For those using their real headshots for Avatars

[texmaster]

Hi folks,

I'm in IT, specifically data center security compliance manager which basically means I manage engineers designed to protect data and personal information including healthcare data. I see some folks on here using their real faces in their avatars. This place has been very good to me for advice so I thought I would share some info.

Hackers are now using facial recognition for items such as Google Glasses and similar devices. Before they were only copying avatars from Facebook and Linked in but now we've run across a few going to smaller sites like this one because people feel safer in a smaller community to share more personal info. Remember they dont need to copy and paste each avatar, they can run custom scripts to pull down all avatars from a website and since avatars are openly shared they don't need to hack the websites to do it.

If you are using your own picture here I would suggest you change your avatar to your pond or fish or anything but your face. No games, just wanted to keep folks secure.

Remember the Target hack a few months ago? It was far worse than the public knows. Be safe.

 

[Mmathis]

Hi folks,

I'm in IT, specifically data center security compliance manager which basically means I manage engineers designed to protect data and personal information including healthcare data. I see some folks on here using their real faces in their avatars. This place has been very good to me for advice so I thought I would share some info.

Hackers are now using facial recognition for items such as Google Glasses and similar devices. Before they were only copying avatars from Facebook and Linked in but now we've run across a few going to smaller sites like this one because people feel safer in a smaller community to share more personal info. Remember they dont need to copy and paste each avatar, they can run custom scripts to pull down all avatars from a website and since avatars are openly shared they don't need to hack the websites to do it.

If you are using your own picture here I would suggest you change your avatar to your pond or fish or anything but your face. No games, just wanted to keep folks secure.

Remember the Target hack a few months ago? It was far worse than the public knows. Be safe.

Thanks for the info -- I never use a picture of myself, but not for that reason....

 

[HARO]

Thanks for the info, texmaster. I've wondered about that. Would NEVER use my own picture, don't want to scare little kids!!
John

 

[pecan]

Thanks Tex! Great tip from someone "in the know"

My former means of protecting my identity was to give my identity such a bad reputation that no one on earth wanted it...

 

[Tula]

I'm still afraid to use a debit / credit card at Target. Probably should consider using cash a whole lot more and the debit card, a whole lot less!

 

[RobAmy]

Great now my Koi our at risk of identity theft, should of used a photo of the goldfish

 

[michey1st]

Thanks for the heads up! Avatar has been changed =D

 

[texmaster]

I'm still afraid to use a debit / credit card at Target. Probably should consider using cash a whole lot more and the debit card, a whole lot less!

Knowing the laughable security at most retail data-centers I wouldn't recommend anyone using a store credit card. PCI compliance is a joke which is what most datacenters use for security checks. Its basically an audit checklist to see if companies are staying secure then they can hang that little merit badge on their company for being PCI compliant. Most however with the certification are not.

Put it this way, most datacenters are now on leased space. Companies pay other companies to host their equipment. A typical sublet datacenter can have as many as 20-30 different customers running around in it with 5-10 customers per room. Most retailers do this for economic reasons since its cheaper than owning the land and the building. Now a tech from one company who gets into that room can theoretically have access to multiple data centers in just one room. The way around that is to put in a cage. Think of it like chain mail fence around a bunch of servers with a door. Most companies don't want the extra expense because they think that the security of the building is good enough. The real security found in google, yahoo and Microsoft have retina scanners for each entrance point and thumb print scanners for each server just to access. But with all companies it comes down to cashola and most wont spend the extra bucks to keep you safe. I wont get into the software updates because that will scare you half to death

 

[j.w]

Uh oh I am going to change myself into a toad now

 

[j.w]

So it's not safe to have photo's on facebook either?

 

[Tula]

Oh dear.......I'm getting paranoid now

 

[MitchM]

Thanks, texmaster.

Here I thought I was paranoid too. It turns out they really are after me.

.

 

[haver79]

Thanks for the info texmaster.

 

[texmaster]

So it's not safe to have photo's on facebook either?

Not as your main avatar. Frankly not at all. Sorry Ever notice your name appears on photos with you in it? Hackers see that too unfortunately.

I dont use my real name on facebook. Linked in is actually a better resource for hackers since people want to be found there.

You could just change a letter in your name on facebook and it would help a bunch.

And keep the cat away from the internet. He's up to no good

 

[texmaster]

I don't mean to get everyone paranoid but they are all out to get you

For anyone using firefox there are a lot of small apps that can help.

https://addons.mozilla.org/en-US/firefox/extensions/privacy-security/

Ghostery is one of the best. It blocks tracking software designed to capture where you visit on the internet. The news websites are the worst!