Cell phones and the Internet are great ways for romantic partners to stay in touch, but based on a recent survey of 14- to 24-year-olds, they're also being used to spy and harass significant others.
My report on the Associated Press and MTV study about youth digital abuse focused mostly on sexting and how youth respond to cyberbullying. But there was also some interesting data on how technology is being used for "dating abuse."
One of the findings of an MTV/AP youth survey
(Credit: AThinLine.org)The study (PDF) found that 22 percent of youth involved in a romantic relationship say they feel like their significant other uses a cell phone or goes online to check up on them too often. The study also found that "more than 1 in 4 say their boyfriend or girlfriend has checked the text messages on their phone without permission," and more than 10 percent of the young people said that a boyfriend or girlfriend has demanded that they give them their password.
Whether by coercion or not, 26 percent said they had shared an online password with someone. Females (31 percent) are more likely to share passwords than males (22 percent). And though there isn't necessarily a causal relationship, 68 percent of those who have shared passwords report having been a target of digital abuse compared with 44 percent of those who hadn't.
Not surprisingly, a significant minority of the youth (12 percent) said that a boyfriend or girlfriend call them names, put them down, or say really mean things to them on the Internet or cell phone.
And about 1 in 10 said that a significant other demanded that they unfriend a former boyfriend or girlfriend on social networks.
The survey, conducted for The Associated Press and MTV by Knowledge Networks interviewed 1,247 people between the ages 14 and 24 in what was described as a nationally representative survey.
Teen dating violence subject of CBS Evening News report
(Credit: CBS Evening News (via CBSNews.com))This data comes just as there is increased attention on teen dating abuse. CBS Evening News anchor Katie Couric reported last week that 29 percent of America's teens "say that they were emotionally, sexually or physical abused by their boyfriends and sometimes even girlfriends last year." Though technology doesn't cause nor necessarily play a role in teen dating violence, it clearly can amplify the problem, especially if a partner in the relationship is using a cell phone or computer to harass, stalk or spy on their partner as the AP/MTV survey has shown. Technology can also be used by partners to embarrass their significant others by making it possible for partner to details or their relationship online. One of the biggest downsides to "sexting" is the possibility of a partner sharing those images with others.
Marriage and family therapist Marty Klein is less concerned about kids sharing intimate photos with their partners than he about how some are misusing those images. "Take the sex out of sexting and what you have is a betrayal of trust," Klein said. The Internet, he added, "more clearly and sometimes more dramatically focuses our attention on problems that people have struggled with forever." In other words, the Internet and mobile technology don't cause these problems (that exist in offline relationships) but they can amplify them.
Couric also reported that calls and online chat to the National Teen Dating Abuse Helpline went up nearly 600 percent from March 2007 to March 2009. The Helpline's Web site has advice for teens including a section on helping to determine if you're being abused.
In conjunction with the release of the digital abuse survey, MTV launched A Thin Line, a Web site that provides resources to help youth deal with sexting, constant messaging, spying, digital disrespect, and cruelty.
When we think of phishing attacks, in which scammers try to lure sensitive information out of Internet users, we think of fake official-looking e-mails and Web sites.
But you don't even need to be online to get phished. A phishing attack making the rounds tries to dupe cell phone users into revealing their personal data over the phone. It uses SMS messages, which makes it a "SMiShing" attempt.
It all starts with a spam text message purporting to be from a financial institution. In this case, it's from a source identified as KeyPoint Credit Union, warning that an account has been locked and providing an 888 phone number to "verify" the account, said a CNET News reader who received one of the spam text messages on his Sprint phone.
When the phone number is called, an automated message prompts for SocialSsecurity number, credit card number, and driver's license number, he said.
"Every carrier has seen it," Matt Sullivan, a Sprint spokesman, said on Tuesday. "We have filtering technology that we are constantly updating to try to weed out some of this."
Asked how spammers get hold of the phone numbers, Sullivan speculated that they are using a random auto-dialer. Even if only 1 percent of the people called expose their information, the SMiShers are successful, he said.
Customers can block specific numbers that keep calling, but for most spammers that isn't effective, as they usually take one shot at the phone number and then move on, Sullivan said.
Sprint has had a fraud alert on its Web site for about a year about SMiShing, but reports go back to at least 2006.
