Slashdot Mirror

← Back to Stories (view on slashdot.org)

Accidental Privacy Spills

Posted by michael on from the quicker-picker-upper dept.

ahem writes "A journalist attends the World Economic forum, and writes an email to a few friends. It's a chatty, casual conference report. The conference is a gathering of the 5,000 most powerful people in the world. The report gives a breezy insight into how stuff gets done at that level, and what the concerns are that keep the world's leaders up at night. That email was intended only for the journalist's friends. That email winds up getting plastered all over the net. Here is a very interesting discussion of the implications of this "privacy spill." Make sure you read down to the Epilogue. Here is the email itself." The Lawmeme discussion is quite thoughtful and in-depth, very good reading.

17 of 573 comments (clear)

  1. Re:Idiots... by yali · · Score: 4, Informative

    Poster says:

    When will people get that email is not secure. Its the digital equivalent of a postcard, but idiots still email credit card numbers and worse.

    Article says:

    Encryption is fine for the digital connection, but the digital connection was already the secure part of the link. Garrett's expectations of privacy were compromised between the seat and the keyboard; the same place every technically foolproof scheme fails.

    The article is more interesting than just a technological discussion, because it gets into issues of how social norms and technology interface. Of course, it's also waaaaaaay long.

  2. Revlavent Links... by Anonymous Coward · · Score: 4, Informative
    Here's some links I got when I read this on rc3.org a few days ago:
    Original email
    MetaFilter thread
    The reporter's reaction (harshly condemming internet users!)
    Bruce Sterling's notes
  3. Re:Poor guy by gokulpod · · Score: 2, Informative

    Read the email - its a gal, not a guy.

    --
    My mom never taught me to sign.
  4. Re:Poor guy by doomy · · Score: 2, Informative

    Her name is Laurie Garrett she works for Newsday, she's a well known journalist/writer.

    --
    ...free your source and the rest would follow...
  5. not mentioned?! by Lovejoy · · Score: 2, Informative

    The World Economic Forum wasn't mentioned in the mainstream press?

    Really?

    --
    Yes, it's a blog. Sorry if that offends you.
  6. Re:without spelling mistakes and grammatical error by Heywood+Yabuzof · · Score: 2, Informative

    There are two mistakes in the first two paragraphs alone: "truely" and "insundry").

  7. Re:Good. by rynthetyn · · Score: 2, Informative
    I'm glad this was leaked. Am I the only one who finds it disturbing that the worlds "ruling classes" can get together, have a chinwag and for it not to be mentioned in the mainstream press?

    Your problem is that you aren't reading the right mainstream press. Information about the World Economic Forum was there to be found if you wanted to read about it. Just a guess, but I suspect that a lot of slashdotters did in fact see articles about the WEF, but didn't bother to read them. It's much more enticing when you read about it in the form of a leaked e-mail, than to go and bother to read the business section on CNN.com or to bother to pick up an issue of the Economist. I know it was in the mainstream press because I read about it in the mainstream press.

    The World Economic Forum is not secret--hundreds of journalists are there covering it every year. It's not a secret society, it's just a bunch of the world's movers and shakers getting together to discuss the economy and global politics. They even have a website that, among other things, details the discussions in every meeting www.weforum.org.

    One other thing. That journalist was obviously trying to make herself sound more important, as though she was one of a select few to get the kind of access she got. In reality, according to the WEF website, all journalists who are selected to attend get the same participation rights as everyone else.
    "Journalists do not pay participation fees and the Annual Meeting is one of the only international meetings to integrate media participants as full stakeholders in its debates. The media represent twenty percent of all participants and participate in all the activities of the Annual Meeting."
    --
    Eagles may soar, but weasles don't get sucked into jet engines...
  8. Re:Insundry? by Osty · · Score: 2, Informative

    This surprises you? The written English language has suffered horribly. Reading what most people write, you'd be hard pressed to call them "literate". For example, look at the prolific use of "would of", "could of", "should of" in place of the contraction form "would've", "could've", "should've". People pronounce those improperly (should be "wood-ev" with a very short 'e' sound, and not "wood-uhv") and consequently write them as they hear them.


    Then there's the ever present "lose" v. "loose" and "chose" v. "choose" misspellings, the misusage of "their", "there", and "they're", "to", "too", and "two", and so on. Sadly, these mistakes are even made by native English speakers. It would be excusable for people speaking/writing English as a second or third language (hey, I had three years of Spanish, and I still butcher the language when I try to speak it; forget about writing it).


    I blame Hooked on Phonics for teaching our children to spell how things sound, and not how things are spelled.

  9. A modestly serious issue by EchoMirage · · Score: 2, Informative

    The issue of e-mail privacy is a modestly serious one. I was stung by this in a bad way two months ago. I sent an angry personal e-mail to the president of a fundamentalist Christian 'family rights group,' who in turn took the verbatim contents of that e-mail and published them in a press release from his organization (because I'm the editor of a small but well-known newspaper).

