Funny Foto #38

By Michael Seese

As I was driving home yesterday, I saw this car in front of me.

(Obviously, I blanked out his license plate; I am a privacy professional, after all.) 

Though it's hard to see (for some reason, my camera's flash felt compelled to go off) his license plate frame reads "NOTARY PUBLIC."

So I wondered: how would he react if someone tapped on his window while stopped at a traffic light and asked him to notarize something...

Pre-Election Day Funny

By Michael Seese

Tomorrow is Election Day. So I won't have to post any more snarky comments until 2016. (Though if I adhere to the traditional stumping timeline, I suppose I should start in 2 ½ years.)

I thought this represented the definitive commentary on the whole stinkin' process. 

In several previous posts, I've talked about targeted ads. To state the obvious, a targeted ad is supposed to resonate with me because my browsing habits supposedly have put me into various demographic buckets. 

I see them all the time in the infosec and privacy e-newsletters I subscribe to. I also subscribe to the "Word Of The Day" from Merriam-Webster. 

Here are two of the ads I saw last week:

Hmmm.

What makes the irony even more delicious is that day's word of the day:

Clearly, the universe has a wicked sense of humor. 

As I said last year, remember the old Chicago adage: "Vote early and vote often."

Does anyone care to make a bold prediction as to the electoral vote count? Mine is 298-240. I'm not saying who will win, though...

A Win For The Little Guy

By Michael Seese

I guess I'm just in a pissy mood this week with regard to news from the world of infosec and privacy...

One of my daily e-newsletters contained this link to an article about analytics company KISSmetrics and their use of supercookies to track online behavior. Cookies, as we all probably know by now, a small text files that web sites place on our computers. In many cases, they are necessary; without them, for example, you would have to re-enter your credentials on every page of your online banking site. But all browsers allow you to control cookies. Supercookies, as the article notes, track people online without first notifying them and giving them a choice.

What ticked me off about the article was this passage:

The company also will pay $2,500 each to the consumers who sued -- John Kim and Dan Schutzman -- and around $500,000 to the attorneys who brought the case, according to court papers filed on Thursday.  

Sure...give the wronged parties a few thousand, and give the lawyers 200 times that!

I should have gone to law school!

Feel free to share your thoughts (of outrage).

"Torn Between Two..."

By Michael Seese

... with all apologies to those of you who will now have that sappy 70s song in your head, I read something the other day which, to be honest, leaves me with mixed feelings.

Here is a link to the Wall Street Journal article titled, "Your E-Book Is Reading You"

It's an interesting, short piece. I would suggest you check it out. But the main point is this. If you use an e-reader -- a Kindle or a Nook -- then you obviously know that Amazon or Barnes & Noble are aware of the fact that you downloaded, for example, The Hunger Games.

But did you realize:

- If you read The Hunger Games in a single eight-hour sitting, they know.

- If you read the first ten pages of The Da Vinci Code, and then stop reading, they know.

- If you bookmark or highlight a passage, they know.

The privacy professional in me rates this about a "10" on the "creep-o-meter."

But the author in me thinks, Hmmm. I can't help but be intrigued by comments like "Pinpointing the moment when readers get bored could also help publishers create splashier digital editions by adding a video, a Web link or other multimedia features" and "If you can find out that a book is too long and you've got to be more rigorous in cutting, personally I'd love to get the information."

Hmmm.

Did you know about this?

What do you think?

Please share your thoughts.

My Other Self, Again

Some days, I really do enjoy my job...specifically, the knowledge that comes from being an infosec and privacy professional. For example, here is a spam email I received at work.

In case it's hard to see, it begins:

Hello

I hope you are doing fine. I am checking in to see if you are looking for marketing and data partners/supplier. We are providing b2b and b2c lists with email addresses and other information worldwide. We have 40 million b2b and 250 million b2c records across the world with their email addresses and other details. Here are some of the lists

Chief Executive Officer - CEO Email List    85,000    499 USD
Chief Financial Officer - CFO Email List    56,000    429 USD

....

Though I'm getting ahead of myself, there is a certain irony in the fact that this clown is spamming me with an email to sell me the tools to spam others. 

