Posts Tagged ‘Privacy’

Whether you Like it or not. Facebook can follow you on the net.

… So, even that I did not press the Like button, I have already sent Facebook my user-name. So that theyโ€™ll show me who of my friends liked this piece… Using this information, Facebook can tell exactly who of their users visited any Like-embedded page…

I checked my browsing history a couple of days ago. More than 90% of the pages I browsed – had Facebook’s Like button in them. I’m pretty sure much of the Internet population feels like this lately.
What I didn’t realize, was the depth of analytics Facebook is gathering nowa days, well beyond anything possible before. Facebook do not share this information with website owners, not to mention the site visitors (= us), and it is gathered in a somewhat obscure way.
Assuming that I’m a website owner (whether I’m Joe Shmoe or Ted Turner), I have access to some very good metrics using simple tools like Google Analytics:
Current analytics give the site owner a good, but limited view of its visitors
Still, even as a site owner, the information I have access to – is quiteย anonymous. IP addresses can give me a hint about the location of my visitors. I can see my visitor’s search queries from Google, and analyze trends to optimize advertising campaigns.
I don’t quite know who exactly my visitors are.

Facebook changes the game, and they were not quite clear about this (ahm).

As a surfer – I did not opt-in for this, and to “opt-out” – I have to log-out from Facebook all the time.
As a website owner – I get from Facebook only limited analytics about the people who Liked my pages. And I did not realize how much information I gave Facebook by embedding that Like button…
Facebook – can now get a Very detailed view about the visitors of any “Like-embedded” page – whether those visitors “Liked” that page or not.

Facebook is “doing us a service”

They show us who of our friends already liked this page that we’re currently looking at.
To do this, they obviously have to know who we are, right?
So, even that I did not press the Like button, I have already sent Facebook my user-name. So that they’ll show me who of my friends liked this piece…
Using this information, Facebook can tell exactly who of their users visited any Like-embedded page:

How Facebook can look at pages. Visitors don't have to "Like" the page, to get logged...

We do not even have to be logged in to Facebook. We may have last logged in to Facebook more than a week ago. Theoretically, we may have even logged out(!).
I know this was already discussed here. (Thanks Assaf Sela). But I think that the full implications of this are not clear yet.
I also know that in a similar way Google can do this with their various products, and so can many other ads and services for website owners.
Facebook’s access to our network of connections and personal information is the thing that is new and somewhat troubling here…

What can be done?

1) Like this page – to let your friends know about this… Hehe, I love the irony of this ๐Ÿ™‚
2) Re-Share this page… Sharing is stronger than “Liking” with regard to spreading the word out…
3) I’m looking for Firefox and Chrome add-ons that will block this information from Facebook… Maybe something similar to the Google Alarm offered here: http://fffff.at/google-alarm/
4) (Update:) AdBlock can be used to remove the Like altogether on Firefox, as mentioned here: http://superuser.com/questions/144973/blocking-facebooks-like-button-in-firefox



Bookmark and Share

How BlueTooth helped me turn my Nokia into a nifty spying machine


Having your Blue Tooth turned on is like walking down the street yelling your Social Security Number Having your BlueTooth turned on is like walking down the street yelling your Social Security Number

A year and a half ago I was playing around with my (then new) Nokia 6120 Bluetooth, 3G and python capabilities, when I figured out that I could create a pretty nifty spying machine, with some very little effort.

It began with a simple Bluetooth scan. Every 60 seconds my script wrote into a text file a simple line for each Bluetooth device it encountered around it – something along the lines of:

TIMESTAMP, BT-MAC-ADDRESS, PROFILE-NAME, …

It took me about 4 hours to find a proper Bluetooth programming library, and figure out how to python on S60. Then, scripting was simple. Happy about my new creation, I started the program and cheerfuly went home. When I arrived my home-computer and looked at the text file – I was in a bit of a shock. Apparently in a 10 minutes walk down Rothchild street in Tel-Aviv – I harvested more than 30 MAC addresses of people who had their Bluetooth on. Many of them had their full name now in my text file. Not bad. And this was 1.5 years ago.

