Facebook Privacy – A Step By Step Guide to Protecting Your Personal Information on Facebook

The privacy controls on Facebook have been a hot topic for the past couple of months. It seems like lately they are always modifying user’s privacy settings. This can be dangerous for a user who thinks they are secure only to find out that the privacy settings have changed and they have to take manual steps to make their Facebook page secure.

Unfortunately, the lack of user privacy on Facebook can have devastating effects. Last week a woman in Australia was killed by a man who viewed her page and saw her interest in working with animals. He created a fake Facebook page and used details the women posted on her page to show his interest in animals. The man told the women he could get her a job working with animals, and after some online conversations, they set a date to meet at a nearby isolated area where the man murdered the woman.

Recently an article was published in the New York Daily News detailing the steps on how to protect yourself on Facebook. Here is a quick rundown of these steps:

1. You Have To Visit Different Links To Hide Your Profile Info From The Public
This is especially important if your kids have their own Facebook accounts.

HOW TO PROTECT YOURSELF:
On the upper right-hand corner of the screen, click Account > Privacy Settings > Personal Information and Posts. Make sure you adjust your privacy settings beside all 12 categories.
Then click Back To Privacy > Contact Information. Make sure you adjust your privacy settings beside all 9 categories.
Then click Back to Privacy > Friends, Tags & Connections. Make sure you adjust your privacy settings beside all 10 categories.

2. Facebook Uses Your Info in Ads
When your friends view Facebook ads, they may see your name.

HOW TO PROTECT YOURSELF:
On the upper right hand corner of your screen, click Account > Account Settings > Facebook Ads.
Select No one beside Allow ads on platform pages to show my information to & beside Show my social actions in Facebook Ads to.

3. You Have Been Enrolled In The Instant Personalization Pilot Program
Facebook gives websites like Yelp, Pandora and Microsoft Docs access to your profile info.

HOW TO PROTECT YOURSELF:
On the upper right hand corner of your screen, click Account > Privacy Settings > Applications and Websites.
Click Edit Setting beside Instant Personalization Pilot Program.
Then uncheck the box at the bottom of the screen.
Even if you opt out of the Instant Personalization Pilot Program, websites may still access info about you via your friends, unless you block each individual site’s application.

4. Your Friends May Be Sharing Your Info With Third-Parties
When you Facebook friends use applications you do not use, they may be sharing your info with third parties.

HOW TO PROTECT YOURSELF:
Click Account > Privacy Settings > Applications & Websites > What your friends can share about you.
Uncheck all 13 boxes.

5. You Can Monitor Which Devices Access Your Facebook Account
This tool, released Friday, helps fight hackers by notifying you of unusual log-ins.

HOW TO PROTECT YOURSELF:
On the upper right-hand corner of your screen, click Account > Account Settings > Account Security.
Click Yes below Would you like to receive notifications for logins from new devices?
The next time you log in, Facebook will ask you to name the device you are using. Then it will send you an email. This way, if anyone logs in to your account from a device you don’t use, you’ll know about it.

6. Yes, You Can Delete Your Facebook Account – But It’s Not Easy
Facebook makes it easy to deactivate your account, which means you can reactivate it at any time without losing your profile info.
However, deleting your account is much more difficult.

HOW TO PROTECT YOURSELF:
To deactivate your account: On the upper right-hand corner of your screen, click Account > Account Settings > Deactivate Account.
To delete your account: Use this link to delete your Facebook account: https://ssl.facebook.com/help/contact.php?show_form=delete_account
Click Submit.
Enter your password and fill out the text box. Press Okay.
Do not log into Facebook for two weeks, or your account will be reactivated. After two weeks, you won’t be able to log in to Facebook.

Protect Your Data – A Case Study

One of the easiest ways identity thieves can carry out their crimes is through a computer hard drive. Today, these thieves are becoming more tech savvy with their criminal methods. They seek out the innocent on fraudulent web sites or via email, and they often claim to be IRS agents or members of a banking institution, trying to gather residential addresses, Social Security numbers and bank account information. Another method they take is to visit a computer recycling center to see if hard drives that are being recycled still contain data.

Recently, I needed a spare hard drive for the lab. Instead of purchasing a brand new one, I paid a visit to my local computer recycling center. I found five computers with their hard drives still intact waiting to be recycled. I pulled the hard drives from the computers and took them back to the lab to use as spare drives. Using my forensic software, I looked at the drives to see what, if any, data was still on them. Four of the five drives were wiped clean, meaning that the data was permanently erased from the drive. The other drive contained a wealth of information which could have been used maliciously. I found addresses, social security numbers, medical insurance information, and other information that would be helpful to an identity thief. I wrote a letter to the owner of the computer (with the address I found on the hard drive) and notified them of what could have happened if the hard drive had gotten into the wrong hands.

Contact us for more information about how to keep your digital data protected – info@precisioninvestigations.net.

The Dark Side of Computer Forensics

WARNING:  THIS BLOG POST CONTAINS SENSITIVE SUBJECT MATTTER

I came face to face with the dark side of computer forensics three years ago.  I was involved in a child custody case of a five-year-old girl.  The wife retained me to forensically examine the family computer to review her ex-husbands online activity.  The first thing I noticed when I started the forensic analysis was that the wife and her ex-husband both used the computer under one user profile.  This information will come into play later on in this story.

I explained to the wife that because all of the activity falls under one user, it would be very difficult (if not, impossible) to determine who was seated at the computer and was physically online.  The wife told me that this was not going to be difficult since she was very sick with cancer and was undergoing tests and treatments out of state for several weeks during the specific dates and times that I was to analyze.

