Slashdot Mirror
UK Gov't Official Advises Using Fake Details On Social Networks
another random user writes "A senior government official has sparked anger by advising internet users to give fake details to websites to protect their security. Andy Smith, an internet security chief at the Cabinet Office, said people should only give accurate details to trusted sites such as government ones. He said names and addresses posted on social networking sites 'can be used against you' by criminals.
... 'When you put information on the internet do not use your real name, your real date of birth,' he told a Parliament and the Internet Conference in Portcullis House, Westminster. 'When you are putting information on social networking sites don't put real combinations of information, because it can be used against you.' But he stressed that internet users should always give accurate information when they were filling in government forms on the internet, such a tax returns."
What about in the U.S., where the corporations ARE the government?
What political party do you join when you don't like Bible-thumpers *or* hippies?
The social networks are getting smarter, and even if you don't give them the information, they may already have it. Unless you're doing this and not associating with anyone who knows you in real life, they will be able to match you up to your real self.
And that is a considered a felony hacking crime in some countries.
You shouldn't (always) trust the government either.
Are more likely to be accidentally left in a pub by an MP on an unencrypted laptop than to be gained illegitimately from my Facebook account.
The other story here is that in response some whiny bitch of a Labour MP said she was shocked that a government worker would dare make a suggestion that we try and protect our privacy and anonymity because anyone doing so is obviously a cyber bully and has something to hide.
Which reminds me once again why I don't know if it's worth even voting next election because it's a choice between spoilt milionaires who were born with a silver spoon yet still want more and seem to spend more time legislating about what furry animals they can kill next rather than doing much of actual value, and fascists that want to control every aspect of our lives and pay us enough benefits to bankrupt the country if we can't be arsed to work.
Honestly, for once a government official speaks sense, and still it gets turned into party political bollocks trying to take a swipe at them over it.
This guy, whoever he is, for PM. He's made the most sense of any government worker I've ever seen.
Dear faux-outraged MPs...
Don't worry. Everyone already does this. Your precious little databases of everything, everywhere, already contain 100% pure unadulterated shit (actually only 95% shit, but since you can't easily tell which morons gave real info, you can't trust any of it). So really, you haven't lost anything.
Boo-hoo. Back to social control the old fashioned way - Poisoning kids' minds via the school system, and having the boys in blue damage the minds of those that escape with some shreds of individuality intact.
Am I the only one who does this already? I habitually lie, I mean I might add my real name if I *have* to, but far as Facebook is concerned I'm a Muslim communist who lives in Pyongyang north Korea.
Admit nothing. Deny Everything. Make Counter-accusations.
If a company wants your real information, they should pay you for it.
You are being exposed to greater risk for each copy of your information that is out there. Not only of identity theft and other scams, but of being targeted by more advertising that can waste your time. Spam is out; the new spam is like those ads on Facebook for products tangentially relevant to your life, but usually irrelevant.
Even more dangerous is that people are able to correlate information from different sources and form a good profile of how you live, work and shop. Spokeo.com is a prime example of this.
If I could do it again, I'd use fake information from day one. In the information age, it's better to be invisible than a known quantity.
It's possible that Andy Smith isn't his real name.
Yes, bad ones.
Social Networks are just the tip of the iceberg - there are vast databases out there used by corporations to better understand their customers. Supermarkets and banks for example will know just about everything there is to know. If someone is stupid enough to post so much personal information on a social site that can then be used to comprise their identity, then that is a problem but one shared by the user... but if an organization fails to secure financial data, gets hacked and that information is used to exploit users, that is potentially more serious. Or if Facebook, Google or whoever are selling user information with users consent to anyone who will pay, no one seems interested. Yet the latter doesn't seem to be discussed to the same degree. It is not just about telling people to obfuscate, to "make stuff up" we need some good privacy laws that protect individuals and their data.
Wow, who would put real information on sites like Facebook, MySpace etc... If your going to put real details up use a site like LinkedIn, anywhere else if someone needs to know who you are then you can take it offline. The security risk of putting your info online is huge.
And I'm sure you can easily find for us the specific laws in question?
Ok...
> ...such as government ones."
ROFL.
Better yet, only give details to trusted sites. Don't tell the untrusted ones anything.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Someone should tell the 27 million Steam users born on January 1st that they should not use their real birthdays.
