Facebook’s ‘Nearby Friends’ feature: What you need to know

location2

New feature shows when friends are nearby (and you near them)

This post is adapted from one that first appeared on Forbes.com

Facebook is rolling out a new feature for its mobile app that allows you to  share your approximate location with friends. The opt-in feature (it’s turned off by default) enables you to find and be found by nearby friends. The feature can be turned on or off at any time and both parties have to have the feature enabled. When you configure the feature you can select to share with all your friends or a sub-set like only family or only close friends.

The feature is only available for users over 18 so, unless they lie about their age, it is not available to minors.


Listen to Larry Magid’s 1-minute CBS News segment on Nearby Friends

With this feature enabled, you might be able to know that a friend is nearby so you can meet up.

In addition to sharing your approximate location with a group of friends, you have the option of sharing yourprecise location with specific friends and you can decide how long your specific location will be shared. For example, I could decide to share my exact location with Susie Smith between now and 11:00, assuming Susie also had the feature turned on. I would only know her location if she shared it with me.

If friends are traveling you will able able to see the city and neighborhood that they’re in, according to a Facebook blog post.

Friends only

The maximum exposure is friends. You can not set it for friends of friends or publicly display your location. Users’ location history is permanently  set to “only me”  according to a Facebook spokesperson.

age


Safety and privacy  
implications

The feature certainly can be misused to provide your location to someone who shouldn’t know it, but there are plenty of safeguards available, as long as you use them. As with any location app, you should only share your precise location with people you know and trust. Even sharing your approximate location could be inappropriate or even dangerous in some cases if people who you don’t want to find you can use it to figure out where you are. It can also have other implications. If your boss thinks you’re at an offsite meeting in Los Angeles but you’re sharing that you’re actually in San Francisco, it could have a big problem on your hands.

Not for minors under 18

This feature is for adults only. No one under 18 can use this feature, assuming that they have signed on with their correct age.

Other location sharing apps

Facebook is hardly a pioneer when it comes to location sharing. Glympse (also a ConnectSafely supporter) has long offered a location sharing app that even allows you to follow someone as they drive. By default, it times-out in 15 minutes but you can opt to share  your location for a maximum of four hours.

age

 

Disclosure: Facebook provides financial support to ConnectSafely.org

Posted in Article | Comments Off

Identity theft is a problem from cradle to grave

Screen Shot 2013-08-17 at 9.35.25 AMThis post first appeared in the San Jose Mercury News

by Larry Magid

id

University of Texas center hosts conference on identity and ID theft

Last Tuesday was a scary day. Microsoft ended support and security updates for Windows XP, leaving millions of users vulnerable to hack attack from what will soon be an out-of-date operating system riddled with vulnerabilities. But by the end of the day, we had something else to worry about. Security researchers revealed that a flaw in Open SSL — the most popular Web encryption system — may have left private information exposed to anyone who knew how to exploit the flaw.

As these stories were breaking, I happened to be in Austin, Texas, for the Center for Identity‘s ID 360 conference, where experts from around the world gathered to talk about identity theft.

Data breaches and securities flaws aren’t the only ways people’s identity can be stolen but they are certain a major risk factor. As Bryan Hjelm, vice president of product and marketing for CSID, pointed out in his presentation, data breaches in 2013 exposed 822 million records worldwide. This year the data breach at Target exposed at least 40 million credit cards, some of which have already been illegally used for purchases.

Identity theft is a problem from cradle to grave, said Suzanne Barber, director of the Center for Identity Theft (scroll down to listen to the entire interview).

Suzanne Barber (source

Suzanne Barber (Photo: CFID)

“More and information is being asked for by different organizations,” she noted. “The book club asks for information along with the grocery store, and you’re left with a dilemma — ‘I want the services and access that these different originations provide but they want a lot of information about me.”‘

Protect your social security number

One thing you should avoid sharing, she said, is your Social Security number, which is very valuable to identity thieves. A lot of businesses ask for your Social Security number to verify your identity but there are often other ways to do this.

