Internet privacy dominated headlines this week, with criticism and analysis ranging from the expert level down to the individual user on how new technology – social media and smartphones, mainly – may or may not be infringing upon individual privacy.
First, though, news cycle took some time to reflect and evaluate how the data security industry has changed, as this week brought the one-year anniversary of the discovery of the Stuxnet virus.
Although the virus had been active for months before before September 2010, German security researcher Ralph Langner’s discovery marked the first time hard evidence had been uncovered that suggested cyberwarfare against a government infrastructure was a reality.
“I’m in this business for 20 years, and what we saw in the lab when analyzing Stuxnet was far beyond everything we had ever imagined,” Langner said in a recent interview with NPR.
While active, Stuxnet had successfully infiltrated the nuclear technology infrastructure owned and operated by the Iranian government. The worm was incredibly sophisticated, destroying the technology needed to control the country’s nuclear arsenal and doing so in such a way to avoid detection for months.
The finding was groundbreaking, according to Langner, and the potential for its level of controversy has made him fear for his personal safety. That didn’t stop him from making accusations, though, as Langner claimed in the interview that the expertise of Stuxnet’s coding appeared “alien,” but more realistically originated from the United States.
“Thinking about it for another minute, if it’s not aliens, it’s got to be the United States,” Langner told NPR.
Langner’s warning that variations of Stuxnet could be directed at U.S. industrial control systems has been echoed throughout the IT and national security industries in the year since it was discovered. It has even caused unexpected diplomatic tension, with the Russian government stepping in and accusing the United States and Israel of collaborating on the attack.
Stuxnet’s lasting impact, though, will be the global message it sent of the extent and severity of cyber warfare, which will likely make it a benchmark for similar issues in the future.
U.S. government officials publicly paid little attention to the accusations this week, appearing more concerned with the privacy implications that accompany the country’s growing dependence upon new technology.
Facebook, which now boasts nearly 800 million users worldwide, about 200 million of whom reside in the United States, was widely criticized for its sweeping updates this week. Coinciding allegations from Australian hacker Nik Cubrolovic that the company was tracking its users’ online activity even after they had logged out of their Facebook accounts, the backlash culminated in a call to action from interest groups and the federal government.
Each sending a separate letter to the Federal Trade Commission, the Electronic Privacy Information Center and the co-chairmen of the Congressional Bi-Partisan Privacy Caucus, Representatives Joe Barton and Edward Markey, petitioned the Federal Trade Commission to investigate Facebook’s practices and its plans for the future.
Facebook has denied the allegations about tracking users’ cookies.
However, Facebook wasn’t the only social networking site to make headlines in regards to monitoring personal activity. In contrast to the discussion surrounding Facebook, much of which was heavily negative and accusatory, Twitter was cited as a research tool to gauge personal behavior and temperament in a report released this week.
A study conducted by sociologists at Cornell University monitored Twitter messages posted by more than 2 million people across 84 different countries to gauge general mood shifts worldwide. The study found that the majority of Twitter users studied woke up and and went to sleep in a positive mood, encountering ups and downs in between.
On an industry scale, the study suggests that the vast amount of personal information transmitted through social networking sites, as well as the ability to access it, can be used for positive purposes as well.
“There’s just a torrent of new digital data coming into the field, and it’s transforming the social sciences, creating new lenses to look at all sorts of behaviors,” Peter Sheridan Dodds, a researcher at the University of Vermont who was not involved in the new research, told the New York Times.
As opposed to Facebook, upon which users and experts appear focused on limited access to personal information, the Cornell study suggests that Twitter fosters a more open and public dynamic to the information social media users are willing to publish on the web. That information, in this case, was able to be collected and used for scientific purposes.
Separate research released this week suggests that the collection and retention of individuals’ personal information is a widespread trend in the mobile phone sector. The U.S. Department of Justice released a document this week that detailed how major cellphone service providers collect and retain data their customers transmit through their networks. While the majority of phone call and text message records is stored for a maximum of 24 months, AT&T was found to hold onto this information for a period of five to seven years. Verizon Wireless, meanwhile, was the only service provider that actually retained text message content, albeit for a period of three to five days.
The proliferation of smartphones is also giving service providers more information to retain as well. The DOJ’s report showed that Verizon, AT&T, Sprint and Nextel all collected IP session information, with Verizon storing such information for the longest period, at one rolling year.
By now, it’s well known that social media and new mobile technology are fundamentally transforming the way people communicate. Regardless of how users feel about it, it appears that this transformation entails new Internet privacy stipulations.
Consumers, meanwhile, can take solace in the Internet privacy industry’s efforts to ensure high standards from the companies that serve them. By monitoring the measures taken and information stored by social networking sites and wireless services providers, and likewise making that information public, the Internet privacy industry has provided consumers the metrics by which they can evaluate companies with which they wish to affiliate.
As long as this information remains public and up to date, it’s up to the consumer to decide to whom they will or will not entrust their personal information.
Security News from SimplySecurity.com by Trend Micro
