MONEY job hunting

The 7 Social Media Mistakes Most Likely to Cost You a Job

magnifying glass over twitter logo
Dado Ruvic—Reuters

Jobvite's latest social recruiting poll shows exactly what hiring managers are looking for when they check your Facebook, LinkedIn, and Twitter accounts.

Your Facebook postings might win over your friends—but they could also cost you a job, a new study finds.

Recruiting platform Jobvite has released the 2014 edition of its annual Social Recruiting Survey, and the results might be disconcerting to those who tweet first and ask questions later. The data shows 93% of hiring managers will review a candidate’s social profile before making a hiring decision.

And that review matters: 55% have reconsidered a candidate based on what they find, with most (61%) of those double-takes being negative.

According to respondents, the worst thing you can do is make any kind of references to illegal drugs. That should probably be common sense—but in case it’s not, know that 83% of recruiters say doing so is a strong turn off. (Perhaps more interesting: 2% of hiring managers think it’s a positive.) Also on the “obviously don’t do this” list are “sexual posts,” which 70% of recruiters say will count against you (only 1% are fans). Two thirds told Jobvite that posts including profanity reflected poorly; over half didn’t like posts on guns, and 44% saw posts about alcohol as concerning.

“Okay,” you say, “but I keep my nose—and my posts—clean, and I wouldn’t think of making any of the 10 stupidest social media blunders MONEY recently wrote about. So what have I got to worry about?”

Well, you might want to take another read of what you’ve written: 66% of hiring managers said they would hold poor spelling and grammar against candidates.

You might also want to consider keeping your political affiliation to yourself, since slightly over 1 in 6 recruiters said that was a potential negative.

And hey, while you’re revising your LinkedIn profile, polish your halo a little: Jobvite’s survey said that information about volunteering or donations to charity left 65% of recruiters walking away with a positive impression.

The survey also showed what other positive qualities recruiters are seeking on social—although the results aren’t that surprising. Respondents said they try to determine things like professional experience, mutual connections, examples of previous work, and cultural fit.

The study also lends some insight into how recruiters use different social networks. LinkedIn is clearly the king of the hill—79% of respondents say they have hired through the network, vs. 26% through Facebook and 14% through Twitter. Nearly all hiring managers will use LinkedIn for every step of the recruitment process, including searching for candidates, getting in contact, and vetting them pre-interview.

In contrast, Facebook is primarily used for showcasing the employer’s brand and getting employees to refer their friends. About two-thirds of recruiters also use the network to vet candidates before or after an interview. Twitter appears to be the platform least used by hiring managers, and is used similarly to Facebook, but with less of an emphasis on candidate vetting.

No matter what the platform, however, the takeaway for workers is clear: Best be vigilant not to post anything you wouldn’t mind an employer or potential employer seeing. Make sure to check your Facebook privacy settings, but don’t depend on them because they’re known to change frequently.

And remember, just because your social media postings haven’t hurt you yet, doesn’t mean they won’t. When MONEY’s Susie Poppick talked to Alison Green, founder of AskAManager.org, she had a simple message to those unconcerned about their online presence: “To people who don’t lock down their accounts because ‘it’s never been a problem,’ I say, you don’t know whether that’s true.”

Read next: 10 Job Skills You’ll Need in 2020

TIME Crime

Judge Says Women Aren’t Entitled to Privacy in Public Places

The case of an alleged upskirt photographer was at issue

Correction appended, Oct. 15

Prosecutors have dropped a case against a man accused of taking photographs up women’s skirts at the Lincoln Memorial, after a local judge ruled the photographs inadmissible and said women in public places shouldn’t have an expectation of privacy.

Christopher Cleveland was arrested in June 2013 for allegedly taking photographs of the crotches and butts of women sitting on the steps to the national monument. On Aug. 28, D.C. Superior Court Judge Juliet McKenna ruled that the photographs would be inadmissible, leading the U.S. Attorney’s Office to drop the case against Cleveland last last month.

