Slashdot Mirror

← Back to Stories (view on slashdot.org)

Guilty By Association

Posted by michael on from the hanging-out-with-a-bad-crowd dept.

dmf writes "News.com is running a little piece about Microsoft's forays into researching aspects of social computing. With AOL Buddy Lists, Yahoo Messenger, Friendster, and other mappable relationship environments, is it possible the information will soon be used against you? Scenarios such as governments tracking private citizens, investigating terrorist links, political groups finding potential donor lists, marketing departments finding affinity groups, and other easily imagined data mining opportunities could open the doors for information abuse and misinterpretation of individual ties. What implications can it bring in the future of the personal life?"

6 of 339 comments (clear)

  1. Re:Other mappable relationship environments? by WorkEmail · · Score: 5, Informative
    As we progress further and further into the digital age, consumers will have to resort to their own cryptography to ensure that their communication stays private.

    PGP was a good start, it is basically an uncrackable form of cryptography based on public keys, that a very brave guy almost spent his life in prison for posting on a BS back ni the day. Click here for info on it.

    Many Slashdot'ers probably are already familiar with this, but hey, you never know. We will all be fighting for privacy in the coming years it seems, best to know what tools are available to you. :)

    PGP is available on almost every OS, Windows 95/98/NT/2000, MacOS, AIX, HPUX, Linux, Solaris, and DOS. And can be easily configured to work with most popular email programs as well.

    Privacy means that only the intended recipient of a message can read it. By providing the ability to encrypt messages, PGP provides protection against anyone eavesdropping on the network. Even if the information is intercepted, it is completely unreadable to the snooper. Authentication identifies the origin of the information, certainty that it is authentic, and that it has not been altered. Authentication also provides an extremely valuable tool in network security: verification of the identity of an individual. In addition to secure messaging, PGP also provides secure data storage, enabling you to encrypt files stored on your computer. Version 6.5.8 also includes PGPnet - a powerful VPN client which enables secure peer-to-peer IP-based network connections - and Self-Decrypting Archives (SDAs) which allow you to exchange information securely even with those who do not have PGP.

  2. SSH and VPNs by Trolling4Dollars · · Score: 4, Informative

    That's why a lot of us are using SSH tunnels or VPNs with our own IM protocols, DNS and mail servers. There's a whole phantom internet out there and a lot of people don't even realize it.

    Personally, I've been using ssh and Jabber to IM with all my friends. The only thing that's required is that I give them a custom configured ssh client, .ssh/config file and point them to a Jabber client. It's worked well, and no one else has access to the Jabber server other than the people who I've allowed in. Same with e-mail. Sure, I still have to interact with the outside world, but most of my friends and family are pointed to my mail server and use SSH tunnels to communicate with me. They don't see it as an inconvenience because to them, they just double click the "Connect to the T4D Network" icon on their desktop and then use their mail/IM/web clients like they would any other time. When they're done, they just click the "X" in the upper right corner of the CMD window that has a nice friendly message in it that says, "Close this window to disconnect from the T4D network".

    I can only imagine that this will become more commonplace as these technologies get easier to use. Tunnels and VPN are sure to be the next "big thing" once they are really simple enough to install. So far my installation experiences with people who want to access the T4D network have just been to email them a zip file and tell them where to put the extracted files. But a double click wizard would be nicer... Can't code in Windows though because I don't have the money to waste on a compiler.

    --
    Un-news
  3. The sincerest form of flattery.... by orthogonal · · Score: 4, Informative
    Guilty By Association

    dmf writes ".... With AOL Buddy Lists, Yahoo Messenger, Friendster, and other mappable relationship environments, is it possible the information will soon be used against you? Scenarios such as governments tracking private citizens, investigating terrorist links, ...could open the doors for information abuse and misinterpretation of individual ties. What implications can it bring in the future of the personal life?"

    Wasn't there a front page post about bloggers plaigarizing other bloggers today?

    This sounds so familiar.

