¿Publicar fotos puede poner en peligro a los niños?

Las fotos se han vuelto parte fundamental de las redes sociales y el producto principal de muchas aplicaciones. Aunado a esto el servicio de agregar una ubicación geográfica  tan específica a estos elemento, puede llegar a incluir coordenadas geográficas se ha añadido a muchas de estas aplicaciones relacionadas con la publicación de fotos en Internet o edición de las mismas. Instagram y Flickr son buenos ejemplos.

Pero, ¿realmente sabemos lo que implica agregar una ubicación geográfica a nuestras fotos publicadas en el Internet?

En Febrero 2012 el Journal Internacional de Seguridad Electrónica y Forense Digital  publicó  un estudio que contabiliza el número de imágenes que tenían etiquetas de geolocalización para 50 de los códigos postales más caros de las mejores zonas residenciales en los EE.UU.  Los resultados mostraron que gran número de fotografías, de distintos usuarios de la red de Flickr, compartían la misma zona geográfica y contenían repetidamente los rostros de niños. Esta información podría ser utilizada para localizar la casa de un niño u otro, en  base de la información pública disponible en Flickr. Es un estudio que tiene 4 años de antigüedad y la penetración a las redes sociales no se había propagado tanto como lo ha hecho los últimos años.

No cuento con cantidades para lanzar una estadística y afirmar que muchos de los padres de estos niños no conocen las implicaciones de privacidad al compartir las fotos de sus hijos en otras redes sociales como Facebook, pero estimado lector, yo le pregunto ¿cuántos de nosotros no tenemos como foto de perfil la foto de nuestra familia, amigos, niños y sobrinos?  ¿Les parece familiar esta conversación?

¡Ay! ¿Ya viste mi foto de perfil? ¡mírale, es mi sobrino que sale divino en la foto de su cumpleaños!  Etiquetado el 7 de abril 2015 en el salón de la quinta avenida segundo piso local a.

Si bien, Facebook y Flickr tienen propósitos diferentes, debemos ser cuidadosos al agregar una foto con ubicación geográfica, finalmente seguimos teniendo el control sobre qué y cómo publicar ¿No creen?

Debemos entender los riesgos y también comunicárselo a nuestros niños. La geolocalización en redes sociales es un atributo que podría atentar contra nuestra privacidad digital. Nótese y enfatizó que he dicho “podría” ya que si ajustamos nuestros filtros y hacemos consciente el acto de revisar las solicitudes de amistad de las personas a las que agregamos a las redes sociales, se podría reducir el riesgo, porque dejenme les digo que siempre va a ver, es una premisa de la seguridad digital. Asumir que va a haber riesgo, pero controlar lo que está a nuestro alcance es nuestra labor.

With help of reports, IT leaders could analyze end-user issues and needs, to be responsive and implement solutions – a collab with @ComputerWorld

I feel so honored to collaborate with Computer World. Along with 10 other influencers of the Information Technology industry, we provide advice on how IT can improve the relationship with their End Users. My opinion is stated below:

Technology Helping Technology

Systems Engineer Martha Cisneros points out that data from help desk solutions can be brought to bear.

“Service Desk reports, a.k.a. Help Desk Software reports, are valuable enterprise applications that can provide insights into end users’ needs if they are properly configurated,” she says. “Reports should provide great insights into the needs of end users. Information is power, hence with quality reports from Service Desks, IT leaders could analyze end-user issues and needs and be responsive to implement solutions.”

Read the full article here

End Users Are Speaking: it's IT Turn to Listen
End Users Are Speaking: it’s IT Turn to Listen

 

Prefixes of the Net-Driven Economy e‑ / virtual / cyber / digital or net ?

The prefixes e‑ / virtual / cyber / digital / net are used to describe various ICT/Internet developments. Typically, they are used interchangeably. Each prefix describes the Internet phenomenon.