Prosecutors filed a motion to keep the photographs admissible, writing that women are entitled to a “reasonable expectation of privacy” while sitting on the steps of the Lincoln Memorial. In her ruling to suppress evidence, Judge McKenna wrote, “Some women are seated in such a way that their private areas, including the upper inches of their buttocks, are clearly visible. … This court finds that no individual clothed and positioned in such a manner in a public area in broad daylight in the presence of countless other individuals could have a reasonable expectation of privacy.”

Which means Christopher Cleveland, and other photographers like him, are free to snap away as they please.

Correction: The original version of this story misstated the date of Judge Juliet McKenna’s ruling.

TIME Security

Snapchat Says Leak of Nude Photos Isn’t Its Fault

The logo of mobile app "Snapchat" is displayed on a tablet on January 2, 2014 in Paris.
Lionel Bonavent—Getty Images

Company says third-party applications were responsible for the breach of as many as 200,000 user accounts

Images from tens of thousands of Snapchat user accounts, many explicit, were leaked onto the internet late Thursday — but the messaging app said the hack wasn’t its fault.

Snapchat said that third-party applications were responsible for the breach of as many as 200,000 user accounts, and that their own servers were never compromised.

A 13GB database of Snapchat photographs taken over a number of years was leaked to online messageboards Thursday. It reportedly includes a large amount of child pornography, from teenage users.

“Snapchatters were victimized by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our Terms of Use precisely because they compromise our users’ security,” a statement read. “We vigilantly monitor the App Store and Google Play for illegal third-party apps and have succeeded in getting many of these removed.”

The news comes just weeks after the release of nude photos of more than 100 celebrities in a massive hack of photos stored in Apple’s iCloud.

TIME Opinion

The Perils of Nanny Cams and Kid Trackers

Child building tower with blocks on window sill
Getty Images

For hours, my almost-4-year-old gets lost in play in his room. Would he act the same if he knew I was watching?

I’m acutely aware of how much time I spend fretting about my kids. I’m an admittedly nervous mother – all hell breaks loose in my house if someone dares to give my toddler a whole grape or a hot dog that hasn’t been halved down the middle. Stories about choking or children who go to bed and never wake up haunt me. I sometimes wonder if all parents watch for the rise and fall of their child’s chest when they peek in on them at night. I also wonder if that is something I will ever stop doing.

If we didn’t raise our first child in a tiny apartment in Brooklyn where we were forced to share a bedroom, I probably would have invested in one of those video monitors that have become so popular among parents like me – the ones who worry. I always assumed that’s who those monitors were for, but a New York Times Motherlode blog post opened my eyes to another type of parent who likes to use them–the observer. In the piece, Thanks to Video Monitors, Parents are the New Big Brother, several admitted to holding on to infant video monitors once their children were well into toddlerhood, because they enjoy peeking into their kids’ world:

Beyond the peace of mind and potential safety benefits that come from extended use of video monitors, many moms and dads would agree that “it’s more fascinating” to watch your child via a video monitor than to listen to him or her via audio, said Alan Fields, co-author of the baby gear review book “Baby Bargains” and the “Best Baby Monitors” online guide. The early audio monitor was a way for parents to hear remotely when their baby woke up, but video monitors let parents see what their baby is doing when they’re not there.

I never really thought about the concept of toddlers and privacy, but if I stop and examine how I feel about it, is it ridiculous to say that I believe they should be afforded some? I think all parents love to peek in on their sleeping children or sneak up and look in unnoticed when their child is lost in play. I certainly understand why parents would be drawn to making a habit of it by ogling a video monitor nightly. But there are things I remember about my childhood – and a lot of my best memories were solitary ones.

