Google and privacy

Concerned about trusting Google with all of your personal data?Perhaps you should think more about it.The success of Google as a search engine, mail service, advertiser, social networking site, and now a rss aggregator makes it a question worthy of consideration.ld you want to know? What can you do about it? Read on.It has been brought up in the past in reference to Google Desktop, amounts of user-specific data available for prosecution and government, past changes in Google’s privacy policy, and in general by the limited number of players in the search engine market..The Wikipedia article on Google and privacy issues goes on to mention:Some critics have pointed out the dangers and privacy implications of having a centrally-located, widely popular data warehouse of millions of Internet users’ searches, and how under controversial existing U.S. law, Google can be forced to hand over all such information to the U.S. government, or any other government of a country which Google serves.This should be worthy of pause for anyone.So Google has all these services you enjoy. Can you still use the internet without surrendering too much information to Google?I believe you can to a degree.For instance, you like to use that seach bar in your browser?

Read Article →

SEO blog defacements

Jeremy Schoemaker asked me to write up a little something regarding the recent string of SEO web defacements for a non-technical audience which he posted in his blog.The SEO industry is very focused on being SEOs.Like many professionals, many attempt to avoid time consuming activities that are not core to their business…. This is a perennial theme of information security writings and I myself have touched on itWeb defacements are nothing new, but the media attention to SEO superstars is notable and makes their online presence an attractive high-value target. The recent mass defacement of SEO wordpress blogs that was launched from a technical adversary using tor is an example of what has become a not uncommon occurrence.What can SEOs, and bloggers in general, do to lessen the risk of public embarrassment from defacements, hacktivism, and information leakage?… (For example, the bugfix for Wordpress v2.0.6 addressed a correction for those webservers that had left register_globals set to “on.” Not recommended in the first place.)Hardening the web services themselves with security modules.Use of a NIDS or HIDS that will actively block or alert upon detection of questionable behaviors.All of these methods involves time and resources that could best be applied to doing what they do best, in this case, being a SEO.

Read Article →