Tom's Soapbox: To Protect Your Digital Data, Sheer Probability Is Your Best Hope

Opinion
By
published

Cybersecurity has popped up in the news cycle again, and this week, it's a mean turn against Facebook. The big blue social network is absorbing body blows from the FTC, the British House of Commons, and the online world at large. And ironically, many of the attacks are coming from competing social media platforms that also collect personal information, including Twitter.

The data breach this time wasn't a simple grab-and-run hack for credit cards or social security numbers, like previous large-scale attacks such as those leveraged against Equifax or the actual SEC. The motive in the latest Facebook scandal involves possible election fraud by the Trump campaign via the firm Cambridge Analytica, and has been summed up all over the news.

I'm not here to talk politics or take a side, though. I'm here to tell you the truth about your data. And sadly, it's this: Nothing you've already put online will ever truly go away. And as long as an entity other than you holds your personal information--be it bank account data, the credit card you use to buy stuff online, or your child's birth record, there's nothing much you can rely on--except the security prowess of your account keepers.

That's Supposed to Reassure Me?

Well...no.

Many of those sensitive data keepers aren't doing such a great job. eBay, Yahoo, Sony's PlayStation Network, and many other big firms have fallen to data breaches that have nothing to do with how cunningly you set the security features of your accounts. In some cases, huge blocks of encrypted data have been stolen, and the task for the thieves then becomes to decrypt it, revealing the victims' personal information. Other times, the data kept by a compromised website isn't even encrypted at all. The hackers then sell the data or make it freely available to anyone who can find it.

It's easy, right now, to fall into the #boycottFacebook hype and blame Mark Zuckerberg for our woes, but that's just the outrage flavor of the day; the concerns have been serious for ages. In many cases, data breaches are known about for months or years before they're even announced to the public. That means it's very likely your personal information has been floating around somewhere it shouldn't be for longer than you've been aware of it.

But Facebook isn't the only one at fault, and quitting Facebook or severing ties between it and all your favorite apps won't stop the information gathering. You'd have to quit Twitter, Snapchat, Reddit, Amazon, Google, Microsoft, any accounts you've got with the government (SSA.gov? FAFSA and other student aid?), and so on. Forget it--the Web would become a lonely place. And once you do quit all those sites you do business with, remember this: They're required to keep financial transaction data for years afterward. You'll never truly escape. And the larger your online footprint becomes, the more at-risk your data remains.

Probably Your Best Bet? Probability

So, what's the answer? You've seen the hints--you can employ strong, random passwords, use two-factor authentication wherever it's offered, never share anything you're told not to share, and abide by more hints you can find in Tom's Guide's Security section...and those are great. They'll likely hinder anyone whose sights are set personally on you and your data specifically.

But when your personal identifying information gets scooped up from the back end of a database, there's not much you can rely on, except obscurity and the sheer force of odds and numbers. When, say, 20 million accounts are breached, and the entire set of data is tossed in an endless set of lists on some server somewhere, the odds of some thief swiping your credit card versus any other to buy that new catamaran they've been eyeing, or grabbing your social security number to establish a new identity, are extremely unlikely.

Not exactly reassuring, is it? Think of it this way, though: If you were in a crowd of millions, and someone fired a few dozen tee-shirts from a cannon at the crowd, do you really think you'd get one? If you do, buy me a lottery ticket. I need some of your luck.

Bio: Joel Durham, Jr., has been a gadget geek since birth, and went pro engineering networks in 1995. In 1997, he began a tech-focused writing career, penning stories and columns for the likes of PC Gamer, CNET, ExtremeTech and Maximum PC. Now, after a hiatus for health reasons, he’s back and ready to overclock everything within reach once more.

Joel Durham Jr
21 Comments Comment from the forums
  • scumofscotland
    "election fraud by the Trump campaign" is quite a claim. I am not following this story terribly closely but would appreciate if you would back up that comment if you are going to toss a grenade out there possibly fueled by your bias. From what I can tell it was the analytics firm that acted unethically (and possibly facebook) and you cannot infer that the Trump campaign had any clue that the data being used should have been deleted (though I am open to being corrected of course).
    Reply
  • g-unit1111
    20814848 said:
    "election fraud by the Trump campaign" is quite a claim. I am not following this story terribly closely but would appreciate if you would back up that comment if you are going to toss a grenade out there possibly fueled by your bias. From what I can tell it was the analytics firm that acted unethically (and possibly facebook) and you cannot infer that the Trump campaign had any clue that the data being used should have been deleted (though I am open to being corrected of course).