I give my Social Security number to banks when I open a new account because it’s a government requirement that they have it for tax purposes. But when a doctor’s office asked for it recently, I declined because they don’t need it to bill me or my insurance company and they certainly don’t need it to treat me. If anyone asks for your Social Security number, ask why they need it.

Children most vulnerable

Barber said parents should be especially careful when it comes to their children’s Social Security numbers. She said children are 35 times more likely than adults to be identity theft victims. One reason is because children almost always have clean credit ratings, which makes them very valuable to identity thieves. Also, said Barber, parents tend not to monitor their children’s Social Security numbers and credit ratings, so they’re less likely to uncover a child’s identity theft until they’ve been victimized.

According to the Federal Trade Commission, warning signs that your child may have been victimized include their being turned down for government benefits because the benefits are being paid to another account using your child’s Social Security number. Other warnings include a notice from the Internal Revenue Service that the child’s Social Security number was used on another tax return or bills or collection calls for products or services not received.

Whether a child or an adult, you should check your credit reports at least once a year. You can get a free credit report from AnnualCreditReport.com or by calling 1-877-322-8228. This program is sponsored by the Federal Trade Commission. Do not confuse it with other credit reporting services that have “free” in their name.

I recommend that you check your bank and credit and debit card activity regularly. If you don’t already have an online account with your bank, set one up and go in frequently to look for recent activity, which is sometimes posted immediately after a transaction occurs. If you find anything suspicious, report it right away so you’re not charged and so the bank can investigate. This is especially important for debit cards because the bank will deduct any charges from your account immediately and you need to get them to reimburse you for any fraudulent charges.

Other types of identity theft risks include fraudulent tax returns, which could result in someone else getting your refund. There is also medical fraud — people getting medical services billed to your insurance account or prescriptions in your name. ID 360 conference speaker Ann Patterson said another risk is “misdiagnosis, mistreatment or delay in treatment,” due to someone getting medical care in your name.

The Identity Theft Resource Center advises people to use a cross-cut shredder to dispose of documents with personal information. They also advise that you “know your billing cycles and contact creditors when bills fail to show up.” That’s one piece of advice I would have never thought of. Few of us particularly enjoy getting bills, but better us than an identity thief.

Posted in Article | Comments Off

Report: NSA Knew About And Exploited Heartbleed For Years

Click for Full story at Forbes.com

Posted in Article | Comments Off

How to protect against the Heartbleed security flaw (Slideshow)

First, don’t panic. This is a serious problem but you need to put it into perspective. While there is clearly a vulnerability, there are so far no reports of the flaw being exploited. And even though this flaw has been around for the past two years, almost all the major sites have fixed it — in some cases in the last few days.

There have been reports of hardware — routers and other equipment — that could be affected but, so far, we have only heard about devices used in big organizations. To be safe, visit the website of the company that makes your router to see if there are any updates.

What you can (and can’t) do

When it comes to protection, there is very little that individuals can do. It’s up to site and service operators to fix their systems.  If you’re unsure about systems you use, click on the test site links (below) to check and also be sure to look at CNET’s report on the top 100 sites.

Test sites:

Change your password if you site is now secure

If you can confirm that the sites you’re using are secure, this is a good time to change your password. Actually you should change passwords every few months anyway. Make sure you’re using a unique password for each site and make sure that it contains upper case letters, numbers and symbols and don’t use a dictionary word or a common name. This sounds hard, but ConnectSafely’s Tips for Strong Secure Passwords has easy to use suggestions. Also,scrll down to view ConnectSafely’s slide show.

Monitor your accounts

The Department of Homeland Security advises that you “Closely monitor your email accounts, bank accounts, social media accounts, and other online assets for irregular or suspicious activity, such as abnormal purchases or messages.”

Beware of ‘phishing’ schemes

Also, beware of “phishing schemes.” You might get  email that appears to be from banks and other sites, “disclosing” that the site was vulnerable and asking users to reset their passwords. These could be phishing attacks designed to trick  you into revealing your log-on credentials to thieves. And some of these attacks are very sophisticated, taking you to sites that look identical to a company’s real site.

