I’ve decided that one of my new habits is to keep my social media footprint to a bare minimum. Listening to the newly discovered Complete Privacy and Security podcast has definitively changed my mind on how I handle my opsec. Mike and Justin do a great job with describing the ins and outs of exactly how our social media footprint can be used against us in many ways, not only by attackers but also by the company providing the service. While their take on personal privacy is way too extreme for me, there is definitely something for every infosec professional to glean from this podcast. I highly recommend it.
Besides covering my opsec, I wanted to purge any potentially embarrassing things that I may have forgotten about on my public persona. Who knows what impact my party pictures from 2008 might have on getting a job in 2018? Looks at all of the people who have been seriously burned when something they post goes viral, only to rain down troll hellfire on them when it is later discovered they have a picture of something offensive or embarrassing.
Purging my old photos was relatively easy. You can access almost all of your photos in their respective albums. I simply deleted the albums that I no longer wanted, and downloaded a ZIP file of the albums that I did want. When you are judging what to keep and what to toss, remember how many of these photos are likely in your Google or iCloud account as well. Tagged photos are more problematic. They require that you manually untag yourself in each one – not a user-friendly task. I recommend that you hold off until a bit later for the solution to this issue.
Purging my old Facebook posts was not as easy. At first, I tried purging my Facebook posts manually. I quickly ran into exactly why more people do not attempt this – Facebook doesn’t make this easy at all. I spent a couple hours trying to clean up every post manually for the first half of my initial year on Facebook. The process was brutal and caused a definite carpal tunnel flare up on my mouse hand.
My next attempt was to use a much-discussed Greasemonkey script called “Timeline Cleaner for Facebook.” The product did not work as advertised, hiding instead of deleting the posts matching my criteria. The script was also very slow, constantly popping up “script is taking a long time” warnings from Firefox. I allowed the script to run for about three hours, but it only went back a little over a year in that time.
Finally, I discovered the “Social Book Post Manager” extension for Chrome. This extension worked exactly as advertised and allows you to delete or hide all posts meeting certain criteria. I was able to purge everything that could be purged from my first year on Facebook in just a few minutes. A second run was able to hide everything else in a few seconds. The only real drawbacks to using this plugin are that you can only delete/hide at most one year at a time and that you cannot automatically hide what you cannot delete.
Purging my old Twitter posts was dramatically easier. TweetDelete is a web service that not only does a one-time purge, but it can also delete your tweets when they hit a certain age. I simply signed up for the service and let it take care of the rest. The whole process only took a few minutes.
I didn’t spend much time cleaning up my LinkedIn history – there just wasn’t a lot there besides my resume. A few clicks and everything was cleaned up.
Once you have done the bulk cleanup, I suggest you review what is still available publicly. If there is anything you think might hurt you in the future, you should probably just delete it.