Tag: data

Zoosk data breach? Or something else?

Sell the data?

I recently got a message from you’ve been pwned, suggesting that its likely some of my personal data has been leaked via dating site Zoosk.

In approximately 2011, an alleged breach of the dating website Zoosk began circulating. Comprised of almost 53 million records, the data contained email addresses and plain text passwords. However, during extensive verification in May 2016 no evidence could be found that the data was indeed sourced from the dating service. This breach has consequently been flagged as fabricated; it’s highly unlikely the data was sourced from Zoosk.

I had a idea what fabricated meant, but I had a little read…

What is a “fabricated” breach?

Some breaches may be flagged as “fabricated”. In these cases, it is highly unlikely that the breach contains legitimate data sourced from the alleged site but it may still be sold or traded under the auspices of legitimacy. Often these incidents are comprised of data aggregated from other locations (or may be entirely fabricated), yet still contain actual email addresses of unbeknownst to the account holder. Fabricated breaches are still included in the system because regardless of their legitimacy, they still contain personal information about individuals who want to understand their exposure on the web. Further background on unverified breaches can be found in the blog post titled Introducing “fabricated” breaches to Have I been pwned.

Sold or traded!

People laughed ages ago about the idea of selling user data but lets say dating site z had lost a lot of the market due to new players in the space. They needed to stay a float, prove to their investors they are still profitable? User data would be a useful resource for revenue… Of course this is illegal but you would cover your tracks… right! Make it look like “hackers!”

The example Tony Hunt uses is Justdate.com as a example

There’s a whole other discussion to be had about what causes a bundle of data to be fabricated and called a breach in the first place. Attempts to monetise the data by selling the alleged breach, extortion of the company involved or just simple big-noting by individuals seeking notoriety are all feasible explanations for many of the fabricated breaches I see. For now, the important thing is that if your data is circulating in one of these dumps, there’s now a way to know about it.

To be clear I’m not saying Zoosk is doing this, but someone is certainly pointing the finger.

Dark data experiments?

Untitled - man in the dark
I have a lot of curiosity and one of the things which has consistently got me curious, is the challenges of the hidden. Hidden being the trick, the data, the technique, the place or the knowledge. This is why I’m very interested in Hacker House (it was almost added to my new years resolutions for 2017 even).

Currently data is the hidden which intrugued me the moment, hence my massive interest in data ethics. There’s been 3 experiments which have really got me jumping up and down about this all… thought I’d share while I eat cheese and drink wine on Christmas day

  • Click Click Click
    A perfect and fun demonstration of mouse tracking on websites using just JavaScript. This is the data the likes of Facebook, Google, Amazon, etc use to track users dwell time and implicit actions on the website. Found via some folks on our BBC R&D internal slack.
  • I know what you downloaded (…last summer or even last Christmas)
    This site collects IPs from public torrent swarms by parsing torrent sites and listening to the DHT network. They have more than 500.000 torrents which where classified and have data on peers sharing habits. The slightly twisted feature is the ability to share a link and see what people have been sharing. I promise not to do this but highlights the problem with shortern urls and long query strings you can’t be bother to read or don’t understand how they work (knowledge). Found via Torrentfreak
  • Find my phone
    Man’s smartphone is stolen in Amsterdam, so the same man decides to root another phone and deliberately track the phone. Along with the person who stole it! The results are turned into a video which you can watch on youtube.
    Found via Schneier

Everything’s going to be alright

Brexit
Frankly 2016 has been pretty shocking… Brexit, Trump, Internet censorship, Data retention, the increasing divide between the working class and middle class. I’m not saying its the worst year ever or the worst I have ever experienced, just its pretty bad.

I think this sums up so much

The Brexit campaign was centred on the idea of taking back control. That is what it said in huge letters on the red bus – a slogan that went far beyond the demand for control of our borders.

The point was that people all over Britain were desperate for a democratic system that gave them some semblance of control over their destiny, in a globalised and interconnected world where decisions often seem to be made by anonymous elites a long way away.

