• We have updated the guidelines regarding posting political content: please see the stickied thread on Website Issues.

Personal Data On The Internet

Are you on Twitter or Facebook?

  • Yes, both

    Votes: 11 20.4%

  • Twitter only

    Votes: 6 11.1%

  • Facebook only

    Votes: 15 27.8%

  • Neither

    Votes: 20 37.0%

  • Neither, but some other 'social networking' site(s)

    Votes: 2 3.7%
  • Total voters
    54
escargot said:
Just a bit! At the very least, heads will roll. Someone's getting the sack. For a start that'll be whoever put the list up, plus their boss and whoever checks their work.
Click to expand...

Doesn't sound like anyone checked it to be honest! I get the feeling that the 'boss' in this situation probably won't get as harsh a punishment as the lower-down person who put up the list.

It's got to be a security breach as well as a data breach though. Who knows how many people - and who - got a hold of the details before they were pulled.
 
Schrodinger's Zebra said:
Doesn't sound like anyone checked it to be honest! I get the feeling that the 'boss' in this situation probably won't get as harsh a punishment as the lower-down person who put up the list.

It's got to be a security breach as well as a data breach though. Who knows how many people - and who - got a hold of the details before they were pulled.
Click to expand...

Happened on'ere once. We had a troll, 'Ricky', who'd cause trouble in various ways. He somehow found out posters' actual names and addresses and listed them in full.

They were up for at least a full weekend before anyone could sort it as we didn't have moderators back then.
It wasn't illegal because the board itself didn't hold members' information but dash it all, it certainly wasn't cricket.

My details weren't listed. I was miffed.
 
escargot said:
Happened on'ere once. We had a troll, 'Ricky', who'd cause trouble in various ways. He somehow found out posters' actual names and addresses and listed them in full.

They were up for at least a full weekend before anyone could sort it as we didn't have moderators back then.
Click to expand...

That's awfully worrying! But how on earth would he find out those details?


escargot said:
It wasn't illegal because the board itself didn't hold members' information but dash it all, it certainly wasn't cricket.
Click to expand...

I read that last bit in a Terry-Thomas voice. :D
 
Schrodinger's Zebra said:
That's awfully worrying! But how on earth would he find out those details?
I read that last bit in a Terry-Thomas voice. :D
Click to expand...

'Ricky' seemed to be an experienced troll so I assume his research skills were finely honed.

We're not as anonymous as we'd like to think! Anyone could be collecting information about us.

We talk about our interests and jobs and mention our home towns. It'd be easy to build up a little dossier about someone on here.

Remember the stalker who deduced his victim's address from a street sign reflected in a photo of her? That ended badly.
 
escargot said:
'Ricky' seemed to be an experienced troll so I assume his research skills were finely honed.

We're not as anonymous as we'd like to think! Anyone could be collecting information about us.

We talk about our interests and jobs and mention our home towns. It'd be easy to build up a little dossier about someone on here.

Remember the stalker who deduced his victim's address from a street sign reflected in a photo of her? That ended badly.
Click to expand...

Another reason why I try to stay as anonymous as possible on 'ere. Some people are happy enough to talk about exactly where they live etc (and there's nowt wrong with that if they're happy to do so), but not me :boh:

That Ricky chap must've had a lot of time on his hands though. Hopefully the same thing couldn't/wouldn't happen again.

I've not heard of that stalker thing (I don't think) but again, troublesome.
 
escargot said:
'Ricky' seemed to be an experienced troll so I assume his research skills were finely honed.

We're not as anonymous as we'd like to think! Anyone could be collecting information about us.

We talk about our interests and jobs and mention our home towns. It'd be easy to build up a little dossier about someone on here.

Remember the stalker who deduced his victim's address from a street sign reflected in a photo of her? That ended badly.
Click to expand...

Scene,

Filing cabinet drawer sliding closed. Just time to see a folder with 'Escargot' on the tab.

scene fades with a echoeing laugh (Yorkshire accent optional).

;)
 
INT21 said:
Filing cabinet drawer sliding closed. Just time to see a folder with 'Escargot' on the tab.
Click to expand...
Duly so, as a suspected Internet ringleader of recent anarchy in France.

