Industry News

Your Every Click is a Clue about You

If Orwell’s Nineteen-Eighty-Four were written today, Big Brother would have probably been a social networking profile connected to nearly everybody, scraping the web for traces of activity. This is what RIOT’s latest project – that leaked on the Internet earlier today – is designed to do.

In a world where we spend more on social networks than on face-time with family, the digital trace we leave behind is enormous. Given the necessary storage space and computing power, any user can be reduced to an object whose properties – location, interests, travel and surfing habits – can be aggregated and even predicted with pinpoint accuracy. This is not only valid for military-grade software for governments, but has also made it into the consumer sector for a modest fee of three to four dollars a month.

This is the case of Spokeo (and others), an aggregator of public records and online profiles that traces social network activity. It correlates users by family trees and even offers insight about the value of one’s assets and yearly earnings.

The real value of social networks lies in people sharing information freely. These apparently innocuous disclosures are of little to no importance if taken individually, but, when aggregated, turn into a highly accurate snapshot of one’s life. To paraphrase the Miranda warning, everything you post on the web can and will be used against you.

In the social networking era, the front line of privacy are the privacy settings that allow users to control who they share information with. This works to an extent. It lets you better control who can access the places you visit, where you eat or where you go to the gym. But solely relying on this is definitely a big mistake.

There have been numerous cases of technical hiccups in social networks’ platforms that inadvertently granted access to data outside of your friend zone. Even when they work, chances are a person in your friend’s list that you have never met might be a bot mining the web for private information – Big Brother.

But it’s not only the web that can aggregate movement to specific locations or habits. Traffic cameras and even mobile phones (which can coarsely locate a person’s phone with a precision of down to 50 meters by triangulating cell tower signals even if you don’t own a smartphone). And all these details are collected by companies or services for commercial use.

If you are wondering how to stay a step ahead the system, the answer is simple. Stop sharing information that you don’t have to share. Use social networks moderately and always remember that the unknown contact you have just befriended might be an automated crawler that will mine your profile for relevant information.

About the author


Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.