You are currently browsing the archives for the Privacy category.
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Nov | ||||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | 31 | ||||
23 October 2009 by Jeff Hayes.
Yesterday, U.S. communications regulators voted unanimously to support an open Internet rule that would prevent telecom network operators from barring or blocking content based on the revenue it generates.
“I am pleased that there is broad agreement inside the commission that we should move forward with a healthy and transparent process on an open Internet,” FCC Chairman Julius Genachowski said.
The vote came despite a flurry of lobbying against the net neutrality rule by telecommunications service providers like AT&T, Verizon and Qwest which say it would strip them of the ability to manage their networks effectively and would stifle innovation and competition.
[The rule] allows for “reasonable” network management to unclog congestion, clear viruses and spam, and block unlawful content like child pornography or the transfer of pirated content.
The challenge is how much favor is oriented toward the end consumer versus how much to control the free market. How much freedom should an ISP have in deciding how to manage traffic on their networks? What should be done to make sure one ISP does not play favorites by slowing traffic to their competitors?
From the looks of if, the FCC is leaning towards preventing service providers from discriminating what services and content they will carry over their networks and under what circumstances.
What if I am in a one-horse town and I only have one reasonable option for high-speed Internet and my ISP decides it does not like specific sites like the Drudge Report, Fox News, CNN or categories of sites like hate, gambling, drugs, adult (not talking child porn here), or all sites in Arabic?
One the other hand, what if I decide that I want an ISP that supports my moral values and I elect that company to provide me my Internet service?
What if my ISP elects to throttle-down P2P traffic? Is that bad? It is bad for the P2P user but is it bad for everyone else? So should the ISP be given free reign or should there be some regulation?
I support the principle behind net neutrality in that all Internet traffic should be treated equally. As rule, I don’t like the idea of my ISP screening, interrupting or filtering Internet content without court order. Any fragmentation of services or control over specific protocols should be the exception and not the rule.
Posted in Web Security, Privacy | Print | No Comments »
9 September 2009 by Jeff Hayes.
One truly meaningful use of modern cellular networks, aside from gaming, sports scores and TV streaming is mobile telehealth.
Sensors are placed near or on individuals with medical conditions and updates communicated via the cellular network to a location that will record, analyze and act upon, if necessary. For example, regular communication of a person’s blood pressure taken every couple of of hours for a week.
The authenticity, integrity and confidentiality of the data path must be guaranteed. This raises the need for secure communications for mobile telehealth devices.
One must question the current security model followed and implemented by the mobile teleheath device manufacturers. Some will take it serious, others will not.
Posted in Remote Access, Privacy | Print | No Comments »
2 September 2009 by Jeff Hayes.
I am a big fan of the BBC program called Spooks. It is marketed in the USA as MI-5, viewed on some PBS stations or online from Netflix. (If you like the Fox show, 24, you will like MI-5/Spooks). Most of the episodes deal with terrorism. A key piece of technology they use in their investigations and surveillance is closed-circuit television (CCTV). It got me thinking about the question: are we better or worse off with a ubiquitous CCTV system?
Britain and many European nations are heavily wired with CCTV. London boroughs have anywhere from 0.25 to 4 CCTV cameras per 1000 people. Back in 2002, the average citizen in the UK was caught on CCTV cameras 300 times a day; this number has increased because the number of cameras have increased. The U.A.E. is deploying thousands of CCTV cameras (and security guards) at an increasing number of locations within their transportation system. The USA is increasing the use of CCTV cameras, deploying them at various locations including public gathering places and major road intersections.
The are good at recording crime in urban areas. But there is a major privacy issue at play. One must avoid the position that “if you are not doing anything illegal, then you should not be concerned; that they are for the public good — for our own safety.” With that argument then why not place government-monitored cameras in your house, backyards, classrooms, churches?
Should we used cameras for catching speeders? Why not? It is in the best interest of society’s safety isn’t it?
The problem is that the scope of the cameras expands from terrorism and serious crimes like rape, assault and robbery. It morphs into the fields of sociology and psychology. It then becomes an invasion of privacy. CCTV cameras have been used to investigate dog fouling, littering, public urination, misuse of a disabled parking passes, false claims for damages, and spying on a person who was working while off sick. We might detest any and all of these but do we want our government policing these at significant tax payer cost?
Apparently many societies say yes. Others, including me, say no.
Posted in Physical Security, Homeland Security, Privacy | Print | 1 Comment »
23 July 2009 by Jeff Hayes.
Limited to tech-savvy insiders and those passionate about security, darknets allows users to share files and communicate anonymously. For most, they need to install special clients; e.g., Freenet or WASTE. A pair of researchers from HP are planning to unveil a browser-based version next week at Black Hat they dub Veiled.
