IBM just bought Red Hat for a huge premium! or did it?

Disclaimer: Although I work for IBM, all the information for this article is from public domain & the views expressed here are my own and no way related to IBM’s internal information.

You must have read the news this weekend, IBM’s biggest acquisition , a $34 Billion buyout of Red Hat -> Buyout . As per this write-up -> WhenDoesTheDealclose, the deal will close in second half of 2019. That’s almost 9 months away from today. So let’s look at why I think IBM didn’t pay a huge premium as it currently looks.

At the current prices (before the deal was announced), with Red Hat trading at $120, the price IBM is paying, $190, looks to be an almost 60% premium. But wait, look at when the deal closes. Second Half 2019. So in effect, IBM will be paying $190 for each share of Red Hat sometime in July (or later) 2019. Looking at the revenue & profit growth at Red Hat, which is growing at ~25% per year, you would expect the Red Hat stock to be about 25% over it’s current value. That takes it to about $150 when the deal closes. So in effect, IBM is only paying $40 more, a ~25% premium over the price of Red Hat at the time of deal closing. Reasonable premium that what is advertised as of now.

The real benefit for Red Hat shouldn’t be looked at by the premium. The number of Sales personnel IBM has, Red Hat will grow far more than 25% after the acquisition. But again, I don’t think the merger should be looked at just from Red Hat perspective. The real growth as I see is in the Hybrid Cloud business for both IBM & Red Hat. If you talk to any CxO from a large organization, you will understand that they want to move to Cloud, but not entirely to Public Cloud, but a mix of Private/On-Prem & Public Cloud, thus a strong need for Hybrid Cloud.

Picking up some relevant lines from -> What Is Hybrid Cloud

  • Hybrid cloud is a cloud computing environment that uses a mix of on-premises, private cloud and third-party, public cloud services with orchestration between the two platforms. By allowing workloads to move between private and public clouds as computing needs and costs change, hybrid cloud gives businesses greater flexibility and more data deployment options.
  • Hybrid cloud computing enables an enterprise to deploy an on-premises private cloud to host sensitive or critical workloads, and use a third-party public cloud provider to host less-critical resources, such as test and development workloads.
  • The key to create a successful hybrid cloud is to select virtualization and cloud software layers (for private cloud) that are compatible with the desired public cloud, ensuring proper interoperability with that public cloud’s application programming interfaces (APIs) and services. The implementation of compatible software and services also enables instances to migrate seamlessly between private and public clouds.

Notice the words “seamless migration of software & services between private & public cloud”. This is where the combination of IBM & Red Hat will play a major role. This is what IBM will leverage Red Hat technology for, to provide seamless interoperability between customer’s on-premise environment, Private Cloud & that of IBM’s Public Cloud or any other vendor’s Public Cloud. And most of the large enterprises would prefer to work with 1 vendor, ensuring growth for combined IBM & Red Hat. This to me is the significant play, making the union a grand success.

So looking at the closing date, and with just 25% potential premium when the deal closes & the potential revenue growth, this looks like a great acquisition by IBM.

Features I would love to see in Whatsapp!

Like everyone in India, I am a heavy user of Whatsapp. In fact, I use a lot of collaboaration platforms, such as IBM Notes / IBM Verse (for office email), Yahoo Mail, Facebook & Twitter to name a few. In all of these collaboration platforms, I end up receiving fairly large amount of content. Whatsapp is probably more notorious when it comes to receiving forwards from people, which include posts with lots of text and long videos. Since some of these are worth reading, or watching, I end up spending a lot of time reading through more than screenful of the text, as well as downloading the videos and browsing through them. Often, after downloading the video and playing it a bit, I realize that I am not interested in it. So my efforts are lost. Also for reading large articles, I need to ensure that I am doing only the reading and not multi-tasking (like reading while driving). I beieve having some of these features outlined below incorporated in Whatsapp and other collaboration products would go a long way in freeing up the user from reading endless text, and would help save lots of time.

  • Read the post for me: Allow me to select a received post, and click a button to have the phone start reading the text. So I can put on my headphones and listen to it.
  • Summary transcript of the video: Show me a small summary or transcript of the Video, even before the video is downloaded. This would help me figure out if I should download that large video or not. Just a small mock-up below:
  • Summary transcript or a snippet for audio: Allow me to see a summary or a transcript or a hear a small snippet of an audio received.
  • I also find myself in situations where either because I am out for a few days or some Whatsapp group get super busy, only to find a group (or groups) with large number of unread messages. Curiosity makes me go through most of the messages, atleast scan them. In majority situations, most of the messages could have been simply ignored. Would be great if there was a feature which summarized the unread messages in , and grouped them providing the summary. And if there was anything for me, to highlight it. Similar feature already exists in another product I work with – IBM Watson Workspace. , and a feature like “Moments“.

