Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fighting Terrorists Through Software, Anonymously?

Posted by simoniker on from the i'm-not-who-you-think-i-am dept.

Silwenae writes "MSNBC has a story online from this week's Newsweek about Jeff Jonas, founder of System Research and Development. SRD's software attempts to verify a person is who he says he is, and then tries to determine who that person may be connected with. Originally used in casinos, the CIA has invested in SRD for use in the war against terrorism. Apparently, Jonas has developed a system that can anonymize the data being analyzed through hashing, so the government can share this information with the private sector to look for hits, without the private sector seeing the specific data."

3 of 257 comments (clear)

  1. Who has access to our data? by myownkidney · · Score: 5, Informative
    The question is, who exactly has access to our data?

    The credit card companies, for example, have access to a LOT of data. People seem to be content with that.

    And it is ridiculous how much information about your activities are already out there, though not publicly accessible, accessible to certain organisations.

    I think the scariest bit about this article is that casinos have access to your, YES YOUR, data. And if casinos can do that, so can the mafia.

    The government having access to all this information is only a part of the problem. The real problem is, how much of it is available to bad guys, like telemarketeers and the Russian Mafia.

    --
    Indefinitely Detained US Citizen
  2. Re:Using Hashing by CountBrass · · Score: 4, Informative

    Brute forced? Nope. Assuming they picked a decent secure hashing algorithm (ie something like a 3-pass SHA-256 and definately not MD-5) then brute forcing isn't feasible.

    The weakness is not in the hash algorithm, it's in the use the hash is being put to. See my other post for an explanation.

    --
    Bad analogies are like waxing a monkey with a rainbow.
  3. Err no. by CountBrass · · Score: 4, Informative

    Hashing != encryption.

    Encryption is intended to be unencrypted.

    Hashing is one way because it involves information loss. It is not encryption: there is nothing secret. For example simple hashing algorithm might be "take the ascii value for each character in string and add them all up, rolling over each time you reach 10,000". The result will be a hash. Which is dependent on the data you put in- is impossible to *directly* extract the original data (you could use a lookup table to do it). As I said though, this is NOT encryption.

    --
    Bad analogies are like waxing a monkey with a rainbow.