Friday, September 19, 2008

Lie. Lie. Then lie some more.

It turns out that the hacker who cracked Sarah Palin's Yahoo! account did it by simple deduction using information collected from the Internet.

"As detailed in the postings, the Palin hack didn't require any real skill. Instead, the hacker simply reset Palin's password using her birthdate, ZIP code and information about where she met her spouse -- the security question on her Yahoo account, which was answered (Wasilla High) by a simple Google search." (Wired. By Kim Zetter. September 18, 2008.)
Most people are never going to become a target of a hacker. But this shows us that when you find yourself on the other end of someone's anger or curiosity or lust, it's very simple for them to find out enough about you to violate your privacy and steal your identity.

What could someone find in your email account? Email confirmations from online vendors, banks, airlines, utilities, or credit card payments. Any of those emails could have home addresses or phone numbers or bank account information. And with that information, they might be able to collect more.

I know it's great to make friends online, but I can't stress this enough: you have got to learn to lie. And lie some more. Lie your ass off.

Social networking sites are the worst culprits for tricking you into giving up your secrets. Don't reveal everything about your past. Leave a little mystery. This is perfect place to lie. Change your birth date or your zodiac sign. Change your college graduation year. Invent a spouse or some kids. Your real friends won't care because they know you're just protecting yourself from predators.

When your accounts ask for a "security question," pick anything and make up an answer.
My pet's name is Tallulah.
The name of my high school was Porkpie High.
My first grade teacher was Mr. Clean.
My first phone number was 464-7125.
Don't make it easy for someone to guess your security answers.

And I write this stuff down. And if I use these accounts every day, then I manage to remember this stuff. But sometimes I forget what info I used when I created the account and start to laugh when I see the welcome message, "Welcome, Ampersand T. Jellywinks!"

Yes, I sometimes get sloppy and start to log into the.effing.librarian email account sometimes when my coworkers are around. But I catch myself before I do. Lucky for me though, that my real name is Theeffin Glibrarian, so nobody ever notices. Yes, my name is pronounced exactly the way it's spelled. It's Scottish.