I think you're saying that one strategy for social networks is to always assume that everything you ever say or do or upload online will be accessible by the press, law enforcement, your boss, worst enemies, friends, and loved ones. It's arguably a good strategy if a little confining.
I would like to say that even though I keep things locked down (except for stuff like photo albums that I deliberately choose to share with the world), I certainly don't depend on Facebook security to hide illegal or unsavory practices. (For reasonable values of "unsavory".) I mean, my mother, my daughter's former day care provider, and a former boss are in my friends list. Posting photos of me using a bong would not be in my best interest even with security turned on.
What I was referring to, and something that apparently didn't come through (based on the other response) is that your personal information, not the stuff that would embarrass most people but just your basic life history, can be used against you in several ways, not the least of which, in social engineering where someone poses as a friend or family member with enough background information to make them believable.
Moreover, there may be legal ramifications that are non-obvious. IANAL, but it seems to me that if push came to shove, the fact that you put security measures in place and at least had an expectation of privacy which the other party had to actively circumvent, might put you in a better legal position.
And finally, there's the social aspect. Sometimes we need to discuss things that might be damaging or at least inconvenient to others, and I think we have an obligation to at least make the information difficult to capture.
Parenthetically, my daughter (17) was a very early adopter of Facebook, but she depends on me as her sysadmin and has no problems with me accessing her account. In return, I trust her and don't feel the need to dig into her stuff.
Except once when a friend was taken in by an older man posing as a teenage girl, and as a precautionary measure I went through all of daughter's contacts whom I did not know personally, looking for clues that they might not be what they seem. I didn't find anything suspicious in that respect, but what I did find makes me not ever want to do that again. Hormonal teenage girls posting information and photos that were *way, way WAY* too personal to all and sundry, many of them with no security measures in place whatsoever. It was like Gaaaaa no no no dismiss dismiss delete browser cache.
Along those lines, I am surprised that people aren't more concerned about Facebook as a rich hunting ground for sexual predators. And again, it seems to me that the fact they had to break into someone's account to scoop their stuff would put the prosecution on better footing.
The point being, the argument that he's just a kid being stupid is something a defense lawyer may be required to say, but I don't see it as a winning argument.
I'm sorry I didn't think this was that hard to understand. 18 years old is not a "boy" who "does stupid things" in a legal sense, which is what's important in a legal case. He's an adult who's responsible for his actions.
You've got a point about alcohol, and I agree it doesn't make a lot of sense, but 18 years is old enough to sign a contract, fight a war, and be legally responsible for your actions, the last part of which is what's important in this case. If we as a society don't like that, we should change the law.
I mean "social engineer" as in the technique of "social engineering" to steal someone's stuff. Like researching your victim ahead of time so you can pose as a friend or relative and make it sound legitimate. What did you mean?
> When it comes to privacy, 58 percent of social network users set their profile to private so that only friends can see it.
This should be 100%. I suspect the other 42% don't know how or don't understand the ramifications. (Mild hyperbole, but you know what I mean.)
I understand there's problems with Facebook privacy but if you're going to play at all, you have a responsibility to protect yourself. Just my opinion.
It's also important not to poke "accept" for every friend request you get, without first doing due diligence. If you have one friend in common, that may only mean that your friend may have been stupid enough to click "accept" to a potential social engineer without checking.
I photograph events and travel, and those albums are open. The rest is closed off. Not because I'm "hiding anything", (this is *facebook*) but because there are things I'd tell my friends that I wouldn't tell the general public. I review my privacy settings periodically. I don't do optional Facebook applications, ever. I don't do Facebook games, ever. I don't repost Facebook "forwards", and I will block someone if that's all they're doing. I have lively discussions (in our own words, not cutting and pasting someone else's) with a circle of friends, we share ideas and have some heated arguments, and that's a good thing -- in my opinion, it's the "social" in social networking. The rest is the electronic equivalent of stuffing an envelope with magazine clippings.
I believe that women are more likely to unfriend, but I wonder what the statistic is for blocking. I have less than 200 friends, small by Facebook standards, although I've met most of them and about 25% of them would help me move (and 2 or 3 would help me move a body -- although they'd want to know who's first) and of those I've never unfriended someone no matter how obnoxious. I *have* blocked them from my news stream because they're irritating, natter on too much about nothing (a characteristic of Facebook it seems) or repeatedly try to bait the community out of some desire for attention. These "junk" postings get in the way of the people on my friends list whom I *want* to read.
