How Facebook Figures Out Everyone You’ve Ever Met

In real life, in the natural course of conversation, it is not uncommon to talk about a person you may know. You meet someone and say, “I’m from Sarasota,” and they say, “Oh, I have a grandparent in Sarasota,” and they tell you where they live and their name, and you may or may not recognize them.

You might assume Facebook’s friend recommendations would work the same way: You tell the social network who you are, and it tells you who you might know in the online world. But Facebook’s machinery operates on a scale far beyond normal human interactions. And the results of its People You May Know algorithm are anything but obvious. In the months I’ve been writing about PYMK, as Facebook calls it, I’ve heard more than a hundred bewildering anecdotes:

  • A man who years ago donated sperm to a couple, secretly, so they could have a child—only to have Facebook recommend the child as a person he should know. He still knows the couple but is not friends with them on Facebook.
  • A social worker whose client called her by her nickname on their second visit, because she’d shown up in his People You May Know, despite their not having exchanged contact information.
  • A woman whose father left her family when she was six years old—and saw his then-mistress suggested to her as a Facebook friend 40 years later.
  • An attorney who wrote: “I deleted Facebook after it recommended as PYMK a man who was defense counsel on one of my cases. We had only communicated through my work email, which is not connected to my Facebook, which convinced me Facebook was scanning my work email.”

Connections like these seem inexplicable if you assume Facebook only knows what you’ve told it about yourself. They’re less mysterious if you know about the other file Facebook keeps on you—one that you can’t see or control.

Source: How Facebook Figures Out Everyone You’ve Ever Met

New “Quad9” DNS service blocks malicious domains for everyone | Ars Technica

The Global Cyber Alliance (GCA)—an organization founded by law enforcement and research organizations to help reduce cyber-crime—has partnered with IBM and Packet Clearing House to launch a free public Domain Name Service system. That system is intended to block domains associated with botnets, phishing attacks, and other malicious Internet hosts—primarily targeted at organizations that don’t run their own DNS blacklisting and whitelisting services. Called Quad9 (after the 9.9.9.9 Internet Protocol address the service has obtained), the service works like any other public DNS server (such as Google’s), except that it won’t return name resolutions for sites that are identified via threat feeds the service aggregates daily.

“Anyone anywhere can use it,” said Phil Rettinger, GCA’s president and chief operating officer, in an interview with Ars. The service, he says, will be “privacy sensitive,” with no logging of the addresses making DNS requests—”we will keep only [rough] geolocation data,” he said, for the purposes of tracking the spread of requests associated with particular malicious domains. “We’re anonymizing the data, sacrificing on the side of privacy.”

Source: New “Quad9” DNS service blocks malicious domains for everyone | Ars Technica

Experian Site Can Give Anyone Your Credit Freeze PIN — Krebs on Security

What good does it do to lock down your credit with a credit freeze if Experian will hand over your PIN to anyone who asks?

An alert reader recently pointed my attention to a free online service offered by big-three credit bureau Experian that allows anyone to request the personal identification number (PIN) needed to unlock a consumer credit file that was previously frozen at Experian.

The first hurdle for instantly revealing anyone’s freeze PIN is to provide the person’s name, address, date of birth and Social Security number (all data that has been jeopardized in breaches 100 times over — including in the recent Equifax breach — and that is broadly for sale in the cybercrime underground).

After that, one just needs to input an email address to receive the PIN and swear that the information is true and belongs to the submitter. I’m certain this warning would deter all but the bravest of identity thieves!

Source: Experian Site Can Give Anyone Your Credit Freeze PIN — Krebs on Security

Bay Area housing: Sunnyvale home sells $800,000 above asking

This story caught my eye, when a modest, 2,000sf home in Sunnyvale, CA sold for $800,000 over asking price. True, there is a little real estate sleight-of-hand going on here with how it was priced but there’s no denying that this is an eye-popping sale.

This kind of outrageous housing market is what comes to mind when I think of what might happen if Amazon chooses to set up its second headquarters in the Triangle. I think of the stunning metamorphosis that’s taken place this year in the neighborhood surrounding East Raleigh’s Ligon Middle School, where affordable homes have been all but demolished in favor of fancy new homes, and I wonder how long it will be before no one here but stock-option millionaires can live where they work.

Be careful what you wish for, Raleigh. More on this in an upcoming blog post.

A house in Sunnyvale just sold for close to $800,000 over its listing price.

Your eyes do not deceive you: The four-bed, two-bath house — less than 2,000 square feet — listed for $1,688,000 and sold for $2,470,000.

“I think it’s the most anything has ever gone for over asking in Sunnyvale — a record for Sunnyvale,” said Dave Clark, the Keller Williams agent who represented the sellers in the deal. “We anticipated it would go for $2 million, or over $2 million. But we had no idea it would ever go for what it went for.

”This kind of over-bidding is known to happen farther north in cities including Palo Alto, Los Altos and Mountain View. But as those places have grown far too expensive for most buyers, future homeowners have migrated south to Sunnyvale, a once modest community that now finds itself among the Bay Area’s real estate hot spots.

Source: Bay Area housing: Sunnyvale home sells $800,000 above asking

DefCon 25

Having worked in IT for (gasp!) twenty-five years, I have long enjoyed the side of my job that deals with securing the networks I am responsible for. Network security is a game to me; trying to find and stop hackers before they find and stop me. As my blogging has revealed over the years, I enjoy solving a good mystery. How far back can a track an attacker? Or an adversary? How much knowledge can I dig up? This is all very fun.

My current job doesn’t deal with this directly as I am lucky to have a great team who watches the network. Still, I have to pay some attention to what’s what. So, when the department budget allowed for sending me to my first DefCon, I was delighted to go. Two weeks ago, I was on a plane to Las Vegas to join 25,000 other “hackers” in an intense, three-day powwow of matching wits, sharing forbidden knowledge, and proving points.

This year is the 25th anniversary of DefCon (i.e. “DefCon 25”). DefCon gets its name partly from the U.S. Department of Defense’s “Defense Condition” levels, as popularized by the movie “War Games.” Partly, it’s a made-up word with the “Con” meaning “convention.” DefCon was started (if I am correct) by Canadian bulletin-board owners who decided that on-line meetings were not enough. It has continued to be one of the premier conferences/training sessions that draws attendees from around the world.
Continue reading

As a Woman in Tech, I Realized: These Are Not My People – Bloomberg

A woman in tech suggests there’s a kernel of truth in the “Google Memo.”

No, the reason I left is that I came into work one Monday morning and joined the guys at our work table, and one of them said “What did you do this weekend?”

I was in the throes of a brief, doomed romance. I had attended a concert that Saturday night. I answered the question with an account of both. The guys stared blankly. Then silence. Then one of them said: “I built a fiber-channel network in my basement,” and our co-workers fell all over themselves asking him to describe every step in loving detail.

At that moment I realized that fundamentally, these are not my people. I liked the work. But I was never going to like it enough to blow a weekend doing more of it for free. Which meant that I was never going to be as good at that job as the guys around me.

Source: As a Woman in Tech, I Realized: These Are Not My People – Bloomberg

Brian Shul, SR-71 pilot

Author Brian Shul

Someone shared a clip from a talk Maj. Brian Shul (USAF, ret.) gave on his seven years as an SR-71 Blackbird pilot and I found myself looking up his whole talk and becoming captivated by it. Shul not only piloted the world’s highest-performing aircraft, he is an excellent photographer, too, and captured many once-in-a-lifetime photos of this glorious aircraft in action. Shul’s talk is funny, poignant, and inspiring as he expresses his love for flying, photography, and his love for life. It’s an hour long but well worth watching!