So Whatsapp, Facebook & other social collaboration applications, what are you waiting for? Let’s implement these in the next update so we can be more efficient with our time.  And if you have ideas about more that you would like to see, please add a response to this post with your thoughts.

Fake News!

For anyone using Social Media platforms like Facebook, Twitter, WhatsApp, Fake News is a major issue.  In India, forwarding messages, photos is very common.  Its very rare for someone using WhatsApp in India to not receive atleast 1000 (the actual number might even be more than this) forwards in various groups they are part of.   So it’s very easy for a message (fake or real) to get circulated to thousands of groups in a very short time.  Recently there have been instances of wrong information getting circulated in India on WhatsApp resulting in lynching innocent individuals.  You can read some of it here -> https://news.sky.com/story/arrests-made-after-mob-lynch-man-targeted-by-fake-news-on-whatsapp-11437660

The responsibility of preventing and recognizing fake news lies as much with the social media platform as with the individual receiving/reading it, and then forwarding it. Every one reading or watching any news must make their own judgement, and try to review if the news is genuine or not. After receiving a news or a video or a photo on WhatsApp or Facebook, which looks to be a news story, one of the 1st things I do, is to immediately go to the browser and try to search for the news on the internet. In most of the instances, I end up getting a hit telling me that this is a fake news and same was circulated few months/years back as well.  Every individual using these platforms has a responsibility to verify the information before forwarding any message.

At the same time, there are lots of newer technologies which can help the platform like WhatsApp to try and filter fake news.  I have read recently that WhatsApp is working on a feature to inform the user that a post is forwarded rather than an original message by the sender.  Today in WhatsApp, almost 90% of posts are forwards (I am excluding posts like Good Morning, Happy Birthday, Thumbs up from this statistic).  Simply knowing that it’s a forward still would not tell the receiver if it’s a genuine or fake.  Especially in India where forwards are common, Whatsapp just announced that they will limit forward to only 5 groups.  Would this stop the menace?  I doubt.  It will reduce, but will not end.

With the advances in Machine Learning, a lot can be done by these platforms.  My thoughts on what these platforms can do:

  • Anything forwarded should go through a filtering process of auto-searching on Google, other major news sites. Unfortunately, I wrote in my earlier blog post (https://techmusingstoday.com/whatsapp-is-it-secure/), the contents are encrypted and WhatsApp does not have access to the content.  So it cannot read and filter messages. I am sure there are different ways this can be achieved, one of them being to detect/filter in the app, or provide an option to the user to verify the authenticity with a button in the app.
  • WhatsApp or any platform can detect if the message was created or was forwarded. Creators identity can be stored in the messages so receiver can always trace back the identity of the creator of the message.
  • Fake or Photoshop’ed images is another nuisance. There are lot of ways to detect Photoshop’ed Images.  One of the article is here.  So any image (unless it’s coming directly from the camera) being posted should go through a rigorous test by the social media platform, and provide a mechanism to the user to check it’s authenticity.

But ultimately, we, the users need to be more vigilant.  Look carefully before forwarding.  So it’s all the users & the social media platform need to come together and fight this menace of fake news.

How do you avoid navigating to a fake website & avoid being a victim of “Phishing”

Phishing is a very common technique used by hackers.  In fact, 1 out of every 4 successful hacking incidents involves Phishing.  So let’s first look at the definition of Phishing in technical terms, after which I will try to explain with an example.

Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.

Phishing is typically carried out by email spoofing and it often directs users to enter personal information at a fake website, the look and feel of which are identical to the legitimate one and the only difference is the URL of the website in concern.  Communications purporting to be from social websites, auction sites, banks, online payment processors or IT administrators are often used to lure victims. Phishing emails may contain links to websites that are fake.

Two things come out from the above description regarding Phishing:

  1. An Email which seems to be from your bank, or financial organization (which is actually fake), which asks you to click on a link contained in that email to provide additional details.
  2. The link takes you to a fake website which looks authentic, so the user might end up entering personal data, thus providing this to the hackers.