    Suddenly my personal e-mail to him was circulating in the inboxes of thousands of the group's members, and I started getting calls from the media, family rights groups, etc. Several other 'family rights' groups published the story on their websites; it went national rather quickly. I later apologized for the e-mail, but the whole thing left a bad taste in my mouth. The issue is likely to haunt me for a while, even though the hubbub from it has died down now.

    Now, it's quite true that I should have known full well that if I send something out in e-mail, it could get re-distributed; it's the nature of the beast. So I'm not really too upset at anybody but myself. Even so, the flippancy of people in dealing with personal e-mail is quite striking. You also see this when people CC or BCC to people other than the primary recipient.

    I feel sorry for the journalist (although her e-mail was fascinating to read!). There ought to be a higher level of trust allowed in e-mail, but since there isn't, we ought to watch what we write.

  10. Re:war... by dsavitsk · · Score: 2, Informative

    Read Kevin Phillips' Wealth and Democracy. It is subtitled "A Political History of America's Rich," but it is really an economic history of the U.S.

  11. C Library versus OS kernel by TheMidget · · Score: 3, Informative
    While it is correct that malloc does not guarantee that the memory will be cleared (even on Unix, it will contain random junk), it is still unacceptable that the OS leaks data from one application to the next. In Unix, if you find junk in a malloc'ed segment, it can only come from the application itself (previously allocated, used, and then freed memory), never from another app.

    Just think about the privacy implication of such cross-application leaks on a multi-user system. Rather than relying on a broken word processor, an attacker could write a program that intentionnally malloc'ed large chunks of memory, and then went searching through them for interesting data of his fellow users...

  12. Re:common example: Word documents by thegoldenear · · Score: 3, Informative

    the author hadn't flattened the layers. it got noticed I think by a reporter using a slower computer than many used at the time so they saw the names appear then get blanked over where-as for most people that happened too quick to see. it was reported here on Slashdot

  13. Re:Insundry? by ahem · · Score: 3, Informative

    I think the word you're looking for is "mondegreen." It was coined by Jon Carroll, columnist for the San Francisco Chronicle. He actually uses it in reference to misheard song lyrics ("There's a bad moon on the rise"-->"There's a bathroom on the right").

    --
    Not A Sig
  14. Re:Insundry? by gid-goo · · Score: 2, Informative

    Lose vs Loose drives me nuts. If I could shoot everyone who typed loose when they meant lose we would have 1) half as many internet users and 2) I wouldn't get irritated by every retard who thinks Loose and Lose are the same goddamn word. Man, when can I be one of the ruling class. BTW Lose and Loose sound nothing alike. I can't see how anyone can make that mistake. Hooked on Phonics isn't the problem here. Their vs. There I can understand.

  15. In which a long rant misses the point by WoOS · · Score: 2, Informative

    The writer of the Feature on Accidential Privacy Spills goes on about P3P, encryption, copyright, ... but he seemingly simply forgot one point. The netiquette clearly states:

    E-mail is not to be published.

    The guy to blame is also clear: Adam Davis posted the e-mail to a mailing list, which is publication. (And some other guy called 'beagle' seemingly published two other e-mails of Laurie Garrett).

    All this endless talk on how publishing e-mails degrades (or improves) information of the masses in a democracy, all this speculative writings on possible technologies to prevent it. This all is completely pointless. The question is how to make everyone aware and understand the netiquette and why it is necessary. The author of the feature implicitely gives some pretty compelling reasons for the why but also clearly shows he hasn't understand the netiquette since he (mockingly) proposes to Cease-and-Desist the e-mail out of publicity.
    There is no need for C&D. Netiquette has been breached and any webmaster who really deserves that name should be extremly willing to remove the e-mail from any website/archive he is responsible for simply on request.

    Social pressure is it. Or maybe was it. We shouldn't have let in all those AOLers a few years ago .

  16. Re:Questionable authenticity.... by scrub76 · · Score: 2, Informative

    Just to add to this... Not only is Laurie Garrett an excellent reporter, but she is also a fabulous writer. I read the Coming Plague in 1994 as an impressionable college freshman unsure about my major and my motivations. More than any other single event, reading that book opened my eyes to the importance of disease research and its role in a changing world. Fast-forward ten years...I now have a Ph.D. in Medical Microbiology and Immunology and investigate HIV vaccine development at a major US university. A dog-eared copy of Coming Plague sits on the bookshelf in my bedroom and I still reread portions for information and inspiration. A few years back, my coworkers and I were talking about our motivation for becoming scientists. Two others also said that reading The Coming Plague sparked their interest in science. And I'm sure that we are not the only ones. This privacy incident notwithstanding, people should recognize that Garrett is one of the best (if not the best) science writers in the world today.

  17. Re:common example: Word documents by vrmlguy · · Score: 2, Informative
    The other trick was to fopen(3) a new file, do a large fseek(3) and fclose(3) the filehandle. Then simply read the file to get the data that had been written on the disk blocks previously.

    Actually, that would create a sparse file which ls(1) would report as having a size of "large" bytes, but du(1) would report as occuping zero blocks.

    --
    Nothing for 6-digit uids?