I was a private child. I loved playing alone. I see my almost-4-year-old doing the same thing I did as a child—getting lost in play in his room for hours. Would he act the same if he knew I was watching? I don’t think so. I happen to know he is not too young to crave privacy; for one, he’s very adamant about having the door closed when he uses the bathroom. Sometimes when I walk into his room when he’s playing he tells me to “Leave, Mommy.” One child in the New York Times article admits to knowing when she is being watched; her mother hushes her through the monitor when she and her brother play too loudly. “On a recent Saturday morning, Abby pointed out the camera in her room. ‘It’s used for Mommy and Daddy, so if I bang, they are going to talk through the camera,’ she said.”

We’re observing our children more than ever before. We may be raising children to believe – from a very early age – that they’re not entitled to their own space and privacy. As they grow, we hammer this idea into their heads a little more, through a device most of them beg for: the cell phone. Everyone’s favorite accessory isn’t necessarily surveillance, but it is performing the same function—enabling parents to track and observe that their children are okay, without the need for blind trust.

Recently, New York City Mayor Bill DeBlasio vowed to end the cell phone ban in schools to a collective sigh of relief from parents everywhere. He admitted that his own son violates the ban and called it a “safety issue” for parents to be able to keep track of their kids. Raising children in the city is potentially worrisome, but is having a direct line to your child at all times really a safety issue? When I was growing up and a parent had to reach a child in an emergency, they called the school. Perhaps we have more emergencies now, or are we just so used to being on top of our children that we truly believe they can’t make it to school and back without being able to reach us, immediately?

In our attempts to protect our children, we may be crippling them instead. Learning how to move through the world without a direct line to your parents is an important skill for older children. We’re demanding our kids be reachable at all times for their own good. Or is it for our own good? “On the one hand, being able to reach our children at all times gives parents a sense of security and it gives kids a sense of security,” says Eileen Kennedy-Moore, a Princeton, New Jersey psychologist and professor for the new video series, Raising Emotionally and Socially Healthy Kids. “But I think also that it can be an easy out – to immediately call a parent if they struggle. If we leap in too quickly to solve problems that our kids can figure out on their own, we steal their opportunity to develop important coping skills.” What’s more we let them think they need our help. “Of course we want to take reasonable steps for safety,” says Kennedy-Moore, “but we also want to give our children the message that ‘I have faith in you. I believe that you can handle this.’ That’s a very empowering message.”

In addition to putting kids in a position to constantly outsource problem-solving to their parents, cell phones are effectively putting our children on call – all day long. Imagine forfeiting the freedom you had as a child, to leave the house and be absolutely free of your parents until you returned. One mother who grew tired of having her calls seemingly ignored, even went as far as creating an app that will shut down your child’s phone if he doesn’t answer it. Does that sound like someone who is worried about safety, or control? I’d say the latter.

Tonya Rooney, an Early Childhood Education lecturer at Australian Catholic University, has done a lot of research on the repercussions surveillance has on children. In her research article, Trusting children: How do surveillance technologies alter a child’s experience of trust, risk and responsibility, she concludes:

Without a surveillance gaze, children have the opportunity to be trusted, to learn how to trust others, and perhaps to show others they can live up to this trust. Once the surveillance is in place, this opportunity is greatly reduced… if surveillance is applied as a response to fear rather than a more balanced response to any actual risks involved, then arguably both adults and children become reactive agents, contributing to a cycle of suspicion and anxiety, robbing childhood of valuable opportunities to trust and be trusted.

I stomped through Europe in my early twenties without a cell phone and with only a promise to call my mother once a week. If I observe my child secretly in the days of his young life and hand him a cell phone to track him as soon as he’s old enough to leave the house on his own, am I setting him up for the same independence I enjoyed? Will he be able to handle it? It’s a trajectory that we have the power to stop if we realize it may not be in the best interest of our children to raise them to think it’s okay to be watched and tracked.

But, our kids will probably never know the freedom we did, so they won’t know what they’re missing.