In the previous blog post, we saw how you can ensure that, you are looking at a website or a page that is secure and the one you intended to navigate to.  All of this information is available in the URL bar in the browser.  Remember the green lock image, https:// prefix of the URL and the ‘I’ icon to get additional information.  You must ensure you see all of the above before you proceed with entering confidential/personal information on the page.  If you follow the instructions I gave you in the previous post, I am sure you will avoid being a victim of item ‘2’ (fake website) above, because you will immediately notice the website is a fake one and will NOT enter any information on it.

Now I will talk more about how to detect ‘1’ (Phishing URL) so you don’t even get to step ‘2’ (navigating to the fake website). How to detect the URL which the email asks you to click on is a fake URL.   You want to ensure you don’t follow fake URLs as sometimes a simple navigation via the URL will end up providing some data (although not your personal data) to the hackers (such as validity of the email address).

Let’s look at an email that I received recently:

When I open the mail, it looks like a mail from NETFLIX

And since I was trying to create an account recently, to me this may seem to be a real issue that I need to resolve.

Next, the mail instructs me to click on “Update Account Now” (arrow ‘2’).

And that’s what the hackers want me to do.  But before clicking any links which you might suspect to be fraudulent, hover over the link to see the actual website the URL (or the button) is pointing to.   In the picture below, you can see my Mouse Cursor position, and the status bar of the browser showing the URL which will open if I clicked at the position where the mouse cursor is.

All the web browsers will show you the target URL when you simply HOVER your mouse over the area where the page wants you to click.  So you can find out the target before you actually click.

As you can see from ‘arrow 3’, the URL is completely different and nowhere close to NetFlix’s URL.

If Netflix wants me to give them additional details, I would expect them to send me a link to their own site.  (something that has Netflix.com in it).

The hover over URL should ideally be to the site you want to navigate to.  If it doesn’t look anywhere close to the company or bank you want to get to, don’t click on it.  Go directly to your bank’s website and navigate as desired (or in this case, go to Netflix to resolve issue from their website).

Hovering over to see the target URL is available in the browsers on your laptop or desktop.  In case of mobile device, if you are looking at an email on your mobile, or ipad, just hold down the URL link (in my case the “Update Account Now” button) in that email to get a popup with the target URL and an option to navigate to (as seen in the picture below):

So as we look back at these 2 blog posts, ensuring you are clicking on the right link and avoiding any bad ones, and then confirming the page is what you intended to get to, you will have a better, and most importantly safer browser experience.  As always, be very cautious and conscious when sharing any personal information, including bank login details.  It’s better to double-check than repent later.

Websites – What to watch out for when submitting confidential or personal data

One of the concerns I had heard was about the fear of doing online financial transactions or online banking due to the instances of phishing or hacking. Hackers often cheat by creating a fake site which looks exactly like your Bank or financial institution and then steal your login/password.  Recently I heard about an instance where a technology company sent a link to a fake site which looked genuine to their employees, who went to that site and entered their internal login credentials. So this cheating is not limited to non-technical users only. It shows the severity of the problem.

In this blog, I will try to explain how to know that the site you have navigated to is a genuine one.  In a subsequent blog post, I will cover what precaution you must take when you follow a link sent to you by someone.

Let me try to explain how to detect a secure site or page, so you can have safer online experience.  Also, please note that I will be concentrating more on the browser.  Typically, on the mobile, you are doing payments or using the bank from their dedicated app.  But even on a mobile, you sometimes navigate to a page in the browser to fill in some information or a form.

All of the below discussion applies only when you want to ensure the website is secure, especially when you are visiting a bank site and logging into it, or your financial partner site, or a page where you will enter your personal information such as address, phone number, date of birth.

URL Bar

When you navigate to a site – I have used Fidelity.com, a large financial organization based in the USA as an example – you will notice few of the highlighted regions (This is from Mozilla Firefox.  On other browsers, you will see the same content but the positioning might be different).

  • http vs https (item ‘4’ above)

When you open a webpage, either you open it using a bookmark or type the address in the URL field.  The address almost always has a prefix of a ‘http’ or a ‘https’ .  There’s a big reason why that additional ‘s’ is important.  http (hypertext transfer protocol) is a protocol which is used for transferring data from the browser to the actual web-site (both ways – to the browser and from the browser).  ‘http’ does not encrypt the data, whereas ‘https’ encrypts the data during the transfer and that’s where additional security comes in.

So if a website’s url is simply http:// , then the data transmitted is not encrypted, so anyone (possibly a hacker) can intercept and find out what is being sent.  But if the website is using https protocol, the data is encrypted so intercepted data cannot be seen or misused.