    I have been following this story. CA (Cambridge Analytica) is in some serious trouble here. The word "cluster----" is probably the most accurate term I can use to describe it. Whether or not it has anything to actually do with election fraud remains to be seen but it's looking like that is going to be a possibility, and it was more than just the Trump campaign that was affected by this. But this is huge and if you're not scared by this colossal data breach you definitely should be.
    Reply
  • Non-Euclidean
    Except it wasnt a breach. Its a violation of Facebook terms over unprotected data. Its also the same thing Obama did in 2008, except his election staff asked the user to some degree for access. When Facebook found out about the depth of info gathering they said "no problem, do what you want" since we like you guys.
    Reply
  • King_V
    20814848 said:
    "election fraud by the Trump campaign" is quite a claim. I am not following this story terribly closely but would appreciate if you would back up that comment if you are going to toss a grenade out there possibly fueled by your bias. From what I can tell it was the analytics firm that acted unethically (and possibly facebook) and you cannot infer that the Trump campaign had any clue that the data being used should have been deleted (though I am open to being corrected of course).

    You've then either been avoiding some news stories, or doing selective reading.

    Instead of demanding that the author back it, maybe do some basic searching?


    FOR EXAMPLE - in 10 seconds of using Google, I was able to find this:

    http://www.politifact.com/punditfact/statements/2018/mar/21/jack-posopiec/trump-campaign-used-cambridge-analytica-final-mont/


    So, perhaps you can see why you sound like one of those trolls who resorts to the kind of "Well, I've never heard anything about X, so, why don't you provide me with evidence to back it?" when in fact X has been mentioned frequently enough that it's nearly impossible not to have come across it.
    Reply
  • 20815359 said:
    20814848 said:
    "election fraud by the Trump campaign" is quite a claim. I am not following this story terribly closely but would appreciate if you would back up that comment if you are going to toss a grenade out there possibly fueled by your bias. From what I can tell it was the analytics firm that acted unethically (and possibly facebook) and you cannot infer that the Trump campaign had any clue that the data being used should have been deleted (though I am open to being corrected of course).

    You've then either been avoiding some news stories, or doing selective reading.

    Instead of demanding that the author back it, maybe do some basic searching?


    FOR EXAMPLE - in 10 seconds of using Google, I was able to find this:

    http://www.politifact.com/punditfact/statements/2018/mar/21/jack-posopiec/trump-campaign-used-cambridge-analytica-final-mont/


    So, perhaps you can see why you sound like one of those trolls who resorts to the kind of "Well, I've never heard anything about X, so, why don't you provide me with evidence to back it?" when in fact X has been mentioned frequently enough that it's nearly impossible not to have come across it.

    Much hypocrisy in this hyperpartisan world. And selective memory.

    https://www.technologyreview.com/s/509026/how-obamas-team-used-big-data-to-rally-voters/

    https://www.forbes.com/sites/kalevleetaru/2018/03/19/the-problem-isnt-cambridge-analytica-its-facebook/#502108ee58a5
    Reply
  • g-unit1111
    20815359 said:
    20814848 said:
    "election fraud by the Trump campaign" is quite a claim. I am not following this story terribly closely but would appreciate if you would back up that comment if you are going to toss a grenade out there possibly fueled by your bias. From what I can tell it was the analytics firm that acted unethically (and possibly facebook) and you cannot infer that the Trump campaign had any clue that the data being used should have been deleted (though I am open to being corrected of course).

    You've then either been avoiding some news stories, or doing selective reading.

    Instead of demanding that the author back it, maybe do some basic searching?

    Yeah exactly this is one of those stories where you really have to read past the headlines because there will be a lot of misinformation out there.
    Reply
  • King_V
    20815667 said:
    20815359 said:
    20814848 said:
    "election fraud by the Trump campaign" is quite a claim. I am not following this story terribly closely but would appreciate if you would back up that comment if you are going to toss a grenade out there possibly fueled by your bias. From what I can tell it was the analytics firm that acted unethically (and possibly facebook) and you cannot infer that the Trump campaign had any clue that the data being used should have been deleted (though I am open to being corrected of course).

    You've then either been avoiding some news stories, or doing selective reading.

    Instead of demanding that the author back it, maybe do some basic searching?