TIME privacy

Celebrity Lawyer Threatens Google With $100 Million Suit Over Nude Selfies

The Daily Front Row Second Annual Fashion Media Awards - Arrivals
Model Kate Upton attends The Daily Front Row Second Annual Fashion Media Awards at Park Hyatt New York on September 5, 2014 in New York City. Rommel Demano—Getty Images

“Google’s ‘Don’t be evil’ motto’ is a sham.”

Updated 2:54 p.m. ET Thursday

A lawyer representing more than a dozen celebrities whose personal and sometimes nude photos were stolen and shared on the Internet issued a scathing letter to Google that accuses the tech giant of helping the images spread and threatens a $100 million lawsuit.

The letter, written by lawyer Marty Singer and obtained by The Hollywood Reporter, calls Google’s conduct “despicable” for what it says is Google’s failure to remove the images and its “facilitating and perpetuating the unlawful conduct.”

A Google spokesperson said via email Thursday afternoon that “We’ve removed tens of thousands of pictures — within hours of the requests being made — and we have closed hundreds of accounts. The Internet is used for many good things. Stealing people’s private photos is not one of them.”

Indeed, the firm has removed some images from its sites and links to the images from its search engine. Still, the letter says lawyers have asked Google more than a dozen times to remove the images from Google sites like BlogSpot and YouTube, but some of the images are still available several weeks after the initial breach.

Google “has acted dishonorably by allowing and perpetuating unlawful activity that exemplifies an utter lack of respect for women and privacy,” the letter says. “Google’s ‘Don’t be evil’ motto’ is a sham.”

[THR]

TIME privacy

International Hacking Ring Charged With Theft of Xbox Software and Data

Hackers also allegedly stole software used by the U.S. Army to train military helicopter pilots

Four members of an international hacking ring were charged with the theft of over $100 million worth of software and data related to the Xbox One and Xbox Live consoles and other technologies, the Department of Justice announced Tuesday.

The hackers were also charged for stealing data from the unreleased video games Call of Duty: Modern Warfare 3 and Gears of War 3, as well as the U.S. Army’s proprietary software used to train military helicopter pilots, the statement said.

Between Jan. 2011 and March 2014, the four men allegedly hacked into the computer systems of video game makers Microsoft, Epic Games and Valve Corporation, according to court documents. They also allegedly stole software from the U.S. Army and Zombie Studios, which produced helicopter simulation software for the Army.

Two of the charged members, whose ages range from 18 to 28, have already pleaded guilty to charges of copyright infringement and conspiracy to commit computer fraud.

“As the indictment charges, the members of this international hacking ring stole trade secret data used in high-tech American products, ranging from software that trains U.S. soldiers to fly Apache helicopters to Xbox games that entertain millions around the world,” said Assistant Attorney General Caldwell.

Three of the hackers are Americans, while one of the hackers is Canadian, the Department of Justice said. Officials believe the Canadian’s guilty plea is the first time a foreign individual was convicted of hacking into U.S. firms to steal information.

“The American economy is driven by innovation. But American innovation is only valuable when it can be protected,” Caldwell said. “Today’s guilty pleas show that we will protect America’s intellectual property from hackers, whether they hack from here or from abroad.”

TIME Security

Londoners Unwittingly Exchange First Born Children For Free Wi-Fi

Signed agreement that included a "Herod Clause," in experiment designed to show dangers of unguarded Wi-Fi hotspots

Not reading the small print could mean big problems, as a handful of Londoners who accidentally signed away their first born children in exchange for access to free Wi-Fi recently found out.

An experiment organized by the Cyber Security Research Institute was conducted in some of the busiest neighborhoods in London and intended to highlight the major risks associated with public Wi-Fi networks.

In June, researchers set up a Wi-Fi hotspot that promised network access to users who agreed to a set of terms and conditions. These included a “Herod Clause” offering free Wi-Fi if the user agreed to hand over their eldest child “for the duration of eternity.” The page was disabled after six people signed up.

