Month: August 2016

Would You Let Me Hold Your Wallet? Protecting Your Privacy

Bradley Jones

I asked a police officer if I could hold his wallet. He obviously said no.

I told the officer that if he let me hold it, I would not glance at his license or look at how much money he had. I’d just hold it.

You are likely wondering what would transpire to get me to ask an officer if I could hold his wallet. While this might sound like a crazy situation, my question to the officer was to help illustrate that a point he had made earlier in a presentation was flawed. Specifically, it was to help illustrate that if you download applications and visit websites, then you are likely in a similar position of being asked to hand over something important to someone asking you to trust them. Unlike the officer, if you are like most people, then you will probably not say “no” when asked if you are okay with handing over personal stuff.

The officer had just done a fantastic presentation on his role with internet safety in the local school system. He had presented information to help parents understand more about cyber bullying, internet safety, and several other student issues in a digital age. It was one comment relevant to the latest fad, Pokemon Go, that caused me to ask for his wallet, and then to write this blog.

Accessing Web Sites and Using Mobile Apps

When you use a website or when you download and use an application, you are generally are agreeing to a license or term of service (ToS) for that site or application. Many sites and nearly ever application will have you confirm that you agree to their ToS by having you click a small checkbox that often simply says you agree. If you download an app from one of the app stores, you will often get a screen that says that the app wants access to some services on your machine or phone. Chances are, you simply click the box or button and continue. This action is generally required to use the software; otherwise, if you don’t agree, then most installation ends or the page doesn’t load.

Have you ever actually read or paid attention to what you agreed to? If you have kids that are allowed to install applications, do you know what they have agreed to when an application is installed?

The Danger of Phone Apps

Many mobile applications require you to agree to give access to features on your phones. These features could be access to your contacts, to your phone, to your files, or more. Pokemon Go has gone supersonic in popularity. One of the areas where Pokemon received a lot of attention was that it requested access to features and information that didn’t seem to be necessary for playing the game. This included access to contacts, files on your mobile device and even to your calls.

Chances are, if you installed the Pokemon Go app, you clicked the button and blew past the screen asking for permission to access all of this information. The following picture shows you want Pokemon Go asks for today.

Pokemon Go

You should consider what permission you gave when you installed the application.

If you were asked for contacts, then that is access to people listed on your phone. The app might choose to contact those people. If you said okay to location, then the application can keep track of where you are, where you go, and when it was you did this. If you said okay to access to your files, then you likely gave access to everything that is on your device since everything is stored in files. if you gave access to your “phone and calls,” then you are basically agreeing to allow your calls to be monitored.

When Pokemon Go first released, contacts, files, phones and calls were included in the permissions granted by users that installed the app through the Google App Store. When Google was asked if the data on a person’s phone was going to be accessed, the reported response was that the information such as contacts and email were not being accessed. Just like I said I wouldn’t look at the officers wallet, Google said the data on a person’s phone wouldn’t be looked at.

Regardless of what a company says, if they are asking you permission and you grant it, then you have granted them access. They can say they have not accessed the information, but you gave them permission, so they could access it at any time. You removed your ability to complain when you agreed it was okay.

This is not only apps

The idea of giving away information or of giving away your rights is not limited to mobile applications. This also applies to websites. There are two common areas where people tend to misunderstand or ignore what permissions or access they’ve given away. These are in:

  1. Creating accounts
  2. “I Accept” check boxes for Terms of Service (ToS)

Do I own accounts I create on the web?

When creating an account on a site, whether it is on a service like an online email provider, a localized forum, or a social media site, you should be aware of who owns the account. Most people assume the account is theirs. They also assume it is private. Depending on the terms of service, all of these assumptions could be wrong. For example, there are some email services that can monitor your activity and then use that information to market to you.

When you create an account on the internet, it is important to realize that you are creating that account on a machine. This is a machine owned by someone else, and often owned by a company. As such, it is their machine, so they have any access to what is there that they want. This can include anything you happen to put into your account.

