There has been a buzz today regarding the “Predicting Social Security Numbers from Public Data” study that was released.  When I first read the blurb on Wired I noted 2 flaws in this method. Upon reading the paper I notice it only applies to SSN’s issued starting in 1988.  This is exactly the flaws I noted.

Prior to 1988 the US government did not require a SSN to be issued at birth. Many people were born and did not obtain an SSN until it was needed for some purpose.  This causes two issues that create flaws in the method used to predict the SSN:

1.  The method discussed in the paper guesses the first 3 digits of the person’s SSN based on the state the person was born in.  If at birth you did not have a SSN issued and then you moved, your prefix and state of birth would not match.  If you follow myself or Digital Ebola on twitter, you have most likely seen our discussions on the risks of social networks. If you are familiar with my work at Alvarez and Marsal, then you you undoubtedly know the privacy issues that can be exploited within social networks.  Through data mining and privacy attacks on users of social networks, it could be possible to overcome this problem by obtaining where the user lived from the time of birth through 1988, thus being able to guess the proper prefix.

2.  The second issue, relates to not having the SSN issued at birth.  The reasearchers attempt to guess the number by going in sequence, they admit this works best with low birth rate states.  If the person was born in one state, then moved to another, and was issued the SSN in the 2nd this would throw off the attacker.  Again, by exploiting data available on social network sites such as surveys, profiles, and other data sets which discuss where a person grew up, what schools the person attended and where their family lives or has lived the attacker could narrow back in on the proper location.

So even though there is an inherient flaw, it appears there are methods to overcome those flaws and extend this research past 1988.

Today I had a boo boo. My work Macbook Pro died. No warning, just dead.  For sometime I have been meaning to setup a backup solution for both of my Macbook Pros so that I can have backups and be able to copy files between systems because I am lazy and hate carrying my laptop to and from work.
Originally I started using Dropbox for keeping files in two places but now that my laptop died I had to be smart and add a backup solution and stop screwing around.
I added Jungledisk to my setup tonight on my personal Mackbook Pro. Once my work system is back up and running Jungledisk will go on it also.  Jungledisk lets me backup my data and it is encrypted in transit and storage on Amazon’s S3.  There is a cost associated with the software and the storage but after loosing a week’s worth of code, it is worth it.

Be smart, back up.

Recently I took a trip to Colombia, South America.  During this trip I observed some interesting things with airport security.

Colombia is only really concerned with drugs.  When entering the country I was barely searched by their version of TSA and Customs.  The gentleman working the xray machine did not even watch it as my bags went through and instead was texting on his blackberry.  I watched him for about 15 minutes and he never once looked up at the screen.

Leaving the country they searched and/or my carry on 4 times. Mostly xray and human searches.  One lady who was suppose to use the wand barely grazed me with it while talking to a coworker and gossiping but 15 feet later someone throughly went through my laptop case looking for drugs.  This brings me to my theory that they were more concerned with drugs than anything else.

JFK aiport immigrations check – herm. That is really my thought on that matter. I found a way to bypass the immigration check when coming in from an overseas flight.  There is a design flaw in the building and process which allows this to be possible. I won’t post here what I found, but those that follow me other places knows the “secret”.

InformationWeek has published my piece of IPv6.  This is a look back at why IPv6 was created, some of the benefits, and the current state of IPv6.

IPv6 Makes Slow Progess – By Adam Ely

I recently collaborated on a piece for InformationWeek entitled “A How-To Guide To Cloud Computing“.  My portion was a tight 700 or so words regarding what security topics to consider when utilizing the cloud for the first time. I would have liked to write a lot more and go indepth, but it was not the purpose of the piece so my objective was to outline a few key action items people could use to get started.

I uploaded a video to Viddler and mistakenly pasted the video URL into the tags field. When I went to delete this tag by clicking the (x) next to the tag, I realized the (x) was not there. Because of the length of the tag, the (x) did not display.

There was two ways I could think of to fix this problem. 1. Modify the AJAX in flight and use another tags delete function to delete the tag I wanted to remove (tested, works) or the simple way:

In FireFox open Firebug, inspect the div around the tags (id=smTags), Modify the text size from 90% to something smaller, click the x next to the tag you want to remove, confirm you want to delete the tag, and finally refresh the page. Simple.

I have spent a lot of talking to people and companies about their on web 2.0/3.0/Something.0 strategies. Part of these strategies often include Twitter.

Below are some Twitter tips that you might find useful.

The biggest tips I can share are:

1. Follow more people
2. Post more and tie posts back to your website or content that you want to promote. No less than 25% of your messages should relate to the content, site, company or whatever you are trying to promote
3. Interact with other users more

Twitter Clients:

There are a lot of clients popping up. Pick one that works the best for you and is in your face all the time. Only if the client is right there will you always use it. For instance, I use iGoogle as my homepage thus I have the BeTwittered iGoogle gadget so I see Twitter every time I have load the page. I also use Twibble on my blackberry so when I am bored on I can check what is going on.

