sentiments and pictures of masked militants and armed with rocket launchers and rifles, along with the message “HaCKed by CWkomando.”

According to results for that search term entered into Microsoft’s Bing search engine, there may in fact be thousands of sites affected by this mass defacement.

One of the defaced pages belonged to Minnesota’s 8th District GOP, according to a story in The Minnesota Independent, which said the Arabic writing that accompanies the defaced pages contains the dedication “For Palestine,” and the repeated phrase “Allahu Akbar” [God is great].

Network Solutions said the hackers were able to get in by exploiting a “file-inclusion” weakness in the company’s Unix servers. So-called remote file inclusion attacks are quite common, and can let attackers insert code that gives them backdoor access to and control over the affected server. Network Solutions said it is in the process of helping customers restore their sites.

“These incidents are regrettable and we apologize for the inconvenience,” the company said in its statement.  “Due to the nature of the web, the race between technology and the bad elements is a challenge that companies face continually.”

Network Solutions said there was no danger to customers’ “personally identifiable or secure information” as a result of the incident. Other recent break-ins at NetSol have not been so benign: Last summer, hackers broke into a number of Network Solutions Web servers and planted rogue code that resulted in the compromise of more than 573,000 debit and credit card accounts.

Let this be a helpful reminder to all of us who run a Web site that no matter how much you have done to lock down your Web site, a hiccup, server crash or break-in at your hosting provider can deep-six your site in a heartbeat. If you don’t already know how to do so, take some time before it is too late to learn how to backup and restore your site (look for a future blog post for a primer or two on this very topic).

via Krebs on Security

It’s one law for the rich and another for the rest of us as our secrets are paraded online

Let’s pick a person pretty much at random: Dan Braden of Austin, Texas. I do not know Braden at all, but I can tell you that in the past few days he has spent $373.46 on Louis Vuitton goods, $162.47 at a local grocery store, $20 at a fitness centre and $3.23 on iTunes.

He is also a regular at Starbucks, went to a Maudie’s Tex-Mex restaurant last week and spent $717.10 on new tyres.

Is someone spying on Braden or hacking into his bank account? Nope. Instead, he has signed up to Blippy, a new website that puts online every purchase users make with a designated credit card. He is happy to publicise where he goes and what he buys. No privacy worries for him.

“If I buy some Britney Spears, I guess my friends would make fun of me,” said Braden, who works for the computer company Dell. “But I’m not too concerned about privacy. I don’t think I’m doing anything I would be embarrassed about.”

Call it openness or exhibitionism, it is spreading everywhere. On Twitter you can post your thoughts minute by minute. On Facebook and Flickr personal photographs abound. One website will even broadcast your weight to the world every time you step on the bathroom scales.

Do we no longer care about privacy? Not much, claims Mark Zuckerberg, founder and chief executive of Facebook. Last week he declared: “People have gotten really comfortable not only sharing more information and different kinds, but more openly and with more people.” He described such lack of privacy as a “social norm”.

To those who grew up peeking at the neighbours from behind net curtains, it might seem crazy. To younger generations, born with the internet in their DNA, Zuckerberg may have a point.

As Daniel Masoliver, a 24-year-old postgraduate student in London, put it: “The only reason privacy ever existed is because Facebook didn’t. People have always liked talking about what they’re into and the more people share information with one another, the more comfortable others are joining in.”

Nevertheless, some online reaction to Zuckerberg’s claims was hostile. “He’s an idiot,” wrote one social networker; “Poppycock,” said another.

Experts in the social networking phenomenon are also concerned. The erosion of privacy, they say, brings dangers for both individuals and the wider body politic.

Sherry Turkle, professor of social studies of science at Massachussets Institute of Technology, said insensitivity to privacy “shows a disregard of history and the importance of privacy to democracy and, I might add, intimacy. Young people are not unconcerned about this matter. But they feel impotent”.

Even Zuckerberg, 25, is not truly comfortable letting it all hang out. When a change to Facebook’s privacy settings happened recently, it revealed pictures on his profile page of him larking around with friends. In some he looked a bit of a dork.

When news of the photographs spread, the images suddenly disappeared again.

Last week a Facebook spokeswoman was backpedalling vigorously, denying Zuckerberg had said privacy was dead. “His remarks were mischaracterised,” she said. “A core part of Facebook’s mission has always been to deliver the tools that empower people with control over their information.”