If you get such an email DO NOT CLICK on any links. If you feel that it’s time to change your password (and you should once you know the site is no longer vulnerable), type in the site’s URL in your browser and navigate to the password reset page. It’s less convenient than clicking on a link but a lot safer. Here are tips for safe, secure and unique passwords.

Slideshow

 

Screen Shot 2014-04-09 at 2.36.13 PMFirst, don’t panic. This is a serious problem but you need to put it into perspective. While there is clearly a vulnerability, there are so far no reports of the flaw being exploited. And even though this flaw has been around for the past two years, almost all the major sites have fixed it — in some cases in the last few days.

There have been reports of hardware — routers and other equipment — that could be affected but, so far, we have only heard about devices used in big organizations. To be safe, visit the website of the company that makes your router to see if there are any updates.

What you can (and can’t) do

When it comes to protection, there is very little that individuals can do. It’s up to site and service operators to fix their systems.  If you’re unsure about systems you use, click on the test site links (below) to check and also be sure to look at CNET’s report on the top 100 sites.

Test sites:

Change your password if you site is now secure

If you can confirm that the sites you’re using are secure, this is a good time to change your password. Actually you should change passwords every few months anyway. Make sure you’re using a unique password for each site and make sure that it contains upper case letters, numbers and symbols and don’t use a dictionary word or a common name. This sounds hard, but ConnectSafely’s Tips for Strong Secure Passwords has easy to use suggestions. Also,scrll down to view ConnectSafely’s slide show.

Monitor your accounts

The Department of Homeland Security advises that you “Closely monitor your email accounts, bank accounts, social media accounts, and other online assets for irregular or suspicious activity, such as abnormal purchases or messages.”

Beware of ‘phishing’ schemes

Also, beware of “phishing schemes.” You might get  email that appears to be from banks and other sites, “disclosing” that the site was vulnerable and asking users to reset their passwords. These could be phishing attacks designed to trick  you into revealing your log-on credentials to thieves. And some of these attacks are very sophisticated, taking you to sites that look identical to a company’s real site.

If you get such an email DO NOT CLICK on any links. If you feel that it’s time to change your password (and you should once you know the site is no longer vulnerable), type in the site’s URL in your browser and navigate to the password reset page. It’s less convenient than clicking on a link but a lot safer. Here are tips for safe, secure and unique passwords.

Posted in Article | Comments Off

Are sites you use vulnerable to Heartbleed security flaw?

Screen Shot 2014-04-09 at 2.36.13 PM

Source: Heartbleed.com

Update: CNET has posted a list of Heartbleed status for top 100 sites

A flaw in the most popular web encryption system could leave people vulnerable to data theft according to security researchers. That little padlock in the lower right corner of a browser window or the letters “https” in the address bar are supposed to mean that the site is encrypted but the most popular method, called OpenSSL, has had a hole for at least two years.

The Heartbleed bug “allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software,” according to Codenomicon’s Heartbleed.com site, which added, “This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.”

These tests aren’t  100% definitive. It are an indicator of whether the site you’re using is currently vulnerable, but it doesn’t indicate whether it may have been affected in the past. So even if the site you enter comes up clear there is no guarantee that it wasn’t vulnerable earlier. Still, it’s worth checking the Lastpass Heartbleed checker, the Filippo Valsorda’s report and  the Qualys SSL Labs report. CNET has posted a list on the Heartbleed status for top 100 sites

Is it time to change passwords?

Some experts are advising people to change their passwords right away but others suggest that it’s better to wait until you know your site is clear, lest you simply give hackers access to the new password.

Tips for changing passwords

When you do change your passwords, here are some tips: How to create secure and unique passwords.

For more information

More from Heartbleed.com

This post first appeared on Forbes.com 

Posted in Article | Comments Off

Beware of Heartbleed Inspired Phishing Scams

Click here for full post on Forbes.com

Posted in Article | Comments Off

Windows XP No-Support Deadline Has Arrived — Ignore At Your Peril

Read the full version at Forbes

Posted in Article | Comments Off

A Lot To Like About The New HTC One

Now that I’ve had about a week to play with the new HTC One, I can see what all the fuss is about. It’s probably the most stylish phone I’ve used.  Its brushed metal unibody case is a delight to hold. Sure, with its 5-inch screen and case dimensions of 5.74  by 2.75  by .37  inches , it’s a bit big as cell phones go, but it’s slim enough to fit into my jeans, which makes it small enough for my needs. It weighs 5.6 ounces, which is certainly heavier than other premium phones like the iPhone and Samsung Galaxy S5. I don’t mind the extra weight but I can see how some might.