To them, the European Union was one obvious villain.

Ok enough… I decided a long time ago that I can’t worry about the things I can’t easily change, I can only change the things which I have direct control over. Actually trying to change everything drives you slightly nuts.

I can't change the world, but I can change the world in me

I happen to read laura’s blog while on the bus back from Bristol and it seemed to fit perfectly here, as I start to deconstruct this years love life.

Its been a busy year but honestly not nearly as much love as you would have thought. I made the effort to date less and have more purpose about my love life. This meant less time on OKcupid, PoF, Bumble and being more selective when speed dating. I tried going more organic with dating aka through friends of friends, its been ok. You do start to wonder sometimes… but I agree with Laura on bad dates…

The consistent comment is that I have such terrible luck, and always end up on these really ‘bad dates’, but I can’t help but disagree. There’s no such thing as bad dates, just the opportunity for a good story, a page in the autobiography, and the more terrible the date, the better the story. In my opinion, the worst possible kind of date are the ones that aren’t memorable, and usually they’re so because nothing of note, either good or bad happened.

Some would say this sounds odd, cold or calculated? But honestly it’s not, the point is each interaction changes you and your outlook. A new story a new experience, a new view. Some dates are memorable and some you forget about. It’s worst to be non-memorable and one worst to be memorable for the wrong reasons.

This is always a tricky time to be single and for some of my newly single friends it’s a lonely time. I can only say this is a good time to take stock, be honest with family/friends and share. Its not the time for judgement. Its time to listen and enjoy each others company.

Think about what makes you unique and focus on that rather all the things which you should be (no matter what people, media, etc say). Theres a lot of pressure to be this, that or another. One of my new years resolutions was to think humanity, being human we are not perfect but we can only be the best we are. We move through life in the best we feel (hopefully not harming ourselves or others). For me thats being as honest, genuine and open as I can be.

For me, I enjoy meeting new people (I’m very much an extrovert) and tend to make things an experience worth remembering. Focus on the present as thats what you can change now; don’t dwell on the past and think about the future.

Enjoy the holidays and each other…

The science..? of speed dating?

Timing gears

Mr 30 not so flirty shared his experiences of a event called datelab. Something I’ve never heard of but it sounds interesting

We are a dating agency for young professionals.
Through psychology + dating science we offer Londoners unique matchmaking services and dating events.It’s time your dating life became exciting and effortless

Like Mr 30, I have also been involved in a few science + dating events. I have done speed dating at MOSI (the science museum Manchester), also took part in BBC’s Horizon dating experiment, even took part in a few other things including that horrible year of making love and more to come soon (if you can’t guess I won’t tell). But unlike Mr 30, I have a real wonder if there really is science? Is the matching and chemisty actually unquantifable?

I find the intentional and unintentional effects fancinating as we try and grapple with the limits of our understanding of ourselves and each other. Throw that into the melting pot with sexuality, identity and diversity all as spectrums not absolutes and you got a unquantifable mess. I find it fun to watch people try and untangle it all.

Anyway I also found one of the things datelab did fancinating for reasons above and from a progressive point of view.

20130213D_8975

Another one I quite liked was the thinking behind getting both ladies and gents being asked to move…. apparently when you sit, you become pickier. I have experienced this with Netflix. For the ladies at most speed dating events, it becomes a real-life twist on Tinder, a conveyor belt of gents (and not so gents)… I’m quite looking forward to the dating company that does a parody real-life version on Tinder.

I can totally understand the effect Mr30 is talking about (that effect I’m sure is part of the paradox of choice; with people feeling much more picky about their choices). But I have always wondered why its the men who have to move in speed dating? This certainly isn’t the case in gay speed dating, I’ve been told. I asked a few times the host of a speed dating event I have gone to a few times. He said its a bit of legacy but also practicaily.