So if you are simply browsing and reading some generic website, and using it to exclusively read only, then you could continue with browsing even though the URL has a ‘http://’ prefix.  But if you are going to fill in some confidential data or for that matter sending any information to the website, you should quickly take a look at the browser’s URL bar for that page, and ensure it has a https:// prefix.  This way, you will be sure that the data you fill in and submit is encrypted before it gets to the destination.

  • Lock Icon (item ‘2’ above)

The 2nd important information you should look at is the existence of the lock icon and the color of it.  A green lock means the site is encrypted and secure.  Use the information below to decide what you should do by observing if there is a lock icon on the URL bar, and if there is, which color is it.

No lock – The site is not secure.  If you are only reading the page, it’s fine.  But do NOT send any confidential or personal data.

Green lock – The site is secure and same as the URL address shown.  And the contents are encrypted so nobody can intercept.

Gray with Yellow warning icon or red cross-out – Site data might not be completely encrypted.  So I would strongly recommend that you do not send any confidential information using this site

There will always be a ‘I’ icon  (item ‘1’) next to the lock, which when clicked on will tell you who the site certificate belongs to.  Ideally this will be site you are browsing to.

The 2 confirmation signs above (https prefix, and the green lock icon) should be enough for you to have confidence that the site is secure and can be trusted.

So next time a site asks you to enter some confidential data (username/password, or other personal data), look at the browser’s URL bar, and ensure that there is a Green Lock icon and https:// before proceeding.

WhatsApp – is it secure?

Last week I needed to share my Bank Account number with my son so he could transfer some money to my account.  As I was sharing, my wife cautiously asked me if it was ok to do that.  All the recent headlines about Facebook and data leaks were fresh in her mind.  That made me do some research about WhatsApp’s security and at the end it made me feel quite confident about sharing the details (account number, not my account password).

WhatsApp is used extensively in India and many other countries, although not as much in the US. And simple knowledge of what is safe and what’s not would help everyone using WhatsApp.

If you have ever started a new conversation on WhatsApp with someone, you must have seen a message:

I am sure nobody clicks on the message to know more, but if you did, you would get another message:

The key here is ‘encryption’ – the message (chat or calls) are encrypted with your credentials as well as receivers’.  So no other individual can see the content of the message, even if they somehow get hold of it.  Only you and the receiver can read the message (decrypt it).   A simple analogy for ‘encryption’ is a ‘lock’, so the message is locked, and only you and the receiver have the ‘key’ (decryption ability) for the message.

The same is true for a message you post in a Group.  Only people who are part of that group can read it.

So the bottom line is, the message is safe as long as you trust the receiver not to share it with others or to misuse it.

And the best part is, even WhatsApp (ironically owned by Facebook) – a company that is providing the infrastructure to get your message and deliver to the recipient – can’t see the message or decrypt it.  This is the part that’s most important for me.  This means that WhatsApp will not provide APIs (programmatic access) to 3rd parties to get to the message, neither will WhatsApp run any analytics on my posts/sends/calls to eventually use it for any company benefit.  Facebook has access to all of your posts along with all of your actions in Facebook.  Doing analytics, providing relevant advertisements & access to this data to advertisers was the main issue in the Facebook / Cambridge Analytica saga (see my earlier post).   But the encryption prevents WhatsApp from getting at the content of any of your postings

So the bottom line is:

  • Its fine to share information on WhatsApp, without fear of any 3rd party or WhatsApp (as a company) being able to get to it or read it.
  • You have to use common sense while sharing. Like me sharing my account number with my Son, making sure I don’t share my online login ID/Password or my ATM Pin.  That’s never safe no matter how you share.
  • Also know that the receiver can misuse it or share your message with others.  But it’s between you and the receiver.
  • And don’t forget, if someone gets hold of your mobile or receiver’s mobile and can open WhatsApp, they are opening it with your (or their) identity. So of course, they can read the messages. In this case, they are not a 3rd party.

As long as you keep all of the above in mind, you will have peace of mind and proper sharing on WhatsApp.

You can read more about WhatsApp security by clicking here.

My efforts from these posts is to simplify technology, explain it in simple terms so that when the time comes, you will not ask questions similar to what’s being asked in the accompanying video.

Blockchain – What is it & a use-case

My experience in the past couple of weeks dealing with a real-estate property led me to spend some time thinking about a perfect use-case of Block-chain. Just think about how it can be leveraged for the benefit of the consumer.  First, let’s take a quick look at what Blockchain is all about:-

Blockchain!