Finnish security firm F-Secure, which sponsored the research, said it had decided not to enforce the clause. “As this is an experiment, we will be returning the children to their parents,” wrote the Finnish company in its report. “While terms and conditions are legally binding, it is contrary to public policy to sell children in return for free services, so the clause would not be enforceable in a court of law.”

The company urged people to take Wi-Fi security more seriously. Sean Sullivan, security advisor at F-Secure, told The Guardian: “People are thinking of Wi-Fi as a place as opposed to an activity…You don’t do unprotected Wi-Fi at home, why are you doing it in public?”

[The Guardian]

TIME privacy

The FBI and NSA Hate Apple’s Plan to Keep Your iPhone Data Secret

Apple Inc. Launches iPhone 6 And iPhone 6 Plus Smartphones In Madrid
A man shows his new iPhone outside Puerta del Sol Apple Store as Apple launches iPhone 6 and iPhone 6 Plus on September 26, 2014 in Madrid, Spain. Pablo Blazquez Dominguez—Getty Images

Apple made the iPhone 6 pretty difficult to crack. Law enforcement isn't happy about that

Apple released the iPhone 6 with a new, powerful encryption setting that should make it much harder for law enforcement and surveillance groups like the FBI and the NSA from accessing users’ emails, photos and contacts. After the Edward Snowden revelations last year, privacy-minded users may be happy about the new feature, but the law enforcement community is decidedly not.

Speaking at a news conference Thursday, FBI Director James Comey criticized Apple’s encryption, which scrambles information on the new iPhone 6 using a code that could take “more than five-and-a-half years to try all combinations of a six-character alphanumeric passcode with lowercase letters and numbers,” as Comey said.

Comey accused Apple of creating a means for criminals to evade the law, the New York Times reports. “What concerns me about this is companies marketing something expressly to allow people to hold themselves beyond the law,” he said.

In kidnapping cases, when seizing content on a phone could lead to finding a victim, Comey said there would be times when victims’ parents would come to him “with tears in their eyes, look at me and say, ‘What do you mean you can’t'” decode the contents of a phone, the Times reports.

A senior official told the Times that terrorists could use the iPhone 6 to store their data and evade law enforcement. “Terrorists will figure this out,” along with savvy criminals and paranoid dictators, one senior official predicted. Another said, “It’s like taking out an ad that says, ‘Here’s how to avoid surveillance — even legal surveillance.'”

However, major U.S. tech companies like Apple and Google argue that they can’t do business if customers believe their data isn’t secure, particularly in foreign markets like China and Europe, where consumers fear American tech products might come pre-loaded with ways for American surveillance agencies to access their data. On top of that, a security expert told the Times that law enforcement complaints about Apple’s encrypted were likely exaggerated, as access to call logs, email logs, iCloud, Gmail logs, as well as geolocation information from phone carriers like AT&T and Verizon Wireless and other data is relatively unfettered, particularly if police get a warrant.

[NYT]

TIME privacy

Here’s How Much Access Facebook Employees Have to Your Account

Facebook Homepage
Nicholas Kamm—AFP/Getty Images

Answer by Joe Sullivan, Chief Security Officer at Facebook, on Quora.

I’m Facebook’s Chief Security Officer and I oversee data security at the company. Thanks for the question. We take our role as stewards of people’s information very seriously and have invested heavily in protecting the data trusted to us.

There is no “skeleton key.” In fact, we have advanced internal tools that restrict access to information to only those employees who need it to do their jobs (e.g., investigating user reports).

There is a cross-functional group of employees who work on these safeguards and appropriate access to these tools.

Most employees do not have access and, those who do, must sign an agreement and complete a training program before using our internal tools. Finally, we track the actions performed through internal tools.

Each use is logged and requires the employee to explain the purpose of his or her use, and we audit all of this regularly.

Neither Mark nor any other senior executive at the company has tool access granted, because they do not have roles in the company where access would be necessary.

This question originally appeared on Quora: Does Mark Zuckerberg or Facebook employees have a skeleton key granting them access to every member’s Facebook profile page and information?

