Google Could Rat You Out
How much does Google know about you? That depends on how much you rely on its cornucopia of free services. But that stored information may easily include the Websites you visit, the search terms you use, the maps you view, your contacts and calendar, your e-mail messages, your chat history, Google Voice phone records, YouTube videos and Picasa photos, the documents you store online, your blogs and advertising accounts, your status updates on Google Buzz, your location on Google Latitude, and--if you use an Android handset--all the data associated with your cell phone, too.
If the government comes knocking with a subpoena--or even just a strongly worded letter, per the Patriot Act--Google is obligated to hand everything over. Sure, the feds can get this data from anyone, but Google's wealth of information (as well as its lengthy data-retention policies) makes their job much easier.
Even if you have nothing to hide from the authorities, all that stands between you and Christmas in July for an identity thief is your Gmail log-on and password; that's the key that unlocks every other Google service. Last October, Google reported that thousands of Gmail accounts had been compromised by a phishing scheme that also targeted AOL, MSN Hotmail, and Yahoo. Even sophisticated users have had their Gmail accounts hijacked. Little wonder, then, that Chinese hackers targeted Gmail accounts when they compromised the service last December.
The Fix: Use Google Dashboard to see what information you're sharing (prepare to be blown away), and adjust your settings accordingly. Make your Gmail password harder to guess, and change it every couple of months. If you think your Gmail account has been hacked or stolen, you may be able to use Google's account-recovery page to get it back. And given Google's recent stumbles over user privacy with Buzz, you might consider spreading the risk over different providers.
Pacemakers and Other Implants Can Be Hacked
Researchers at the University of Washington have demonstrated that medical implants that rely on wireless technologies for monitoring the devices and adjusting their settings are not secure.
In lab tests, scientists from UW, the University of Massachusetts Amherst, and Harvard Medical School were able to take control of a cardiac defibrillator and use it to induce ventricular fibrillation, a potentially lethal condition. They could also read sensitive medical information stored on the device and change it at will.
Study coauthor Tadayoshi Kohno, assistant professor at the University of Washington, says that similar techniques theoretically could be applied to other wireless medical devices, such as drug dispensers and neuro-stimulators.
"Medical devices are innovating at an extremely rapid pace," says Kohno. "In the future they'll be much more like full-grown computers. We did this study to raise awareness and increase our understanding of the security risks these devices could pose."
The Fix: At present no fix exists, though the Food and Drug Administration and medical-device manufacturers are aware of the problem. There are no known cases of medical devices being hacked in the wild.
Even the study's coauthor downplays the actual danger. "The risk to patients today is low," adds Kohno. "These are amazing life-saving devices, and I would have no qualms about using one."
Your PC May Be Killing You
Though electronics manufacturers have made great strides in reducing their use of harmful chemicals in recent years, tech gear still may contain brominated flame retardants--chemicals used to reduce the risk of fire that studies have linked to lower IQs in children and reduced fertility rates.
"BFRs used in the manufacture of circuit boards can be converted to highly toxic brominated dioxins and furans if the products are burned at the end of their life," says Arlene Blum, executive director of the Green Science Policy Institute and a visiting professor of chemistry at UC Berkeley.
But even daily use can be dangerous, says Blum. "When used in plastic casings, BFRs can also migrate out of the plastic into the dust in the room and then enter the body via the hand-to-mouth contact."
The Fix: While major manufacturers such as Apple, Dell, and HP have moved away from BFRs in recent years, certain products built before 2009--especially devices that generate a lot of heat, like laptops and laser printers--may still contain BFRs, says Michael Kirschner, associate director of the Green Science Policy Institute. "Do some research," says Kirschner. "Almost all vendors now have an environmental section on their Websites that tells you about the materials they use."
The news isn't all bad, he adds. "Most manufacturers in the consumer arena have gotten the message to get additive BFRs out of their products."
As for older products still in people's homes? "They probably need to be replaced anyway, right?" Kirschner jokes.