It doesn't seem right to unfriend. It seems snarky -- a personal insult. Blocking them from my news stream is more like, I haven't taken you out of my address book, but I probably won't be calling you. It would have been interesting to find out if this is a male vs female characteristic. Something like: Given it's time to end the relationship with another person, women are more likely to break up publicly, whereas men are more likely to simply ignore.
I've noticed repeatedly that a personal friend or acquaintance will jump on, friend everyone in sight, load up a bunch of applications, play a bunch of games, and then suddenly disappear. I've asked some of them later about that, and some have said it takes too much time (I can see that) and others have said they lost interest (reasonable also) but many have said that they became alarmed at the lack of privacy. It's almost like there was an event that shook them up and they dropped out. Social networks are hot right now -- generally accepted -- but I wonder what people's perceptions will be in ten years time.
Social networks are like any tool -- you can use it to get work done, or you can use it to poke your eye out. If you're not willing to learn the tool, you shouldn't be surprised at the consequences. There is no "walled garden" social network as far as I know. It's like the rest of the internet -- raw, fertile, potentially dangerous. The knife is sharp; it's important to point it in the right direction. But sometimes a spork just won't do.
Yeah, the iphone is more expensive than any of the other suggestions here, but you'll love it. Nothing spells success like pulling out your iphone to make a call. And another advantage is that there's a new version every two years!
So, again, we have seven administrators in the school system for every teacher. Does that seem proper and efficient to you?
The current educational budget in my state works out to roughly $12,000 (US) per child per year, making it the single largest budget item in the state. If that's not enough, what is?
I don't think that's the point. The point is to protect the school system from legal and public hassles when underage porn is found on the school network. Even if it's entirely a student's fault that it's there, the school still takes the hit in the media and courtroom.
You can't stop sexting. At best you can try to keep it off your own machines.
I'm not sure I follow. Are you saying it's the Republicans fault that they can't fire teachers, principals or superintendents?
I don't know where you live but my experience doesn't follow that. I live in the most liberal part of a deep blue state and they're closing entire schools. Parents are pissed beyond imagination, but the area just doesn't have the money, a product of the economic downturn, driving businesses out of town with uncompetitive taxes and fees (losing their tax base) and plain old waste. The single largest budget item in the state is education, (to the tune of $12K per student per year last time I checked) but somehow that doesn't translate to much funding by the time it gets to the classroom. I'm told that the ratio of administrators to teachers was three to one when I moved here and is now something like seven to one. I'm pretty sure there are some unnecessary personnel in there somewhere, but the problem seems to be that it's the unnecessary people who get to choose.
Seeing as how we couldn't field a Republican mayor, governor or congress critter to save our lives, I'm having a hard time laying this at the Republicans feet. It'd be convenient, though, I'm sure.
> Protecting the children is absolutely a necessary thing to be doing, and I can not agree more with the general sentiment. However I don't see that lack of network access is going to affect the children's ability to traffic in sexting or other similar acts, only cover the ass of staff when it happens on school grounds.
My understanding is that this is precisely the point. The rule is not to protect the students but to provide legal protection for the staff.
A) Set up a domain, and cut off all the Dust Bowl laptops from the school network, period. If they want access to resources, they must turn in their laptop to be re-imaged. Period. There, I just made it work.
Or
B) Quit. Because I don't want that stain on my resume.
Dunno about where you went to school. My daughter (HS senior) can bring her own laptop and other electronic devices to school, but they are absolutely forbidden from connecting to the network.
I think this is partly because of exactly what MrQuacker was talking about -- the possibility of sexting or other inappropriate materials getting on the school network from students. (Staff is a different matter.) The organization protects themselves from abuse by the legal system by forbidding all but school property to connect to the school network.
One domain, and every resource accessible from that domain, would seem to solve the problem. It has the side-effect of not allowing cheapie home edition laptops to join the network, which gives IT leverage to get the equipment imaged properly.
Well, somewhat along those lines you could legitimately argue that the "windows 7 dust bowl edition" does not meet the organization's security standards (because it won't join a domain).
Speaking of which, how can these low end winders laptops use school resources if they can't log into the company domain? You *are* using active directory, aren't you? Please tell me you aren't just leaving everything open.
It seems the natural outcome of this would be giant fire-extinguisher sized containers in each corner of the building regularly spritzing caffeine into the air to generally improve employee output. You could even hide the canister behind ceiling tiles. Just another service provided by your company.