Yet, we tend to use e‑ for commerce, cyber for crime and security, digital for development divides, and virtual for currencies, such as Bitcoin. Usage patterns have started to emerge. While in our everyday language, the choice of prefixes e‑/virtual/cyber/ digital/net is casual, in Internet policy the use of prefixes has started to attract more
meaning and relevance.

Let’s have a quick look at the etymology of these terms and the way they are used in Internet policy. The etymology of ‘cyber’ goes back to the Ancient Greek meaning of ‘governing’. Cyber came to our time via Norbert Weiner’s book Cybernetics, dealing with information‑driven governance. In 1984, William Gibson coined the word cyber‑space in the science‑fiction novel Neuromancer.

The growth in the use of the prefix ‘cyber’ followed the growth of the Internet. In the late 1990s, almost anything related  to the Internet was ‘cyber’: cybercommunity, cyberlaw, cybersex, cybercrime, cyber‑culture, cyber… If you named anything on the Internet and you had ‘cyber’. In the early 2000s, cyber gradually disappeared from wider use, only remaining alive in security terminology.

Cyber was used to name the 2001 Council of Europe Cybercrime Convention. It is still the only international treaty in the field of Internet security. Today there is the USA’s Cyberspace Strategy, the ITU’s Global Cybersecurity Agenda, the North Atlantic Treaty Organization (NATO) Policy on Cyber Defence, Estonia’s Cyber
Defence Center of Excellence …

Cyberpunk author and Wired columnist Bruce Sterling had this to say:

I think I know why the military calls it ‘cyber’ — it’s because the metaphor of defending a ‘battlespace’ made of ‘cyberspace’ makes it easier for certain contractors to get Pentagon grants. If you call ‘cyberspace’ by the alternate paradigm of ‘networks, wires, tubes and cables’ then the NSA has already owned that for fifty years and the armed services can’t get a word in.

‘E’ is the abbreviation for ‘electronic’. It got its first and most important use through e‑commerce, as a description of the early commercialization of the Internet. In the EU’s Lisbon Agenda (2000), e‑ was the most frequently used prefix. E‑ was also the main prefix in the WSIS declarations (Geneva 2003; Tunis 2005). The WSIS follow‑up imple‑
mentation is centred on action lines including e‑government, e‑business, e‑learning, e‑health, e‑employment, e‑agriculture, and e‑science. Nonetheless, e‑ is not as present as it used to be. Even the EU has been distancing itself from using e‑ recently.

Today, the EU works on implementing a Digital Single Market Strategy.18 Digital refers to ‘1’ and ‘0’ – two digits which are the basis of whole Internet world. Ultimately, all software programs start with them. In the past, digital was used mainly in development circles to represent the digital divide. During the last few years, digital has
started conquering Internet linguistic space. It is likely to remain the main Internet prefix. Jean‑Claude Juncker, President of the European Commission, used the ‘digital’ prefix 10 times in his initial speech at the European Parliament, presenting his policy plan for the five‑year mandate. In addition to the EU, Great Britain now has
digital diplomacy, and an increasing number of diplomatic missions have a dedicated person for digital issues, usually covering them transversally.

Virtual relates to the intangible nature of the Internet. Virtual introduces the ambiguity of being both intangible and, potentially, non‑existent. Virtual reality could be both an intangible reality, (something that cannot be touched) and a reality that does not exist (a false reality). Academics and Internet pioneers used virtual to highlight the
novelty of the Internet, and the emergence of ‘a brave new world’. Virtual, because of its ambiguous meaning, rarely appears in policy language and international documents.

Today, there is truce in the war for prefix dominance. Each prefix has carved its own domain, without a catch‑all domination which, for example, cyber had in the late 1990s. Today, cyber preserves its dominance in security matters. E‑ is still the preferred prefix for business. Digital has evolved from development issue use to wider use by the government sector. Virtual has been virtually abandoned.