The legacy of course being women are waiting for the suiter to step forward, can’t possibily have women making the first move (don’t get me started!) But also practially, asking women to move around in the short amount of change around time will take longer? (i’m not sure but this feels sexist to me, but its his event and I do find women do put more effort into their clothes).

One of the things which I did find interesting in the MOSI dating experiement was that everybody moved table, but frankly it take a long time due to the massive shifting around. Maybe theres a system where women move one way and men the other? Matt suggested using some kind of gear rotation like system, which had me looking it up in Berlin Tegel Airport while waiting for the plane. Theres a BBC bitesize thing for this. Hows that for science eh?!

I’ll suggest this to the host and see what he thinks…

Customer commons and VRM day

There’s been quite a bit of action around data ethics and its well worth highlighting something I saw recently.

Its VRM day next Monday 26th April. VRM is vender relationship management day. Doc Searls is heading it all up and it takes place around the Internet Identity Workshop at the Computer History Museum in Mountain View, Calfornia. As with the best workshops, its a unconference style allowing for emergent topics to be raised.

We have no speakers, no keynotes, no panels. All sessions are breakouts, and the topics are chosen and led by participants… identity is just a starting point. Many other topics come up and move forward as well. In the last few IIWs, hot topics have included personal clouds, privacy, data liberation, transparency, VRM, the Indie Web, the Internet of Things, the Semantic Web, trust frameworks, free and open devices and much more

Wish I could be there, who knows maybe one day?

It was Doc Seals post A Way off the Ranch, which connected me with many things including Customer Commons, which I couldn’t believe I’ve never actually come across before.

OkCupid founder on online dating…

dating-against-humanity-31-638

I almost choked on my coffee this morning at breakfast while reading what Christian Rudder – co-founder and former CEO of OkCupid, Harvard alumnus and author of Dataclysm. Wrote about the online dating industry…

Dating is rough. That’s why there are always so many dating startups: Because users of dating startups are always like, ‘God, this thing is broken, I’m going to fix it.’ What they don’t realize is that dating itself is the thing that’s kind of horrible and no app is ever going to fix that.

Interesting take on the problems related to online dating… although I still think the dating industry is endemiclily corrupt. Dating is very rough, I agree but I think its over shadowed by the lies and false promises of the industry which capitalise on this. Of course this is what I think but… I’d love to ask Christian directly what he thinks?

Your home needs a blockchain

Grandpa's Pocket Ledger & My Field Notes

The internet of things or web of things has always been quite interesting,, even with the terrible ideas to marry the internet with certain objects in bad ways (cue the internet connected fridge).

Even myself have started to purchase a number of objects and appliances which are internet connected, such as my philips Hue lights. Not necessary so I could turn them on and off anywhere in the world but I like the colour control and have ambitions of doing something similar to redshift/flux/twilight Still need to work on this part.

I’m very peed off that Philips just pushed an firmware update which blocks 3rd party support for their bulbs. Luckily they saw the error of their ways.

This is only the beginning of course….  (don’t even go there about ethics of data). Something I have been keeping an eye on using Diigo groups.

Thinking about this quite a bit, especially during the build up for Mozilla Festival this year. We planned to connect as many things  together via their open API’s (now you see the connection with the Philips Hue lights), log it to a life-stream and then printed out into a number of books.

Global Village at Mozfest

Why?

Part of it is making data physical, one of the underlying ideas behind the iotsignals idea, which drifted into the ethics of data. Which is fitting because….I can point you to Alexandra and Aleks in the ethics of data.

Aleks – If we had a status life for every single time that light over there was communicating with that lift, or that thing over there was talking to that thing at the bank. If we had a status every time we would just be completely frantic and totally dizzy with inputs.

There is a trend to internet enable everything.

Alexandra – I think the potential of IOT emerged when technology was cheap enough that you may want to put it anywhere.

The Nest thermostat, Smart TV, Smart fridge, Hue lights, etc, etc… You don’t want to know the up to date status of everything.