Here was my reply to him:

Hello --

What a fascinating email.

It's fascinating, because it appears as though have no idea what the Federal CAN-SPAM Act requires of commercial email messages. It mandates (among other things) that:

1. The subject line reflect the content of the message. (I don't think"New Databases" counts.)
2. You include a valid street address. (I don't see one.)
3. You tell recipients how to opt-out of future annoying correspondence from you. (I don't see that either.)

I'm sure that the Federal Trade Commission (CC'd on this email) can fill you in on the rest of the details, including fines and penalties.

Have a nice day,
Michael 

And of course, I really did CC the FTC.

For future reference, if you get a spam email, you can forward it to spam@uce.gov  It helps them if you can show the full header, which usually is an option under your email program's View menu.

Funny Foto #13

There is a lot of talk these days in both the traditional media and cyberspace about targeted ads. I'm sure you've heard of them, but perhaps you are not exactly sure what targeted ads are. Forgive me if it seems like I'm questioning your intelligence; since I work as a privacy professional, targeted ads are something that I read about every day. 

So if you don't know, as the name implies, targeted advertising strives to serve you online ads that are geared toward your tastes, based on your prior browsing habits. The end result, the folks paying the bills hope, is that the ad you see will resonate with you, and you'll buy the product.

For some people there is a certain "ick" factor. They worry that if they surf to a "bad site," they'll get advertisements for "bad things." First of all, those kinds of sites don't advertise on NewYorkTimes.com or Yahoo. Putting that aside, there are benefits to targeted ads. After all, if you're taking a trip to, for example, Boston, would you rather see an ad for a restaurant in Boston, or for a car?

Personally, I'm not sure how big of a threat targeted ads are. After all, as I often say, I can ignore a targeted ad just as easily as I can ignore a regular ad. And, consider the e-mail I got this week. Seeing it makes me think that their targeting systems are not as quite accurate as some people fear.

 

Those of you who know me know that nothing I do in life -- and therefore on the web -- should make an advertising bot "think," This is a good one to show Seese. I know he'll click through, and we'll earn money. In fact, you can see it appeared twice. So they're really off the mark.

If You Can Read This (Anonymously) Thank A Privacy Pro

As I have referenced in other posts, my day job is as an information security and privacy professional. Some of you may be asking, "What exactly does a privacy professional do?"

The answer is, we keep tabs on what the government and businesses are doing when they collect our personal information: how long they keep it, how they protect it, and (perhaps most importantly) with whom they share it. If you want a frightening illustration, here is a link to an article that appeared in the New York Times a few weeks back which goes into great detail about what author Charles Duhigg found out about Target's targeted (pun intended) marketing efforts. Even though understanding the marketing techniques he writes about are a component of my job, I found it to be a real eye-opener.

This article draws from Duhigg's upcoming book, The Power Of Habit: Why We Do What We Do In Life And Business.

If you're concerned, or even curious, about your personal info, you'll want to read at least the article, if not the book.
.

Helping A Fellow Propeller Head Writer

It gives me great pleasure to write this entry. I'm always happy to help out any fellow author, more so if he or she is a friend.

The other day I had a luncheon with the IAPP, a professional privacy organization that I belong to. In attendance were two former colleagues, Jack and Matt.

Early on in the lunch conversation, Matt said, "So I hear you have a book of ghost stories that has been published."

I said, "I do. And a book on infosec."

As it turns out, Matt has written his first book, also on information security, specifically penetration testing. It's titled, "Wireless Reconnaissance in Penetration Testing." He's thrilled, and I'm thrilled for him. There is nothing like the feeling of knowing that your first book is coming out...well, actually holding the book probably beats it. But he'll know that feeling soon enough.

He expects it to be published in Q3 of this year. But for now, it is available for pre-order on Amazon. I'm sure once it comes out, I'll enjoy reading it. Matt is one of those people--like me--who has good technical chops, but can explain things in human terms. (Though between you all and me, I think his technical knowledge is deeper than mine.)

So check out the preview now, and check back here at some point in the future for another shout-out.

.