| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 02 Apr 2014 09:48:34 +0200 From: Joerg Mertin <smurphy@...sys.org> To: fulldisclosure@...lists.org Subject: Re: [FD] Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction On Wednesday 02 April 2014 09:21:55 Źmicier Januszkiewicz wrote: > > the facebook user should not have unrealistic expectation to privacy. > > I think this part says it all. I'd even drop the "unrealistic" out of > it. Keeping someone "private" on FB is like spraying it over a wall > and hoping nobody will notice, while a certain person is already > running an exhibition business out of it. > > The whole concept of "online privacy" is a delusion IMO. How can > something be private if it leaves traces and records all over the > place? Traffic, logs, DB records... So please, please let's stop > thinking that something can be "private" when we share it with a > multibillion company and its partners, advertisers, developers, and > whoever makes a legal claim. > > If you want something to be private -- don't share it. Period. You are right on most of these. The only way to gain a "small" control over it, is host it on your own hardware at home, and provide only links on other side on information of your site. Then, if you want remove it from the net, you cannot just delete the links, as these are still there (crawler bots, search machines etc.). You'll have to also modify "the" information. Actually, this is called provide misinformation as to invalidate the information you have so far. The question that then comes to my mind is - how many information/versions do the Bots cache of your site ? This will determine the number of disinformation changes you will have to make on your site ... :} The alternative of course - is to not have a E-Mail address, no contact to social sites, no Credit card, no Social security number, and live as an hermit :) somewhere in a cave (as a hermit on a mountain, the spy satellites can spot you :) ) ... -- Ask not for whom the Bell tolls, and you will pay only the station-to-station rate. -- Howard Kandel ------------------------------------------------------------------------ Joerg Mertin in Clermont/France Web: http://www.solsys.org PGP: Public Key Server - Get "0x159DC660F946126F" _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists