17 April 2012

Vacations and social media opsec

I just returned from five days of vacation in Florida. Chances are that (unless you follow me on Foursquare and scrutinize my check-ins) you probably didn't know I was gone. We posted no pictures of our vacation activities, didn't make any comments or posts related to what we were doing. One exception that I noted above was Foursquare, where I did check in partly to record our trail of activities and also because I have less followers there and was less concerned about word getting out.

Sites like Please Rob Me (if perhaps a bit over-hyped) highlight the concerns about posting your activities on social media. Especially important is when you're away from home for an extended period of time. Thus, this was a deliberate strategy that Tracy and I followed explicitly for this purpose.

But this is probably not enough. I post a lot on both Twitter and Facebook and if I suddenly disappeared for a while, someone might take notice of that, too. So, step two: Using Buffer (or some other similar application), each night I scheduled a series of tweets and posts spread out during the next day on subjects that I usually talk about. From a third party perspective, things ought to seem just plain ordinary. So when you thought I was tweeting about some infosec article, I was probably riding a roller coaster. :-)

The idea here wasn't or isn't to trick anyone or orchestrate some elaborate deception campaign, just to be careful about what you're posting in similar circumstances; and follow that up with the same sort of content and material that people already expect of you.

Now that we're home again, you can expect to see pictures from the vacation in the near future. I also have some notes about some of our interesting experiences over the last week to flesh out into blog posts.

Now, I need some sleep...
Post a Comment