INVITATION TO CYBERSECURITY 252 9.2.5.4 Be Discerning As we saw in Section 8.3, logs are kept by systems and network administrators on local devices and networks. Logs are also kept in cyberspace by service providers. These logs are invisible to users and are outside of their control. However, users need to be aware that this data exists and should think twice before typing or clicking. The Internet is not as anonymous as it appears. Being aware of what is possible will help users make wise choices. When a user is logged in to a website, the actions taken by that user can be logged by the web server. For example, Google might log what searches a person makes and what results they click on along with the date and time and the user’s location. Online word processing applications such as Google Docs record all the changes made to a document over time, including deleted sections of text. Social media companies can also log activity including who viewed what when, what they clicked on, and any information they posted, including content that was later deleted or modified. Some companies are able to log actions taken by users across the Internet as they browse different websites through the use of tracking cookies. A tracking cookie is a text string assigned to a web browser by a web server for the purposes of uniquely identifying a user. For example, advertisers partner with many different websites and aggregate information across their advertising network using tracking cookies. If a user searches for gold coins on one website, then that user might be shown advertisements for gold coins on other seemingly unrelated websites. Tracking cookies are a powerful tool that can be used to create a detailed picture of a person’s life and interests. Cellular providers log information about the phones in their network. It is unlikely they record conversations, but they do record metadata. Metadata is the attributes of an item of data. For phone calls, metadata includes the phone numbers of the caller and the callee, the date and time of the call, and the duration of the call. Cellular providers can log text messages in their entirety, including pictures that are sent and received. Cellular providers can also log a phone’s physical location at all times, whether the person is using the phone or not, and sometimes even when the phone is supposedly turned off. Since we carry our phones wherever we go throughout the day, this means cellular providers know everywhere a person has been. Cellular providers can also determine all phones that were near a specific location at a particular point in time. Needless to say, cell phone records can easily reveal a person’s habits, hobbies, associations, and much more. Smartphone apps can also log the actions of their users, including their location. Some apps track users even when the app is not actively being used. Android and iPhone OSs force apps to ask users for permission before they are able to collect sensitive data such as this. Some app developers claim they delete the information they collect, but such claims should be viewed with suspicion because they cannot be verified. If a company has access to data, they may or may not collect and store it. Some “anonymous” messaging apps have been exposed in the past for storing messages even though they claimed all messages were ephemeral, anonymous, and immediately deleted.
RkJQdWJsaXNoZXIy MTM4ODY=