Facebook, Twitter and the iPhone spy on us

So you think someone is spying on you all the time? You're not wrong - technology makes it easier for spies and even the moderately snoopy to sneak about and extract your personal information.

The new changes in social networking site Facebook have understandably not been welcomed by users who are complaining about lack of privacy. To add fuel to the fire a chainletter was distributed to the site that revealed the names of those who soy on users. The email reads: "All FB friends. This is important. Do this asap! Go to settings. Click on privacy settings. Click on block users. in the name box enter 'automation labs'. A list of approx 20 people you dont even know will come up. Block each one individually. These people have access to your facebook account/profile and spy on what you do." Those who use Facebook would know that a certain feature lets you block people who you do not wish to be personal with. Upon blocking Facebook generates a list of all Facebook users with either that name, a similar name or people associated with the name. The letter alleged that some users have 'special access' to profiles which lets these privileged users to read explicit information about whoever then wish to spy on. However Facebook denied the authenticity and origin of the letter.

Meanwhile the iPhone has been facing a bit of flak regarding security issues. Nicolas Seriot, an insecurity expert confirmed that Apple's iPhone security was not as good as Steve Jobs' honchos have been claiming. The iPhone uses a sandboxing technology to restrict applications to OS resources with a list of deny/allow rules at the kernel level. But according to Seriot these are "way too loose," and "Apple should not claim that an application cannot access data from another application." In short, Apple reviewers can be fooled. It does not help that there are more than 35 million iPhones in the market and many more hackers in the world. All a hacker has to do is built an application using the known iPhone APIs to extract all your personal data. There is no firewall in the iPhone to warn you of threats, the gadget would not even know when someone is trying to edit your address book.

Things are not too well on the Twitter side of things - the micro blogging site was forced to issue a post that advised users to change their passwords after the company discovered a filesharing scam that targeted its users' accounts. A few days ago there were reports of a surge of followers on a couple of accounts, and it was found out that the accounts were linked to Bittorrent sites that were created to steal usernames and passwords. As per a statement by Del Harvey, Twitter's director of trust and safety, "It appears that for a number of years, a person has been creating torrent sites that require a login and password as well as creating forums set up for torrent site usage and then selling these purportedly well-crafted sites and forums to other people innocently looking to start a download site of their very own. However, these sites came with a little extra - security exploits and backdoors throughout the system. This person then waited for the forums and sites to get popular and then used those exploits to get access to the username, email address, and password of every person who had signed up."

There has been an unprecedented 70 percent rise in spam attacks and phishing on Twitter. Harvey urged users to set up multiple passwords and be aware of unusual third party activity. "The takeaway from this is that people are continuing to use the same email address and password (or a variant) on multiple sites." Twitter sent this message to users: "Got an email from us saying we've reset your password? A small # of accts seemed possibly affected offsite & we took a precautionary step." Of course the same can be done by phishing scammers who would link their message to the fake websites.

Security can be compromised very easily nowadays, Hackers can break into even big firms like Tata Consultancy Services without breaking too much sweat. There was chaos at TCS (India's largest software vendor) on Sunday when a Hacker did a DNS hijack and posted a "For Sale" message on the site. Just so you know, TCS produces security systems software.