The Tech Secrets The Industry Is Hiding From You

Is it really dangerous to turn on your cell phone while flying? Is your web browsing really anonymous? How safe are you from hackers? Are you spending too much on hardware?
These are secrets that “they” don’t want you to find out. Who’s “they”? It could be Google or product manufacturers, your boss or your wireless carrier,

What don’t they want you to know? That your cell phone, your Webcam, and your employer may be spying on you. That you’re probably paying too much for printer ink, and that your wicked-cool subsidized handset will cost you way more over time than an unsubsidized one. That your PC may be coated with toxic flame retardants. And that’s just for starters.

Don’t despair. For every dirty little secret revealed herein, we describe a fix or a way to work around it (if any exists). You don’t have to be a victim, if you know what to do.

Cell Phones Don’t Crash Airplanes
The Federal Communications Commission and the Federal Aviation Administration have each recommended that airlines not allow passengers to use cell phones during commercial flights. The FAA fears that the RF signal emitted by devices using the 800MHz spectrum band might interfere with the navigation systems of the plane, specifically GPS instrumentation. Yet there is no documented case of an air accident or serious malfunction caused by a cell phone’s interfering with a plane’s navigation system.

The FCC’s concern is that wireless networks on the ground might be disrupted by the cell phones flying overhead. As a plane flies over a wireless cell tower on the ground, the FCC believes, the cell site will detect all the cell phones operating inside the plane and go to work registering those devices to operate on the network. But by the time the tower registers and connects all those mobile phones passing overhead, the plane will have passed into the range of the next cell tower on its route. This uses up system resources and could hurt network performance for connected phones on the ground.

But some experts believe that this worry is outdated. “Color me highly skeptical that this is a real problem with modern systems,” says Ken Biba, CTO of Novarum, a wireless consulting and engineering group. “Modern digital phones actually use lower power, and, further, the cell towers have very directional antennas designed for covering the surface of the earth [not the air above].”

The Fix: There isn’t much you can do. Actually, the FCC and the FAA are doing us a big favor here. They’re delivering us from having to fly with people jabbering away on their cell phones from takeoff to landing.

‘Private’ or ‘Incognito’ Browsing…Isn’t
These days, most major Web browsers offer “private” or “incognito” browsing (known colloquially as “porn mode”). But all the feature really does is tell your browser not to record the sites you’ve looked at, the search terms you’ve used, or the cookies deposited during that session.

If the sites you visit record your IP address (and many do), that information is available to any interested party that has the legal right to request it–a group that can include divorce attorneys and law enforcement. Recording visitors’ IP addresses is a trivial task–you can add to any blog a free widget that accomplishes the same thing–so you should assume that the sites you visit do so.

You’re Spending Too Much on Printer Ink
Nonsense, says Bill McKenney, CEO of InkTec Zone, which sells equipment for refilling inkjet cartridges to retailers such as Wal-Mart International.

“You won’t void the warranty and you won’t hurt your printer,” says McKenney. “A bad refill job may leak ink inside your machine. Otherwise you’ll be fine. And the savings are so significant, there’s almost no reason not to do it.”

End User License Agreements May Not Be Enforceable
It doesn’t take much effort to sign an end user license agreement: Rip open a software package, or tick a box on a Website, and you’re legally bound. But your obligations depend a lot on where you live, says Jonathan Ezor, director of the Institute for Business, Law & Technology at the Touro Law Center on Long Island.

“EULAs are contracts, and contract law is state law,” says Ezor. “It’s governed by the state where you live or where the company is based.” For example, courts in the Third Circuit Court of Appeals (Delaware, New Jersey, and Pennsylvania) and the Fifth Circuit Court of Appeals (Louisiana, Mississippi, Texas) have found certain types of EULAs invalid.

Other factors include whether the agreement contains unenforceable restrictions, whether it gives consumers sufficient choice, and what method it provides for users to indicate agreement, Ezor adds.

The odds of your going to court over a EULA, however, are slight. The real issue is how companies enforce them, Ezor says.