 

Source: 7th edition of An Introduction to Internet Governance.
You can download the book using following links:
English version: www.diplomacy.edu/sites/default/files/AnIntroductiontoIG_7th%20edition.pdf
Spanish version: www.diplomacy.edu/sites/default/files/IG2016_7th_ed_ESP.pdf

What does #InternetGovernance mean?

During The World Summit on the Information Society (WSIS)1 came up with the following working definition of Internet governance:

Internet governance is the development and application by governments, the
private sector, and civil society, in their respective roles, of shared principles,
norms, rules, decision‑making procedures, and programmes that shape the
evolution and use of the Internet.

Source: 7th edition of An Introduction to Internet Governance.
You can download the book using following links:
English version: www.diplomacy.edu/sites/default/files/AnIntroductiontoIG_7th%20edition.pdf
Spanish version:
www.diplomacy.edu/sites/default/files/IG2016_7th_ed_ESP.pdf

Please, do not share your passwords over an open wireless network.

Would you share the keys to your house to a complete stranger? Well, I thought I was never going to do it, but I did. Moreover, I am not talking literally about the keys to my real house, but rather to the essentials of my digital life, meaning the password of my email account. At the time, I was using just one password for almost all: different social networks, banks, and email. For that reason, the intruder, who got my password from an open wireless network at an airport, gained access to a bunch of my private matters such as conversations with my friends and family, my Instagram, my Facebook. When I noticed I there was a problem with the keys of my digital world, it was already too late. My friends were receiving awkward messages on Facebook and transactions in a Chicago pizzeria started to post, while I was in New York.

How could that happen to me Graduate Engineer in Information Systems with a specialization in Software Engineering? Well, dear and appreciable reader, feel free to catalog me as part of the ‘Millennials’ generation that does almost everything on the Internet, from date order food, communicate, work and study. I trusted an open wireless because it was free and of course, I didn’t need a password to connect to it. The public open wireless was so inviting, that after I joined to it, I shared my passwords deliberately and paid the consequences. After that, I  implemented second-factor authentication in my email account and bank accounts.

We are in the historical era in which data protection and feelings play a significant role in the transmission of information. We are changing the way we collaborate; technological changes are so vertiginous that we do not measure the consequences. We trust open networks, and we also share our entire life on social media. Please my fellow reader, if you feel the urge of checking your email or do a bank transaction at an airport, or in a coffee shop, just don’t do it. Open wireless networks are useful for checking  Instagram or read the news-feed of Facebook, checking the weather, but that is about it.

Encrypt your private information

Granting privacy as a human right is a shared responsibility that should continue to take place in the digital world. In America, there is still no federal regulation that strengthens the right to privacy in cyberspace. Nonetheless, private companies such as WhatsApp have been working on the enforcement of encryption. Encryption policies are a considerable step forward towards granting privacy in the digital world. Mr. Tim Berners Lee, the inventor of the world wide web, shared on an op-ed about his concerns which he believes “we must tackle for the web to fulfill its true potential as a tool that serves all of the humanity“(2017). One of Mr. Berners-Lee concerns is precisely the “collaboration with – or coercion of – companies, and governments are also increasingly watching our every move online and passing extreme laws that trample on our rights to privacy” (2017).

For instance, the U.S. Government has been trying to implement mass surveillance while gathering data shared throughout the web. According to a leak revealed by WikiLeaks, the CIA has not cracked either Signal or WhatsApp yet, but that they instead rely on physical access to get into individual devices surpassing the application encryption. Overall, if a “single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike”(WikiLeaks, 2017). The cyber warfare tools such as virus or Trojans are deployed indistinctively, but we the people will continue to play a significant role as gatekeepers of our digital world. The web is fed by the information that we, share across devices and networks. We have to minimize the risk and do as much as we can, and pledge and ask for transparency to our governments on this matter.

