Tuesday, 28 August 2012

"Non-Privacy" on Facebook

I have been active on Facebook for over a year. The reason I joined was to understand this new social media than be actively participating. However, I turned into a prolific user of Facebook, once I started posting all my “course” pages on it and urged my students to participate actively in the discussions regarding various issues related to the course.

Lately, there has been a lot of concerns regarding the privacy issues faced by the users of Facebook. I did a little research to find out more about the problem and indeed, these concerns are valid. It appears to me that though the user has “control” over the privacy settings, by default, sharing is “allowed”. You have to go to the settings panel and configure your privacy settings. I have a serious doubt as to how many users really understand all these settings. You can try this for yourself – just click on any “friend request” user, who appears on the right hand side of your home page - you can browse all the information about that person, though he/she is not in your “friends” list. How is this possible? It is because this user has not changed his/her default privacy settings. So, be warned – somebody maybe “stalking” you somewhere all the time!

The second most important thing that I noticed is that there are many unknown applications being shared on Facebook that request your permission to open the application. For example, the news item by NDTV, Glassdoor, Branchout, are some of the applications, when clicked, request for your permission. I have no idea what these applications are. The message says “XYZ invited you to try BranchOut”. Is XYZ aware that he has sent this application to his friends? Suppose, if I click “grant permission” by mistake, I am not even aware of the personal data I am sharing. How do we know that it is not spam? Though there is an option “Block apps” in the privacy settings, how do we know what applications to block? If we have already clicked on the application, it already has your information – so, there is no use in blocking it.

The third thing that I noticed is – let us suppose that you forget to signout and simply closed the browser. The next time you open the browser and go to site, say CNN, there appears at the bottom of every article, your name under “write your comments”. This means that CNN is aware of your identity to be displaying it. Is this information derived from your browser cookies? Or is Facebook sharing your information, without your consent, to all and sundry?

Hence, I would be very careful in what I write, what I share and the sites I visit when I am logged into Facebook. If your BOSS is around, I would be extra careful!!!

For tips on Facebook settings, I found this site to be very useful:

Friday, 24 August 2012

IT in Agriculture

There is no doubt that IT has changed the way in which we live today. Particularly, the mobile technology has changed the life of farmers. Now, the farmers are able to connect instantly to anyone, anywhere in the world. Many Short Messaging Services (SMS) applications are exclusively designed for farmers for improving their farming. For example, information on weather conditions, commodity prices, crop rotation, up-to date availability of fertilizers, cure for plant diseases, etc is on their finger tips. A company called GoLite has a device based on mobile application, which can turn ON and turn OFF an electric water pump through SMS. 

Last week, a close friend of mine, sent an e-mail discussing about how IT can be used in agriculture. Here is an interesting way of looking at Information Technology applications in Agriculture (by Mr. Sridhar Chakravarthi Mulakaluri) :

1. Satellite image analysis for soil and crop coverage

2. Setting up of kiosks in villages for information dissemination

3. The remote switching ON and OFF of a water pump set

4. Experiments for improving a specific crop type

5. Connecting remote research groups

6. Information and call center service for knowledge support (Center for Sustainable Agriculture)

7. Digitization of land records to prevent unauthorized land grabbing

8. e-governance initiatives

I welcome the readers to add their suggestions to this list.

Sunday, 19 August 2012

Social Media - Transforming Business

The invention of internet, World Wide Web (www) and faster internet connectivity has resulted in a new business model called e-commerce. Electronics-commerce is the process of buying and selling goods and services, including money transfers, over the internet. Electronic commerce is more commonly referred to as online commerce, Web commerce, eBusiness, eRetail, e-commerce or EC. E-commerce offered many advantages to the customers as well as to the companies. The biggest benefits are cheaper upfront cost to the merchant because of direct marketing and quick setup time. Other advantages includes faster buying/selling procedures, 24/7 shopping, low operational cost and more number of choices to the customers. With more than 700 million people using online social media, such as facebook, twitter etc., to communicate with each other across the globe, companies are looking at this as an opportunity to reach people and do business. As these businesses rely largely on word of mouth marketing (good or bad), the social media has now become a new e-wom (electronic word of mouth) marketing tool. Customers have become smart by constantly looking at product ratings, reviews, blogs, micro-blogging, before making purchase decisions. All of these social technologies are changing the customer experience and are increasingly being used to connect with customers to build strong relationships and converting a regular customer into a brand advocate. Online social media and e-wom, have rapidly changed the e-commerce/e-business to a new face called social media business or social commerce

If you know how to “influence the crowd” effectively you can create a significant market position based on your social acceptance. Social media is transforming businesses and it matters to every business, whether it is small or big, to have a presence in this highly influential space.

Saturday, 18 August 2012

What is Ethical Hacking

Individuals who intrude on or “attack” a system are called by a number of names but are generally referred as hackers. An attack is any “unauthorised” action taken with intent of hindering, damaging, incapacitating, or breaching the security of a network. An attack typically carries out threat to your critical assets. Some of these attacks attempt to infiltrate into your systems and networks which are relatively harmless whereas some others can bring your system or network to a grinding halt and cripple a business.

Hackers use many techniques to attack your network or system. When “hackers” attack a network, they “break the rules” in such a way that makes the “attack” appear to be a normal transmission. Hence hackers are “people who use and create computer software to illegally gain access to information” (marriam-webster) and you consider them as dangerous and a threat to your systems, networks & critical assets. But recently you have heard about “ethical hackers” and have become confused.

Why are these hackers “ethical”? Because they are security experts hired by the companies to analyze the vulnerabilities that exist in their network & systems. The company and the “Ethical” hacker enter into a legally binding contract. The contract, as stated by Paul Walsh (http://www.protocolsolutions.co.uk), sometimes called a "get out of jail free card," sets forth the parameters of the testing. It's called the "get out of jail free card" because it's what harbours the Ethical Hacker from prosecution. Hacking is a felony, and a serious one. The terms of the agreement are what transform this illegal behaviour into a legal and legitimate occupation. Ethical hackers are security experts who examine systems and networks for vulnerabilities and analyze the various ways a "hacker can think" and attempt to attack your network. Ethical hackers may use the same techniques as those used by illegal hackers to breach corporate security systems. The end result is the company's ability to prevent an intrusion attack before it occurs and devise respective solutions to protect their networks by implementing proper security solutions for potential threats.

With so many standards and government regulatory requirements including HIPAA, Sarbanes Oxley, and SB-1386 and BS 7799, the companies require a trusted third party to check that the systems are secure. The companies may not be able to confirm that their security system is solid unless they test it. It's hard for a company's IT team to go to the system with all the malicious or mischievous motives of a true illegal hacker and thoroughly test out the system. Hence, to thoroughly uncover vulnerabilities, to test the security system, a legal hacker called “Ethical” hacker is hired to perform an illegal hacker’s job with a legal “ethical” contract.

An Ethical hacker works legally to uncover:
  • All the information an illegal hacker can gain access to
  • What an illegal hacker could do with that information once gained and
  • Break-ins, successful or not 

Lately, hacking methods are being taught legally and a certification can be obtained namely CEH – Certified Ethical Hacker. ECCouncil (The International Council of E-Commerce Consultants) is an organization that manages and develops the Ethical Hacker Certification. Before taking the tests, one must sign an ethics form. The CEH certification is by far one of the most challenging exams in Information Technology.