Screenshot_20191231_041030_compress16.jpg


Screenshot_20191231_040340_compress80.jpg
 
Schrodinger's Zebra said:
Hang on... did this post get moved here? I could have sworn I posted it in the Typos and Proof Reading (or whatever its called) thread. :watch: ...
Click to expand...

It was moved because it had nothing to do with typos / proofreading and a lot to do with the risks of leaking personal data onto the Internet.
 
EnolaGaia said:
It was moved because it had nothing to do with typos / proofreading and a lot to do with the risks of leaking personal data onto the Internet.
Click to expand...

Ah thanks, now I know I'm not going mad (well, no more than usual).

I'd put it in the other thread because of the lack of proofreading (well someone clearly didn't!) but I'd forgotten about this thread which does fit it better.
 
Be afraid, be very afraid.



THE UK GOVERNMENT is quietly expanding and developing a controversial surveillance technology that could be capable of logging and storing the web histories of millions of people.

Official reports and spending documents show that in the past year, UK police have deemed the testing of a system that can collect people’s “internet connection records” a success, and have started work to potentially introduce the system nationally. If implemented, it could hand law enforcement a powerful surveillance tool.

Critics say the system is highly intrusive, and that officials have a history of not properly protecting people’s data. Much of the technology and its operation is shrouded in secrecy, with bodies refusing to answer questions about the systems.

At the end of 2016, the UK government passed the Investigatory Powers Act, which introduced sweeping reforms to the country’s surveillance and hacking powers. The law added rules around what law enforcement and intelligence agencies can do and access, but it was widely criticized for its impact on people’s privacy, earning it the name the “Snooper’s Charter.”

Particularly controversial was the creation of so-called internet connection records (ICRs). Under the law, internet providers and phone companies can be ordered—with a senior judge approving the decision—to store people’s browsing histories for 12 months.

An ICR isn’t a list of every page online you visit, but may nonetheless reveal a significant amount of information about your online activities. ICRs can include that you visited Wired.com but not that you read this individual article, for instance. An ICR can also be your IP address, a customer number, the date and time the information was accessed, and the amount of data being transferred. The UK government says an internet connection record could indicate when, for example, the travel app EasyJet is accessed on someone’s phone, but not how the app was used.

“ICRs are highly intrusive and should be protected from over-retention by telecommunications operators and intelligence agencies,” says Nour Haidar, a lawyer and legal officer at UK civil liberties group Privacy International, which has been challenging data collection and handling under the Investigatory Powers Act in court.

https://www.wired.com/story/internet-connection-records-uk-surveillance/
 
Once the government has it, it's only a matter of time before anyone who really wants it has it, too.

The data will be overshared, underprotected and insecure, even if they fail to find a legal way to market access to it.

When I was in my early 20s, I worked for local government through an agency. Because I quickly proved pretty efficient at supplying data for the boss, I was given access and editing rights to a nationwide database for vulnerable persons without training or vetting. I was just told that I wasn't allowed to look anything up that I didn't need to to complete the assigned task (you'll forgive the lack of details).

The reason was simply that it would save time and hence money to allow me to check what I needed directly instead of requesting someone higher up to check and pass the information on—and the office was understaffed.

I did nothing untoward, obviously, but you only need to make a bad call once and the whole show is compromised. And this will be the reason: overworked clerics with more pressing concerns than the letter of the law.

We do not want this.
 
I agree with @Yithian

In numerous jobs I have had access to company databases containing names, addresses, phone numbers and email addresses of famous people.
If I was a nutter, then who knows what I could do with that data?

That said, if the security services really need to track your browsing history and hack into databases to find out more about you, I have little doubt that they will do it through unofficial means if they cannot get official permission.
 
Last edited:
Victory said:
I agree with @Yithian

In numerous jobs I have had access to company databases containing names, addresses, phone numbers and email addresses of famous people.
If I was a nutter, then who knows what I could do with that data?
Click to expand...
I think as far as finding addresses of famous people goes, it's always been quite easy though hasn't it?
The only difference was that you couldn't necessarily do it from your armchair.
If you really wanted to, you could though. Everyone knew where the Beatles lived for example.

And as for today, you don't need to have a job that allows you access to company databases to be able to find out addresses either.
 
Yithian said:
Once the government has it, it's only a matter of time before anyone who really wants it has it, too.

