I recently learned that Goodreads quietly added a “Sign In with Amazon” button to their log on options. No fan fair, no announcements, just a little button that appears on some (but not all) sign-in screens.
Signing into Goodreads with your Amazon does two things:
1) It helps them to connect the dots. The company is now able to fill in some of the additional holes in your consumer profile. They are linking your real name, address, credit card/gift card information and purchasing habits to a social profile. While there is a limit on what and how much information a government agency can legally compile about you, there is no limit on how much information a private company can gather about you.
2) Linking accounts does something called “daisy chaining” your accounts to each other. The phrase originally refers to connecting computers together one by one to build a network. Now it also describes linking one account to another for “ease of use” and cross-posting. The problem here is that linking accounts opens the user to multiple security holes: once someone has access to one of the chained accounts, they have access to them all. The security will only be as good as the weakest link.
Gizmodo reporter Mat Honan learned this lesson the hard way: he was hacked by social engineering and security hole exploitation.
In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.
In many ways, this was all my fault. My accounts were daisy-chained together. Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter.
I’m not the most technical person and there is no real reason to completely rehash everything the GenXposé Blog has posted about internet privacy and security – this is important. Goodreads is known for being reactive instead of proactive – please don’t expect either Goodreads or Amazon to protect you. But you can arm yourself. Use different email addresses to log into the different accounts. Never link accounts to each other. Be paranoid on the internet. Don’t give out identifying information.
You are your best protector. Please be safe.