President-elect Barack Obama's cell phone billing records were improperly accessed by employees of Verizon Wireless, CNN reported late on Thursday.
Obama's transition team was informed of the breach by Verizon Wireless representatives on Wednesday, team spokesman Robert Gibbs told the news agency. The Secret Service has been informed, Gibbs said.
The phone, a voice flip-phone with no e-mail access, is no longer active or being used by Obama, the report said. Lists of phone numbers and calls made by Obama could have been accessed, but "nobody was monitoring voicemail," Gibbs is quoted as saying.
Verizon Wireless has notified federal law enforcement authorities, Verizon Wireless President and Chief Executive Lowell McAdam wrote in an internal company e-mail distributed on Wednesday that CNN obtained. In a press statement, McAdam wrote:
"This week we learned that a number of Verizon Wireless employees have, without authorization, accessed and viewed President-Elect Barack Obama's personal cell phone account. The account has been inactive for several months. The device on the account was a simple voice flip-phone, not a BlackBerry or other smartphone designed for e-mail or other data services."
"All employees who have accessed the account - whether authorized or not - have been put on immediate leave, with pay. As the circumstances of each individual employee's access to the account are determined, the company will take appropriate actions. Employees with legitimate business needs for access will be returned to their positions, while employees who have accessed the account improperly and without legitimate business justification will face appropriate disciplinary action."
"We apologize to President-Elect Obama and will work to keep the trust our customers place in us every day."
Employees who viewed the records without authorization could be fired, McAdam said in the internal e-mail.
This is the latest in a string of technology-related security incidents to hit this election season. Earlier this month, Newsweek reported that PCs used by the campaigns of Obama and former Republican presidential candidate John McCain were compromised last summer.
In September, McCain's running mate Alaska Governor Sarah Palin had her Yahoo e-mail account broken into. And back in April, someone exploited a weakness in the Web site for Obama's campaign and redirected some visitors to then-Democratic presidential hopeful Hillary Clinton's site.
About 15 percent of all online computers are infected with bots, says a new report (PDF) on emerging threats for 2009 from Georgia Tech Information Security Center. And according to Patrick Traynor, assistant professor at Georgia Tech's School of Computer Science, "We'll start to see the botnet problem infiltrate the mobile world in 2009."
In Traynor's view, if botnets, or large networks of infected computing devices, gain a foothold on mobile devices, they could be used to create a distributed denial of service attack on the cellular network itself, inconveniencing thousands of cell-phone customers.
But the future need not be so dire.
"Because the mobile communications field is evolving so quickly, it presents a unique opportunity to design security properly--an opportunity we missed with the PC," he wrote in the report.
Most people keep their PCs and operating system for years, up to 10 years in some cases. Most people buy a new mobile phone every 2 years, on average.
"The short life cycle of mobile devices gives manufacturers, developers, and the security community an opportunity to learn what works from a security standpoint and apply it to devices and applications more quickly," wrote Traynor.
According to the report, researchers like Traynor expect standards for handset security to emerge within the next 12 months.
The report also called out four other areas of concern: greater prevalence of social-networking malware such as a recent botnet risk reported on Facebook, user-specific VoIP attacks such as the one presented recently at Toorcon, cyber-warfare such as the recent denial-of-service attacks against the nation of Georgia, and a maturing cybercrime economy like that in recent reports of "crimeware-as-a-service" packages for sale on the Internet.
This guest post is from Marc Weber Tobias, an attorney and physical security specialist.
If someone asks to borrow your cell phone, or you leave it unattended, beware!
Unless you actually watch them use it, they may be secretly grabbing every piece of your information on the device, even deleted messages. If you leave your phone sitting on your desk, or in the center console of your car while the valet parks it, then you and everyone in your contacts list may be at risk, to say nothing of confidential e-mails, spread sheets, or other information. And of course, if you do not want your spouse to see who you are chatting with on your phone, you might want to use extra caution.
Paraben's CSI Stick can be used to make a copy of all data on a cell phone.
(Credit: Marc Weber Tobias)There is a new electronic capture device that has been developed primarily for law enforcement, surveillance, and intelligence operations that is also available to the public. It is called the Cellular Seizure Investigation Stick, or CSI Stick as a clever acronym. It is manufactured by a company called Paraben, and is a self-contained module about the size of a BIC lighter. It plugs directly into most Motorola and Samsung cell phones to capture all data that they contain. More phones will be added to the list, including many from Nokia, RIM, LG and others, in the next generation, to be released shortly.