She added: “If the assertion is that anything Mark chooses to make private is inconsistent with his remarks last week, here are a few other hypocritical elements of his life: he hides his credit card numbers in his wallet, he does not post the passwords to his online accounts, and he closes the door behind him when he goes to the toilet.”

So is privacy no longer the social norm or not?

IN A YouGov poll for The Sunday Times this weekend, 30% of people said they agreed that privacy matters less than it did, and 63% disagreed. Just over 70% said they were worried about private information falling into the hands of others on the internet, while 28% said they were not worried.

The differences of opinion may partly be down to age. The pace of technological change is so fast that researchers believe even small age gaps produce significantly different attitudes and behaviour.

According to America’s Pew Research Centre, 68% of teenagers send instant messages on the internet compared with 59% of twentysomethings, and a far lower proportion of older age groups. In the UK a study of social networking by Ofcom, the communications watchdog, found that 54% of internet users aged 16-24 had set up a profile on a social networking site, with the numbers falling steadily with age.

The younger these “mini-generations” are, the more they appear to accept openness, if only through necessity. If everyone is revealing their lives online, they don’t want to be left out.

“I remember thinking there was something distinctly creepy about Facebook when I went on it for the first time,” said Jack Hancox, 24, of London. “Now it feels completely natural to put photos up and have various profiles on different sites. But still, I think people are quite wary about what they put online.”

By contrast, Bryony, a 15-year-old Facebooker in Hampshire, said: “I don’t think people are worried about it. When you are writing on Facebook, you are caught up in it and don’t think about privacy.”

One of her friends, Peter, said: “I’m not really concerned — except a little if my future boss finds out what it [his Facebook profile] was like. But it would also be cool looking back on it when I was 60.”

Or maybe not. The follies of youth are a necessary rite of passage, says Turkle, and used to be easily left to fade; now they may stick around for ever.

“Adolescents need to fall in and out of love with people and ideas,” said Turkle, whose forthcoming book Alone Together examines friendships in the digital age. “The internet is a rich ground for working through identity. But that does not easily mesh with a life that generates its own electronic shadow.”

In other words, your youthful mistakes may remain for ever on a computer server and come back to haunt you.

Like many social network users, Sophie, another friend in the Hampshire group, takes comfort from Facebook’s privacy settings.

“I’m not really worried,” she said. “I have it set up so only my friends can see stuff.”

Not everyone is convinced by such safeguards. For a start, Facebook has reduced the privacy level of its default setting. If you don’t actively impose privacy, lots of people will have access to your information. It can also become publicly available if a friend’s profile is not properly protected.

Even if you do try to restrict your profile, the data that remains public can still give away a lot about you. Facebook, for example, has no privacy restrictions on your name, photograph, list of friends and certain other material.

By analysing such data, “spider” programs can draw up social graphs that reveal your sexuality, political beliefs and other characteristics. According to Ross Anderson, professor of security engineering at Cambridge, it can be done even if you list as few as eight friends.

That might not matter so much in Britain, says Anderson, “but in a country like Iran, where they punish gays, this is serious stuff”.

Other concerns relate to how social networking sites use your data behind the scenes. Facebook’s privacy policy runs to more than eight pages of A4 and few users will read it. If you do, you will learn that Facebook “may collect information about you from other Facebook users”; keep details of any transactions you make; and allow third parties access to information about you. It also admits it “cannot ensure that information you share on Facebook will not become publicly available”.

EVER since George Orwell wrote Nineteen Eighty-Four, the Big Brother state has been most people’s first concern about diminishing privacy. Now private organisations and criminals are catching up fast.

The recent book Delete: the Virtue of Forgetting in the Digital Age cites the case of Stacy Snyder, a student teacher in Pennsylvania. After she posted a picture of herself apparently drunk on a social networking site she was denied a teaching certificate.

Burglars are already thought to use Facebook to try to find out when properties may be left empty. And Anderson warns that “phishing” is a growing threat. Using data gathered from social networking sites, criminals are sending people emails that appear to come from their friends. Research shows that people are far less wary of such emails than unsolicited spam, even though they can lead to identity theft.

While the rest of us find our privacy is up for grabs, the rich and famous are having theirs increasingly protected. Lawyers are using human rights legislation to bring cases in British courts, which are favourable to protestations of privacy.

The latest action has been launched by Kate Middleton, the girlfriend of Prince William, who claims her privacy was violated by a picture of her playing tennis on Christmas Day.

A greater danger than there being one privacy law for the rich and another for everyone else is that of a chronic malaise, at least in the view of Jaron Lanier, author of a new book called You Are Not A Gadget.