Nest Thermostat

But you may want to know or understand why your heating keeps turning off just as you finish cooking dinner?

Smart devices should log all communication/transactions/decisions with other devices. If the Nest decides the temperature is too high, it should be logged somewhere. Giving an insight into the underlying algorithm and decisions. Why and what triggers it… This is one step on the very long road to build trust with devices.

Of course if you haven’t guessed lifestream isn’t the right thing. What is needed is a home wide blockchain system.

From reading, about blockchain.

In essence it is a shared, trusted, public ledger that everyone can inspect, but which no single user controls. The participants in a blockchain system collectively keep the ledger up to date: it can be amended only according to strict rules and by general agreement. Bitcoin’s blockchain ledger prevents double-spending and keeps track of transactions continuously.

This could be the perfect ledger/logging technology for building reputation and trust with devices/things. Of course the participants would be things, who all agree to update the home blockchain..

This level of transparency in what the systems and things around you are doing allows for inspection by people. I don’t assume most people will care till something happens. Same as when people have their identity stolen or compromised in some way. Like the GPL (general public licence) enables, you can have somebody else inspect, consult, recommend, etc on your behalf if you allow them permission.

This should be a start to the little black boxes appearing one day. Worst than Doctor Who is the little black boxes can change their function based on a external demands. Yes you may get a email saying read our new EULA update but honestly most people delete it or ignore it. Its only once something stops working or acting differently from before, people may actually start to wonder.

It seems pretty obvious to me but I’d love to hear why I’m wrong or how it can’t work…. Even Big Blue gets it, somewhat.

Barbie will be the hacker’s number one stocking filler this year

I guarantee you… Forget the wifi pineapple, its all about barbie.

Why? Well anybody who understands technology knows why… But everybody else has just caught up.

But I absolutely love this picture of Barbie in the corner thinking about what she did. Like she has been a little naughty and taking some time to think about things.

 

Data, dating apps and the harsh consequences of permissions

Tinder

Angie reminded me of something I forgot to wrote about many months ago. She pointed at BBC’s you and yours programme.

People who use dating apps to meet potential new partners have told You & Yours that they’re concerned about their privacy, after finding that Facebook has gained access to the details of people they’ve been speaking to. The names of people they’ve been matched with on the dating apps are appearing in their “suggested friends” on Facebook. We investigate how social media sites access our personal information and how users give their permission.

Yes, this isn’t new…! Dating apps like Hinge and Tinder use you as a matchmaker without your permission.

If you’ve got a robust Facebook friend list filled with single people who use dating apps like Hinge or Tinder, chances are you’ve appeared as a mutual friend between two different matches.

When your face appears as a link between people, you legitimize their connection. You become a topic of conversation, an “in” to launch a potential relationship.

Even if you don’t use these dating apps yourself, your personal information can still appear, because when your friends started using the apps, they gave the services permission to access their friend lists to display in-network matches.

There’s no way to avoid appearing as a mutual friend unless you unfriend everyone using these dating apps or delete your Facebook account. Even if your friend list is private, you’re still visible to these apps as a friend of a user who opted into sharing that information.

The potential consequences could be discomforting. Let’s say there’s a person on your friend list whom you added years ago and about whom you no longer know anything. If he matches with one of your good friends, she might decide to go on a date with him in part because of your online friendship, which can be misconstrued as approval from her social group.

The fact is Facebook has access to that data and when we install these apps, we are givng permission to them to do what they like with that data. Permissions is something which can add a bandaid to things but its not a permanent solution. I must find the bit in the FB EULA which says it basically snoop on and use the data requested from a 3rd party app. You didn’t think FB was doing it out of the kindness of their cold heart did you? Wake up and smell smoke. Its a harsh reality which I think people are still only just waking up to…. Linked data is still a concept which has really been picked up.

What was learned from the lets talk about sex experiment at MOSI?