Accepting Terms of Service

Relevant to an account you might create is a site or apps Terms of Service (ToS). A site’s ToS is a list of rules that you agree to by either agreeing to a request, or simply by accessing a site. On many cases, you are asked to check a box saying you agree to the terms. If you say no, you are often bounced off as site. As a result, many people simply check the box and continue.

Reading the terms of service is wise. Most will state what the site or company plans to do with the information you provide. The information you provide might not be obvious. It can be as simple as your IP address along with browser information, such as your location, the machine you are using, and other sites you have possibly visited. If you create an account, that ToS will also define the privacy they are willing to provide.

The ToS might have other statements in it as well. The following is from a popular home services site:

“You agree to promptly pay <site> One Thousand Dollars ($1,000) for each item of Content posted in violation of this Agreement.”

Per this clause, if you use this site, you are exposed to being fined for thousands of dollars. This is not as unusual as you might think, but you’d only know that if you read what you are agreeing to.

Conclusion

You need to be aware of what you and your kids are agreeing to when you click on buttons or use a site. In many cases, the information you give away could be equated to handing your wallet to a stranger. This is true of all applications and all sites. You should always try to be aware of what you are agreeing to in the digital world. Not everyone is as trustworthy as your local police officers.

The Fear of Zika

Bradley Jones

mosquitoThe Zika virus has many people concerned about epidemic outbreaks across the world. Recently, a person I know posted that they were concerned with the number of reported cases of Zika in Chicago. Being in the Midwest, it seemed to her that the spread of the disease happening, and that we should be frightened for our lives. Even at a recent school board meeting, the topic of the Zika virus came up as something that schools needed to address. The fear of Zika is growing, but is it justified?

My school district is being asked to have a plan regarding protection for the Zika virus. As a result, information was presented to the school board on the Zika virus showing that the fear has been blown out of proportion to the risk. This is not to discount that there can be severe issues with Zika; there can be. The fear around this, however, needs to be put into perspective.

First, the Zika virus is spread primarily through mosquitoes, and primarily by the Aedes species of mosquitoes. It cannot be transmitted from person to person with normal contact, so if someone in Chicago has the virus, others in Chicago don’t need to ostracize that person. Being that the Aedes mosquitoes are primarily found in the tropics and very southern parts of the United States, those of us in the Midwest have very little to fear. In fact, while there have been people who have traveled outside of the United States that have contracted the virus, until recently there have not been any reports of anyone getting Zika while in the United States. Recently, a case in Miami (the hotter, lower areas of the US) was reported.

If you were to get bitten by an Aedes mosquito and get the Zika virus, there is about an 80% chance you wouldn’t even know it. Of those that do get the virus, 80% show no symptoms. Even those that do show symptoms generally don’t get sick enough to go to the hospital. The general symptoms include fever, rash, joint pain, and red eye. Some people also get muscle pains or headaches. While the symptoms can last for a few days up to a week, the virus itself last about a week for most people, although it can remain longer.

The Zika virus is real. For those of us in the Midwest, the risk of infection is near zero unless you travel out of the country or to the very southern regions. With such a near zero risk, what should be feared more than the Zika is that there are people who will sensationalize a topic to levels of causing excessive fear as well push schools create plans for protective measures on something that is unlikely to ever happen.

The state of Indiana has even allocated $3.6 million in funding to protect Hoosiers from the Zika virus over the next five years. It is amazing how much money fear can drive.

# # #

Note:
While the Zika virus is currently low risk, the West Niles virus is one that does happen in the Midwest. This post is based on publicly available information, as I’m definitely not a mosquito expert!

 

Update (8/22):

Mosquito-borne Zika cases have been found in two neighborhoods of Miami-Dade County. These are the first areas in the US, although other very southern states have potential exposure.

Cats That Eat Elephants: SEO Ranking Promises

Bradley Jones

Yes, I just titled my blog post, “Cats That Eat Elephants.” What is scarier is that you are actually reading this post. That begs the question of “why?”

