facebook

Cyber security facts and fiction, issue 1

Issue: A lawyer in Uganda is said to be threatening Facebook for meta-data and user registration details of one TVO; who has made several allegations on his Facebook page.

Fact: Want to know who posts what on Facebook? It’s not that easy. And Facebook won’t give you the details, as doing so could be in contradiction with their privacy policy, at compliance level and kill their business at a strategy level. People post too much private details on their pages with a ‘psychological contract’ that the cloud host (Facebook) will respect their privacy. Globally even when national security is at risk, large cloud providers have rejected US government subpoenas or court orders for ESI (electronically stored information) production for legal purposes. You remember what happened to Blackberry when they gave in to such requests. Now Apple & US Government are in a tug of war. How this ends will set precedence. The fact is, each country should have their own capabilities to monitor traffic of users in their countries.

Fiction: You cannot find out who posted what on Facebook or any other social network. That is a lie. It depends. Electronic records leave a lot of trail, which cyber investigators use to track down the suspect. Unless of course, the suspect is very careful and cover their tracks. Our earlier case we solved was an abusive image posted on Facebook. Of course our court order to Facebook fell on deaf ears. It was ignored. However, we downloaded the image and did image forensics on it, examining the metadata — including geo-location of where it was shot, camera type, etc and had a suspect profile. Note that, using proxies, pseudo-names and other cyber ‘tracks killing strategies’ work, only if one (suspect) is very sober all the time. Something too tough to do given that it is easier to find out the truth than hide lies. Too easy to reveal one’s identity, than hide it. That is a law of nature. And computers and mobile devices respect it well. To be continued.

Leave a Comment

Your email address will not be published. Required fields are marked *

*