Blackberry

• Twitterberry – allows you to send and receive messages

• Twibble – allows you to send and receive msgs plus follow people, better UI thank twitterberry

Desktop

• Digsby – all in one IM client similar to Trillian but with support for Twitter (among other things)

• Twitter – Desktop client

• Web – Firefox plugins, twitter website, or iGoogle gadget such as BeTwittered

Twitter Lingo:

Once you are in the world to tweets, you must understand the lingo. Here are some common things you must learn:

@user – when replying to a user place @ in front of their name. It lets the user know the message is directed to them. It will also show up in the user’s tweets so they know you are talking to them.

Conversation Tip: When making reference to another Twitter user, e.g. Bernie want’s to say something about Jen, rather then use that person’s real name, you should use their twitter username. For example… “Just saw @jenandcricket’s new blog post on how to compost in your apartment.” or “can’t wait to see @garyvee present at the @idealbite BIG awards, featuring @heatherisabiter and @jenandcricket. This will help other twitter users know who you are talking about.

Direct message – private message between users. To send a direct message, the other user must be following you. You send a direct message by starting your tweet with the letter d, space, username. So, if you were to send a direct message to me it would be “d adamely Let’s meet for lunch at centro in south park?”

Who to follow? Who to allow?

This is a tricky one. Some people go out and follow as many people as they can. I disagree with this strategy. It makes your account look suspicious and many people will not follow you. Also, it could get your account suspended by Twitter.

My strategy on “business” accounts is to follow others that are posting like content and follow those who are following those I follow. This tends to allow me to jump into the circle that has formed and see both sides of many conversations while getting super relevant information. Additionally, the more conversations I participate in, causes more people to see me and hopefully gather more followers.
Don’t follow anyone who looks like they are just spamming. This can be difficult to tell sometimes but if it is bustylady69 and she really wants you to check out her webcam, don’t fall for it.

As for followers, allow anyone to follow you that is interested in reading what you have to say.

How to get followers:

The more people you interact with, send @replies to, and follow, the more users will find and follow you. Also, the more you advertise your tweeting, the more people will know to follow you. If you have a webpage, link to your twitter account and display your current tweets. Email signature? Link to your twitter account.

As mentioned before – Find people to follow. Friends of friends, people tweeting similar content as you, or just people that seem to be interesting. Many people will follow you if you follow them.
The more you tweet, the more people will get to know you and interact with your posts.

Start conversations. Don’t just post. Reply to people, start conversations. Pick something random and respond and ask a question. Remember that when someone replies to you with @yourname, everyone following that person sees it. Thus if curious (aren’t we all?) they will check out your profile and hopefully follow you.

Twitter Bio:
The bio and user name fields are searchable. TAKE ADVANTAGE OF THIS!!! Put andything you want to be searchable in these fields so it can be found. If you are building a personal brand, be sure to put your full name in there. If building a company brand, ensure the company name and some keywords are in thesse fields. This is SEO for twitter.

Tagging = SEO

When you see #something in a message, for instance “going to #idealbite”, the sender is sending a hashtag. Hashtags are like tags like on flickr or categories on a blog. They group tweets so people can search and find them. Follow twitter user @hashtags and your tweets will be indexed and grouped. So anytime you want to tag the message, throw in a hash tag “just got back form #idealbite office and now going to watch #TBS because #Seinfeld is funny” — Personal note, I hate the use of # in this case. Hashtags said they borrowed it from IRC. On IRC # is a location, not a tag or thing, thus I dislike the usage here. But eh, what ya gonna do?

Update: According to a few people, including domdingelom, hash tags are dead and “http://search.twitter.com is the new black”.  I would agree with this, as I don’t use hashtags though I still see a good number of people using them.

Follow Loyalty

Want to automatically follow those who follow you, auto-send message to those who follow you, or even schedule tweets to send in the future?

Wonder how Obama follows everyone who follows him so quickly? Here is the secret:

Tweetlater

Tweetlater, and other similar services, all you to perform these tasks. One common tactic I have noticed is the use of Tweetlater to send out discount codes and special messages to new followers. This can be a great way to get someone from Twitter to your website or business location.

When to tweet:

When it feels comfortable but at least once a day. Let people know what you are up to. Send out links to good content. Plug yourself, content, or business. Like Gary Vaynerchuk says, self promotion is OK.

How to insert a URL:

Twitter can shorten URLs but sometimes you may insert form a client that does not or want to use a different service that you just like more. Use tools like Snurl or Tinyurl to shorten long URLs, since you only have 140 characters and don’t want to waste it with long URLs.

Want to post a picture to Twitter?
Check out twitpic of the flickr/twitter apps like twittergram.

Have a RSS Feed you want on Twitter?

Easy, twitterfeed has you covered. Just point twitterfeed to your website, blog, or other RSS feed and you get all your posts automatically sent to twitter.

Thanks to everyone who I have talked with, showed me new services, or even added some of the content above.  Special thanks to Scott Boyarsky who put a lot of this together.

Video blog rant on information security programs. This started as me just playing around with the isight camera and evolved into a full on rant.

I learned that I have no future in media.

A recent sidebar piece I wrote for InformationWeek has been posted online.

“Security software as a service is increasing in popularity in tandem with the growth in cloud computing, as emerging providers promise to lower costs while increasing security…[Read More]“

• Basic Drupal SEO Tutorial: On-site Optimization | Webmaster Tips
  (tags: drupal seo)