Obligatory song link: http://www.youtube.com/watch?v=7eIUOUfhoJ8
http://www.wired.com/threatlevel/2012/09/aaron-swartz-felony/all/
"The government, however, has interpreted the anti-hacking provisions to include activities such as violating a website’s terms of service or a company’s computer usage policy, a position a federal appeals court in April said means “millions of unsuspecting individuals would find that they are engaging in criminal conduct.”"
Protecting security is paramount to the security protection agency in charge of defense. I suppose that in this day and age you really do need to protect your security.
A 'singular oddity' is an event that cannot be explained and only happens when you are alone.
http://www.law.cornell.edu/uscode/text/18/1030
This bit of news is nothing to do with your country. "UK Gov't Official ....." was the clue.
In which federation is that a federal offence?
of Planets?
They're paying (with their free service) through the sale of ads. Ad sales do not require personal information. Think of a newspaper ad, or TV commercial. While those are targeted, based on what section of the newspaper (sports costs more than politics) or type of program they're featured in, they are also anonymous.
Seriously, this is a revelation? Not to mention the only person "angered" was some douchey MP that likely has investments in social networks and online advertisers. Why else would she promote using real information? She (Goodman) is actually claiming that using false information promotes crime. Gawd.
Anyway, I was intelligent enough to refuse to provide real personal information to BBSes (all local public network for the neophytes out there...never mind the Internet...a global public network) since I started online in the early 1990's...and I was very young (under 13). If someone provides enough information to a social site to permit a theft of identity...they deserve it.
Perpetual naivete is ignorance, and widespread ignorance is social decay (how ironic)...for which I have little sympathy.
What, giving false information to random social networking sites is a "felony hacking crime"? Name one country where this is the case. Terms of Service are usually ridiculously overreaching works of corporate fantasy that conflict with many local laws - especially in the EU. Violating a corporation's Terms of Service is not "breaking the law" unless your action is actually illegal.
Finish the paragraph.
The 9th U.S. Circuit Court of Appeals, in limiting reach of the CFAA, said that violations of employee contract agreements and websites’ terms of service were better left to civil lawsuits.
"....people should only give accurate details to trusted sites such as government ones."
I think my irony meter just exploded.
"Do not trust those fiendish corporations that want to sell you things, Loyal Citizen Unit! Trust only the government with your personal information! We just want to put you in GitMo, not show you ads! Remember! Failure to report mutants and commies is treason! Keep your laser handy!"
The solution is not to fake the data, nor is it to try and restrict visibility.
The solution is to redefine social networks, and admit that your address, personal info beyond 'I like chocolate etc lulz' is not useful in a social site, and go on.
But that guts the social networks. They derive their revenue from being able to sell YOU. And they can only sell YOU if they can sell Y O U .
That means selling your home address, the car you drive, your income and financial details, your friends, your employer, what you *actually* do, vs what you say you like to do, and whether or not you are able to be influenced by the advertisers buying you.
The first solution to this is to pay you for your data.
The second soluuion is to hold the purveyors of your data genuinely responsible for misdeeds. Not slap on the wrist fines, but punitive, stockholder-impacting penalties, and then both punitive reporting and montioring. If you don't vhange the rules, you won't change the brhavior.
And punish their clients as well.
And none of this will happen for the forseeable future. Just as Do Not Track cannot work, this personal data drives revenue, and makes the 'free' as in beer Internet work. Without it, you subscribe to Facebook, and I am not at all sure that FB is worth $0.19/mo to anyone. Much less the true cost of operation.
So we either live with this, or get off the networks.
Now, the real crimes are when your state sells your drivers license info. That is sinful and wrong.
deleting the extra space after periods so i can stay relevant, yeah.
Labour MP Helen Goodman was "genuinely shocked that a public official could say such a thing." I'm genuinely shocked that a public official (internet security chief Andy Smith) could actually be this competent and give citizens valid, practical advice about protecting their privacy.
Its a federal offense to give incorrect information to a federal official. Or to any entity that has a statutory duty to make reports to the federal government.
Some businesses have tried to leverage this second point to make the claim that they might have to turn data over to the gov't. So what you have on file with them must be correct. But I don't think courts have backed them up on this one. Yet.
Have gnu, will travel.
"I'm in the government. I lie every day, and you should to."
I thought posting false details is not only against the ToS, but is against the law. We're supposed to break the law to protect ourselves?
It's good, if incredibly obvious advice, to avoid giving real personal details to websites. But Mr. Smith is still too trusting, as he includes government and "large commercial" sites as places where it's OK to be honest. I disagree, particularly with the large commercial sites. They are more likely to combine your information with data from other sources, and are therefore even riskier than mom-and-pop sites.
just in fail countries like the USA, Iran, ...!
