Quotulatiousness

November 30, 2010

Assange says next target is a “major American bank”

Filed under: Media, Technology, USA — Tags: , , — Nicholas @ 07:35

Julian Assange talked to Forbes about the next big WikiLeaks release of confidential data:

Early next year, Julian Assange says, a major American bank will suddenly find itself turned inside out. Tens of thousands of its internal documents will be exposed on Wikileaks.org with no polite requests for executives’ response or other forewarnings. The data dump will lay bare the finance firm’s secrets on the Web for every customer, every competitor, every regulator to examine and pass judgment on.

When? Which bank? What documents? Cagey as always, Assange won’t say, so his claim is impossible to verify. But he has always followed through on his threats. Sitting for a rare interview in a London garden flat on a rainy November day, he compares what he is ready to unleash to the damning e-mails that poured out of the Enron trial: a comprehensive vivisection of corporate bad behavior. “You could call it the ecosystem of corruption,” he says, refusing to characterize the coming release in more detail. “But it’s also all the regular decision making that turns a blind eye to and supports unethical practices: the oversight that’s not done, the priorities of executives, how they think they’re fulfilling their own self-interest.”

November 14, 2010

Well, give them partial credit for their answer . . .

Filed under: Liberty, Media, Technology — Tags: , , — Nicholas @ 11:33

Another article where the headline really carries the whole story:

WSJ Warnings About Privacy-Invading Cookies Carry Privacy-Invading Cookies
Can you move this one to the ‘Irony’ section?

The Wall Street Journal posted a story yesterday about the Obama administration’s plan to add a privacy watching task force to evaluate rules on cookies, metacookies, flash cookies and all the other online threats to consumer privacy.

[. . .]

Of the threatening, deletion-resistant Flash cookies they revealed on in my browser, tracking my trip over to the NYT to read more: two from the Wall Street Journal.

August 16, 2010

Practically speaking, the end is in sight for passwords

Filed under: Technology — Tags: , , , , , — Nicholas @ 10:37

Advances in computing are not always uniformly beneficial: short passwords are increasingly vulnerable to brute-force cracking:

The availability of password-cracking tools based on increasingly powerful graphics processors means that even carefully chosen short passwords are liable to crack under a brute-force attack.

A password of less than seven characters will soon be “hopelessly inadequate” even if it contains symbols as well as alphanumerical characters, according to computer scientists at the Georgia Tech Research Institute. The security researchers recommend passwords at least 12 characters long.

The number crunching abilities of graphics processors were recently applied to commercial password auditing and recovery tools from Russian developer ElcomSoft. It’s a safe assumption that black hats are able to use the same type of technology for less laudable purposes. Richard Boyd, of the Georgia Tech Research Institute, told the BBC that the number-crunching capacity of graphics cards compares to those of supercomputers built only 10 years ago.

Passwords are going to go away, sooner rather than later. All of us have too many passwords to remember that it’s pretty much guaranteed that you’re using one of the following coping strategies:

  • Using the same password on many different sites (or, shudder, all of them)
  • Using a simple password (among the most commonly used are “password” and “letmein”)
  • Leaving a sticky note on your monitor or your keyboard with your passwords listed
  • Using the name of the site as your password for that site

There are tools available to generate passwords that avoid the most obvious pitfalls (too short, no numeric or non-alphanumeric characters, using full words), but very few people use them consistently. I don’t know what the replacement for passwords will be, but we clearly need to move to more secure ways of verifying identity as soon as we can.

I’ve posted items about password security before.

July 28, 2010

What is a “fusion center”?

Filed under: Law, Liberty, USA — Tags: , , , , — Nicholas @ 07:50

Wendy McElroy thinks you should know how much domestic surveillance has increased in recent years:

The Fort Wayne Journal Gazette reported on July 25 that “there are 72 fusion centers around the nation, analyzing and disseminating data and information of all kinds. That is one for every state and others for large urban cities.”

What is a fusion center?