I recently attended and lectured at the Techno-Security conference in Myrtle Beach, Fla. About 1,500 law enforcement and security professionals participated and were briefed on the latest in cybersecurity vulnerabilities from participating federal agents, manufacturers, and cyber-consultants. The CSI Stick caught my attention because of the potential to rapidly and covertly download all of the information contained in many cell phones.
This device connects to the data/charging port and will seamlessly grab e-mails, instant messages, dialed numbers, phone books and anything else that is stored in memory. It will even retrieve deleted files that have not been overwritten. And there is no trace whatsoever that the information has been compromised, nor any risk of corruption. This may be especially troublesome for corporate employees and those that work for government agencies.
The good news: the device should find wide acceptance by parents who want to monitor what their kids are doing with their phones, who they are talking to and text messaging, and where they are surfing. It could also be valuable in secure areas where employees need to be randomly monitored to insure that sensitive information is not compromised through the use of a cell phone as a memory device.
The CSI Stick sells for $200 and requires an added piece of software to mine the data and do sophisticated processing on your computer. So now, in addition to worrying about your conversations or data being intercepted through your Bluetooth headset, there is a new threat, and it is very real.
The rule: if your phone contains sensitive data, do not leave it unattended. If you loan it to someone to use because they tell you theirs is not working, make sure you actually see them using the phone and there is nothing connected to it.
(Credit: Marc Weber Tobias)
I admit it; I've been in denial about my cell phone habit.
I'm a multitasker on the phone and I tend to make calls when I'm in transit. Why not get some of those calls I have to make out of the way while I'm walking or driving? (I really do try to not use the phone while on the bus so as not to annoy other passengers, but sometimes it just can't be avoided.)
(Credit:
CNET News)
Of course, I've known for months that I was going to have to curb the habit while driving because of the hands-free law that went into effect for drivers in California three weeks ago. But I have been resisting buying a cell phone headset for a number of reasons.
For one, I find those cyborg-like devices sticking out of peoples' ears to be tacky. I'm sorry, but I do. Seeing people talking to themselves when they are not obviously on the phone is just off-putting.
Secondly, I had heard about security problems with Bluetooth and didn't want to have to figure it all out. Security experts discussed the risks to Bluetooth users at the Last HOPE (Hackers on Planet Earth) conference in New York last weekend, warning people to change the default password, turn off the headsets when not in use, and limit access to the data when communicating with other devices.
I also thought that buying a headset would unnecessarily feed a habit that I'd rather cut back on. I don't really like long phone conversations and I easily over dose on talking on the phone because I do it so much for my job. For me, getting a headset would be like getting TiVo when you're trying to watch less television.
But when I found myself tempted to break the law recently, needing to make a call while driving, I realized it was time to get one.
So I bought a standard Motorola variety for less than $50 on Tuesday night. Apparently, I'm not the only one thinking this way--a new study has found that the hands-free law boosted Bluetooth device sales to four times the national average.
On Wednesday, the U.S. CERT (Computer Emergency Readiness Team) decided the Bluetooth security risk was serious enough to publish a security advisory about it.
"Depending upon how it is configured, Bluetooth technology can be fairly secure," the advisory said. "Unfortunately, many Bluetooth devices rely on short numeric PIN numbers instead of more secure passwords or passphrases."
Basically, any device that can "discover" another Bluetooth device can send unsolicited messages or do things that could lead to extra fees, data being compromised or corrupted, data stolen in an attack called "bluesnarfing," or the device being infected with a virus, the advisory said.
To protect against these risks, Bluetooth owners should disable the technology when it is not being used, disable unnecessary features, and switch it to "hidden" mode, CERT said. Using "hidden" mode won't prevent me from using my headset with my phone because once the two devices have located each other, or paired, they will continue to be able to recognize each other thereafter.
Bluetooth users should also be careful where they are using the technology. For instance, using it in a public wireless "hotspot" poses a greater risk that someone else can intercept the connection than using it in your home or car, according to the advisory.
Now all I have to do is get something to protect me from the Bluetooth device's electromagnetic frequencies (EMFs), which may or may not pose health risks.
NEW YORK--For private investigator Steven Rambam, the Internet is his most valuable tool in helping to find missing persons, cheating husbands, and your competitor's dirty secrets.