The data will be overshared, underprotected and insecure, even if they fail to find a legal way to market access to it.

When I was in my early 20s, I worked for local government through an agency. Because I quickly proved pretty efficient at supplying data for the boss, I was given access and editing rights to a nationwide database for vulnerable persons without training or vetting. I was just told that I wasn't allowed to look anything up that I didn't need to to complete the assigned task (you'll forgive the lack of details).

The reason was simply that it would save time and hence money to allow me to check what I needed directly instead of requesting someone higher up to check and pass the information on—and the office was understaffed.

I did nothing untoward, obviously, but you only need to make a bad call once and the whole show is compromised. And this will be the reason: overworked clerics with more pressing concerns than the letter of the law.

We do not want this.
Click to expand...
I've said before on here about people flipping open their wallets at the till to basically show me their name, address, date of birth, NI number and (often in the case of older people) all their PINs (which they will persist in writing down on the inside of their wallet, 'for security'...) If I wanted to steal their identity, it would be the easiest thing in the world, and I wouldn't need to go anywhere near a computer to do it.
 
catseye said:
I've said before on here about people flipping open their wallets at the till to basically show me their name, address, date of birth, NI number and (often in the case of older people) all their PINs (which they will persist in writing down on the inside of their wallet, 'for security'...) If I wanted to steal their identity, it would be the easiest thing in the world, and I wouldn't need to go anywhere near a computer to do it.
Click to expand...
Alan Carr (comedian) told his Mum to disguise her pin if she had to write it down.
In her address book she'd written 'Mr Pin' followed by a four figure number.
He said ''who else have you got in there- Colonel sort code?''
 
@Yithian totally get what you are saying and your experience, but things have moved on a lot since then. Due mainly to EU rules, but generally adopted by public services everywhere, there is now a Zero Trust model for all sensitive and personal data access. No user can access data beyond their role and remit without triggering alerts to the same.
I know any system can be open to abuse, but it is far harder these days when a least privilege system is in place.
 
Ascalon said:
@Yithian totally get what you are saying and your experience, but things have moved on a lot since then. Due mainly to EU rules, but generally adopted by public services everywhere, there is now a Zero Trust model for all sensitive and personal data access. No user can access data beyond their role and remit without triggering alerts to the same.
I know any system can be open to abuse, but it is far harder these days when a least privilege system is in place.
Click to expand...

I'm happy to be brought up to date, but I confess I'm not overbrimming with faith.

In technical system vs actual individual, rubber meets road scenarios, the latter tends to triumph over the former.

Hope I'm wrong.
 
Last edited:
Yithian said:
I'm happy to be brought up to date, but I confess I'm not overbrimming with faith.

In technical system vs actual individual, rubber meets road scenarios, the latter tends to triumph over the former.

Hope I'm wrong.
Click to expand...
Indeed, there are inevitably attempts to circumvent, but the basic premise is that any data access that is beyond the role or remit of a system user is simply not allowed. It's like when a bottle of wine will not scan on an EPOS in a shop after hours. The system has a rule that will not allow it.
Not only that, an alert is generated to investigate why an unauthorised or unjustified query was made.
Also these systems are usually only accessed securely, so not just user with multifactor authentication, but also the device, the location and security posture.
All sorts of place have had heavy fines levied so had to put these kinds of things in place.
 
First rule is to always force websites to use HTTPS, so you get a minimum of privacy on most sites. Then us a VPN or Tor browser for your most sensitive website visits.
 
Floyd1 said:
I think as far as finding addresses of famous people goes, it's always been quite easy though hasn't it?
The only difference was that you couldn't necessarily do it from your armchair.
If you really wanted to, you could though. Everyone knew where the Beatles lived for example.

And as for today, you don't need to have a job that allows you access to company databases to be able to find out addresses either.
Click to expand...

Where some famous people live is fairly common knowledge.

The homes of Paul McCartney, Freddie Mercury and Boy George were on the tourist trail.

Others will be known to neighbours, taxi drivers and those noticing them in databases.

But if I was to ask you to send the address of a particular famous person within a day, there is no certainty that you could do it.

When in an past job I had access to a large database, I saw that one famous person did not have their home address on there.
Everything went via their local bank branch.
 
You must log in or register to reply here.
Back
Top