The answer depends on your perspective. If you work for the Department of Homeland Security, it is a federal, state, local, or regional data-coordination units, designed to improve the sharing of anti-terrorism and anti-crime data in order to make America safer. If you are privacy or civil-rights advocate, it is part of a powerful new domestic surveillance infrastructure that combines data from both the public and private sectors to track innocent people and so makes Americans less safe from their own government. In that respect, the fusion center is reminiscent of the East German stasi, which used tens of thousands of state police and hundreds of thousands of informers to monitor an estimated one-third of the population.

The history of fusion centers provides insight into which answer is correct.

July 23, 2010

Stalkers enjoy cool new tools to pursue their prey

Filed under: Technology — Tags: , , , , , , — Nicholas @ 08:41

Leo Hickman finds that Foursquare is a very handy tool to track down your cyberobsession in the real world:

Louise has straight, auburn hair and, judging by the only photograph I have of her, she’s in her 30s. She works in recruitment. I also know which train station she uses regularly, what supermarket she shopped at last night and where she met her friends for a meal in her home town last week. At this moment, she is somewhere inside the pub in front of me meeting with colleagues after work.

Louise is a complete stranger. Until 10 minutes ago when I discovered she was located within a mile of me, I didn’t even know of her existence. But equipped only with a smartphone and an increasingly popular social networking application called Foursquare, I have located her to within just a few square metres, accessed her Twitter account and conducted multiple cross-referenced Google searches using the personal details I have already managed to accrue about her from her online presence. In the short time it has taken me to walk to this pub in central London, I probably know more about her than if I’d spent an hour talking to her face-to-face. She doesn’t know it yet, but Louise is about to meet her new digital stalker.

Privacy and expectations thereof are becoming less and less realistic, but even knowing that, the merging of social media and geo-location services gives me the creeps.

I was an early user of Facebook (once it was opened to non-students) and LinkedIn and have been getting great use out of Twitter lately, but it seems like every day there’s a new social media platform being touted as the best ever. Social media is like any other form of networking: the value increases as the number of nodes goes up. The next boom in convergence will probably be cross-network liaison tools.

Update: Shea Sylvia finds the attention of a cyberstalker very unwelcome.

July 12, 2010

QotD: Silly census fuss

Filed under: Bureaucracy, Cancon, Liberty, Quotations — Tags: , , , , — Nicholas @ 12:20

[. . .] isn’t it just the slightest bit embarrassing for a government whose leader has trashed libertarians for their ethical myopia to have minions and media partisans present a libertarian pretext for an action that is not literally among the first 200 policy changes that would be implemented by an intelligent libertarian given plenary power?

Colby Cosh, “Census squabble: weak arguments shouldn’t have even worse foundations”, Maclean’s, 2010-07-12

July 7, 2010

Blizzard to de-anonymize their user forum

Filed under: Gaming — Tags: , — Nicholas @ 07:53

Blizzard, the publisher of World of Warcraft and other MMO games, has announced that they will no longer allow anonymous postings to their official forum:

Existing posts are not affected, but many WoW subscribers are concerned about the privacy implications of the move. Emails complaining about the decision are already flooding in — to El Reg’s inbox — so one can imagine the furore on Battle.net forums.

As one Reg reader says: “So every man, woman and child who plays World of Warcraft or the upcoming Starcraft 2 will only be able to post on their forums if they’re perfectly happy for anyone who may want to know what their name is. The mind boggles at the security implications from social engineering passwords, email addresses and account names or even safety if people have ex partners or stalkers etc. And then there’s the idiots who you meet in the games themselves who can now take their abuse to real life with just a little googling and rare name or background info.”

No doubt, Blizzard has considered this and is willing to wave goodbye to anonymous forum participants: damn the traffic — or dam the traffic? It simply wants people to behave themselves, to create a new and different kind of online gaming environment — one that’s highly social, and which provides an ideal place for gamers to form long-lasting, meaningful relationships. “

I’d have thought that a viable compromise between the current situation (anyone being able to post anonymously) and the “solution” would be to allow registered users to post under a pseudonym. Blizzard probably doesn’t want to police their forums too heavily, and believe that removing anonymity will automatically reduce the worst excesses with no further policing required from them. Well, it’s a theory.