    FOR EXAMPLE - in 10 seconds of using Google, I was able to find this:

    http://www.politifact.com/punditfact/statements/2018/mar/21/jack-posopiec/trump-campaign-used-cambridge-analytica-final-mont/


    So, perhaps you can see why you sound like one of those trolls who resorts to the kind of "Well, I've never heard anything about X, so, why don't you provide me with evidence to back it?" when in fact X has been mentioned frequently enough that it's nearly impossible not to have come across it.

    Much hypocrisy in this hyperpartisan world. And selective memory.

    https://www.technologyreview.com/s/509026/how-obamas-team-used-big-data-to-rally-voters/

    https://www.forbes.com/sites/kalevleetaru/2018/03/19/the-problem-isnt-cambridge-analytica-its-facebook/#502108ee58a5



    Irrelevant. scumofscotland claimed ignorance of any Trump affiliation with Cambridge Analytica, and demanded that the author re-prove it for the sin of making the claim.

    This demand is likely because scumofscotland was unhappy to have this fact repeated.

    You're changing the subject. Your point serves no purpose, except to basically tell us you don't like Obama.

    EDIT: also, are you saying that the Obama campaign engaged with a company as blatantly dirty, who bragged about the effectiveness of their shady tactics, as Cambridge Analytica? That is your implication. I went back and scanned through your articles, and see NOTHING about hookers (Ukrainian or otherwise), use of known false stories ("it doesn't matter if it's true, as long as people believe it"), etc.

    Don't even TRY to say the two are anything alike.
    Reply
  • TJ Hooker
    20815667 said:
    20815359 said:
    20814848 said:
    "election fraud by the Trump campaign" is quite a claim. I am not following this story terribly closely but would appreciate if you would back up that comment if you are going to toss a grenade out there possibly fueled by your bias. From what I can tell it was the analytics firm that acted unethically (and possibly facebook) and you cannot infer that the Trump campaign had any clue that the data being used should have been deleted (though I am open to being corrected of course).

    You've then either been avoiding some news stories, or doing selective reading.

    Instead of demanding that the author back it, maybe do some basic searching?


    FOR EXAMPLE - in 10 seconds of using Google, I was able to find this:

    http://www.politifact.com/punditfact/statements/2018/mar/21/jack-posopiec/trump-campaign-used-cambridge-analytica-final-mont/


    So, perhaps you can see why you sound like one of those trolls who resorts to the kind of "Well, I've never heard anything about X, so, why don't you provide me with evidence to back it?" when in fact X has been mentioned frequently enough that it's nearly impossible not to have come across it.

    Much hypocrisy in this hyperpartisan world. And selective memory.

    https://www.technologyreview.com/s/509026/how-obamas-team-used-big-data-to-rally-voters/

    https://www.forbes.com/sites/kalevleetaru/2018/03/19/the-problem-isnt-cambridge-analytica-its-facebook/#502108ee58a5
    Whether or not 'Obama did it too' (which seems to be what you're saying) doesn't have any bearing on doesn't dictate whether or not the recent actions by Facebook/Cambridge Analytica/possibly Trump campaign are acceptable. Even if people are being hypocritical (being fine with Obama doing it but not Trump), that doesn't inherently make them wrong here.
    Reply
  • USAFRet
    20815841 said:
    Saying "Obama did it too" (which seems to be what you're saying) doesn't have any bearing on whether or not the recent actions by Facebook/Cambridge Analytica/possibly Trump campaign are acceptable. Even if people are being hypocritical (being fine with Obama doing it but not Trump), that doesn't necessarily make them wrong here.

    It wasn't acceptable then, its not acceptable now.

    However...with FB holding this much data, this was a foregone result.
    People are under the mistaken idea that your "privacy settings" actually mean something. That just changes the visual interface you and your friends see. All that connection data exists.

    And this doesn't even begin to touch on the fact that FB actively filters and delivers to you what they think will keep you engaged on their site.
    You are not getting an unfiltered feed.
    Mo clicks = mo money.
    Reply
  • g-unit1111
    20815841 said:
    Saying "Obama did it too" (which seems to be what you're saying) doesn't have any bearing on whether or not the recent actions by Facebook/Cambridge Analytica/possibly Trump campaign are acceptable. Even if people are being hypocritical (being fine with Obama doing it but not Trump), that doesn't necessarily make them wrong here.

    Yes I totally agree here. I tend to lean very left-progressive politics wise, but I also know that when something this egregious happens, you can't excuse one side from getting away with it, while the other side commits a huge crime like this. It's a crime no matter which side does it.If you're excusing one over the other that contributes to part of the reason why our political system is so divided right now.
    Reply