If the government comes knocking with a subpoena--or even just a strongly worded letter, per the Patriot Act--Google is obligated to hand everything over. Sure, the feds can get this data from anyone, but Google's wealth of information (as well as its lengthy data-retention policies) makes their job much easier.
Even if you have nothing to hide from the authorities, all that stands between you and Christmas in July for an identity thief is your Gmail log-on and password; that's the key that unlocks every other Google service. Last October, Google reported that thousands of Gmail accounts had been compromised by a phishing scheme that also targeted AOL, MSN Hotmail, and Yahoo. Even sophisticated users have had their Gmail accounts hijacked. Little wonder, then, that Chinese hackers targeted Gmail accounts when they compromised the service last December.
The Fix: Use Google Dashboard to see what information you're sharing (prepare to be blown away), and adjust your settings accordingly. Make your Gmail password harder to guess, and change it every couple of months. If you think your Gmail account has been hacked or stolen, you may be able to use Google's account-recovery page to get it back. And given Google's recent stumbles over user privacy with Buzz, you might consider spreading the risk over different providers.
Pacemakers and Other Implants Can Be Hacked
Researchers at the University of Washington have demonstrated that medical implants that rely on wireless technologies for monitoring the devices and adjusting their settings are not secure.
In lab tests, scientists from UW, the University of Massachusetts Amherst, and Harvard Medical School were able to take control of a cardiac defibrillator and use it to induce ventricular fibrillation, a potentially lethal condition. They could also read sensitive medical information stored on the device and change it at will.
Study coauthor Tadayoshi Kohno, assistant professor at the University of Washington, says that similar techniques theoretically could be applied to other wireless medical devices, such as drug dispensers and neuro-stimulators.
"Medical devices are innovating at an extremely rapid pace," says Kohno. "In the future they'll be much more like full-grown computers. We did this study to raise awareness and increase our understanding of the security risks these devices could pose."
The Fix: At present no fix exists, though the Food and Drug Administration and medical-device manufacturers are aware of the problem. There are no known cases of medical devices being hacked in the wild.
Even the study's coauthor downplays the actual danger. "The risk to patients today is low," adds Kohno. "These are amazing life-saving devices, and I would have no qualms about using one."
Your PC May Be Killing You
Sign up for Computerworld eNewsletters.