Great for the individual that elects to participate, not so great for the enterprise. Why? Because shared files are encrypted, fragmented and redundantly stored across the darknet. With a browser-based version, content can be published anonymously into the darknet with hyperlinks to other documents stored within the network.
For most enterprise users, there is no reasonable need for a darknet capability. A darknet application is a method to avoid the prying eyes of the “corporate police.”
The organizational security policy should contain a statement that “outlaws all darknets unless specifically authorized.” As an agent of a business or organization, a user would be required to abide by the policy set forth by the organization.
Posted in Infrastructure Security, Privacy | Print | No Comments »
26 June 2009 by Jeff Hayes.
I have worked at home for part of each week for over ten years. I have never had any guidance from my employer on security practices, mandates or recommendations (less the case where I am the employer or part-owner). I think I do a pretty decent jobs at securing my home and mobile computing environment.
I was interested in how I fared after reading a recent article entitled Seven Deadly Sins of Home Office Security. Let’s consider them:
Probably my biggest mistake, according to this list, is separating my business from non-business activities as it relates to my computer. For me, who works in a small business environment, my business is very much part of my life and working at home is what I do.
If I want to watch a Netflix streaming video on my computer, I will do so without hesitation.
I back-up regularly but probably not regular enough. I am thinking strongly about a remote backup system to bolster my business continuity posture.
This list is a good checklist. But the better solution is for the management team to insist upon a prudent yet reasonable approach to remote and home computing with clear policies backed by consistent audits and enforcement.
Posted in Physical Security, Remote Access, Privacy | Print | 1 Comment »
14 May 2009 by Jeff Hayes.
Not the traditional playground of security personnel but for many companies, ensuring the integrity of their intellectual property can be a make or brake situation. Just about every company has some form of IP. It could be a physical product, a software application, a process or procedure. Protecting it in a global economy is paramount.
A friend of mine manufactures a range of consumer-oriented products. One day, one of his kids said while their were in a public place, “dad, this is one of your’s.” My friend looked closer and it was a knock-off of his product from China, installed and used right here in America, about 15 miles from his manufacturing plant.
The Office of the United States Trade Representative (USTR) is an agency that negotiates directly with foreign governments to create trade agreements, resolve disputes and participate in global trade policy organizations. It recently released (leaked) a summary of the key elements of the Anti-Counterfeiting Trade Agreement. To a large extent, almost all of the negotiations have been behind closed doors over the past two plus years.
New to this agreement are items dealing with Internet-based content, including the criminalization of copyright infringement even in cases where there is no profit motive. It will interesting to see what is required in the areas of copyright enforcement, policing a end user behavior, and how information will be shared (if any) between service providers, businesses and government agencies.
Posted in Counterfeiting, Privacy | Print | No Comments »
11 May 2009 by Jeff Hayes.
There are few things we can do electronically involving the Internet and modern communications that are private. Our credit and debit cards leaves a rich behavior path. The phone company knows who, when and where we call and who calls us. They have a record of our text messages. Our instant messaging partner has a log of our IM activities. Our ISP certainly knows every web site we visit. And for the most part, our preferred search engine provider has a log of our search history.
Although there are many search engines, Google dominates. They dominate because they return relative links based on our inquiry. Its secret sauce is good. Is there anyway around it?
A recent article suggested six things we can do to protect our privacy when using Google services:
This advise should be classified in the good housekeeping arena. Even these things are not going to keep Google, or any other search engine or service provider, from formulating a user profile on each of us.
The bottom line is that we should know that big brother is watching and big brother wears multiple hats. As the lines between government and corporate blur, the problem will only worsen.
Whether we have things to hide or not, the government and business clearly are pushing the limit on our American Constitution’s 4th Amendment. With the trends in society today, the Constitution is becoming, unfortunately, a historical document with some good suggestions but not something that cannot be interrupted to suit the times. We are seeing it melt before our very eyes.
Prudence says everything we do online is being logged and we should act accordingly.
Posted in Privacy | Print | 1 Comment »
9 March 2009 by Jeff Hayes.
I am a followers of the Boing Boing blog. Today, there was a helpful post on how Verizon Wireless customers can opt out of Verizon’s personal information sharing scheme.
I am a Verizon Wireless customers and was able to follow the simple directions and change my pravacy settings.
In an attempt to be helpful,the author Rob Beschizza, included his phone number in the explaination. I have no interest in his number…don’t know him and would never call him.
Goes to show that even the most helpful, even on the topic or privacy, is not immune to simple mistakes — let’s just call it an oversite.
Posted in Privacy | Print | No Comments »