The Daily Shield is very pleased to republish the following article from ID Guardian. ID Guardian is the trusted source of information concerning identity exposure, identity fraud, and online security.
If you are like us here at ID Guardian, you may be working on building yourself a social media presence. It could be for community outreach, a ways and means of increasing your business, or simply for fun. With any new technology, though, comes understanding; and sadly Social Media is becoming the proverbial “blinking 12:00 a.m.” of the Internet. People are jumping into networks blindly without a thought (or a care) as to exactly what they are doing. It is as if the buzz words “total transparency” have somehow completely robbed users of common sense, sending unhindered community participants headlong into what they believe is a Utopia of goodwill.
That was before a website shined a halogen lamp on things in an attempt to make people stop and think.
If you have noticed messages appearing on Twitter that read “I’m at Gary’s Burger Bar in Fairfax, VA…” or or “I just became the mayor of Mini-Market…”, you are connected with someone playing foursquare, a third-party site that serves as a Swiss Army Knife of sharing. Similar to BrightKite, foursquare shares on Twitter your current GPS coordinates when you “check in” and then recommends places to go and things to do in your immediate area. As the rest of your network also checks in, your account loads up with easy-to-find meet up places and new things to do wherever you may happen to be. Sounds like fun, doesn’t it?
Did I mention that foursquare is a game, too? With each place you check in from and the more you share, you unlock badges that get you anything from “tweet cred” to free merchandise from participating foursquare vendors. So now, in the spirit of healthy competition, Twitter users are in competition for what badges they can unlock and where they can rule as Mayor. All it costs users is your exact whereabouts.
While tweeting your location may seem utterly harmless (as it happens all the time on the network), there is a hazard involved, particularly as foursquare takes this concept to a new high by providing GPS-coordinates to where you are not at that moment: home.
This revelation attracted the attention of FortheHack, a collection of security professionals who, in turn, developed Please Rob Me, a website that lists players from foursquare’s feed as they check in. From their website, FortheHack developers warn that:
“The danger (in services like foursquare) is publicly telling people where you are. It gets even worse if you have ‘friends’ who want to colonize your house. “Colonizing” means they have to enter your address, to tell everyone where they are. Your address on the internet. The goal of Please Rob Me is to raise awareness on this issue and have people think about how they use services like Foursquare, Brightkite, Google Buzz etc.”
Since the site’s launch on Feb 17, 2010, there has been a heated debate over the ethics of FortheHack. Identity Theft expert Robert Siciliano appeared just last week on CBS calling out the flaws in Social Media and in PleaseRobMe.com. The website Mashable applauded FortheHack’s efforts stating “These guys have a legitimate point. Stories about status updates leading to burglaries are becoming commonplace…” while The Daily Telegraph reports “Privacy campaigners have expressed outrage at the website, which publishes a regular updated stream of ‘opportunities’ by detailing the names of Twitter users, when they left home and where they were currently located. Simon Davies, director of the Privacy International campaign group, said the website’s creators had ‘failed in their duty of care’.”
It is clear that Please Rob Me succeeds in one respect: scaring the pants off Twitter users. Instead of foursquare’s inviting “Check In! Find Your Friends! Unlock Your City!” you are greeted with “Listing All Those Empty Homes Out There! 12 New Opportunities!” Perhaps the only thing more mind-boggling than the website itself is the one pervading fact that Privacy advocates are glossing over: Please Rob Me is not combing Twitter for this data, but simply syndicating (via foursquare) tweets that are being volunteered by its players. This data is not being stolen, but freely given and made public.
That is truly scary.
So before you attempt to unlock that way-cool “Burrito Bandito” badge on a return trip to Chipotle, IDGuardian offers you (without even asking for your whereabouts) a few Twitter tips:
1. For your Twitter profile, avoid using GPS coordinates. When Twitter asks for your location, the closest city or major metro area (e.g., Washington, D.C., Chicago, IL) should work just fine.
2. Disable GPS options in third-party Twitter applications. These are the usual culprits responsible for going into your profile and giving your exact location, be it from your home or wherever you happen to be tweeting. Check the Preferences and Settings tabs of your Twitter applications, both online and on your smartphones.
3. Ask yourself why you want to give away your exact location on an open stream. This works both ways. While we have been talking about foursquare letting people know where you are not, keep in mind that foursquare (and other services like it) is also letting your network know where you are. A real boon for stalkers. Anybody can get on Twitter, and anybody can find you if you are willingly sharing such data on open networks.
4. Don’t be afraid to let people know where you are or what you are doing. Just be smart about it. You can still TwitPic your whereabouts and share with your network; but how much do you really want or need to share? It goes back to the analogy “If you don’t feel comfortable saying something in a crowded room of strangers, it is best not to tweet it.” The same can be applied to your location. Only tweet what you are comfortable with.
It’s okay to share on Twitter. Just don’t check your brains at the door and take a few simple steps to avoid being a target. A few precautions can be a good thing further down the road.