You have to admire how Schmidt bats the question aside: Google engineers have thought long and hard about this, and concluded that protecting users' privacy would make pages load too slowly. What he doesn't mention is that this is a problem because the slower pages load, the fewer Web searches we make; and the fewer Web searches we make, the fewer ads Google can sell. Google could make the Web safe for our secrets, in other words — its whiz kids know exactly how to do it — but it would just take too long. The king has spoken.

Microsoft has tried to combat the problem by building a variety of safeguards into its operating systems and its Internet Explorer browser, with mixed success. The User Account Control feature of Windows Vista, which popped up an endless stream of warnings that irritated users, proved to be one of the key factors in the poor reception for Vista. Last week in Los Angeles, the company said it had entirely reworked the user interface of its new Windows 7 operating system to minimize user frustration.

A search of King County property records showed that since the June 2007 sale of his previous residence, Barton hasn't purchased property under his or his wife's name. Is he renting? Zillow's Amy Bohutinsky says Barton does own his own home, which a Seattle-based tech reporter says is in the city's Madison Park neighborhood. He may well have bought it under a trust.

If so, it's the first time he's chosen to do so in years of owning Seattle-area real estate. It's telling that Barton, an ex-Microsoft executive who got rich through the software giant's spinoff of travel site Expedia, has suddenly become interested in keeping his home address private. Could it have anything to do with his new business of telling everybody what their neighbors' homes are worth?

A feed of your friends' Twitter messages publicly lists all all messages, whether or not they're "protected." (Twitter users can choose to protect their messages so only designated "friends" can see them.)

I decided to test the bug on some folks for whom privacy might be a fresh concern — two ringleaders of the infamous "Camp Cyprus" video, Facebook product manager Dave Morin, and Wall Street Journal reporter Jessica Vascellaro. Both participated in a seaside frolic in Cyprus with several other Internet-employed individuals, which has become a symbol of Web 2.0 excess. Vascellaro made her Twitter messages private after she got back from her Cyprus vacation, after rather indiscreetly Twittering several updates about the progress of the video.

Sure enough, Morin's feed of messages from Twitter friends contains a private message broadcasted by Vascellaro only to her designated friends. Fortunately, it's just a notice that she's "in need of Halloween costume ideas," rather than an update about a story she's filing for the paper.

To see anyone else's private, friends-only messages, pick one of the user's friends, and then substitute their user name in this URL:

 http://twitter.com/statuses/friends/[USERNAME].xml 

Here's a question: Will this bug get fixed more quickly, now that it's been shown to involve a Facebook employee and a Wall Street Journal reporter? Twitter what you think, or leave it in the comments.

View larger map

The authorities won't say, but consensus has it the Tennessee college student under investigation is one David Kernell, a 20-year-old whose father, Mike Kernell, is a Democrat in the Tennessee state legislature. His email address is rubicon10@yahoo.com, which matches the name of a 4chan user — Rubico — who posted a detailed confession of the hack on the site last week. Also, whoever broke into Palin's account first changed the password to "popcorn," which could be a pun on Kernell's last name.

While it won't identify individual users directly, indirectly it will allow advertisers to reach a class of individual users through more refined placement. Which is kind of the same difference — mention American Apparel, and more porny ads for you!

rubico 09/17/08(Wed)12:57:22 No.85782652

Hello, /b/ as many of you might already know, last night sarah palin’s yahoo was “hacked” and caps were posted on /b/, i am the lurker who did it, and i would like to tell the story.

In the past couple days news had come to light about palin using a yahoo mail account, it was in news stories and such, a thread was started full of newfags trying to do something that would not get this off the ground, for the next 2 hours the acct was locked from password recovery presumably from all this bullshit spamming.

after the password recovery was reenabled, it took seriously 45 mins on wikipedia and google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, and it only has 2 zip codes (thanks online postal service!)

the second was somewhat harder, the question was “where did you meet your spouse?” did some research, and apparently she had eloped with mister palin after college, if youll look on some of the screenshits that I took and other fellow anon have so graciously put on photobucket you will see the google search for “palin eloped” or some such in one of the tabs.