Then the fun began.

For each line that I wanted, I added Tags.

When my script started, it now read all the lines – and for those with tags – it saved the MAC addresses in a lookup table. Now, whenever a new MAC was found – it was looked up in the lookup tabe, and if tags were there – the phone started to sound a special beep, and wrote on the screen the tags that I added to this MAC address.

So, all the people from the Rothchild strolling were tagged “Rothchild”. All the people from a Pub I went to that day – were tagged “Mish Mish”, and all the MACs from the supermarket were tagged “Suppermarket”.

Whenever I bumped into one of these people again (and the script was on) – I got a nifty alert: “There’s someone around you with the tags “Supermarket” and “Mish Mish””. I could also know when was the last time I tagged them.

But this is not the end of the story.

I later added some 3G capabilities. I tagged people at work with some special tags. Back then, I tried out Grubb.net as an online todo list. So, whenver I encountered one of the people from work that I wanted to do something with – my phone handed me the specific todo items – appropriate for the context I was in. Not bad.

"Celeb me" could be used also as a productivity tool...

"Celeb me" could be used also as a productivity tool...

I still don’t have a GPS on my phone, but I figured out that tagging could be really fun with a GPS. I can mark areas on Google Maps, and whenever people were encountered in one of the marked areas – their MAC addresses could be automatically tagged. So the people from the Amado building in my university could automatically get tagged as a high probability of being engineers of some sort. And whenever I encountered that girl from the psychology building, my phone could alert me with a proper pickup line – something like “Didn’t I see you 9 months ago in the such and such” building? ๐Ÿ™‚

So far – everything is legal. Now, for some illegal ideas that I had in mind. (Not that I would ever implement any of them).

I could store the MAC addresses together with the tags, on a designated website. 3G internet traffic is pretty cheap, so it’s Very much possible to query the DB for each new MAC I encounter. This allows me to share tags with my friends. Now, without ever meeting somebody – I can get the tags that my friends has given to this guy. “This MAC with a profile name “David Nokia6120″ was tagged by Tal at Eran’s school 3 months ago”. I’d never do such a thing, but you have to know that this capability should take me about 8 hours to implement. And I’m not a proficient python programmer.

Next – matching up people’s MAC addresses with their Facebook profiles. Imagine you could browse their Facebook profile just because any of your friends had matched this MAC address with that specific Facebook ID.

Another idea was a service called “Celeb Me”. Imagine that anytime you walked down the counter of any Starbucks – they’d know the type of coffee you always drink and how much sugar you drink in it. Wouldn’t that be neat?

Some drawbacks of this script:

  • I don’t know exactly who is it around me who has got that BT MAC address I’m looking at. Using RSSI data is somewhat problematic.
  • This script uses the BT, 3G, and could also use a GPS. All of these capabilities drain the battery really fast.

The technicalities:

  • The script is run using Python S60 version 1.4
  • I used a library called lightblue. The latest release didn’t work back then, I had to use the one before that.
  • I connected to the Python using the Bluetooth console and hyperterminal.
  • Copying the files in and out of the phone took me quite an effort back then… Nokia decided to make life not easy for people who aren’t paying them for their libraries.
  • As you can see, the script is quite short… Could be even more efficient and better written if I wasn’t such a novice in Python ๐Ÿ™‚
  • The link to my crude-but-working script:

Celeb Me source screen shot

And some final thoughts:

  1. People who walk around with their BT open – should know that they are actually YELLING a unique ID. This means that they can easily get followed by any Joe Shmoe with very little effort.
  2. This thing totally rocks! It is so much fun, especially showing it off in geek parties ๐Ÿ™‚
  3. I have some funny little stories from playing around with this script, but I’ll leave them for another post.