Lanier fears that the openness and “collectivity” of today’s internet is leading us towards mediocrity.

“We shouldn’t want the whole world to take on the quality of having been designed by committee,” he said. “When you have everyone collaborate on everything, you generate a dull average outcome in all things.” The best innovation relies on privacy, he says.

The shift towards openness, however, has momentum and attitudes may well be changing as Zuckerberg claimed. Young people are either unaware of the risks or feel that less privacy is the price they have to pay to participate in social networking.

Anderson is only half-joking when he says social networking has become a “survival necessity” for the young.

“At Cambridge all the party invitations go out on Facebook,” he said. “So if you don’t have Facebook, you won’t get invited to any parties, so you won’t have any sex, so you won’t have any children, so your genes die out. So it’s an evolutionary necessity to be on Facebook.”

Just remember, when you accept that Facebook invitation to a hot date, do not use a Blippy card to buy contraceptives on the way there. Unless you want the whole world to know what you are thinking.

Times Online

In today’s world of Internet interconnectedness, guarding your privacy can become a full-time job. Whether you are worried about your personal privacy, government interference, national security, identity theft, or the laws and policies surrounding privacy, these blogs will help you stay vigilant against any breaches in your privacy rights.

Privacy, Communications, and Censorship Blogs

These blogs cover a wide range of privacy issues including censorship, surveillance, online privacy, communications, and more.

1. The Privacy Blog. Anonymity, online privacy, policies, surveillance, and censorship are among the topics featured on this blog.
2. Privacy Blog. Medical record disposal, social networking privacy, and the Supreme Court’s take on privacy are recent posts here.
3. Threat Level. This blog at Wired.com touches on privacy, security, and related topics.
4. Conspicuous Chatter. Get research and opinions on the latest topics from the fields of anonymous and covert communication, traffic analysis, and censorship resistance.
5. Inoperability Streams. These posts include news about telecommunications, communications, and security.
6. Privacy International. This watchdog group posts news pertaining to privacy from all around the world.
7. Privacy Diary. Identity theft, risk management, information security, and more find their place in this blog.
8. TRUSTe Blog. Cybercrime and self policing are among the topics on this blog.

Online Privacy and Security

Guarding your privacy online is not only a good idea, but actually a necessity. Read these blogs to find news and updates from the world of cybersecurity and privacy.

9. MetaSecurity. Topics on this blog often include intelligence, cybersecurity, and virtual worlds.
10. Matt Blaze’s Exhaustive Search. This professor from University of Pennsylvania blogs about security and privacy issues as they relate to science and technology.
11. Freedom to Tinker. Published by Princeton’s Center for Information Technology Policy, this blog examines privacy, Internet security, intellectual property, and much more.
12. SMBlog–Steve Bellovin’s Blog. This professor from Columbia University blogs about Internet Security, privacy, and related issues.
13. Avi Rubin’s Blog. Electronic voting security, computer and network security, and other security issues appear on this blog written by a professor from Johns Hopkins University.
14. CERIAS. The Center for Education and Research in Information Assurance and Security is one of the leaders in research and education on information security. and their blog focuses on these issues.
15. Random Spaf Items. Professor Gene Spafford from Purdue, who also posts on CERIAS, writes about privacy, cybersecurity, cybercrime, and more on his personal blog.
16. 1 Raindrop. Written by security software expert, Gunnar Peterson, the posts on this blog discuss online security and privacy issues.
17. SecurityBuddha.com. Mark Curphey writes about Internet security tools as he has begun to reshape his blog.
18. Security Retentive. This information security engineer blogs about Internet security and privacy issues.
19. Another Set of Teeth. This blog covers privacy, security, and ethics especially pertaining to Internet security.

National Security

These blogs cover national security from the perspective of the government, strategists, and others who are dedicated to keeping you informed about security issues.