Even when the importance of privacy in the information systems and communications is still at its stake, we, the people, have to be responsible and think of ourselves as primary gatekeepers of our digital life. Caring for personal information has always been important, but extrapolating that behavior into a digital life has not been straightforward yet. As we embrace a conversation about privacy on the web and as we are more aware of the risks of sharing personal information over public and open networks, the paradigm shift is on the way. Remember, just as you put a lock on the door of your house and the same way you take care of the keys, you should also consider attention, at least, of the passwords of your digital life.

References

WikiLeaks (2017). Vault 7: CIA Hacking Tools Revealed. Retrieved March 9, 2017, from https://wikileaks.org/ciav7p1/

Berners-Lee, T.(2017).”I invented the web. Here are three things we need to change to save it”. The Guardian. Retrieved March 19, 2017, from https://www.theguardian.com/technology/2017/mar/11/tim-berners-lee-web-inventor-save-internet

WhatsApp Inc.(2017). End-to-End Encryption. Retrieved March 19, 2017, from https://www.whatsapp.com/faq/en/general/28030015

Note: This is a study/work related Open-Ed for course Communication in Public Settings PAF 9103 as requisite for Master in Public Administration and Public Policy at Marxe School of International and Public Affairs.

Do you know which types of network attacks are out there? #Privacy #CyberAware

A key aspect to any war is to get to know your enemy. Hence, is important to know which ones are the most common kind of attacks that are out there. However, the below list of network attacks is a basic-kind-of network-attacks list, and since technology is always changing more attacks are created and evolving every day.

  • Social Engineering: in an attack in by which the attacker manipulates people who work in a capacity of some authority (including the authority capacity that you have over your own data).
  • Dumpster diving: is an attack by which a dumpster diver would look through trash and other unsecured materials (including the recycle bin of your laptop or server)
  • Password cracking: the attacker wishes to gain authentication (and authorization) to network resources by guessing the correct password
  • Flooding: A flooding attack can overwhelm the processing and memory capabilities of  a network system or a server
  • Spoofing: is any attempt to hide the true address information of a node and usually associated with IP spoofing is not always an attack
  • Birthday attack: any attack based on favorable probability
  • Buffer overflow: is very common when attacking application level servers and services. Basically a buffer is a memory stack that has a certain holding size. Through a specifically and maliciously crafted packet, information can overflow in that stack, causing a number of problems. Some buffer overflow result in a simple denial of service while others can allow for system compromise and remote takeover of a system. Patches are usually issued to defend against specific buffer overflow issues.
  • Sniffing: an attack in which the attackers “sniffs” information, either off the media directly or from a regular network traffic. In order to compromise the confidentiality or integrity of the information*

If  you  know any other type of attacks I will encourage you to share in the comment section below.

 

Copy of Infographic – 7cyberattacks

Source: information subtracted from COMPtia Security+ Training Book.

I’m sorry #GoogleHome for the moment I will stick to Alexa

Two weeks ago we visited the Amazon Retail store located at Columbus Circle in NYC. I was very much attracted to the store and indeed as I read in other reviews it reminded me of a Barnes and Noble experience -memories-. However, everything changed as my fiance started to use the Amazon Echo Dot and interacting with our known AI friend Alexa. I was attracted by the variety of Amazon Home Devices and decided to purchase the Amazon Echo dot that was only $49.00 us dlls. I very much enjoyed the sales experience paying with my Amazon App. I got home and configured Alexa to interact with Amazon Fire Stick, Spotify and a few other skills that I have been enabling as time goes on.

But yesterday -since I work at Soho- … my colleagues started gossiping about the Google Home Doughnut Store in West Broadway. Since then, they have been visiting the pop-up-store like five times a day to get a Google Home device. Apparently, you have to do a long line to participate in a kind of raffle and get a box of doughnuts or a Google Home device that according to their marketing campaign ‘is of a size of a doughnut’, moreover, is free. I will stick to Alexa since I’m really don’t like doughnuts, and  not yet  Google Home devices.

Infographic: Amazon's Alexa Is a Fast Learner | Statista You will find more statistics at Statista