Thursday, February 09, 2006
social engineering and orkut
its endeed a great thing to see ones friends and share our views and know each other better. but in doing so we generally forget aabout the threats that, we on our own create for ourself."
take for example www.orkut.com . the moment you click on the above link what you will recognize the most is the login box, but take some time. you will also find this
"We are committed to providing an online meeting place where people can socialize, make new acquaintances and find others who share their interests. "
social engineering from hacking perspective is just what is available over here. one can say the first step towards it.
more than that its sinister to know the terms and condions that are laid and we without going through have accepted it.. which says
"""Google maintains and processes your personal information in order to provide your orkut account and access. Your profile information is displayed according to the preferences you set in your account"""
"""When you send messages through orkut, your name and email address will be identified in the message. We also use your name and email address to notify you of new members, messages, or other information, such as invitations to join friends' networks, new testimonials or "fan" ratings, and crush notices."""
"""You can terminate your account at any time. To learn how, click here. If you terminate your account, your profile, including any messages in your inbox, will be removed from the site and deleted from orkut servers. Because of the way we maintain this service such deletion may not be immediate, and residual copies of your profile information may remain on backup media. """
i have inserted few snippets from orkut policy framework. those that drew my attention have been presented with bold letters. its was really amazing how orkut has managed to get the rights of "PERSONAL DATA HARBOURING" when its rival microsoft tried for tha same by using ".net passport" implementation and was forced to take back.
also the idea of having, email id and name privacy, is very confussing when it say ur message will be sent with ur name and email id.
and thirdly orkut is more like "one way traffic". once you have entered anything there is noway it will be deleted or not kept online. even if they have their security quite high, it simply does not make any sense, that why after all they are harbouring such personal data and increase the risk of social security.
personal privacy is some thing that is at the core of internet. neither the goverments can come up with law to withdraw personal privacy........then how is that orkut has managed...
take for example www.orkut.com . the moment you click on the above link what you will recognize the most is the login box, but take some time. you will also find this
"We are committed to providing an online meeting place where people can socialize, make new acquaintances and find others who share their interests. "
social engineering from hacking perspective is just what is available over here. one can say the first step towards it.
more than that its sinister to know the terms and condions that are laid and we without going through have accepted it.. which says
"""Google maintains and processes your personal information in order to provide your orkut account and access. Your profile information is displayed according to the preferences you set in your account"""
"""When you send messages through orkut, your name and email address will be identified in the message. We also use your name and email address to notify you of new members, messages, or other information, such as invitations to join friends' networks, new testimonials or "fan" ratings, and crush notices."""
"""You can terminate your account at any time. To learn how, click here. If you terminate your account, your profile, including any messages in your inbox, will be removed from the site and deleted from orkut servers. Because of the way we maintain this service such deletion may not be immediate, and residual copies of your profile information may remain on backup media. """
i have inserted few snippets from orkut policy framework. those that drew my attention have been presented with bold letters. its was really amazing how orkut has managed to get the rights of "PERSONAL DATA HARBOURING" when its rival microsoft tried for tha same by using ".net passport" implementation and was forced to take back.
also the idea of having, email id and name privacy, is very confussing when it say ur message will be sent with ur name and email id.
and thirdly orkut is more like "one way traffic". once you have entered anything there is noway it will be deleted or not kept online. even if they have their security quite high, it simply does not make any sense, that why after all they are harbouring such personal data and increase the risk of social security.
personal privacy is some thing that is at the core of internet. neither the goverments can come up with law to withdraw personal privacy........then how is that orkut has managed...
# posted by Nav kush @ 1:15 AM 
About Me
- Name: Nav kush
- Location: India
Formally educated decently to good standards, however none of it is currently helping. "I write code".
Post a Comment