The phone I’m testing was loaned to me by Verizon Wireless. It’s also available from AT&T, Sprint and T-Mobile in the United States and other carriers abroad.

Camera

The 5 MP front facing “selfie” camera is a lot better than typical front-facing cameras. You have to dig pretty deep to find any information from HTC about the number of megapixels of its front facing camera (it’s 4 MP) but on its website, the company goes on and on about its “UltraPixel”camera,” which, says HTC “enables each pixel to capture more than 300% more light than most leading 13 megapixel cameras.”  In my tests, the camera performed pretty well with decent color accuracy even in relatively low-light conditions. I still, however, prefer the camera in the iPhone 5s which remains the gold standard, especially when you factor in ease of use.

Speakers

The speakers in most phones are downright terrible for listening to music but HTC has done an amazingly good job with its front facing “BoomSound” stereo speakers. The sound, even at loud volume, is clearer and deeper than I have ever heard on such a small device. If I were going to listen to music on a phone without ear buds or headphones, this is the phone I’d want to be using.

Battery

Battery life is one of the most important features in a phone. No matter how good a phone you have, it’s not of any use if the battery dies when you need it.  The phone has an embedded (not removable) 2600 mAH battery with, according to HTC, talk time of 20 hours for 3G and standby time of up to 495 hours (in 3G). And that 3G rating, of course, doesn’t apply if you’re using the phone with 4G data which, of course, is how most people will use it.

I haven’t done any formal battery tests but so far it’s doing a lot better than my Nexus 5.  After about six hours of medium use I have 58% of my charge left, which is good as Android phones go.

HTC TV Sense turns your phone into a remote control

The phone uses Google’s latest Android 4.4.2 “Kit Kat” operating system with one missing feature. You can’t say “OK Google” from the home screen to have it automatically start listening for voice commands. It does access voice commands with Google Now installed or when using the phone in HTC’s Car mode

HTC has added some nice touches includgn HTC BlinkFeed, which updates the screen with posts from Facebook, Google Now and your favorite news feeds. It also has “Sense TV” which works as a TV remote control. I tested it with my Vizio TV and Dish Network PVR and it worked well. As part of the setup it asks you what shows you like and it lets you turn them in with one press. It also recommends shows that are on now and automatically tunes them in.

Another app called Zoodles, allows you to put the HTC One into kid mode so that children accessing the phone can only runs apps that you approve.

For more about the HTC One see Gordon Kelley’s excellent post on Forbes.com

 

Posted in Article | Comments Off

New Animation Site Lightheartedly Celebrates Cesar Chavez

John Grimes, a San Francisco-based cartoonist, animator, illustrator and movie maker has recently launched the site Fizzdom.com which he describes as a place for Amusing and provocative quotes, cartoons, videos and backstories.”

Five days a week, Grimes posts a custom-made animated GIF that takes a somewhat irreverent and lighthearted look at an issue or historical figure. But it’s not all fun and games. These posts also have other content, often including embedded video that explains the context of his animated cartoon

One recent example if this animation of a quote from Stephen Colbert. “Why don’t we go to war on women?” Colbert asks and then answers, “They don’t have any oil.”

colb

casarJust in time for what would have been Chavez’s 87th birthday (he died in 1993), Grimes has created a cartoon that shows the union leader handing a strawberry to characters from Mad Men and then getting a sideways glance from Downton Abbey’s Lady Grantham — a woman who thought that the help should remain invisible. But Chavez made farm workers very visible as he fought to get the growers to recognize their the United Farm Workers Union.

Check out the animations and his site and scroll down to listen to my 5 and 3/4 minute interview with Grimes.