As soon as I started reviewing the internet history I found several Google searches for “incest” and “father/daughter sex” websites.  I relayed this information to the wife along with the dates and times the searches were conducted, and she determined that this was when she was out of state for treatment.  After finding these searches, I then started looking at the images/videos contained on the hard drive.  It was when I conducted a search for deleted images/videos that I found an indecent picture of an underage girl.  Because the image was deleted and found in the unallocated area of the hard drive, the dates and times the picture was viewed were removed.

Our company policy relating to indecent images of underage children is to cease the examination and contact law enforcement whenever one picture/video is found during analysis.  With that being said, I immediately contacted law enforcement and turned the case over to them.  I stayed in contact with the wife and acted as a liaison between her and the law enforcement officers handling the case.

I was called to testify in State court a couple of months later.  The defense attorney turned his attention to the fact that even though there were indecent pictures of underage children on the hard drive, it was impossible to say for sure it came from his client.  I had to agree to that statement, as I was not able to conduct a thorough investigation due to the fact that I turned the data over to law enforcement early on in the forensic analysis.  At the time of my testimony, law enforcement was still analyzing the hard drive, so they were not able to provide further information on the origin or dates and times of the indecent images.

After two days of the hearing, the judge awarded unsupervised custody to both parents.  I remember talking with the wife and her family after the hearing and heard their fear  about what the ex-husband will do to his daughter when she is alone with him.  We tried desperately to get the law enforcement officers to expedite their investigation, but they had a backlog of cases that they deemed more important.

The last time I spoke to the wife (a couple of months ago), they were in the process of appealing the custody decision and the ex-husband still had joint custody of the daughter.

Informatics In The Courtroom

About a week ago an article was published talking about how the field of information science has become critical to the collection, delivery, and analysis of data.  Most lawyers need to be educated on how electronic documents compare to paper documents.  Some specific examples from the article were the misunderstanding of “create date” in a document’s meta data, causing a inaccurate analysis of how long a document has existed.  This can be a simple yet large mistake in the courtroom.  To solve this problem, there must be strong communication between lawyers and people in the informatics field; otherwise that smoking gun might not be present in the evidence, even though 99.9% of the documents were retrieved.

Although about 95% of data is now stored electronically, it can be deemed useless if not handled properly.  There are several mistakes and poor practice methods that lawyers can perform, all of which can be prevented with the right team of specialists.  Here at PCI, we pride ourselves on constant communication and proper methods to ensure data collection and preservation, as well as informing clients on the data.  We go the extra mile to not only just handling data properly, but to provide support on how to utilize the data.

For more information on our best practice methods or have any questions, contact us at info@precisioninvetigations.net

Cloud Computing and Data Privacy

Last year, Levi Beers and Chris de Diego become the first example of criminal spammers in cloud computing. FBI agents targeted the two and were successful in obtaining evidence from Google relating to the spammers, who stored all of their incriminating evidence on the Google Docs platform. This is also the first publicly acknowledged search warrant benefiting from a suspect’s reliance on cloud computing.

According to the 1986 Stored Communications Act, the government is allowed to access a customer’s data whenever there are “reasonable grounds” to believe the information would be relevant in a criminal investigation. If the spammers left the data strictly on their hard drives, the FBI would have to personally serve the warrants, seize and image their computers, and then leave the spammers with a copy of the warrant and an inventory of everything taken. However, when issuing a warrant for data stored in “the cloud” the government has no obligation to disclose the cloud search to the spammers, unless criminal charges are filed.

The files found through Google Docs were a spreadsheet that showed the spammers spammed 3,082,097 e-mail addresses in a single five-hour spree and another document that listed 8,000 Yahoo webmail accounts the spammers allegedly created to push out their spam.
Read the full article and an affidavit associated with this case here.

What are your thoughts on this topic? Do you feel you should be notified if your documents are being searched on the cloud?

Trouble with Vista or Win7?

This blog is perfect for all our Windows Vista and 7 users.  When something goes wrong in Windows, it can be extremely frustrating.  FixWin is a portable application that puts one-click repairs at your finger tips, almost like an “easy” button from Staples.

Rather than digging around in the registry or Google-ing a hopeful fix, try FixWin. It is lightweight, portable, and it can fix over fifty issues that can pop up in Windows Vista and Windows 7. Whether your right-click context menu is missing in action or Windows Media Player suddenly will not start, FixWin has a one click fix to help with dozens of issues.

FixWin is portable, freeware, and Windows only, get it HERE. Give us come feedback on the utility.  Do you have another application to help with Windows issues?  Leave your comments below.

Teen Sues Mother For Harrassment on Facebook

A 16-year-old Arkansas boy is taking his mother to court over accusations she broke into his Facebook account and wrote slanderous comments about him. His mother claims” she was just concerned about her boy’s behavior”. The son claims his mother hacked into his Facebook account, changed his password, and posted remarks about his personal life. The mother claimed the boy forgot to log off his Facebook account and she had a look around “because she became concerned about her son after reading his posts on Facebook”.

Read the full article here and here.

Alert: BlackBerry Messenger Spam

For those of you who use BlackBerrys, there is a spam message going around.  Someone created a fake message pretending to be RIM (BlackBerry parent) alerting them about their server overload of BlackBerry Messenger users.  It says to forward it on to other users so RIM can see who is an active user vs. inactive user to free up space on their servers.  This message is FAKE!  Do NOT forward it on if you receive it.  Read more on CrackBerry here: http://bit.ly/d3KZ4a

Web Site A Matchmaker For Cheaters

http://www.wowt.com/news/headlines/84357862.html

Quick!…Change Your Passwords.

http://www.nytimes.com/2010/01/21/technology/21password.html?ref=technology