“What companies really don’t want you to know is how easy it is for them to turn things off or erase them,” he adds. “Think of what happened last year with the Orwell books that Amazon just erased from people’s Kindles.”

The Fix: Read the EULA. Does the software “phone home” to verify that you’re using the product as its creator intended–and, if you’re not, does it have the ability to disable the program remotely? If it doesn’t, you’re probably free to do as your conscience allows.

Google Could Rat You Out
Google DashboardIf the government comes knocking with a subpoena–or even just a strongly worded letter, per the Patriot Act–Google is obligated to hand everything over. Sure, the feds can get this data from anyone, but Google’s wealth of information (as well as its lengthy data-retention policies) makes their job much easier.

Even if you have nothing to hide from the authorities, all that stands between you and Christmas in July for an identity thief is your Gmail log-on and password; that’s the key that unlocks every other Google service. Last October, Google reported that thousands of Gmail accounts had been compromised by a phishing scheme that also targeted AOL, MSN Hotmail, and Yahoo. Even sophisticated users have had their Gmail accounts hijacked. Little wonder, then, that Chinese hackers targeted Gmail accounts when they compromised the service last December.

The Fix: Use Google Dashboard to see what information you’re sharing (prepare to be blown away), and adjust your settings accordingly. Make your Gmail password harder to guess, and change it every couple of months. If you think your Gmail account has been hacked or stolen, you may be able to use Google’s account-recovery page to get it back. And given Google’s recent stumbles over user privacy with Buzz, you might consider spreading the risk over different providers

Your PC May Be Killing You
Though electronics manufacturers have made great strides in reducing their use of harmful chemicals in recent years, tech gear still may contain brominated flame retardants–chemicals used to reduce the risk of fire that studies have linked to lower IQs in children and reduced fertility rates.

“BFRs used in the manufacture of circuit boards can be converted to highly toxic brominated dioxins and furans if the products are burned at the end of their life,” says Arlene Blum, executive director of the Green Science Policy Institute and a visiting professor of chemistry at UC Berkeley.

But even daily use can be dangerous, says Blum. “When used in plastic casings, BFRs can also migrate out of the plastic into the dust in the room and then enter the body via the hand-to-mouth contact.”

The Fix: While major manufacturers such as Apple, Dell, and HP have moved away from BFRs in recent years, certain products built before 2009–especially devices that generate a lot of heat, like laptops and laser printers–may still contain BFRs, says Michael Kirschner, associate director of the Green Science Policy Institute. “Do some research,” says Kirschner. “Almost all vendors now have an environmental section on their Websites that tells you about the materials they use.”

The news isn’t all bad, he adds. “Most manufacturers in the consumer arena have gotten the message to get additive BFRs out of their products.”

As for older products still in people’s homes? “They probably need to be replaced anyway, right?” Kirschner jokes.

Antivirus Software Won’t Protect You
Security programs won’t really protect you from the Internet’s worst nasties. “Antivirus software only catches the low-hanging fruit,” says Mark Kadritch, CEO of The Security Consortium and author of Endpoint Security. The increasing number of zero-day vulnerabilities–coupled with some vendors’ failure to fix security holes in their products for months or even years–means that even the most up-to-date antimalware products may still be behind the curve when it counts, he says.

The Fix: You can’t do without security software (see our Security Info Center for reviews of the latest security packages, plus how-tos and news), but to protect yourself more effectively you need to take extra steps such as saving your data to encrypted drives and installing VMware or other software that lets you create virtual machines and discard them as they become infected.

“At the end of the day, if you suspect your system has been compromised, blow it away and click ‘restore’ in VMware,” Kadritch says. “You may lose some e-mail, but you’ll get a brand-new system with the latest, greatest updates.”

Your Webcam May Be Watching You
Two-way video chat is fun. One-way chat–where you’re the one being watched–is not so much fun. But it’s more common than you might think.

In February, school officials in southeastern Pennsylvania found themselves in hot water after they installed software on school laptops that allowed them to activate students’ Webcams remotely. The school claimed that the software–which could snap a picture of whoever was using the MacBook at any time–was only for locating lost or stolen laptops. Outraged parents sued the district, and the story made international headlines.