TIME Security

Experts Say ‘Bash’ Bug Is a Major Vulnerability But Not a Major Threat

computer virus
Getty Images

Cybersecurity experts explain why the Bash bug might actually not be as risky as the Heartbleed bug discovered earlier this year

When the Heartbleed software bug was disclosed in April, there was no shortage of publicizing its risks and defensive measures—and for good reason. And the Bash bug, discovered Wednesday, is prompting similar widespread fear. The security flaw is named after a vulnerable piece of software, Bash, that’s built into several ubiquitous operating systems, including Apple’s Mac OS X.

“People were taking Heartbleed very seriously,” said Jim Reavis, CEO of cybersecurity firm Cloud Security Alliance. “If people don’t take Bash seriously, it’ll become a self-fulfilling prophecy.”

Cybersecurity experts like Reavis don’t doubt that the Bash bug is dangerous: it is, and it needs urgent attention. The afflicted Bash software, released in 1989, is an open source software that was built-in to Linux and Mac OS operating systems and then widely integrated into many corporate and personal computer programs, experts said. Preliminary estimates say it could impact up to 50 percent of Internet-connected servers, according to Darien Kindlund, director of threat research at FireEye, a network security company.

“Bash is yet another type of open source software that has been reused, repurposed,” Kindlund said.

But the threat posed by the Bash bug—it could theoretically remotely command computers and extract private information—is overblown, cybersecurity experts told TIME. Average computer users aren’t likely to be directly targeted by hackers, experts said. And for the vulnerability to be triggered, the attacker would need to deliver content to the user, and then get the user to execute Bash with that content, according to Kindlund. Normal web browsing, emailing or other common activities do not involve calling Bash. What average users should be worried about are more traditional hacking techniques, like phishing emails and links to malicious websites, said John Gunn of VASCO Data Security.

“There are so many other methods that have a high degree of success that would take priority over [Bash as a hacking tool],” Gunn said. “The vulnerability really exists for large organizations that may have servers running Linux.”

Companies who have web servers that aren’t updated internally on a frequent basis may be most at risk because they continue to use old technology, according to Kindlund. Some companies who still store private data on Internet-facing servers—an outdated practice, as it makes sensitive information more vulnerable—or do not have strong security may vulnerable as well, but they can take precautions by inspecting each and every of their Linux-based servers, said Tanuj Gulati, CTO of Securonix, a security intelligence firm.

“The Apples or the Amazons or the Googles of the world aren’t the ones I’m worried about the most,” Reavis said. “But it could be some big companies that use this technology, but simply don’t have an awareness budget, or not taking this seriously.”

Still, many companies already have protection mechanisms in place that would prevent Bash from inflicting significant harm. Most servers can detect anomalous traffic and behavior, and many already take precautionary efforts by keeping records offline where they are inaccessible, Gunn said.

“What this Bash vulnerability depends on is a lot of other failures,” Gunn added. “This isn’t a single point of failure, whereas in Heartbleed, it was.”

Numerous patches for the Bash bug have already flooded the market. While security researchers have claimed the patches are incomplete, experts agree that fully fixing the vulnerability would take years. Additionally, that there have not been any known major breaches using Bash has also boosted security experts’ confidence that the bug may not pose a widespread threat.

“Most vulnerabilities of value are either shared or sold in the hacking community,” Gunn said. “If this had been a viable hacking method, it would’ve been exchanged in the hacking community, and it has not.”

But fact that Bash may not pose a major threat to individuals or companies doesn’t mean its danger should be understated, experts agreed.

“You saw a lot of worry about [Heartbleed], and there really wasn’t much that happened. The economy didn’t grind to a halt. Cities didn’t black out,” said James Lewis, director of the Strategic Technologies Program at the Center for Strategic and International Studies. “It’s a vulnerability. A flaw.”

 

Your browser, Internet Explorer 8 or below, is out of date. It has known security flaws and may not display all features of this and other websites.

Learn how to update your browser