Let's Talk About Sex

Its been about 6 months roughly since I was involved in the MOSI experiment around speed dating. It was the most scientific thing I have done till I took part in the Horizon dating experiment (blog is written but I can’t publish till the TV show goes out – next year)

But I was wondering what was the results of the MOSI experiment? I haven’t heard anything but to be fair I did go on the date with one of the woman I met through the speed dating. She was nice and there was quite a bit of common interest but I got the feeling it wasn’t to be when we split the bill.

Oh well…

#MancQS What to do with all that data? Monday 6th July

BBC Dashboard

The theme for the July Quantified Self Manchester is What to do with all that QS data?

Talks are welcomed around this including.

• What do you do with the data?

• How do you import/export your data?

• What are data dashboards?

• Which data dashboard are worth using?

• What other uses of your data are there?

Be a great time to come along, meet other self trackers and discover whats possible with quantified data.

Our rights in the data/digital/cyberspace

Doc Searls

We have two selves in the world at any given time now. We have the physical self, our flesh and blood, our voice, our presence in the world which extends beyond our bodies but lives in this physical space. There’s this other space, we started out calling cyberspace a long time ago, but it’s a real thing. It’s a data space.”

…Doc Searls

There is one charity I always give time and money to, the Open Rights Group. For me our human rights transcend (must/should)  into the digital domain. Its the new battleground. Its also something lots of people are not really aware of or take for granted. But every week there’s another news story of our digital rights being taken for granted and abused on unimaginable scales.

Digital rights are your human rights in the digital age. They are one of the most important aspects of your human rights today: privacy and free expression online are among the most contested. The digital rights movement exists because we need people to understand how technology is shaping our rights, for good and for ill, and who it is who is seeking to employ and capture technology for their benefit rather than yours.

There are positive and negative sides which I have written about many times.

Its becoming clear that the services we use, connected objects and spaces we inhabit are collecting our personal data. What they are doing with that data is only one of the question asked in ethics of data documentaries.

The documentaries which were put together by BBC R&D, exploring the implications for  digital right through the lens of the physical internet, personal data, data ownership and data management.

Alexander DS

Why the physical internet?

For many people the internet is still an entity which exists in a box, be it a desktop computer or laptop. This notion is pretty much broken by mobile devices and smart tvs. LG and Samsung have both been caught out using personal data in ways undesirable by most people were not expecting. But thats only the tip of the iceberg as Alex says…

You could make a good case for technology to be imbedded in everything we know. What kind of technology it is and what does it do, and what purpose does it serve is always the next question

Its time to consider a much wider context that most people think about when they hear internet of things. Think smart homes, cars, spaces and cities.

Jon Rogers

You’re personal data and privacy?

The comments made by the likes of Vint Serf about privacy being an anomaly and this being a digital dark age. It made sense to try and tackle the big issue of privacy in the digital age. There so much which could be explored as this is a very deep  and complex subject. There is only so much you can explore in minutes, but I feel Jon highlights why this is more critical than ever before.

We always make mistakes and we always want to forget them and the trouble with the internet is that we can’t forget them.”

Adriana lukus

Its about ownership and choice?

It all seems pretty scary and negative, and it never was meant to be. So to underline the choices people need/should make, we looked into ownership and choice. Something I have through a lot about especially with my history with dataportability. Early adopters are not only collecting their own data but also analysing it and quantifying it. As Adriana says…

“The quantified self is that, is the living, breathing part of the web or the technology scene where people genuinely care about data.”

The documentaries are made so you can comment directly on parts (thanks to reframed.tv), so please do. We look forward to the discussion and don’t forget to join our diigo group bookmarking related news stories.

What is Fitbit trying to do?

new fitbit permissions

For a while now, I have been declining the fitbit upgrade on my Android devices. I kept tweeting fitbit to ask why on earth my digital pedometer needs access to my SMS, Camera and Location?

I can imagine, Location is passable but SMS and Camera? Really? I voted with my feet and kept the upgrade on hiatus till I heard a reason why.