Blockchain has been talked about a lot, mainly due to the craze around Bitcoin, which uses blockchain technology.

Blockchain is an open distributed ledger that can record transactions between 2 parties in a secure, verifiable & permanent manner.   Each transaction is recorded as a block with data & other record keeping information, into this ledger.   If the same item is moved from the 2nd party to the 3rd, another block is added (appended) to the previous block, thus forming a chain of block – Blockchain.  Once recorded, the block or the transaction cannot be altered.

A great example, that is easy to understand, is the one where IBM & Walmart are working on applying blockchain to the Food Industry.  As the food is produced and moved through the supply chain to the final destination (in this case a Walmart store), a block is added to the distributed ledger, with information as it moves through different channels (e.g. ships, trucks, warehouses etc).  It then becomes very easy for Walmart to get the entire history of the food item, from the farm where it was produced to the path it took to get to the store.  This can be helpful in a number of ways – during product recall, quality audit, to increase efficiency, and more.

Few examples of common use cases of blockchain are around financial industry (when money is moved from 1 person to another) and real-estate (property transactions).

Last week, I had to get paperwork done for our family owned property.  And that’s when I realized the trouble we were in.  Although one department in the town had added our name on the properly, the other had not done so, causing a lot of confusion.  We had to spend the entire day chasing the town department to do the needful.  We realized that was not the end of our work.  Each of the utilities, which are government owned, had it’s own procedure for transferring the utility to our name.   So a typical home buyer, besides going through the property transaction office for getting the transfer done, has to go through 4-5 more departments for additional transfers (Electricity, Water, Property Tax, and Cooking Gas).  And each of these, have their own forms to fill, their own ownership proofs to submit, identify proof submissions etc.  The entire process takes multiple days, wasting the time of the property buyer.

That got me thinking.  I had seen articles on how blockchain would help with real-estate transactions.  One of the articles was -> http://deloitte.wsj.com/cfo/2018/01/03/blockchain-and-smart-contracts-could-transform-property-transactions/.

This I believe would be a great improvement over what we currently have.  I remember when we bought a house in US, we had to pay money to some law firm to do a title search. This was to ensure that the title is clear and nobody will come later to claim it.  I truly believe Blockchain will eliminate the need for this, and help everyone know the exact history / records of that property. A few governments are already working on potential implementations of this and I bet this will be a reality in the next 3-4 years.

What would make it more efficient, is to go beyond the basic chaining of real-estate transactions / property dealings. What you want is a Blockchain system that triggers changes in other systems. So once the property transaction is completed, the system should be built-in, in a way that the completion of the Blockchain link (addition of the property transaction into the chain & the public ledger) will trigger an update in the systems used for Electricity, Water, Property Tax (& others as required) , effectively the new owner will have instantaneous updates and additional work on the buyer, seller and the various departments is reduced.

Once all of the property & utility related records are updated, the new owner is now free to move into their newly purchased property.  As the move happens, guess what, the new owner now needs to inform all the other public/private institutions about the new address.  These are the banks where they have an account, Phone Company, and possibly the online shipping companies like Amazon etc. Wouldn’t it be great, if the system integrated additional capability, so it can rely on the secure transaction made using Blockchain, to further trigger updates in other records?  This I believe would be a dream come true for the new buyer, who only has to worry about completing the Purchase transactions, doing the packing and moving to the new place.  All the name & address changes are handled seamlessly by the system.

All in all, it will be an awesome home buying experience a few years from now with the advent of Blockchain.

Facebook Saga!

Facebook Saga! – That’s the hot topic for the last few days. Facebook is in the news for all the wrong reasons.  This post is more about discussing the key points of the drama that’s going on over it.

A brief history for anyone who is living in a cave and has not heard of the latest controversy going on with Facebook.  You can read more detailed information here.

To review this briefly, Facebook collects information about everything you do when accessing Facebook (either via the app or via the web browser) – each click, likes, comments, posts, location from where it was accessed, and so on.  Facebook then does a lot of analysis on this entire data to show you relevant advertisements, content, and in return makes a lot of money from these advertisers.  The better the analysis and targeting, the more it can charge.  The more accurate information it can get out of your activity, leads to better analytics.  Unfortunately, someone (Cambridge Analytica) found a way to fraudulently access almost 50 millions Facebook users’ data and manipulated it for vested interests.

