Watch out for spammy emails! Or mimes!
So the UK government seems to have launched a new public awareness campaign dubbed #cyberstreetwise (evidenced by posters in the Tube I spotted this weekend). The campaign’s web site is : https://www.cyberstreetwise.com. Bonus points for a https URL. Negative points for choosing a “.com” domain instead of a more appropriate “.co.uk” or even “.uk” domain.
So first of all, I was confused initially about who was supporting it. The logos at the bottom left panel include HM Government but also the more recognizable Facebook and Twitter logos (without explanation) which seems (to me) to mean “this is being sponsored by the government, Twitter and Facebook” or possibly “this is a government initiative with sponsorship provided by Twitter and Facebook.” In fact, reading the web site, it appears that neither Twitter nor Facebook have any formal role, so the presence of their logos is somewhat mystifying. I Suppose they just mean “we are on Twitter and Facebook” but honestly, these days who isn’t? [Side note: what is up with random Facebook and Twitter logos on things? See my Twitter update on this topic that seemed to “go viral” earlier today.]
But putting this to the side for a second, I really don’t know what to make of this campaign. On the one hand, it’s exactly the kind of public awareness campaign thatI feel is needed. People need to start getting more aware of the the web basics, especially around privacy, e-safety, scams. use of strong passwords, installation of updates and use of security software. So yes. Great. But the information provided doesn’t seem to cover a lot of the key basics that I would think need to be covered. For example, under “privacy” i find no mention of private browsing modes or when you might want to use them, and no discussion of tracking on the web.
Download all updates at all time, cyber-citizen!
Under “keeping your child safe online” I see “Parental controls are available through your internet provider.” but no mention of Apple’s built in parental controls. More importantly, the text on this screen looks like a placeholder. As I’m leafing through their site, I’m asking “where is the actual content?” It feels like this could be a good use for wizards or possibly a cartoon. Also this campaign seems to be aimed both at businesses and families, and those are two different groups with different needs – so that’s weird. Finally some of the advice is a little questionable. For example: always download updates. Yes, but: sometimes phishing scams can masquerade as software updates as a vector to get malware into your computer. I know that’s a difficult message to package into a Tube advert, but it feels like the messaging could be better thought through. “Sign up to security software provided by your bank, such as Trusteer Rapport.” No. No, no, no. Judging from my experience with the software my own bank was trying to push me, I don’t think this is good advice – at all. Rather, how about educating people about how they can click on the padlock icon in their browser to verify the provenance of that certificate.
So I haven’t done a rigorous analysis of the whole campaign, but I’m of two minds about what I’ve seen so far. On the one hand: yes, it’s needed and yes, some good info. On the other hand some of the info provided makes me suspicious about its provenance and whether or not it has all been fact-checked by actual domain experts.
What do you think? Leave a comment here or on my Google+ post.