Right, and this tells me I can't violate TOS with a private company .... where exactly? If you actually read the text you provided, you'll see that it doesn't, not even indirectly.
The remedy for violated ToS is termination of service, as is typically spelled out in the ToS themselves.
I'm so glad I live in England right now!
violating the tos revokes your rights to use the service, a service hosted on a remote computer. that means you exceede your granted permissions and are hacking.
Right, and this tells me I can't violate TOS with a private company .... where exactly? If you actually read the text you provided, you'll see that it doesn't, not even indirectly.
The remedy for violated ToS is termination of service, as is typically spelled out in the ToS themselves.
Section (A)(5)(C) explicitly states that:
...intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage and loss
Accessing a social media account using fake data can certainly be construed as accessing the system without authorization (you are not, in fact, the person whose every move and preference is tracked via this account). Potentially costing FB, G+, etc., etc. money by lying about who you are so they can't target you with their ads (Probably using an ad blocker will eventually be applied to this too), can cause a loss of ad sales revenue.
This must be prevented at all costs! Allowing people to give false names, addresses, birth dates, demographic and psychographic information is a direct assault on our economic system and is just as destructive to our corporate overlor..err..great nation as is a terrorist attack. If you ask me, five years in prison isn't enough for these lowlifes!
No, no, you're not thinking; you're just being logical. --Niels Bohr
Isnt that both against the TOS for most services, and against the law in some areas?
Not that im against it, as you wouldnt see me posting real info either.
---- Booth was a patriot ----
I thought everyone knew this already!
"Andy Smith".. sounds like a fake name to me
How funny. I already do this to reduce the chance of identity theft. I call it poisoning the well.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Accessing a social media account using fake data can certainly be construed as accessing the system without authorization (you are not, in fact, the person whose every move and preference is tracked via this account). Potentially costing FB, G+, etc., etc. money by lying about who you are so they can't target you with their ads (Probably using an ad blocker will eventually be applied to this too), can cause a loss of ad sales revenue.
Actually they can still target you under a fake identity, so that one wouldn't work so well.
I'll give you that they could *attempt* to make a case on such a basis. Certainly we've seen that twisted in some prosecutions of "hackers". Whether a prosecutor would go along with it in this context, and whether it would even survive preliminary motions is another story altogether.
The U.S. is the only country I know of where violating TOS is a felony.
Quite an experience to live in fear, isn't it? That's what it is to be a slave.
And that is a considered a felony hacking crime in some countries.
I seriously doubt that facebook are going to sue their millions of under 14 year old users who post fake birthdays somehow.
To have a right to do a thing is not at all the same as to be right in doing it
violating the tos revokes your rights to use the service, a service hosted on a remote computer. that means you exceede your granted permissions and are hacking.
Bollocks, all a service like Facebook can do is ban that user/username.
To have a right to do a thing is not at all the same as to be right in doing it
I built my own social network where you are supposed not to give personal info, have a look a it here:
www.cratis.eu
NOTE: for the time being it's only in Portuguese, I will release an English version within 2 months.
I tried accessing that site but it appears to have been written in some fucked-up version of Spanish.
To have a right to do a thing is not at all the same as to be right in doing it
I think the original point was that this is in the UK and therefore (so far) US laws, federal or otherwise, don't apply.
We're not the 51st State just yet.
To have a right to do a thing is not at all the same as to be right in doing it
If you want your personal information kept safe, DON'T PUT IT ONLINE.
And if others put my information online because Facebook prompts them to enter some info about me? Or their Android phone syncs its address book with Google+?
What then?
It's probably best just to throw away the tinfoil hat and realise it was never going to defeat the powers of ZOG.
To have a right to do a thing is not at all the same as to be right in doing it
Actually they can still target you under a fake identity, so that one wouldn't work so well.
I'll give you that they could *attempt* to make a case on such a basis. Certainly we've seen that twisted in some prosecutions of "hackers". Whether a prosecutor would go along with it in this context, and whether it would even survive preliminary motions is another story altogether.
I see that my sarcasm has eluded you. My apologies for any confusion. The thrust of what I was saying is that it would be ridiculous to try to bring any kind of action (civil or criminal) in a situation like that. Then again, perhaps we will go down that road. That would be quite frightening -- having to pay damages or even go to jail for creating a social networking account with a fake name.
No, no, you're not thinking; you're just being logical. --Niels Bohr
No. They can file charges of felony hacking as well. This is rare, but it has happened.