Ok, I used to do technical competency testing for backup solutions. I've written papers on it. Most of the tracking and recovery is done in software these days. Has been for years. If you're keeping spreadsheets to track which box to get back, you're doing it wrong.
Geosynch means synchronizing your data with a geographically remote location. This does not necessarily protect you from data corruption, but it does protect you from hardware failure. This is easiest to do for companies with offices in remote enough locations (from each other) to qualify as "geographically remote". (Defined as remote enough that a natural disaster in one location would not affect the other location.)
"Online backups" occur when data is replicated in some reasonable fashion to a storage appliance. The appliance serves as your "backup server" and restore is similar in operation (may even use the same tool) as with a big tape library, except with immensely greater capacity, and no manual labor walking the aisles looking for a particular set of tapes. This protects you from data corruption.
Combine the two (geolocation and online backups) and you have a solution that protects you both from hardware failure and from data corruption. In security talk, you've covered integrity and availability.
Combine this with some reasonable amount of tunneling/encryption, and by virtue of keeping the solution entirely within the company, and you've covered confidentiality.
We've seen cloud services fail on availability -- a recent cloud storage server was taken offline by law enforcement recently, and everyone lost access to their data, even people who were doing nothing wrong. In the future I predict that we will also see failures in confidentiality as either a cloud service employee is tempted to sell the data they're storing, or someone outside figures out how to pose as a customer and exploit that to access data they shouldn't.
What it comes down to is that outsourcing puts you at the mercy of the outsource company and to a certain extent to the outsource company's other customers. It may work for you. If so, yay! (Said in Jake Lloyd's voice.) I strongly suspect that companies that exploit technology to keep storage in house will, let's say, last longer.
Nobody seriously considers a single 1TB drive to be an enterprise solution to anything. But an enterprise solution has the funds for dozens, maybe hundreds of drives. After all, what is the data worth?
I think you're saying that one strategy for social networks is to always assume that everything you ever say or do or upload online will be accessible by the press, law enforcement, your boss, worst enemies, friends, and loved ones. It's arguably a good strategy if a little confining.
I would like to say that even though I keep things locked down (except for stuff like photo albums that I deliberately choose to share with the world), I certainly don't depend on Facebook security to hide illegal or unsavory practices. (For reasonable values of "unsavory".) I mean, my mother, my daughter's former day care provider, and a former boss are in my friends list. Posting photos of me using a bong would not be in my best interest even with security turned on.
What I was referring to, and something that apparently didn't come through (based on the other response) is that your personal information, not the stuff that would embarrass most people but just your basic life history, can be used against you in several ways, not the least of which, in social engineering where someone poses as a friend or family member with enough background information to make them believable.
Moreover, there may be legal ramifications that are non-obvious. IANAL, but it seems to me that if push came to shove, the fact that you put security measures in place and at least had an expectation of privacy which the other party had to actively circumvent, might put you in a better legal position.
And finally, there's the social aspect. Sometimes we need to discuss things that might be damaging or at least inconvenient to others, and I think we have an obligation to at least make the information difficult to capture.
Parenthetically, my daughter (17) was a very early adopter of Facebook, but she depends on me as her sysadmin and has no problems with me accessing her account. In return, I trust her and don't feel the need to dig into her stuff.
Except once when a friend was taken in by an older man posing as a teenage girl, and as a precautionary measure I went through all of daughter's contacts whom I did not know personally, looking for clues that they might not be what they seem. I didn't find anything suspicious in that respect, but what I did find makes me not ever want to do that again. Hormonal teenage girls posting information and photos that were *way, way WAY* too personal to all and sundry, many of them with no security measures in place whatsoever. It was like Gaaaaa no no no dismiss dismiss delete browser cache.
Along those lines, I am surprised that people aren't more concerned about Facebook as a rich hunting ground for sexual predators. And again, it seems to me that the fact they had to break into someone's account to scoop their stuff would put the prosecution on better footing.
The point being, the argument that he's just a kid being stupid is something a defense lawyer may be required to say, but I don't see it as a winning argument.
I'm sorry I didn't think this was that hard to understand. 18 years old is not a "boy" who "does stupid things" in a legal sense, which is what's important in a legal case. He's an adult who's responsible for his actions.
