Skip Links

Privacy Alert: 10 Biggest Threats of 2010

Google's Wi-Fi spying, Apple's iPad e-mail leak, Facebook's Wi-Fi jacking--just how serious are these privacy threats?

By Dan Tynan, PC World
December 27, 2010 08:30 PM ET

PC World - 2010 could go on record as the year the privacy mess hit the proverbial fan.

Companies such as Apple, AT&T, Facebook, and Google all got nailed for sharing users' personal data in big ways, accidentally or otherwise. Police officers were caught tracking people's movements via cell phones, while Web advertisers tracked surfers' virtual movements via hard-to-kill cookies. Schools spied on their students, mobile apps spied on their owners, and the feds caught heat for getting a little too personal with their security searches.

But the biggest privacy headlines of 2010 weren't necessarily the biggest threats, while some lesser-known incidents had far more serious implications. How dangerous are these privacy issues to you? In this rundown, we use the Department of Homeland Security's threat level system to rate the threats, and we provide suggestions on how you can protect yourself.

Be careful out there.

1. Google's Wi-Fi Spying

Threat Level: GREEN

Google's Wi-Fi spying debacle didn't start out evil. By using its Street View vans to map out open Wi-Fi networks, Google could provide better location data to mobile users. If you use Google Maps from your phone, it could employ nearby wireless networks to determine where you are, no GPS required.

The problem: Besides the Wi-Fi network's name and location, Google's Street View vans were accidentally slurping up unencrypted data--including user passwords and e-mail messages. Over three years, Google gathered 600GB of extra data in more than 30 countries, resulting in international sanctions, civil lawsuits, and an FCC probe.

Even so, the impact on average consumers is minimal, says Peter Eckersley, senior staff technologist for the Electronic Frontier Foundation. You're in greater danger of being spied on by nosy neighbors or creeps parked outside your house.

The solution: Password-protect your wireless network (duh) and use encrypted HTTPS connections to browse the Web when possible (see item #3 below).

2. The iPad E-Mail Leak

Threat Level: GREEN

If you bought one of the first Apple 3G iPads, an obscure security group may have purloined your e-mail address.

Last June, Goatse Security exploited a hole in AT&T's Website that displayed an iPad owner's e-mail address when it encountered an HTTP request containing that user's ID number. Goatse flooded AT&T.com with URLs containing random 20-digit numbers and collected 114,000 e-mail addresses of iPad owners. It then shared a few of them with Gawker.

The good news? The Goatse hack didn't reveal passwords, so the group couldn't access information beyond your name. And you're in select company--ABC's Diane Sawyer, New York Mayor Michael Bloomberg, and top government and military officials also had their addresses stolen.

The solution: None needed. AT&T quickly closed the hole--and if a spammer wants your e-mail address, there are easier ways to get it. So is the iPad magical and life-changing yet?

3. Facebook Wi-Fi-Jacking

Threat Level: YELLOW

Updating your Facebook status from a Wi-Fi café? A stranger can log in to your account and pretend to be you. Blame Firesheep, a free Firefox plug-in that captures login cookies as they fly by unencrypted. Programmer Eric Butler wrote the program to demonstrate how much data people send "in the clear" without realizing it. Using Firesheep, a hijacker can access your account on Facebook, Twitter, and two dozen other sites. Any information you thought was private now isn't. Feeling naked yet?

Originally published on www.pcworld.com. Click here to read the original story.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News