June 18, 2010

EFF introduces “Encrypt the Web” Firefox plugin

Filed under: Liberty, Technology — Tags: , , — Nicholas @ 12:13

A very interesting new project from Electronic Frontier Foundation:

Today EFF and the Tor Project are launching a public beta of a new Firefox extension called HTTPS Everywhere.

This Firefox extension was inspired by the launch of Google’s encrypted search option. We wanted a way to ensure that every search our browsers sent was encrypted.

H/T to BoingBoing for the link.

May 26, 2010

QotD: Facebook privacy follies

Filed under: Humour, Quotations, Technology — Tags: , , , — Nicholas @ 12:44

All 1,472 employees of Facebook, Inc. reportedly burst out in uncontrollable laughter Wednesday following Albuquerque resident Jason Herrick’s attempts to protect his personal information from exploitation on the social-networking site. “Look, he’s clicking ‘Friends Only’ for his e-mail address. Like that’s going to make a difference!” howled infrastructure manager Evan Hollingsworth, tears streaming down his face, to several of his doubled-over coworkers. “Oh, sure, by all means, Jason, ‘delete’ that photo. Man, this is so rich.”

“Entire Facebook Staff Laughs As Man Tightens Privacy Settings”, The Onion, 2010-05-26

May 18, 2010

Posts of interest

Filed under: Cancon, Environment, Randomness — Tags: , , , , , — Nicholas @ 17:11

A few links you may find worth your attention:

May 10, 2010

Graphical illustration of the death of privacy on Facebook

Filed under: Media, Technology — Tags: , , , — Nicholas @ 09:49

Matt McKeon has a very persuasive set of images, showing the extent of changes to your private information on Facebook between 2005 and last month:

2005

Compare that to the latest set of changes to the default Facebook privacy settings:

April 2010

Facebook is a great service. I have a profile, and so does nearly everyone I know under the age of 60.

However, Facebook hasn’t always managed its users’ data well. In the beginning, it restricted the visibility of a user’s personal information to just their friends and their “network” (college or school). Over the past couple of years, the default privacy settings for a Facebook user’s personal information have become more and more permissive. They’ve also changed how your personal information is classified several times, sometimes in a manner that has been confusing for their users. This has largely been part of Facebook’s effort to correlate, publish, and monetize their social graph: a massive database of entities and links that covers everything from where you live to the movies you like and the people you trust.

May 8, 2010

Facebook’s business model

Filed under: Media, Technology — Tags: , , , — Nicholas @ 09:47

Ryan Singel looks at where Facebook started and why it’s changed its privacy protections:

Facebook used to be a place to share photos and thoughts with friends and family and maybe play a few stupid games that let you pretend you were a mafia don or a homesteader. It became a very useful way to connect with your friends, long-lost friends and family members. Even if you didn’t really want to keep up with them.

Soon everybody — including your uncle Louie and that guy you hated from your last job — had a profile.

And Facebook realized it owned the network.

Then Facebook decided to turn “your” profile page into your identity online — figuring, rightly, that there’s money and power in being the place where people define themselves. But to do that, the folks at Facebook had to make sure that the information you give it was public.

So in December, with the help of newly hired Beltway privacy experts, it reneged on its privacy promises and made much of your profile information public by default. That includes the city that you live in, your name, your photo, the names of your friends and the causes you’ve signed onto.

This spring Facebook took that even further. All the items you list as things you like must become public and linked to public profile pages. If you don’t want them linked and made public, then you don’t get them — though Facebook nicely hangs onto them in its database in order to let advertisers target you.

Every time Facebook changes their privacy policies, well-meaning folks try to explain how to retain as much of your previous settings as possible . . . and every time, Facebook’s defaults have changed further towards exposing everything. There’s money in that information, money that Facebook is determined to obtain. Privacy? The inevitability of zero-privacy is Facebook’s unspoken motto.

May 5, 2010

Facebook obliterates the entire notion of “privacy settings”

Filed under: Technology — Tags: , , , , — Nicholas @ 09:03

As someone noted the other day, when it comes to Facebook and their constant twiddling with privacy settings, you can just copy-and-paste the last outraged story you did and change the date. That being said, the latest Facebook changes are pretty bad:

“Connections.” It’s an innocent-sounding word. But it’s at the heart of some of the worst of Facebook’s recent changes.