You've got a point about alcohol, and I agree it doesn't make a lot of sense, but 18 years is old enough to sign a contract, fight a war, and be legally responsible for your actions, the last part of which is what's important in this case. If we as a society don't like that, we should change the law.
Um, what the hell are you talking about?
I mean "social engineer" as in the technique of "social engineering" to steal someone's stuff. Like researching your victim ahead of time so you can pose as a friend or relative and make it sound legitimate. What did you mean?
18 years old != "boy", except in the colloquial sense.
> When it comes to privacy, 58 percent of social network users set their profile to private so that only friends can see it.
This should be 100%. I suspect the other 42% don't know how or don't understand the ramifications. (Mild hyperbole, but you know what I mean.)
I understand there's problems with Facebook privacy but if you're going to play at all, you have a responsibility to protect yourself. Just my opinion.
It's also important not to poke "accept" for every friend request you get, without first doing due diligence. If you have one friend in common, that may only mean that your friend may have been stupid enough to click "accept" to a potential social engineer without checking.
I photograph events and travel, and those albums are open. The rest is closed off. Not because I'm "hiding anything", (this is *facebook*) but because there are things I'd tell my friends that I wouldn't tell the general public. I review my privacy settings periodically. I don't do optional Facebook applications, ever. I don't do Facebook games, ever. I don't repost Facebook "forwards", and I will block someone if that's all they're doing. I have lively discussions (in our own words, not cutting and pasting someone else's) with a circle of friends, we share ideas and have some heated arguments, and that's a good thing -- in my opinion, it's the "social" in social networking. The rest is the electronic equivalent of stuffing an envelope with magazine clippings.
I believe that women are more likely to unfriend, but I wonder what the statistic is for blocking. I have less than 200 friends, small by Facebook standards, although I've met most of them and about 25% of them would help me move (and 2 or 3 would help me move a body -- although they'd want to know who's first) and of those I've never unfriended someone no matter how obnoxious. I *have* blocked them from my news stream because they're irritating, natter on too much about nothing (a characteristic of Facebook it seems) or repeatedly try to bait the community out of some desire for attention. These "junk" postings get in the way of the people on my friends list whom I *want* to read.
It doesn't seem right to unfriend. It seems snarky -- a personal insult. Blocking them from my news stream is more like, I haven't taken you out of my address book, but I probably won't be calling you. It would have been interesting to find out if this is a male vs female characteristic. Something like: Given it's time to end the relationship with another person, women are more likely to break up publicly, whereas men are more likely to simply ignore.
I've noticed repeatedly that a personal friend or acquaintance will jump on, friend everyone in sight, load up a bunch of applications, play a bunch of games, and then suddenly disappear. I've asked some of them later about that, and some have said it takes too much time (I can see that) and others have said they lost interest (reasonable also) but many have said that they became alarmed at the lack of privacy. It's almost like there was an event that shook them up and they dropped out. Social networks are hot right now -- generally accepted -- but I wonder what people's perceptions will be in ten years time.
Social networks are like any tool -- you can use it to get work done, or you can use it to poke your eye out. If you're not willing to learn the tool, you shouldn't be surprised at the consequences. There is no "walled garden" social network as far as I know. It's like the rest of the internet -- raw, fertile, potentially dangerous. The knife is sharp; it's important to point it in the right direction. But sometimes a spork just won't do.
So how long did you stand in the rain for your 4s?
Man, that really ruined the joke. I didn't notice the page updated and replied to the wrong article. Boy is my face red.
Move along, nothing to see here, just experimental conversation.
Yeah, the iphone is more expensive than any of the other suggestions here, but you'll love it. Nothing spells success like pulling out your iphone to make a call. And another advantage is that there's a new version every two years!
Join us. Joooooinnnn Ussssss. Braiiinnsssss....
So, again, we have seven administrators in the school system for every teacher. Does that seem proper and efficient to you?
The current educational budget in my state works out to roughly $12,000 (US) per child per year, making it the single largest budget item in the state. If that's not enough, what is?
I don't think that's the point. The point is to protect the school system from legal and public hassles when underage porn is found on the school network. Even if it's entirely a student's fault that it's there, the school still takes the hit in the media and courtroom.
You can't stop sexting. At best you can try to keep it off your own machines.
I'm not sure I follow. Are you saying it's the Republicans fault that they can't fire teachers, principals or superintendents?