    It reminds me of this post:
    Since the whole point of this is to build social-connection-webs, it's ideal for government crackdown via the guilt by association angle: not only can you find everybody who is emailing to dump.ashcroft@new.american.revolution.org, you can also find -- and investigate -- all the friends of the dissenter, too.

    And for anyone who isn't worried that the FBI occasionally oversteps it bounds in investigating dissent, just consider that the social affinity networks of p2p traders could also be subpoenaed: we know Joe uploads mp3s, let's subpoena his email "buddy list" and investigate all those people too.


    And this post
    Yeah, but I'd consider a high-level analysis of my email headers (either sent or received) to be a violation of my privacy. Whether or not I'm mailing to kinky@alterate.life.styles.com, fringe.politcal.groups.require@free.speech.too.org , unpopular.opinions@free.thinkers.net, or falun.gong@is.banned.by.my.dictator.org, it should be nobody's business but my own.

    Someone will undoubtedly argue that since headers are sent in the clear anyway, it shouldn't matter, but keeping a database of who mails what to whom only makes abuse -- by freelance busybodies or government spies and censors -- that much the easier.


    And this one too:
    Having any central server aware of all file trading gives whoever controls -- or can subvert the security of -- that central server a far too broad window into the demographics, politics, proclivities, and beliefs of anyone trading files. While this would be a boon to marketeers, governments, and anyone else whose goal is manipulation and control, it must be anathema to anyone who values privacy and liberty -- from left wing "hippie" to right wing "gun-nut", from closted homosexual to crypto-Christian.
    --
    Opinions on the Twiddler2 hand-held keyboard?
  4. Re:Other mappable relationship environments? by RailGunner · · Score: 5, Informative
    You know, I'm really not sure WordOfMouthResearch.com is legit..

    I received a notice that my personal email address got listed on their site from someone apparently looking for information on me. So, I used my anonymous email address and registered as having information about the person who owns my personal address. So far, my anonymous alter-ego has not been contacted, though BOTH addresses have seen a marked increase of spam. When I started bouncing emails to my personal address from WordOfMouthResearch.com, I received the same "Someone is searching for information on you" message from a different source email address. After about 5 or 6 of these, I bounced the entire domain.

    Anyone else have information on these guys? Again, I think they're just harvesting email addresses for spammers under the guise of providing a service (that no one seems to be using - again, if my "alter-ego / evil twin" email is the only address that has information on me, which when I checked last it was, these "people" looking for information on me would have contacted my alternate email by now.

    And as far as using AOL IM and Friendster and all that to data mine, I suspect that the spammers will be the first to use this data, since they can't reliably harvest email addresses with web spiders anymore since people are trying to actively avoid them - however, there is a valid email address associated with an AOL IM login, and also with Yahoo IM, and with MSN Messenger, so there's some major sources that the spammers can get email addresses from, and they'll also cross reference the information, and you'll get more, and more targetted spam. Do you like guitars, for example? Here comes spam offering Guitar Strings cheap, along with the 50 others promising natural male enhancement.

  5. Re:Other mappable relationship environments? by Mysticalfruit · · Score: 4, Informative

    What your talking about is radio screen scraping.

    Basically, your monitor is a big antennae that's emitting signals in every direction. With the proper equipment people sitting in a van outside your house can pick those signals up and see your screen.
    (Personally I'd like to see this demonstrated)

    So what are your options.
    1. Use and LCD panel and have the video signal from your machine to your monitor be encrypted.
    2. Learn morse code and just have all your sensitive stuff outputed to the LED's on your keyboard. (there are programs that'll already do that)
    3. Use your computer inside a faraday cage...

    --
    Yes Francis, the world has gone crazy.
  6. Re:Other mappable relationship environments? by Dravik · · Score: 4, Informative

    There is no need to encrypt your video cable. Just buy a good quality cable that is shielded. That will bring the emissions from that source to levels that are to low to intercept. Just using a normal LCD panel will prevent you type of ease dropping your worried about.

    --
    The purpose of language is communication, If the idea is clear the grammar ain't important