Not why are you reading this post, but why did I write a post with a title that seems to be talking about elephants that get eaten by cats. After all, this doesn’t seem like a technical topic, it isn’t political (that I know of), and it really just doesn’t fit with my other topics.

The answer is SEO.

SEO is Search Engine Optimization, which is a big topic for those involved with web development or putting content on sites. People who have built websites want them to be found in Google and the other search engines. The process of adjusting your site and its content to get better ranking in the search engines is called SEO. There are many companies that charge a lot of money to help you improve your site’s SEO rankings.

The goal is generally to have your content listed by the search engines in the top spot on the first page for a topic related to your site. If you can’t get to the top spot, then you want to be on the first page. Most people aren’t going to look past the first page of results when they search. One way to get to a top spot is to pay the search engines for placement. The other is to try to make sure your site follows as many SEO “rules” as they can.

SEO rules are not really rules, but rather guesses that people have made regarding what they believe the search engines are doing to determine what sites and content ranks above other content. In some cases the search engines will increase your ranking if you do certain things, and in other cases they might penalize you. For example, lots of ads on a page is bad, where as good content that really explains a topic is good.

The “rules” can change at any time, and often do. Search engines, such as Google, have algorithms that do the ranking. These algorithms are updated regularly to try to help the better content rise to the top. As such, some things you do today might not be good tomorrow.

Why do I mention cats that eat elephants?

I oversee a number of technical web sites including WebDeveloper.com. SEO questions are constantly being asked on the site. This includes questions around hiring SEO experts. My general response is that there are tools and sites that will provide you with the same information that an SEO expert can provide you. In general, most SEO information is available online or via web applications if you look or ask.

I get ads from SEO experts that promise first page ranking. If you hire them, they guarantee they will get you on the first page of search results. This alone sounds like a fantastic reason to hire an SEO company. Can they get you on the first page of search results?

As I mentioned, there are no guarantees for first page, but it can easy be done. For example, my intent is to get this blog post on the first page of search results. Hopefully I succeed, or what I’m writing now about elephants that cats eat will be just silly. Am I going to rank on the first page about hiring SEO experts (something that would be valuable)?  That is very unlikely. However, I bet I end up on the first page of results for searches about “cats that eat elephants”.

SEO Ranking Can Be Meaningless

SEO ranking can be meaningless if the search team is one that people don’t actually use. Obviously, my ranking on cats that eat elephants will be of no value. Similarly, phrases that a SEO company gets you ranked on will be worthless if people aren’t actually searching for them. As mentioned before, there are tools that will tell you if people are searching on a term – free tools. I can use these tools to learn that there are a lot of searches on “elephants”, there are a lot of searches on “cats”. If my intent is to rank on those two terms, then it is going to take more than my little blog to make it happen. It would be unrealistic (I won’t say impossible) to rank on those two individual words. An SEO company would be unlikely to agree to help me rank on the first page for those two words. They would, however, be able to suggest a phrase like “cats that eat elephants.” They could even help me get a first page, if not top ranking for the phrase.

Being Fair to SEO Experts

To be fair to SEO experts, they might still be worth hiring. While information is available online, an SEO expert with (real) experience can help you understand what is likely to truly impact your ranking. They can also help you find the right tools to tweak and hone your content and site for the best chance at ranking on real keywords. They can help you determine the chances of ranking as well. If they are aware of search algorithm changes, then they can also caution you on things to avoid. Like with any activity, an expert with real experience can provide guidance that justifies the cost. Of course, if you hire an SEO expert, make sure they aren’t simply packaging up reports form software packages and selling you the ‘prettified’ results.

In Conclusion

In short, be careful what people try to sell you. If promises are made, make sure you understand how they are going to be accomplished. If a coach promises that he’ll train you to be a runner that an have top 10 finishes, then make sure you are going to be in races with more than 10 people. Similarly, if an SEO expert promises you rankings, make sure those rankings are relevant and will actually drive traffic.

# # #