I don't know where you live but my experience doesn't follow that. I live in the most liberal part of a deep blue state and they're closing entire schools. Parents are pissed beyond imagination, but the area just doesn't have the money, a product of the economic downturn, driving businesses out of town with uncompetitive taxes and fees (losing their tax base) and plain old waste. The single largest budget item in the state is education, (to the tune of $12K per student per year last time I checked) but somehow that doesn't translate to much funding by the time it gets to the classroom. I'm told that the ratio of administrators to teachers was three to one when I moved here and is now something like seven to one. I'm pretty sure there are some unnecessary personnel in there somewhere, but the problem seems to be that it's the unnecessary people who get to choose.
Seeing as how we couldn't field a Republican mayor, governor or congress critter to save our lives, I'm having a hard time laying this at the Republicans feet. It'd be convenient, though, I'm sure.
> Protecting the children is absolutely a necessary thing to be doing, and I can not agree more with the general sentiment. However I don't see that lack of network access is going to affect the children's ability to traffic in sexting or other similar acts, only cover the ass of staff when it happens on school grounds.
My understanding is that this is precisely the point. The rule is not to protect the students but to provide legal protection for the staff.
So, what I'd do in that case is:
A) Set up a domain, and cut off all the Dust Bowl laptops from the school network, period. If they want access to resources, they must turn in their laptop to be re-imaged. Period. There, I just made it work.
Or
B) Quit. Because I don't want that stain on my resume.
I don't see any other solution.
Dunno about where you went to school. My daughter (HS senior) can bring her own laptop and other electronic devices to school, but they are absolutely forbidden from connecting to the network.
I think this is partly because of exactly what MrQuacker was talking about -- the possibility of sexting or other inappropriate materials getting on the school network from students. (Staff is a different matter.) The organization protects themselves from abuse by the legal system by forbidding all but school property to connect to the school network.
One domain, and every resource accessible from that domain, would seem to solve the problem. It has the side-effect of not allowing cheapie home edition laptops to join the network, which gives IT leverage to get the equipment imaged properly.
Well, somewhat along those lines you could legitimately argue that the "windows 7 dust bowl edition" does not meet the organization's security standards (because it won't join a domain).
Speaking of which, how can these low end winders laptops use school resources if they can't log into the company domain? You *are* using active directory, aren't you? Please tell me you aren't just leaving everything open.
It seems the natural outcome of this would be giant fire-extinguisher sized containers in each corner of the building regularly spritzing caffeine into the air to generally improve employee output. You could even hide the canister behind ceiling tiles. Just another service provided by your company.
Ok, I used to do technical competency testing for backup solutions. I've written papers on it. Most of the tracking and recovery is done in software these days. Has been for years. If you're keeping spreadsheets to track which box to get back, you're doing it wrong.
Geosynch means synchronizing your data with a geographically remote location. This does not necessarily protect you from data corruption, but it does protect you from hardware failure. This is easiest to do for companies with offices in remote enough locations (from each other) to qualify as "geographically remote". (Defined as remote enough that a natural disaster in one location would not affect the other location.)
"Online backups" occur when data is replicated in some reasonable fashion to a storage appliance. The appliance serves as your "backup server" and restore is similar in operation (may even use the same tool) as with a big tape library, except with immensely greater capacity, and no manual labor walking the aisles looking for a particular set of tapes. This protects you from data corruption.
Combine the two (geolocation and online backups) and you have a solution that protects you both from hardware failure and from data corruption. In security talk, you've covered integrity and availability.
Combine this with some reasonable amount of tunneling/encryption, and by virtue of keeping the solution entirely within the company, and you've covered confidentiality.
We've seen cloud services fail on availability -- a recent cloud storage server was taken offline by law enforcement recently, and everyone lost access to their data, even people who were doing nothing wrong. In the future I predict that we will also see failures in confidentiality as either a cloud service employee is tempted to sell the data they're storing, or someone outside figures out how to pose as a customer and exploit that to access data they shouldn't.
What it comes down to is that outsourcing puts you at the mercy of the outsource company and to a certain extent to the outsource company's other customers. It may work for you. If so, yay! (Said in Jake Lloyd's voice.) I strongly suspect that companies that exploit technology to keep storage in house will, let's say, last longer.
Geo synchronization. I used to teach that. It works really well. Really, these solutions are well known.
Nobody seriously considers a single 1TB drive to be an enterprise solution to anything. But an enterprise solution has the funds for dozens, maybe hundreds of drives. After all, what is the data worth?
Exactly.
Google should have that much under the couch cushions.