protect yourself – data loss on the net at app sec usa

Main menu:

Topics

Recent Posts

Feeds

RSS Feed RSS - Posts

November 2013
M T W T F S S
« Oct   Dec »
 123
45678910
11121314151617
18192021222324
252627282930  

Past Posts

Java/Java EE

JDBC

Other

protect yourself – data loss on the net at app sec usa

November 21st, 2013 by Jeanne Boyarsky

speaker: Kelly Fitzgerald

Interesting points and urls

  • Remember that the first three digits of your Social Security Number are based on where you live. Also interesting that you get SSN at birth now and didn’t in the past.
  • Spokeo – paid service that shows info about person including what credit card and ad agencies think about you. Thinks speaker is a boy. You can opt out of spokeo everything except name and age.
  • Knowing someone’s primary email, helps you see many acccounts – facebook data, etc.
  • On Facebook, most people keep unprotected profile pic, other pics, freinds list (ex a friend’s comments). Also watch for backgrounds in photos. Surroundings, books,reflections in glass/computer monitors
  • If you buy from someone on e-bay, you can probably find their location
  • Your Facebook friends are 70% people looking at your profile and 30% random noise
  • bing.com/social will show interesting info
  • openbook shows open posts by person
  • openstatussearch.com – make sure you have locked down status
  • wolfram alpha self-analytics tool
  • many people use full name or email in profile. Don’t use twitter/linked in/etc pictures because can connect your online pic to the rest of your internet presence. The search by image services aren’t good yet. [facial recognition seems like this will fail eventually too]
  • truedater.com – people will post stories about you. Similarly for don’t date him girl
  • People on linked in can pay to see who saw your profile
  • Amazon wish lists are public by default
  • United has upgrade status public. Only has first letter of first name and three letters of last nme. Could only find it new person already
  • Zillow, trulia, spokeo, blockshopper – all have your home’s info. Can’t get zillow off
  • Finding criminals can be tough because need to know county arrested in. But can search your and neighboring counties
  • Megan’s law offender app – shows where sexual offenders are
  • SearchDiggity – free tool to search for PII. Worry about typing in your info is still a valid fear
  • Do sensitive things on other taccounts, don’t use Oauth for touchy situtations, track old accounts down and delete them
  • Facebook has a blog – you can use it to find out about updates
  • Misinformation lets you stay anonymous
  • Can see people’s charitable and political donations
  • See if your credit card company offers virtual credit card numbers. Can use for online purchases and set short expiration date. Like a one time use number

My take
Great presentation. She took a guy who had a PII leak on a tv show and how much more she could find out about them. Entertaining and informative. It was a little short, but the Q&A were great. She brought cupcakes to bribe people to ask questions. I think we would have anyway as they were thoughtful questions. And it was good to get a break at the end.

Comments

Comment from Kelly FitzGerald
Posted: January 28, 2014 at 11:49 am

Wow! I read your detailed notes and your kind words and I am really glad you enjoyed the presentation. Great website!

Kelly

Comment from Jeanne Boyarsky
Posted: January 28, 2014 at 10:38 pm

Thanks Kelly!

Write a comment