I just finished writing a Privacy Policy for the jebswebs site and will be adding a link on the blog to point to it.

Personally, I am not overly concerned about privacy on the web, but many people are, and I can certainly understand this. I am concerned about some of the “biggest offenders” who have made the press lately. It’s one thing to have an online service that gather’s information, it is something else when you don’t let people/visitors know about it – or if you constantly change the requirements to keep your information private. The “biggest offenders” are also guilty of creating a false sense of security by creating the illusion of a “gated community” when all the while, their patrons’ personal information is available to those beyond the “gate.”

So, I am a bit ashamed that I didn’t catch this a few weeks ago when I stated adding GA to several of my sites. Rest assured I’ll be remedying that in the next few days.

For those who don’t know about GA and wonder, why all the fuss, let me explain.

Google Analytics is a neat and free service provided by Google to website owners and developers. The developer inserts a small amount of JavaScript code on the pages of their website, and every time someone visits that page, the script grabs some information about the visitor and adds it to the owner’s GA account database. The website owner and/or developer can access this database information by logging into their GA account and seeing charts and graphs which aggregate the data collected. The information collected ranges from what pages are being visit, what browser is being used, and how long they stayed on the site. It should be noted that no personally identifiable information (i.e., names and addresses) are gathered through this interaction. There may be some debate about the use of IP addresses. GA’s policies say they are not harvested, but GA does give you location data – at least in terms of country of origin – and that would have to come from IP data.

It is important to note – and this is where the Privacy Policy comes in – that nearly all of this information is rather innocuous and completely anonymous. But, because the information is also sent to Google, and in the theme of complete disclosure, it is important that visitors know this. I guess you could make the case that by virtue of visiting your site, the visitor’s data is already collected, but let’s not go there…

BTW, just to play it safe, Google offers a free browser plug-in called the Google Analytics Opt-out Browser Add-on which, when installed in a browser [at this point available for Internet Explorer (versions 7 and 8), Google Chrome (4.x and higher), and Mozilla Firefox (3.5 and higher)], the information gathered by GA will be shared with the site owner, but not Google. So, if you are concerned about your privacy, you may want to install this.

Note: In researching for this blog entry, I came across an Australian news article on just this topic. Reading it next.

~John Brandt

Adobe Acrobat logo

UPDATE: New versions of Acrobat Reader 9 and Professional 9 are now available for download. Updates and patches to older versions are supposed to be available tomorrow, March 18th. Also note that I patched what I could and then today received what I thought to be a very suspicious e-mail with a PDF attachment. Read about it on my other blog

I learned this on Twitter a few days ago and am frankly surprised it has not become more widely knows. Basically, there has been a security problem found in the Adobe Acrobat Reader and Adobe Acrobat Professional which allows certain malware to attack your computer. Initially it was reported that by simply disenabling the JavaScript switch in Reader (and Professional) the problem went away. As an interesting aside, I did this and the very first PDF I downloaded and read an hour later came from Adobe and it required the JS switch be turned back on.

Anyway, in this latest report from ZD Net, it appears that that advice does not mitigate the problem and that Adobe is no closer to a solution than it was a few days ago.

So, the only general advice we can give sportsfans is to avoid opening Adobe Acrobat files until the security issue is resolved. As is stated in the ZD Net article: “All users of Adobe Reader/Acrobat should therefore show extreme caution when deciding which PDF files to open regardless of whether they have disabled JavaScript support or not.”

Here is a link to the ZD Net article with details

Update:  Here is more information from Adobe – but the general consensus is to make sure you have you Anti-Virus programs running and up-to-date.

http://blogs.adobe.com/psirt/2009/02/adobe_reader_and_acrobat_issue_1.html

http://www.adobe.com/support/security/advisories/apsa09-01.html

~jeb