News Comment

Thursday 18 September 2014

Web is an open book where it's all too easy to leave secrets exposed

Published 17/06/2014 | 02:30

  • Share
Safety concept: Closed Padlock and Information Protection on com
Safety concept: Closed Padlock and Information Protection on com

THERE'S a feature on Facebook that many people will never have heard of. It's called Graph Search. And it's a profiler's dream.

  • Share
  • Go To

It reveals what an Irish Facebook user (more than half the population now) 'likes', where he or she lives, workplace details and who he or she say they'll vote for.

Try it yourself. If you enter the query: 'people who live in Dublin and who visited Mountjoy Prison', Facebook returns a limited list of Irish Facebook users who have visited ('checked in' at) the prison. If the query is changed to include: 'and who follow Fianna Fail', you'll get a new list.

Obviously, there are many reasons one might visit a prison (a newspaper colleague of mine is one of the people returned in the above search I tried) or to 'follow' Fianna Fail.

But the motivations of those searching for a list of people who have visited a prison or publicly expressed a preference for a political party may only be guessed at. It may certainly take some of those who use Facebook by surprise.

Graph Search is a perfect symbol of how the web has become an open directory where we leave ourselves open to be categorised and profiled.

And Graph Search is just the soft end of the profiling stick. 'Open source intelligence' has become a discipline on its own, with more and more companies using public 'data-mining' techniques to build as accurate a profile of us as is possible without physically going through our rubbish.

Tools such as Paterva's Maltego software are now routinely used by corporate entities looking to complete the picture of someone they take an interest in. Such tools use advanced data analytics to connect bits and pieces of data that you have left lingering on the web. In Maltego's case, one of the goals is to expose "unknown relationships".

Modern employers are especially adept at employing a razor sharp comb to pick things up about you before they hire.

It is not unusual for high-tech companies to spend weeks doing 'diligence' on candidates, extending to online checks across all social networking activity, comment boards, forums and even dating sites.

It is all done in the name of making sure a candidate fits a company's 'culture'.

Sometimes, this can work in a candidate's favour: high-tech companies often have preferences for certain pastimes and predilections. (One senior investor told me he looks for entrepreneurs that will try out kitesurfing.) But sometimes, it can damage your prospects.

But whatever your view on this type of research, it is almost certainly here to stay. Like most other countries' citizens, Irish people have embraced a 'sharing' culture that means we put much of our lives online for others to see.

Indeed, part of the reason the information is public is that we expressly want it to be this way, so we can be 'discovered' by old school friends or future employers.

THIS is not universally true, of course. But privacy-optimising services and gadgets such as Hullomail or the 'Black phone' (which cuts down on your publicly viewable phone footprint) remain niche offerings.

This is also because the economics of services such as Gmail and Facebook dictate that they only way for them to remain free is to put up with some data monetisation. By and large, Irish people seem content with this deal.

But what about safety? When does oversharing become a security compromise? Experts say that picking patterns out of commonplace data trails tees bad guys up for attacks. They say that the best way of guarding against this is to try to limit information on birthdays, anniversaries, addresses and names of close family relatives, such as children (commonly used as internet passwords).

This is probably a vain wish, with so much social media content revolving around congratulatory messages. Nevertheless, there can be a difference between keeping your personal data 'hidden' – which is nigh on impossible – and keeping it 'safe'.

Irish Independent

Read More

Don't Miss

Editor's Choice