Posted in Article | Comments Off

Those Tech Worker Busses Impact Silicon Valley As Well as San Francisco

Screen Shot 2013-08-17 at 9.35.25 AMThis post first appeared in the San Jose Mercury News

I have mixed feelings when I see those mostly double-deck buses on Highway 101 shuttling tech workers between Silicon Valley and San Francisco. Based on a recent survey, so do San Francisco voters. On one hand, I’d much rather see the buses than the thousands of cars they replace. The shuttles, according to the San Francisco Municipal Transportation Agency, transport more than 35,000 people a day and eliminate at least “45 million vehicle miles traveled and 761,000 metric tons of carbon every year from the region’s roads and air.”

As a fellow driver on 101, I also feel safer sharing the road with a relatively small number of professional bus drivers versus thousands of tired and distracted tech workers. And while it might not benefit me or the public, I am glad to know that the workers in these companies have the option of being more relaxed or productive during their commute.

Impact on communities

Google workers don't need Google Maps to commute. The can take a free bus

Google workers don’t need Google Maps to commute. The can take a free bus

But like many in the Bay Area, I also worry about their impact on local communities.

The concern among some San Franciscans is well known. There are vocal critics who say that the demands of well-heeled Silicon Valley tech workers are pricing lower and even middle-income San Franciscans out of the housing market. There is also concern about the impact they’re having on the culture of the city.

A sour note for some musicians

Inexpensive food joints are being replaced by upscale restaurants that many locals can’t afford and might not even enjoy. Artists and musicians are leaving the city. My professional musician son, Will Magid, who left San Francisco last year for other reasons, told me that the low-cost apartment he rented in the Mission district is now much more expensive than it was when he left about a year ago. The reasons people are leaving, he said “are both economic and cultural.” It’s not just increased rent, it’s also changes to the fabric of the community.

Yet, a recent survey conducted by EMC Research and commissioned by the Bay Area Council, a business organization, shows that most San Franciscans have a positive attitude about tech workers. The survey of 500 likely San Francisco voters conducted earlier this month found that 72 percent have a favorable opinion of tech workers, while 56 percent were strongly or somewhat favorable to employee shuttle buses. Nearly 80 percent feel that recent growth in the tech sector has been good for San Francisco.

But the survey also found that less than half of respondents (45 percent) said that their household has “benefited from the recent growth in the technology sector,” with 26 percent strongly disagreeing with that assertion. And nearly 6 in 10 (59 percent) said that “preventing eviction and neighborhood gentrification” is important or very important.

Affects Silicon Valley too

While I empathize with our neighbors in San Francisco, I also worry about what this northerly migration is doing to Silicon Valley. Just as cities started to suffer in the 1940s, ’50s and ’60s as workers moved to the suburbs, I worry that Silicon Valley is not taking full advantage of the energy and cultural and economic benefits we might otherwise enjoy if more of these workers were living in Palo Alto, Mountain View, San Jose, Sunnyvale and Redwood City and other parts of Silicon Valley.

While Silicon Valley is far from a ghost town on weekends, it’s not nearly as vibrant as San Francisco. Much of that is inevitable considering the uniqueness of San Francisco, but I can’t help wonder what the night life and music scene would be like in the valley if more young and well-paid tech workers lived here.

I also wonder whether the tech industry is having as much impact on local business as it could. I frequently patronize restaurants not far from Google and Facebook and don’t see large crowds at lunch time. Why should workers spend the time and money to eat off-campus when they have great free food right at work? Sure, those companies are employing cooks and other service workers, but it would be nice to share a bit more of the wealth with local businesses.

Of course, wherever tech workers live, they’ll need things like clothing, toothpaste, shoes and other necessities that once helped local businesses thrive. But, thanks to Amazon and other online merchants, even that trickle-down effect is severely diminished.

But I must admit I’m a bit jealous. No one offered me a free ride during the years I commuted between my home in Silicon Valley and my office in San Francisco. For that matter, no one offered me free meals, free laundry service, subsidized day care or many of the other perks some Silicon Valley tech workers enjoy.

Posted in Article | Comments Off