Although it’s from last year, we only recently noticed this article from PC Magazine about how to reclaim your online privacy. It is worth a read in its entirety, but for the impatient who don’t want to click through, here are some highlights.

Cookies Cookies are little strings of text that Web sites store on your computer as a means to identify you to that site later. [...] Cookies are neither good nor evil. They’re a convenience, and like most conveniences, they come at a price. [...] Browser preferences/options let you opt to accept all cookies, accept only those from sites you visit (eliminating those from third-party advertisers, for example), or never accept them at all. The latter is a shoot-yourself-in-the-foot move; go for the “from sites I visit” option and, if you’re paranoid, check the box to be asked for permission before the browser allows the installation of cookies.

Private data The information your browser terms “private” encompasses a lot—everything from your browsing history to download history, the cache of Web page files on your hard drive (aka temporary Internet files), cookies, and even saved passwords. All major browsers can clear all of the above with a button click, and most can be set to delete history whenever the software is closed or by some other time increment. 

Personal Proxies Your broadband modem typically has a unique IP address, and it’s easy for any Web site or other snooper to see; the IP address is usually included in the headers sent with e-mail, too. An IP address alone can easily give an approximation of your location, based on where your ISP is located. [...] What’s needed is a way to surf anonymously that goes beyond browser privacy modes for protection. Luckily, they exist. The fundamental stealth method is an anonymous proxy server. Plug settings from a proxy server into your Internet software (browser and e-mail) and all requests sent to the Internet from that software will be relayed through the proxy. This is also an effective method of making yourself appear to be in another location; the only problem is that you may also find yourself looking at foreign versions of sites like Google, which load languages based on a user’s location. Using a proxy carries the bonus of making your PC less susceptible to outside attacks, but that’s only a problem if you’re not using a router and a software firewall (which you are, right?). Not all proxy servers guarantee anonymity, so choose accordingly. Setting up proxy servers should be simple: You get an IP address and a port number to plug into fields in the options for your browser, e-mail client, and other Internet software.

Encrypted E-mails Using cryptography to ensure that messages can be read only by intended recipients goes back to a time long before e-mail. It’s just easier to implement electronically. [...] Here’s the gist of how public key cryptography like PGP works. You create both a public key and a private key. The former you can tell the world. The latter you tell no one. Ever. All your friends do the same. You use their public key to encrypt things sent to them, they use your public key to send to you. Only your individual private keys can decrypt the messages received, because the public and private keys were created to work hand in hand. Keep things even more on the down-low by creating a “web of trust” between friends, and share your keys only with those in the circle.

Intimate IMs Most IM clients can also send file attachments, which can include malware. It should go without saying, then, that you should accept IMs only from people you know. [...] several of the dominant IM services—AIM, Yahoo!, Microsoft—now offer features like encryption, IM spam blocking, and more, either integrated or through third-party add-ons. Older versions of the AIM client allowed the use of a personal digital certificate for encrypting, just in case someone out there is packet-sniffing your network. You can still get older AIM versions (5.9, for example), and then a free certificate from Comodo.com, or AIMencrypt.com. The current versions of AIM and the business-oriented AIM Pro automatically use SSL when transporting messages, but don’t do certificate encryption anymore. Even Trillian, the multiprotocol IM client, supports this for AIM and ICQ. Yahoo! Messenger has its own stealth and privacy settings, so you can sign on as invisible or ignore people, but it has no encryption of IMs.

Donald Canning has a great post over at Windows in Financial Services that covers Online Reputation Risk Management, Reputation.com and the emerging concept of Google Insurance for professionals, students and corporations. Don Canning is currently Managing Director of the Insurance Worldwide Group at Microsoft Corporation so he has deep knowledge of insurance, risk management and technology. Mr. Canning’s post is both readable and information rich and well worth a read. Quoting from the post:

Call it search engine insurance. Since every personal and corporate decision is now preceded by multiple fact-finding queries on search engines, it’s now time to get protection – preventative and remedial – for the Internet. If you don’t control your search engine results, you’re letting fate or someone else decide what people will see first about you and your enterprise. Warren Buffett says it takes twenty years to build a reputation and five minutes to ruin it. Today, in fact, it takes only five minutes for anyone with access to the Web to ruin your reputation.

Back in the mid-1990s, the Internet was the domain of computer-focused people. Risks to computers and networks from rapidly proliferating viruses gave rise to virus protection software. Then the early 2000s saw the emergence of e-commerce. Risks to credit cards and other electronic payment instruments gave rise to sophisticated tools to protect credit. Today, you live your entire life on the Web. You do all of your business on the Web. You work, date, learn, and labor through and with the Internet. And a recent survey of insurance brokers even named “reputation risk” as the number one threat to their clients. But, as yet, there is no life insurance for the Web, or property and casualty insurance for the Web.

That is why Michael Fertik founded his company, Reputation.com. It gives its individual and corporate customers tools to control their online identities. It’s not insurance, per se, since insurance is a regulated field, but the solutions are inspired by the same spirit. Reputation.com’s mission is to protect the good name of people and companies on the Internet, a place where reputations can explode at any time.

