Some settings are changing with the recent updates to Facebook privacy, but Facebook’s commitment to providing you control over your information is not. Here’s a summary of what’s changing:

Providing me control over my info…Well, let’s just see, shall we?

• The Privacy page has been simplified, and in that process, some settings have been consolidated. For security reasons, you will now be required to enter your password if you’d like to update your privacy settings.

Huh. Simplified & consolidated – nice way to say “we rearranged the screen and got rid of some of those peskier settings.” And what security reason could justify entering my password to update my privacy settings? If someone has hacked my account that shouldn’t be messing with those settings, then they already have my password! Entering my password a second time does nothing to enhance my security or privacy – and it’s arguably worse without strong encryption being used.

• A privacy control has been added to the publisher at the top of your home and profile page. This allows you to set privacy on individual posts. For example, you could post a status to Everyone or only to Friends. Learn more on the Publisher help page.

OK, even this curmudgeon has to admit this is a good thing.

• Instead of having networks for regions (eg., Australia or New York City), people’s locations are now listed in the “Current City” or “Current Region” field of their profiles. This means if you use the “Friends and Networks” privacy setting, the networks part only applies to work and school networks.

What’s this have to do with security or privacy? Read on…

• A basic set of information is publicly available, meaning it’s visible to anyone that’s able to navigate to your profile, applications you use on Facebook, and websites you connect with via Facebook. This information includes your name, profile picture, gender, current city, networks, friend list, and Pages. Any additional information (eg., photos or videos) will only be exposed if your privacy settings allow it.

This is where facebook is screwing the pooch. By providing all this information publicly, a hell of a profile can be built about any given person. This is a paradise for spammers, scammers, stalkers, and sickos. It’s a tyrannical government’s new tool. It’s a pedophile’s wet dream. And it’s a nightmare for anyone who desires or needs privacy.

Keep in mind that anyone who navigates to your profile will be able to view your publicly available information and information you’ve made visible to Everyone. While you do have the option to hide your Friend List from being visible on your profile, it will be available to applications you use and websites you connect with using Facebook. In addition, your profile picture appears in places you make comments and posts. You can always change your current profile picture or lower your search visibility if you choose.

Oh, yeah, the application gap. It amazes me the amount of info an application can get not just about me, but about my friends. Yes, the API documentation mentions what personal information you’re not supposed to retain about your users, but there’s no system security behind that API to enforce it. Oh, sure, there are the various agreements for facebook developers – but the honor system does no good when facebook does nothing to enforce those agreements. In reality, the more money an application makes, the more ad revenue facebook is getting a cut of – and the less likely they are to do anything about it. So the worst offenders (Zynga, for example) make millions scamming people. It’s only a matter of time before someone sells all the info they’ve mined out of facebook profiles. Maybe that’s why zynga is using iesnare, and maybe that’s why I haven’t heard a peep from facebook since I filed a privacy violation about that issue.

The pages and friendlist are the two most egregious violations of privacy. You can build a fairly good picture of, for example, a person’s political affiliations, religious beliefs, and sexual tendencies, by examining their pages. Why does this need to be public? I used to be able to selectively show that to whoever I wanted or to nobody at all. Same deal with the friendlist – I could customize who would see that (and had it set to only the people I really knew in real life and trusted) – now it’s an all-or-nothing setting. The setting to hide your friendlist from your profile doesn’t even do a thing to ensure the privacy of that. For example, if you’re logged onto facebook, take a look at Mark Zuckerberg’s profile, and you’ll see he has hidden his friendlist from his public profile. However, by appending anybody’s facebook account id or account name to the end of www.facebook.com/friends/?id=, you can see their entire friend’s list, regardless of their privacy settings – this is Zuckerberg’s friend list, which I’m sure he won’t mind being shared like this since that base url is hardly a secret, and the same info can be gotten by platform applications and Connect sites.

Publicly available information includes your name, profile picture, gender, current city, networks, friend list, and Pages. This information makes it easier for friends, family, and other people you know to connect with you.

No, it makes facebook more like twitter, publicizes more of everyone’s info – especially when the search engines start crawling publicly enhanced profiles and putting together their own social graphs – and frankly only makes it easier for more people to connect with me who I don’t want to hear from at all. In reality, despite the way this change has been spun by facebook, I have less control over my information with this change.

The Obama Administration is considering whether to change policy concerning the use of HTTP cookies on government websites. Currently, government officials require a “compelling need” to use persistent HTTP cookies, and must disclose their use in a privacy policy.

In light of this we arbitrarily chose six government websites to determine whether Flash was being used to assign unique values to visitors. Of the 6 government sites we tested, 3 had Flash cookies. Three were set by whitehouse.gov, one of which was labeled, “userId.” Five of these sites used persistent HTTP cookies.