20. In Homeland Security. This non-partisan and non-commercial blog is sponsored by the American Military University and delivers news and analysis of issues relating to national security.
21. Stephenson blogs on homeland security 2.0 et al.. Written by the well-known strategist and theorist, W. David Stephenson, this blog touches on technology and civil liberty issues in relation to homeland security.
22. Global Guerrillas. This former USAF pilot and current analyst on warfare and security writes on communities and potential crises.
23. Vital Systems Security. With posts including such topics as community health issues, security, and globalization, this blog brings the latest scientific news as it relates to these issues.
24. Emergency.Blog. This blog focuses on information relating to security issues such as terrorism, emergency service, and cyberwar.
25. Homeland Security Watch. This non-partisan, non-commercial blog provides information about national security events and news.
26. War and Piece. Written by a national security correspondent, this blog provides insight on national security issues and foreign policy.
27. DefenseTech. This blog from Military.com covers a variety of topics that pertain to national security.
28. Evolution of Security. From the Transportation Security Administration, posts here discuss security and technology as they relate to national security.
29. Security Debrief. This blog features news and commentary from several sources that all discuss issues surrounding national security.
30. Home Station. From the Integrative Center for Homeland Security at Texas A&M University, this blog discusses timely issues surrounding homeland security including cybersecurity, terrorism, and more.

Personal Privacy, Security, and Identity

From guarding your identity to keeping your family safe to digital identity issues, these blogs cover personal security and privacy.

31. Privacy and Identity Theft. Get news and learn how to protect yourself with the information here that examines cybercrime, identity theft, and more.
32. Privacy Gourmet. Privacy and social networking, data privacy, privacy resources, and keeping families safe online are some of the subjects covered on this blog.
33. Emergent Chaos. This collaborative blog focuses on privacy, security, liberty, and economics.
34. Schneier on Security. This “security guru” and renowned author blogs about computer security, personal security, and Friday squids.
35. The-New-Internet-Security-Cyberhood-Watch-Blog. This blog focuses on such privacy and security issues such as identity theft, child cybersafety, and cybercrime.
36. Ceci n’est pas un Bob. Learn about issues surrounding security, privacy, identity, and risk at this blog written by Bob Blakley.
37. Identerati. Another blog from an employee of Burton Group, this focuses on identity management and security with a perspective from both business and the individual.
38. IdentityBlog. Kim Cameron writes about digital identity, privacy, and more on his blog.
39. Identity Woman. Social issues surrounding online digital identity are the focus of Kaliya Hamlin’s blog.
40. Adventures of an Eternal Optimist. Digital identity, privacy, and more are the topics discussed here.

Law and Policies

These lawyers and organizations all blog about privacy law and policies.

41. Privacy Law Blog. Security breaches, privacy law issues, and more are the focus of this blog from Proskauer Rose, LLP.
42. Burton Group Identity and Privacy. Burton Group reports news and offers opinions on the state of privacy policy and issues.
43. Privacy and Security Law Blog. Medical records, cybercrime, and other privacy issues get attention on this legal blog.
44. Privacy and Information Security Law Blog. Global privacy law issues, especially as they pertain to the cyberworld, are featured here.
45. Privacy Spot. The law firm of Hughes & Luce, LLP blog about data protection and privacy law.
46. beSpacific. This law and technology blog frequently discusses topics such as government, cybercrime, and the Internet.
47. Think Progress. Advancing progressive ideas and politics are the mission of this blog where you can find topics including privacy, immigration, and security.
48. In General Counsel. This right-leaning legal analyst discusses issues of security, politics, and more from a legal perspective.
49. Gregory S. McNeal. This law professor writes on such topics as counterterrorism, national security, and criminal law.
50. Privacy Law & Policy. Privacy rights, open government, and cybercrime are the topics on this blog.

.Criminal Justice USA

With more than 350 million monthly active users around the world, Facebook has a lot of users who want to make new friends. And now the company is testing out a feature to make friending a little more meaningful. Once you mark “ignore” on a friend request, you’ll see a new option in addition to being able to report the person for abuse or spam: “Mark that you don’t know” them.

Facebook has never shown friend rejections; rather, the person who made the friend request just never gets a confirmation. Some people don’t seem to get the hint, though, and make multiple friend requests to people they never get friend confirmations from. The new appears to make it so that the recipient can block future requests from the person. Like the long-time option of blocking all application notifications from a friend, it’s another way to reduce the social spam generated by poor etiquette on social networks.

Facebook doesn’t say exactly what happens when somebody gets marked as not known. “Our security team is currently just testing this feature to help inform certain limits on friend requests and combat spam,” a spokesperson told us.

Like a spammy app, it sounds like Facebook has some sort of limit it is testing out on how many friend requests a user can send over a given time. Also, the site is becoming a larger target for automated spam and phishing attacks, and one tactic is for spammers and scammers to set up fake profiles and friend people — this points to another use for the “mark you don’t know.” If used by enough people, it could help alert Facebook to problem profiles early on before they can cause too much damage.