Two weeks earlier, a woman reported being spied on via her Webcam by a Dell support technician, which she discovered when she realized the tech had turned on her Webcam without asking permission. Chinese cyberspy network GhostNet has reportedly taken over at least 1300 PCs worldwide, including the ability to operate their Webcams. In 2006, Spanish authorities arrested two teens after they hacked Webcams at a local college and tried to blackmail students caught in compromising situations. In 2004, an online intruder commandeered the computer of a 15-year-old girl in Houston, operating her Webcam remotely and typing messages on her screen about the clothes she was wearing.

The Fix: If you have an external Webcam, unplug it when you’re not using it. If your camera is built in, covering the lens with a sticky note should do the trick.

Your Boss Can (and Probably Does) Monitor Your Computer
Paranoia, schmaranoia. If you work in a medium-size or large organization, the folks in your IT department are keeping tabs on you.

Using software like Websense Triton or Barracuda Purewire, they can monitor the sites you visit, and scan the e-mail you send or receive. They can also check network-activity logs, or use software that captures your keystrokes or periodically grabs images off your screen.

According to the most recent surveys conducted by the American Management Association, two-thirds of all employers monitor employee Web and e-mail activity. About four out of ten use keyloggers or snoop around employees’ computer files. And one out of four firms has fired employees for Internet-related misdeeds.

Besides boosting productivity, companies are trying to avoid malware infestations, accidental leaks of confidential data, and liability for sexual-harassment suits if employees are exposed to Internet porn.

The problem? Selective enforcement, says Joe Rose, a labor-rights attorney based in Sacramento, California. Companies just collect the information and use it when needed to weed out troublemakers, complainers, or people who rub them the wrong way. “In my experience,” Rose says, “companies use this information selectively, either to pile on evidence in case of employee misconduct or if the employee engages in activity the company doesn’t like, such as labor organizing.”

The Fix: Don’t use company gear or networks to conduct personal business. If your employer gave you a BlackBerry, get your own cell phone, says Rose. Want to check your private Webmail account? Do it from your own computer and on your own network. In nearly all cases, your privacy rights at work are minimal at best.

The Social Web Never Forgets
If you have an ugly encounter with someone in person, odds are you’ll both forget most of it within a week. Experience the same thing on the Internet, and it will be preserved forever. Worse, people have lost jobs, gotten sued, been arrested, or endured endless embarrassment due to things they said in e-mail or posted on Facebook.

“The Internet never forgets,” says the University of Washington’s Tadayoshi Kohno. “In the old days, if you wanted to make data disappear from your computer, you could take out your hard drive and take a sledgehammer to it. Today, much of our data is in the cloud. There’s no single hard drive to smash any more.”

Your Facebook Apps Are Spying on You
Sure, it’s silly and fun to play Mafia Wars or to take one of the 2,345,678 quizzes on Facebook. When you install one of these apps, though, it gains access to any information you’ve designated as available to ‘Everyone’. Per Facebook’s Platform guidelines, this can include a huge amount of information, including your name, photo, birthday, location, job history, religion, political point of view, relationships, favorite books and movies, and so on. Much of this information is shared by default. It’s the motherload for data miners.

Facebook requires each app to adhere to your privacy preferences and to have its own privacy policy, but it doesn’t require apps to have a very good policy. Some, like Farmville’s policy, are fairly comprehensive; others appear to have been written by 12-year-olds.

The Fix: Facebook recently introduced privacy controls that help limit what information apps can access. Use them. To start, log in and go to Account, Privacy Settings, Profile Information. Change any setting marked ‘Everyone’ to Only Friends or Friends of Friends. Then go to Applications and Websites, What your friends can share about you, and uncheck most if not all of the boxes.

Even then, there’s some information that Facebook simply won’t let you withhold, including your name, profile photo, friends, fan pages, and geographic location, plus the networks you belong to. So think twice before you start harvesting virtual crops or install “Lover of the Day.”

Advertisements
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: