Wednesday, December 12, 2012
Profile Poisoning the Next Frontier
Profile Poisoning the Next Frontier for Hackers
Google and Facebook already know everything about you – your interests, friends, tastes and even your movements. That’s already a privacy nightmare, but researchers at the Georgia Institute of Technology’s Information Security Center (GTISC) think it could soon be a security nightmare, also.
Automated information systems already determine what version of the news most of us see.
“If you compromise a computer, the victim can always switch to a clean machine and your attack is over,” said Wenke Lee, a professor at Georgia Tech’s College of Computing and director of the GTISC in the report. “If you compromise a user’s search history and hence his online profile, the victim gets the malicious search results no matter where he logs in from.”
But search history poisoning is just one manifestation of the security risks that come with greater and greater reliance on automated information gathering. Lee and his colleagues found that algorithms used by social networks like Twitter and Facebook to identify “popular” content can easily be gamed by legitimate and illegitimate users who colluded to amplify selected messages across social networks – making them appear more trendy and popular than they are.
(Do you think obama and his comrades use search history poisoning to game users about him?
Don't think for a minute that this wasn't used to trick and game obama supporters.) Story Reports
And, automated systems that personalize each user’s experience – showing two different Google or Facebook users a slightly different mix of news and search results – increasingly blinker our view of the online world and creating “filter bubbles” that promote the largest sites, while demoting smaller sources of information.
“While personalization can deliver the most relevant local news to a user, it also results in a lack of diversity and a local bias,” the researchers found. “Depending on the country, 20 to 30 percent of the new sources accounted for 70 to 80 percent of the articles,” the report said.
The report, released at the Georgia Tech Cyber Security Summit on November 14, identified other security trends that are likely to make news in 2013. Among them:
The integrity of the technology supply chain will become a more pressing issue, as companies struggle to identify and thwart security threats and compromises that originate at their suppliers.
Mobile malware will continue to plague mobile device users, especially on platforms like Google’s Android. Well-policed mobile application stores will help tamp down malicious code outbreaks in developed markets like the U.S. However, infrequent patching by handset makers and carriers means most mobile devices will continue to be vulnerable to attacks against known vulnerabilities.
Malware creators will become more adept at shielding their creations from automated malware analysis systems. Malware targeted both the Apple OS X operating system and mobile device platforms will become more common.
Georgia Tech’s report is the product of the University’s various information security labs, including GTISC and the Georgia Tech Research Institute.
The integrity of a user’s online profile is an increasing concern for regulators on both sides of the Atlantic. On Friday, a federal judge in San Francisco formally approved a $22.5 million settlement between the U.S. Federal Trade Commission (FTC) and Google for that company’s practice of misleading users of the Safari web browser about how it would track their movements online.
The FTC has been pressuring firms like Google and Facebook to be more transparent in telling their users how and when they are tracking their activities online. In September, Facebook agreed to stop using facial recognition technology to track users. A similar complaint has been lodged with the FTC. At the same time, the EU is weighing revisions to its Data Protection rules that would strengthen protections for individuals living in EU countries.
(It is clear that the ONLY way to be safe from obama's spies and anyone else who has the technology know how to watch your every move is to go OFF GRID and get out of the "matrix".
This means no internet, no cell phone etc, cash only etc.
Every thing we say or do is tracked to manipulate our every move. Its real and its true.
My suggestion is to use the US mail. It's suppose to be secure from government and private spying but even it can be tracked. Its the content that is more secure because some hacker computer program can't read the contents of the letter, at least not yet.
So go "off grid" use the US mail more. They will still track where you send mail to and who you get it from but like I said a hacker computer program can't see the contents of your letter.
If this doesn't work I suggest looking into carrier pigeons.) Story Reports
Historically, pigeons carried messages only one way, to their home. They had to be transported manually before another flight. However, by placing their food at one location and their home at another location, pigeons have been trained to fly back and forth up to twice a day reliably, covering round-trip flights up to 160 km (99 mi)