I found out later though more research that they met at high school, so I did variations of that, high, high school, eventually hit on “Wasilla high” I promptly changed the password to popcorn and took a cold shower…

>> rubico 09/17/08(Wed)12:58:04 No.85782727

this is all verifiable if some anal /b/tard wants to think Im a troll, and there isn’t any hard proof to the contrary, but anyone who had followed the thread from the beginning to the 404 will know I probably am not, the picture I posted this topic with is the same one as the original thread.

I read though the emails… ALL OF THEM… before I posted, and what I concluded was anticlimactic, there was nothing there, nothing incriminating, nothing that would derail her campaign as I had hoped, all I saw was personal stuff, some clerical stuff from when she was governor…. And pictures of her family

I then started a topic on /b/, peeps asked for pics or gtfo and I obliged, then it started to get big

Earlier it was just some prank to me, I really wanted to get something incriminating which I was sure there would be, just like all of you anon out there that you think there was some missed opportunity of glory, well there WAS NOTHING, I read everything, every little blackberry confirmation… all the pictures, and there was nothing, and it finally set in, THIS internet was serious business, yes I was behind a proxy, only one, if this shit ever got to the FBI I was fucked, I panicked, i still wanted the stuff out there but I didn’t know how to rapidshit all that stuff, so I posted the pass on /b/, and then promptly deleted everything, and unplugged my internet and just sat there in a comatose state

Then the white knight fucker came along, and did it in for everyone, I trusted /b/ with that email password, I had gotten done what I could do well, then passed the torch , all to be let down by the douchebaggery, good job /b/, this is why we cant have nice things.

While demonstrating how to break the iPhone's passcode lock in a webcast, iPhone hacker and data-forensics expert Jonathan Zdziarski explained that the popular handset snaps a screenshot of your most recent action — regardless of whether it's sending a text message, emailing, or browsing a web page — in order to cache it. This is purely for aesthetic purposes: When an iPhone user taps the Home button, the window of the application you have open shrinks and disappears. In order to create that shrinking effect, the iPhone snaps a screenshot, Zdziarski said.

The phone presumably deletes the image after you close the application. But anyone who understands data is aware that in most cases, deletion does not permanently remove files from a storage device. Therefore, forensics experts have used this security flaw to successfully nab criminals who have been accused of rape, murder or drug deals.

(Photo by Wired)

A Google spokesman said Sergey and Larry "look forward to getting some real quality, high-resolution imagery into Google Earth" in three to four months — presumably enabling close-ups in areas not trespassed by Google's Street View trucks. But with Google and the DOD sharing a satellite, the tinfoil-hat theories start now.

The information that can be collected includes addresses, phone numbers, email addresses, physical appearance, behavioral traits, fiscal and financial records, and details about people who have personal ties with the subject.

Funny, because that's exactly the kind of information most of what Americans willingly share about themselves on social network sites like Facebook.

Come on: Images of Obama's house are all over the Web. There are aerial views of the home on Google and Microsoft's online maps, as well as shots uploaded to Flickr.

The small wealthy community or North Oaks, Minnesota was able to block Google's Street View cars from entering their neighborhood, but that's probably not what happened in Obama's. Despite what you've heard Hyde Park, Obama's academic enclave and home of the University of Chicago isn't quite entirely a South Chicago colony for the elite. At least, not according to the conservative Weekly Standard:

It is the most racially integrated neighborhood in the nation's most racially segregated city. On three sides it is closed in by some of the most hellish slums in the country, miles of littered streets, acres of abandoned lots, block after block of shuttered storefronts and empty apartment buildings left over from the 19th century.

Shots of Obama's house:

Sarah Palin never thought of herself as an investigator. Yet there she was, hacking uncomfortably into Randy Ruedrich's computer, looking for evidence that the state Republican Party boss had broken the state ethics law while a member of the Alaska Oil & Gas Conservation Commission.

The next week, when Palin went back to work at the AOGCC, she noticed that Ruedrich had removed his pictures from the walls and the personal effects from his desk. But as she and an AOGCC technician worked their way around his computer password at the behest of an assistant attorney general in Fairbanks, they found his cleanup had not extended to his electronic files.

The technician "said it looked like he tried to delete this, but she knew a way to go around and get some of the deleted stuff," Palin said in an interview. "I didn't know what I was looking for, but I was there."