Steven Rambam, director of investigative agency Pallorium, tells the crowd at the Last HOPE conference that "privacy is dead."
(Credit: Elinor Mills)But while the intelligence business is booming, individuals are losing the battle to protect their privacy with every blog post, Google Web search, and online photo, Rambam, director of the Pallorium investigative agency, said in a keynote session late on Saturday at the Last HOPE (Hackers on Planet Earth) conference.
"Anything you put on the Internet will be grabbed, indexed, cataloged, and out of your control before you know it," he told CNET News after the session. "The genie is out of the bottle. Data doesn't stay in one location. It migrates to hundreds of places."
Information that he used to have to search for or dig up in far away places is now available at his fingertips. All types of information is being digitized, older stuff is being scanned and put online, and it's all being aggregated into uber-databases that are being sold to marketers, government agencies, and anyone else who can pay, he said.
Rambam says he searches on social networks to find photos of what people he is researching look like, the first step in any investigation. He gets a lot of other vital data from those sites, like hometown, age, relationship status, school and work history, hobbies, and friends and acquaintances to interview. With Twitter, he can often see where they are right now, or at least in the recent archived past.
"I used to pay the police $500 for a driver's license photo. Now I just have to go to MySpace," he said. "I can find your location without leaving my desk."
He uses job sites to see someone's resume, date of birth, address, and work history, to find former employees of companies he is researching and to see what job openings they have and compare salary levels. And then there are sites like Don'tDateHimGirl.com and Who'sARat.com where you can find what a person's enemies have to say.
Rambam also gets information from marketing databases that gather information on people's buying habits and preferences from frequent customer cards, surveys, product registrations, actual transactions, and other activities.
Marketing databases with vast amounts of personal records are being purchased by the government, he said. At the same time, individuals have less power to learn what information is being gathered on them and how it is being used, because private entities are exempt from the Freedom of Information Act, he added.
"Dominos has built the biggest consumer database in America," and the U.S. Marshall's Service, the New York Police Department and collection agencies are using it to track people down, Rambam said.
There also are vast stores of data based on peoples' Web and computer activities being amassed by technology companies that can be easily used to connect a specific individual to specific activities and information. For example, end user license agreements allow for location data to be sent back to the manufacturer every time a customer logs in, and photos and burned CDs and DVDs have unique serial numbers for tracking, he said.
Then there is the "snitch" in everyone's pocket--the cell phone. Unlike your activity on a computer, "a cell phone can be immediately traced to you and you have it with you 24/7," Rambam said.
"Cell phones change everything," because of their location-based technology, he said. "I'm able to know who you talked to, where you are, what you do, and what you like just from cross-referencing cell phone (data)."
Finally, cameras and video cameras have helped revolutionize the snooping industry. Smart cameras with facial and activity recognition analytic capabilities are popping up everywhere, while the FBI and others are testing systems that will recognize the walking gait of individuals, Rambam said.
There are police helicopters in New York that can see what a car passenger is reading. New York is partnering with businesses and landlords to install 3,000 cameras in lower Manhattan and has spent $450 million to install 3,000 cameras in the subway, he said.
In a test of his skills, Rambam tracked down someone who had agreed to go in hiding for one year. He was able to locate the person nine times, using methods including social engineering and a dummy e-mail account, tracking the IP address of an Internet cafe computer, cell phone triangulation, a credit card trace on an airline ticket using a frequent flier number, a fake Match.com ad, and an online "wanted" poster.
Rambam, who details the experiment in a book titled Stealing Your Own Identity, also was able to track his subject through his pharmacy and doctor.
And in an ingenious move, he noticed that there were blocks of photos with consecutive unique IDs on the subject's Web site that were missing. So he searched for photos with ID numbers that would fit in that sequence on Flickr and found shots that gave away his target's whereabouts.
Although he works closely with law enforcement agencies, Rambam has had a legal run-in of his own, just like some of the hackers in the audience. He had been scheduled to speak at the previous HOPE in 2006, but was arrested right before he was to give his talk and spent two days in jail on charges of impersonating an FBI agent and tampering with a government witness. The charges were dropped and his accuser now faces arrest, he said.
New York City is installing video cameras all over the city, Rambam says.
(Credit: Pallorium)- prev
- 1
- next