I would say there are multiple things here and we need to look at each one individually.

1

Facebook collects users data – clicks, likes, locations, posts, & more

2

Facebook analyzes this to promote targeted ads

3

Access to this data was shared/ compromised.

I will be referring to these points as ‘1’, ‘2’ and ‘3’ below, rather than spelling out each one again and again.

I have seen a large number of posts where people are complaining about point ‘1’, and also about point ‘2’ (collection & analysis of data).  But this applies to almost all the apps that are being used and not limited to only Facebook.

  • Google Maps – In the beginning we used Google Maps only to find direction to go to an unknown location. Now, we use it to find the best route, or traffic data.  I use it every morning as I get into my Car for the office, to know which route out of a possible 3 routes I should take.  And I check it again mid-way to ensure nothing has changed.  Google Maps keeps track of my trips, and it has a feature called ‘timeline‘ which shows me where I drove on any particular day in the past.  So Maps knows exactly where I have been, when (date & time), which route I took and where I started and what my destination was.
  • I do a lot of running, and keep my ‘Endomondo‘ app to track the run. So this app has all the history of all the places I have run, the route and the time of the day.  And this history goes back a few years.
  • Even the browser you use to visit various web-sites does the same. It shows you quick links to the sites you have visited.  So it’s keeping track of where you have been (which sites).  It knows your location, what time you went to a site, how much time you spent on it and I am sure it’s collecting lot more
  • Of course, we all know that information on your purchases online is tracked and relevant ads start showing up on all the web-pages.

As you will see by all the above examples, ‘1’ and ‘2’ (collection & analysis) is done by every app that you use on your smartphone.  It’s done by every web-site you use.  It’s done by your phone service provider (so they can give you better offer when you roam, as an example).  And I do want the apps to do that to help me.  If Endomondo simply tracked my run, and deleted the data after each run, I would stop using it.  I use the app because of how it helps me improve my running.  I like it that the app lets me compare my current run from previous runs, find out the elevation, the terrain, the weather difference, pace for each kilometer etc, and all of this helps me in finding what I may have done right or wrong in that run, helping me improve my overall performance.  This is a huge benefit for me, for which I do not mind having the app collect & analyze my data.

I find it naive when people ask the question “Would you delete your Facebook account and stop using Facebook?”.  If you are worried about what is being collected & analyzed, then stop using your smartphone, since every app on it does it for it’s own use.  Oh, and by the way, your cable provider also keeps track of which channel you use and for how long.  So get rid of the cable.  So no TV.  Oh right, your car also has transmitters so the manufacturer can help you if you get stuck someplace.  So stop using the car.  And of course, your credit card company keeps track of your spends, what you are buying, when you are buying, where (location) you are buying.  So stop that as well.

So if you look at your life as it exists now, you pretty much need to go back 50 years if you want to avoid anything that keeps track of what you are doing.  And I bet even if you go live in a cottage in a jungle, you will find something will track your activities.

So my message is to “STOP” worrying about the app collecting the data, but “Always” check on what the app is collecting and what you are allowing the app to collect.  Make sure it’s collecting what you are comfortable with.  And also remember, the more data you give, the better your experience will be using the application.  What you want to worry about is, what you are doing/sharing, how much data you are sharing and can you be intelligent about it, and last but not the least about point ‘3’ (is the app letting someone else access this data).  You want to ensure that the app which is storing all of this data, is not misusing it and also not sharing the data with others, nor it has a way for others to steal this data.

So it boils down to “Security” and “Privacy“.  Is the App following these 2 principles?  Again Privacy does not mean no collection of the data.  Privacy means keeping the data to itself.  If an app never collects any data, you will not have all these advancements & benefits.  Take away all the suggestions of friends, all the forwards you get from Facebook then what you are left with a platform where you post data but get no feedback.  That is not what anyone needs and wants.  What you want is an App you can trust to provide right information, but also keep all of your data secure.  Facebook faltered in that aspect and is paying dearly for it.  But I think this is a major eye-opener for all the apps and also to the public, and I am sure Facebook will ensure security going forward.  In fact, this will ensure all the major apps we all use (Twitter, Google Maps) will re-visit and ensure Security and Privacy.  But do I believe this will not happen again, I don’t.  In the current times where people do not care for what they share, to whom they share, there’s every possibility that this story may be repeated.

As IoT (Internet of Things) and sensors find their way into each and every item & gadget that we use, the need for Security & Privacy will increase manifold.  We just need to be sensible, responsible and vigilant.