Palin found dozens of e-mail messages and documents stacked up in trash folders, many showing work Ruedrich had been doing for the Republican Party and others showing how closely he worked with at least one company he was supposed to be regulating.

You get a Facebook message from a friend, urging you to check out this video. You go there, and it's a YouTube phishing site (with your friend's facebook profile picture and name on it), which then urges you to update your Flash player. Don't do it — it fucks up your computer and then spams all your Facebook contacts (not sure exactly how it does that). But it's interesting that hackers are now using a supposedly "trusted" messaging platform such as Facebook to launch attacks

If the hackers' method sounds familiar — a third party attempts to get a user to click based on what looks to be the endorsement of a friend — that's because Facebook tried the same idea with Beacon last year. And it's trying it again with Engagement Ads, a new format coming this fall.

You can thank local botanists who fly under the radar of law enforcement. Grow operations are packed tightly into indoor and outdoor spaces, which Google's all-seeing eye-level cameras could easily betray. So if your dealer's supplier goes down thanks to a Street View intrusion — lawful or otherwise — which brand ought to feel the wrath of your pointlessly paranoid post-analysis?

(Photo by Miss Gong & The Flickers)

My favorite shot is the guard dog on private Simone Road in Sonoma. Google spokesliar Larry Yu swore up and down that Google trains its drivers not to do this, they give them specific routes to follow, they hire local drivers who know the area, blah blah blah —- all of which Yu retracted after a reporter talked to a driver who refuted the whole story.

Both satellite photos and topography would be just the thing for planning, say, an armored column advance or in identifying industrial and civilian targets for sabotage and terror, respectively. While the photos aren't current enough to track enemy movements, the detail at the lowest scale is certainly good enough for a sniper to find a roost near Josef Stalin's birthplace for instance. And if anyone needed road maps, then they could have just used Microsoft's more Caucasus-complete Live Maps. Just imagine what separatist guerrillas could have done with Street View!

First, a company wall would remind employees daily that their private details are available to anyone on the network who's installed Kismet and Wireshark. It's not the whiz kids from Black Hat you should worry about. It's the coworker looking to sell a list of sales leads to pay off a gambling debt.

A company Wall of Sheep would be run by one or two in-house sysadmins. They would use network-snooping tools to check for unprotected data on the network. They'd publish carefully redacted versions of anything they caught onto an in-house webpage. If you neglect to set the SSL options on your mail client, just the fact that you've sent 37 emails to Carolyne at the front desk will be the day's watercooler talk. What could be more motivational?

Second, a Wall of Sheep forgives no one. Not the CEO, not the star salesman, not the hotshot in Professional Services. Showing up on the wall because you didn't follow company security rules is like showing up late for work: Everyone sees it, even if they don't dare call you on it. When it comes to changing human behavior, embarrassment is far more effective than an error message. (Photo by RobotSkirts)

Yahoo! Announces New Privacy Choice for Consumers
Will Expand Its Opt-Out Policy to Customized Advertising on Yahoo.com

SUNNYVALE, Calif., Aug 08, 2008 (BUSINESS WIRE) — Today Yahoo! Inc. (Nasdaq: YHOO) announced that it will offer users greater choice in how they manage their privacy online by enabling them to opt-out of customized advertising on Yahoo.com. This new option expands Yahoo!'s existing opt-out program for customized advertising served by Yahoo! on third party networks.

Yahoo! announced the new opt-out capability as part of its response to a Congressional inquiry about customization sent to 33 companies from the House Energy and Commerce Committee. Yahoo!'s full response to the letter from Congressman Dingell is attached below.

Anne Toth, head of privacy and VP for policy, said, "Yahoo! understands the trust of our users is our greatest asset, so we strive to create the most trusted, compelling online experience."

"Yahoo! strongly believes that consumers want choice when customizing their online experience and they have also demonstrated a strong preference for advertising that is more personally relevant to them," continued Toth. "However, we understand that there are some users who prefer not to receive customized advertising and this opt-out will offer them even greater choice."

This new opt-out capability is expected to be available for consumers by the end of August. Users will be able to access the opt-out in the Yahoo! privacy center, which is linked on the home page and nearly every page on the Yahoo! network. Users will also be able to access the opt-out through a link in the public service advertising campaign Yahoo! has been running with online ads across its network to educate users about customized advertising.