Facebook first announced Connections a few weeks ago, and EFF quickly wrote at length about the problems they created. Basically, Facebook has transformed substantial personal information — including your hometown, education, work history, interests, and activities — into “Connections.” This allows far more people than ever before to see this information, regardless of whether you want them to.

Since then, our email inbox has been flooded with confused questions and reports about these changes. We’ve learned lots more about everyone’s concerns and experiences. Drawing from this, here are six things you need to know about Connections:

  1. Facebook will not let you share any of this information without using Connections. [. . .]
  2. Facebook will not respect your old privacy settings in this transition. [. . .]
  3. Facebook has removed your ability to restrict its use of this information. [. . .]
  4. Facebook will continue to store and use your Connections even after you delete them. [. . .]
  5. Facebook sometimes creates a Connection when you “Like” something. [. . .]
  6. Facebook sometimes creates a Connection when you post to your wall. [. . .]

Overall, you’d have to assume that nobody in the Facebook architecture group has ever needed or even wanted to keep certain information private. Every change they make seems to make it harder and harder to restrict where your personal information will be accessible, and it’s not as though there haven’t been complaints: Facebook just carries on as if nobody cared.

I’ve still got a Facebook account, although I find I’m using it less and less (ironically, many of you reading this will have come here because of a link from Facebook . . .). Lack of ability to fine-tune the privacy settings is certainly one of the reasons I don’t use Facebook as much as I once did.

April 20, 2010

Exactly

Filed under: Liberty, Technology — Tags: , , , , , — Nicholas @ 16:54

Cory Doctorow:

The ubiquitous mobile phone in adolescent hands has meant an enormous increase in adolescent freedom to communicate and to form groups to take action. But it’s also meant an unprecedented (and as yet, largely unfelt) increase in the amount of surveillance data available to parents and authority figures, from social graphs of who talks to whom to logs of movement to actual records of calls and texts.

Will we wake up in 20 years and say, “Christ, how could we have spent all that time talking about how kids were sending each other texts without taking note of the fact that we’d given every teen in America his own prisoner tracking cuff and always-on bug?”

My, what a pretty Panopticon we’ve built ourselves . . .

April 15, 2010

Properly defining what are “public goods”

Filed under: Economics, Law, Media, Technology — Tags: , , , — Nicholas @ 07:50

Milena Popova, guest-blogging while Charles Stross is out experiencing Japan, has a long discussion up about public goods and why content (digitally speaking) is a classic example:

There’s a theory in economics about things called “public goods”. To understand the distinction between private goods, public goods and the couple of shades of grey in between, you first need to get your head around two concepts: rival and excludable.

Rival: (Wikipedia seems to call this “rivalrous”, but when I were a young economist lass we used to call it rival so I’ll stick with that.) A good is rival if my consumption of it diminishes the amount of the good that you can consume. Say we had 10 apples, and I ate one. There would now be 9 apples left which you could eat. If we had one apple and I ate all of it, tough luck, no apples for you. Knowing whether a good is rival or not tells you whether you want to use the market (if I were a good economist that would possibly be capital-M Market 😉 to allocate access to that good. If it’s rival, then the market is an efficient way of allocating the good; if it’s not, then you might want to think about other ways of getting your good to people. Remember that scary anti-piracy clip at the start of your DVDs which says “You wouldn’t steal a handbag”? Hold that thought for a minute.

Excludable: A good is excludable if you physically have a way of stopping people from consuming it. Back to the apples: if they’re in my fridge, inside my locked house and you don’t have a key, you can’t have my apples. (Yes, yes, you could break in. The law provides additional protection here, but ultimately there’s probably a better way for you to obtain an apple than breaking into my house, right?) Knowing whether a good is excludable tells you whether you can use the market to distribute the good. If your good is excludable, go ahead and sell it on the open market; if it’s not — you might struggle because you can’t stop people from just taking it for free.

So. Most of the goods you deal with in your day-to-day life are both rival and excludable. We call them pure private goods. But there’s a few things here and there that aren’t as clear-cut, and this is where it gets a little messy.

« Newer PostsOlder Posts »

Powered by WordPress