[SNIP]

And the search results matter! Eighty-three percent of executive recruiters use search engines for researching job candidates and 75 percent of patients search online for information about physicians. Our online reputations impact our offline lives across employment fields and social strata. Like any other valuable asset, our reputations are worth insuring and protecting.

Reputation.com thanks Mr. Canning for the thoughtful post. We look forward to preserving and maintaining reputations in the digital age.

An International computer security firm has discovered that popular social news site Digg is being exploited by cybercriminals.

According to PandaLabs, crooks are posing as Digg users and focusing on the site’s celebrity news forums. By all outward appearances, the fake accounts appear legitimate and this is what causes people to click the links that are posted using the fake accounts. Under the auspices of viewing celebrity sex tapes and the like, unwitting users click the link and then are prompted to download and install software in order to view the tawdry video clips. Of course, instead of getting any software to view video the user instead gets a fake diagnostic program.

The fake diagnostic program in turn pretends to scan the user’s hard drive for supposed malware (oh, the irony), finds the “infected” files and offers up a digital solution for a price (it would be something if the program actually uninstalled itself after payment was affected, but this seems unlikely).

Scamming people with a fake Norton-type security scan is one thing, but the real insidiousness of this malware lies in the fact that it hinders the computer’s normal functioning to make the diagnostic more convincing. No word yet on how many people thought they were going to see Paris Hilton’s latest hijinks only to find their CPU underperforming and a “helpful” little program offering to fix the problem.

 Digg has already begun identifying and shutting down the fake profiles. “We are fully aware of the issue at hand and have already taken action,” Jen Burton, Digg’s community manager, said. “Malware accounts reported to us by the community are terminated immediately and all content is removed.” According to Burton, Digg has erased more than 300 suspected malware-spreading accounts.

It was announced yesterday by the American Civil Liberties Union that the Supreme Court will not be hearing the outgoing Bush administration’s case against the Child Online Protection Act (COPA). Mukasey v. ACLU sought to appeal rulings against COPA, which has been enacted since 1998.

COPA specifies a fine of up to USD $50,000 and/or up to 6 months’ imprisonment for the transmission of “any material that is harmful to minors” unless there is payment required to access it, or some sort of pass code. “Intentional” violation of the law carried penalties as well. More to the point, COPA defined “harmful to minors” as anything “communicated” that is “obscene” or that which is “designed to appeal to, or is designed to pander to, the prurient interest.” These “prurient interests” are to be judged according to “contemporary community standards.” The law gets a little more precise when it states that material which “depicts, describes, or represents, in a manner patently offensive with respect to minors, an actual or simulated sexual act or sexual contact, an actual or simulated normal or perverted sexual act, or a lewd exhibition of the genitals or post-pubescent female breast,” and material that “taken as a whole, lacks serious literary, artistic, political or scientific value for minors” is a no-go. Makes sense to this author.

However, with all the commercial transactions that are regularly taking place online today, there were bound to be some parties who had their toes stepped on, and not just purveyors of kiddy porn who have moved their offices from back alleys to online shops.

Patricia Nell Warren, of Wildcat Press, was one of the plaintiffs in the suit, and she had this to say about the law as it was written: “[These] two bills were supposedly aimed at hard-core porn but they were so broadly written that they would be used to criminalize the commercial provision of all kinds of legitimate content to minors on the Internet, whether health information or literature. And such laws definitely would be used by ultraconservatives to limit availability of LGBT content on the Web. For this reason, we felt that it was important for us, as a gay-owned small press, to participate in these lawsuits. The Philadelphia Gay News was also involved. The Supreme Court decision puts the onus where it belongs — on parents, who have the right to use software filters to try keeping their minor kids from viewing material that they disapprove of.”

The ACLU, for its part, is trumpeting the Supreme Court’s decision not to hear the COPA case as a win for free speech. The ACLU Legal Director Steven R. Shapiro is quoted as saying “[The] government has no right to censor protected speech on the Internet, and it cannot reduce adults to hearing and seeing only speech that the government considers suitable for children.”

 As with all things on the Internet this area is patently gray, and it is only a matter of time before the next case that pushes someone’s (or some community’s) envelope comes along and we go through this all again. In the mean time, Reputation.com recommends that parents monitor what their kids are looking at online, and who they are interacting with on the internet. The best defense is a good offense, and keeping ahead of the ‘net is a good habit that all people, young and old, need to develop.

We’ve written about the dangers of unprofessional Facebook and MySpace profiles previously, but the issue keeps coming up. A recent article from the Treasure Coast Palm details a survey of 320 college admissions officers conducted by Kaplan Test Prep and Admissions.  According to the survey, admitted to using the Internet to help make decisions on potential applicants. Of those who used the Internet, 38% said that their findings negatively affected their impressions of candidates.

Whether you’re applying for a job, applying to school, or even going out on a blind date; owning your Google search results is key to finding success. Merely setting your profile to private is not a guarantee of protection in the Internet age, which means constant vigilance in monitoring your online reputation is a must.