Whitehouse.gov disclosed the presence of a tracking technology in its privacy policy, but the policy does not specify that Flash cookies are present, nor does it provide any information on how to disable Flash cookies.

The White House “disclosure” still doesn’t mention Flash cookies or how to disable them. It does however state the following:

This persistent cookie is used by some third party providers to help maintain the integrity of video statistics. A waiver has been issued by the White House Counsel’s office to allow for the use of this persistent cookie.

If you would like to view a video without the use of persistent cookies, a link to download the video file is typically provided just below the video.

If the White House videos can be viewed without the use of persistent cookies, than what compelling reason is there for this waiver?

This is so like this administration (and the several previous ones as well): Make a rule, then have the White House Counsel issue waivers for it. Obama’s first executive order was to forbid lobbyists from presidentially appointed positions – a waiver for that was issued before the day was out, and in less than a week, the second most important post in the Pentagon was given to a lobbyist. Not to mention Obama’s claim of “sovereign immunity” when it comes to lawsuits against the government concerning warrant-less wiretapping.

Until we have government officials who respect the Rule of Law – instead of the Rule of Individuals – and honor their oath to the Constitution, they shouldn’t expect anyone to trust them.

“The color looks fine. We don’t smell anything in the water,” DOW District Wildlife Manager Vicki Vargas-Madrid said.

And another DOW rep had this to say:

A major fish kill that occurred in Cherry Creek in downtown Denver today was a “natural occurring event,” according to Jennifer Churchill of the Colorado Division of Wildlife.
The fish that died were young gizzard shad, which are extremely susceptible to cooler temperatures, said Churchill. Cooler temperatures associated with an approaching winter storm, plus lower waters in Cherry Creek, caused the young fish to die, said Churchill.

Now, I’m no biologist, but I do know enough about science to realize this is ignorance at it’s finest. In science, you don’t just state a hypothesis and expect it to be accepted by the world-at-large. After establishing a hypothesis, you need to collect empirical data to prove or disprove said hypothesis, you need to publish the hypothesis, the data you gathered and how it was gathered, and your analysis of the data to show that the proof/disproof of the hypothesis is statistically valid – at which point your published article is peer reviewed, your experiment reproduced, and if you’re good at what you do, your hypothesis will be accepted as a theory. In this case, we went right from stating a hypothesis to accepted fact.

The night before this happened, the temperature didn’t go below freezing. The day it happened, the high where I’m at was 59.5 degrees F – and at the portion of Cherry Creek where this occurred, the temp is usually 5-10 degrees warmer than the weather station in my back yard due to the urban heat island effect. And though the DOW, the DEA, and the Denver Fire Dept were all “surveying” Cherry Creek, it doesn’t sound like a single person measured either the ambient or water temperatures. Today we have a major snowstorm, so it’s a little late to collect these numbers now.

Nobody measured the dissolved oxygen content of the water either. This was interesting, because yesterday was the last of several warm days, but it was overcast. Another theory would be there was an algae bloom, and the cloudy day resulted in a drastic drop in oxygen. How likely this is along such a long stretch of the creek is debatable, but again, we’ll never know now.

The only test it sounds like any of these people actually took was a PH reading by the fire department. Beyond the question of why the fire department is doing water tests, is that their results had a PH of 7, or “normal” according to the Deputy Fire Chief. The only place a PH of seven in water is normal is in pure, desalinated water in a lab. It would be astonishing to me to see water in a creek, that’s running over rocks and vegetation have a PH of exactly 7.0.

Another problem with the cold theory is that according to the DOW’s fishing report from Oct 13:

The shad has about died off, and the lake is about to turn…The current water temperature is 58.7 degrees and the water levels are normal.

Sounds like a case of the left hand not knowing what the right’s doing. Of course, the temperature in the creek will change faster than in the reservoir – but after two previous snow storms (enough cold for the water in the reservoir to turn over), wouldn’t a natural shad die-off have already occurred in the creek by now? Not to mention the DOW contradicting itself on the water level!

But lastly, I’d like to point out that at the least the local media (at least KUSA TV and the Denver Post) failed miserably in their jobs as reporters. How is it that not a single one of them thought of any of these issues and asked the DOW rep who based their theory of the smell and color of the water: “Are you a trained biologist, or a bloodhound?”

The NFL though, is acting somewhat hypocritical here.  There was a huge marketing campaign with the last SuperBowl that involved Twitter, but now the NFL says ixnay on the tweeting. According to the article, leagues are setting these policies up to “protect broadcast rights holders from tweeters getting too close to play-by-play.” So how does a player ban prevent fans from “getting too close to play-by-play?” And why doesn’t this ban before and during games apply to coaches in the NFL, like in the other leagues? Of course, an NFL coach would never throw a game to win a bet, right?