Finally I got a message from Fitbit support…

So basically fitbit is trying to break its way into the wearable market with phone and messages notifications?

I think I’ll hold off on upgrading even longer now. I’m sure you can turn it off but I’m just not interested, especially since I have the pebble smartwatch which already does this and so much more.

What data is personal to you?

Alex data ethics

On International data privacy day, BBC R&D has posted a video asking a bunch of smart people what data is personal to them?

As I have been working on the project for quite sometime, I can happily say there is a lot more to come. Including ways to feedback. Go check have a look and see if you agree with the opinions of our industry experts?

You might have seen the theme of the work in the blog post ethics of data and what we setup at Mozilla Festival. Expect more in the future…

 

QS Metadating in Newcastle

Metadating

A few weeks ago I was accepted for Newcastle Culture Lab’s Metadating research trail.

The research was more about our attitudes to sharing personal data than dating. However they did invite singles and included a number of events which included speed dating. I guess also meta-dating would be factually correct as we were talking about dating while dating.

Metadating

There was homework which had to be done on the run up to the event. You were given a booklet which you could fill in as much as you were comfortable with. On top of that was some blank generic graphs which could be filled in with our own data. When I say our data, it could be any Quantified Self data, from how many coffee’s you had over the week to you’re more intimate data like you’re sleep cycle daily. Everything was up to you to declare, which gets around the problem of using Quantified Self data in research. But it also makes it difficult to compare. Luckily this wasn’t about the data metrics.

Once at the event (I rolled it into a wider visit to Newcastle’s Culture lab where I talked about ethics of data, a visit to Newcastle’s Makerspace and Campus North. Didn’t make it to the beach however). I was one of the  first to turn up as I was heading home to Manchester on the last train. It became clear the problems I had with thestarter, were pretty much reversed as very few women turned up. (this is a issue I’d love to spend some time sorting out one day)

The PhD students lead by Christopher had bought some nibbles (olives, cheese sticks, etc) and lots of Cava. By the time we done the icebreaker it was down to the group discussions about our data with a Cava in full swing.

Metadating

We were split into two groups and we started critiquing the anonymously data sheets. It was fascinating to hear other peoples views on data points, dread to think what people said about my sleep cycle and steps per day. It also became clear the data may have been fudged in parts by others. To be fair I did use real data but choose to leave off some of the measurements. Everything was recorded by camera and audio dictation, which I bet made for some very interesting insight into data sharing.

By the second half, the cava was certainly having a bit of an effect and peoples lips loosened. Just in time for the speed dating portion. Now to be fair Chris and the other students had never been speed dating, so it was a little odd but the imbalance in men, meant we had to do it in two parts. On the speed dating, we discussed each others data sheets and more (ooeerr!) We were given the opportunity to write something to each person later.

Metadating

Another eye opener for me was at the very end when we constructed the perfect and worst dating profile for set people from data we made up. The eye opener for me was building a dating profile for a women who was career driven. All the guys around me seemed to not like her, while I was asking if she was real and where can I meet her? (Cava had certainly kicked in by then)

The event ended about 8:45pm so quite a bit over time but as people started shifting to the local pub, I had enough time to quickly have a drink then head to Newcastle Station for my long train ride home.

The metadating event was fun and to be honest the culture lab students may have gained a ton of insight from the frank and slightly loose lipped participations on the night. I imagine the Cava was bought expecting the full board of people but with the smaller number and the stand ins, there was plenty to go around.

I am surprise I didn’t fall a sleep on the train. However to be honest it was so busy down to York, theres no way I could fall a sleep. I’ll save my journey for another day…

The metadating event was great fun and from a research point of view I’m very interested in what comes out of it. Its a shame a bunch of women didn’t turn up but the students did a good job thinking on their feet and making it work. I suggested to Chris and Bettina that if they did it in Manchester or London it would be packed out, and I would certainly support them in the research.