Colleges Give Students Tools to Hide What They Did in College
This week's IT security news roundup has stories on colleges offering free online-reputation management tools to students; a secret NSA computer test; hospital data-breach statistics; a Chrome-browser clickjacking vulnerability; and more.
By Constantine von Hoffman, CIO
Ah, college: a time of hangovers, horrible hookups, walks of shame and far worse. At best you don’t remember them and at worst you wish you couldn’t. Now an increasing number of universities are helping future alumnae remove proof of these activities from the Internet.
Syracuse, Rochester and Johns Hopkins are just a few of the universities offering students free access to online tools that can help bury the digital evidence of the things that might make a potential employer think twice about hiring them, according to the AP.
The reason: Employers have apparently discovered something called Google, and they’re using it to research prospective hires. On the plus side, these folks are lazy and hardly ever bother going past the first page of results. That’s where online tools like BrandYourself come into play: They don’t eliminate the embarrassing material, but they can help to make sure it shows up in search results well after a graduate’s most flattering, professional profile.
“After initially supplying BrandYourself accounts to graduating seniors, Syracuse University this year struck a deal with the company — begun by a trio of alumni — to offer accounts to all of its undergraduate and graduate students and alumni at no additional charge. About 25,000 people have access to it so far.
“Online-reputation repair companies have been around for at least a couple of years, often charging hundreds or thousands of dollars a year to arrange for good results on search-engine result pages. BrandYourself, which normally charges $10 a month for an account, launched two years ago as a less expensive, do-it-yourself alternative after co-founder Pete Kistler ran into a problem with his own name.
“BrandYourself works by analyzing search terms in a user’s online profile to determine, for example, that a LinkedIn account might rank 25th on Google searches of the user’s name. The program then suggests ways to boost that ranking. The software also provides alerts when an unidentified result appears on a user’s first page or if any links rise or fall significantly in rank.”
Unfortunately they still can’t do anything about all that damage to your liver.
(CNET) — Newly released files show a secret National Security Agency program is targeting the computerized systems that control utilities to discover security vulnerabilities, which can be used to defend the United States or disrupt the infrastructure of other nations. The NSA’s so-called Perfect Citizen program conducts “vulnerability exploration and research” against the computerized controllers that control “large-scale” utilities including power grids and natural gas pipelines, the documents show. The program is scheduled to continue through at least September 2014.
(Reuters) – Employers in California and Illinois will be prohibited from demanding access to workers’ password-protected social networking accounts thanks to new laws taking effect in 2013. Michigan’s Republican Governor Rick Snyder signed a similar measure into law earlier this month that took effect immediately. The Michigan law also penalizes educational institutions for dismissing or failing to admit a student who does not provide passwords and other account information used to access private internet and email accounts, including social networks like Facebook and Twitter.
(NakedSecurity) — A study from the Ponemon Institute, which surveyed 80 healthcare organisations in the US found that 75 percent don’t secure medical devices containing sensitive patient data, while 94 percent have leaked data in the last two years (mostly due to staff negligence).
(ThreatPost) — An apparent clickjacking, or UI redress vulnerability, in Google’s Chrome web browser could make it possible for attackers to glean users’ e-mail addresses, their first and last names and other information according to recent work done by an Italian researcher.
(ThreatPost) — The Senate rejected the inclusion of four privacy-friendly amendments before voting to reauthorize the controversial Foreign Intelligence Surveillance Act (FISA) that grants the federal government the authority to clandestinely monitor electronic communications involving foreign citizens coming into or out of the United States without the probable cause required for traditional warrants.
(AP) — Computer hackers have illegally gained access to personal information of more than 30,000 people connected to Army commands formerly based at Fort Monmouth. An Army spokeswoman says the information includes names, birth dates, Social Security numbers, addresses and salaries.