Slashdot Mirror
How to Convince Non-IT Friends that Privacy Matters?
mmtux writes:
"As technology becomes more advanced, I am increasingly worried about privacy in all aspects of my life. Unfortunately, whenever I attempt to discuss the matter with my friends, they show little understanding and write me off as a hyper-neurotic IT student. They say they simply don't care that the data they share on social networks may be accessible by others, that some laws passed by governments today might be privacy-infringing and dangerous, or that they shouldn't use on-line banking without a virus scanner and a firewall. Have you ever attempted to discuss data security and privacy concerns with a friend who isn't tech-savvy? How do you convince the average modern user that they should think about their privacy and the privacy of others when turning on their computer?"
Delete his/her desktop shortcuts, so they will think a virus ate them.
Showing him his bank balance might work...
rj
Hold on, let me check your friend list first...
You may be conflating too many issues. There's a huge difference between warning people about info-stealing malware and saying "zomg ur real name is online!" Remember that most people still have the attitude that they have nothing to hide and so nothing to fear.
I say focus on the most critical issues, like not clicking stupid links, using IE, or falling prey to phishers. Nobody wants his bank account emptied.
Btw, don't forget to post the links to us.
You are not entitled to your opinion. You are entitled to your informed opinion. -- Harlan Ellison
Unfortunately they drag the privacy-conscious with them, when they publish their social networks and include those who wouldn't make their own data available publicly. I think there really is not going to be any privacy, only controlled publicity. They may not see it that way, but the people who fight for privacy are in much more of a dead end than the socially promiscuous people. At least they benefit from their social contacts.
Seriously... Google them. Or somebody else at random. Show them how much information about them is already out there, and how easy it is to find. That'll convince them pretty quickly that they need to safeguard their information.
If you believe everything you read, you'd better not read. - Japanese proverb
...Is to demonstrate the dangers to them. e.g. get their passwords (without them knowing) and change data on their profiles to prove your point. There's no better way.
A lot of people are pretty self-righteous and tend to remark snidely "Why do you need privacy if you've got nothing to hide?" What are you supposed to say to someone that seems pretty opposed to privacy... they don't even care about your privacy much less their own. Now that 'terrorism' is a buzzword, people are even demonizing those who even bring up privacy as a concern.
Twinstiq, game news
for most people all you will do is alienate them from you if you lecture them.
it's like warning a girl that her new boyfriend is an @sshole.
tell her once, but after that she just has to learn on her own.
most people just don't care until it bites them.
I've discovered that most people generally get really annoyed when you play the devil's advocate, poking holes in logically fallacious arguments. Also, people don't like being told what to do. In my opinion, a healthy sense of caution is good, and I've made more progress trying to inform people instead of telling them what they ought to do. If they don't want to take any action, well... It's their loss, in the end for the most part.
Of course, if they have access to something you'd rather keep private (such as documents, photos, conversations, etc.) then you're kind of at a loss there...
Food for thought: when we get all riled up about privacy, are we any better than the crazies who rail about pedophiles on the internet and make it seem like there are bogeymen around every corner?
Sometimes I wonder if I think too much.
i find that after a person is a victim of identity theft, they are far more likely to take privacy seriously.
As a true friend, the best thing you can do to encourage friends to take privacy seriously is steal their credit card info, buy yourself lots of nice things, steal some deeds and sell their house and cars. Sell their personal info to advertising companies, and send any material that documents your friends doing some suspicious or potentially illegal activity to the local authorities.
a few years later when they get out of jail and get their financial life back together, they won't take privacy for granted ever again.
Of course, there is no reason to let your friends know that it was you, who so lovingly taught them this valuable life lesson.
-I only code in BASIC.-
Email. Everyone uses it. Or some variation of it, such as SMS for the younger crowd.
Point out to your non-IT friends that sending an "email" is NOT like sending a "letter". It is like sending a "postcard". Any number of people you might not know can see the entire contents of your message along the way -- plus they can keep a copy of each and every one of those messages forever.
To take the analogy further, if they really want their "email" to be in an "envelope", use encryption!
@HbFyo0$k8 tH!$
I try to convince them that they should be pushing to have this data made open to everyone rather than allowing the data to be kept as a private resource for the use of a few. And I try to make them understand that the Trusted Computing threat, which is all about remote censorship, is a real danger to them that can't really be effectively fought while the illusion of privacy maintained by obscurity is allowed to continue to exist.
And to Captain Splendid and his friends, who will surely once more come along asking why I don't publish my home address and phone number here so he can come stare at me, it's because in the presence of rampant hypocracy that thrives untroubled by the transparency I hope to see one day, singling myself out makes me vulnerable in a way that systematic transparency would not. There is a difference between negotiating a unilateral disarming, which is how I view this effort, and throwing down your guns first and getting shot in the head, which is what you're suggesting I should do.
-1 Uncomfortable Truth
Don't be helpful, be available.
If your friends want your expertise they will come to you and ask. If you offer it unasked-for, they will probably never ask and will go to someone else.
Probably better to talk to them about your other mutual interests. That way you get to keep your friends...
I generally remind them that privacy is not just from the government, but is a matter of having some control over who knows what about your life. You may not be ashamed about your partying, for example, but that doesn't mean that you want employers or parents to know too much about it -- definitely not to find out about it without you having the excuse to explain that you're careful and responsible. Political beliefs are also important, whether to avoid arguments with family members who disagree, or to avoid reprisals from a boss whose political persuasions are opposite yours ("If he has enough money to donate to that campaign, clearly he doesn't need a raise!"), or even from a government whose views you oppose.
And there are lots of personal details we're not ashamed of that we nevertheless would like to not be public. Vacation plans ought to be private from stalkers, ex-girlfriends, that really annoying friend from college who lives one town over from the hotel, etc. My sex life is nothing to be ashamed of, but nobody but my partner has any right to know about it.
Ultimately, privacy is not about secrecy, it's about personal sovereignty: who gets to say what people have what information about my life?
My friends aren't stupid. They get it. They aren't in IT either. One runs a restaurant, another an attorney, another a welder in a machine shop. Some of them think it's a problem. Others think it's the price you pay for better more personalized services.
/. is filled with brilliant minds and everyone else is stupid. It happens on every other topic, why not this one?
But go ahead and talk about this subject like
You ask a good question...
No one really wants to be 'that guy' in the circle of friends. You know, the one that's always soapboxing about some sort of social injustice, evil corporations, or whatever. However, that's more or less what you need to do, because people MUST understand what is at stake when our rights to privacy are taken away.
Now, you can help your friends understand how their privacy is seriously at risk without being an asshole. It just takes time, and perseverance. I have alot of friends who have very uninformed political opinions. It's rude to just lecture them every time the subject comes up, but there's nothing wrong with speaking the truth to your friends in a palatable, positive way.
The more you mention issues of privacy, and the more well-informed YOU are about the issue, the more it will create top of mind awareness for them. In time, they will see your point. They will encounter a loss of privacy in their own lives, and because you were such a well informed friend, they will have the ability to make the mental connection. You really are doing them a favor.
Thank you Dave Raggett
and that the info that police might keep on them, however false it may be, can affect their lives one way or another...
How do you convince the average modern user that they should think about their privacy and the privacy of others when turning on their computer?
If they won't listen, they may need to learn the hard way, when they lose money or friends from being free with their personal information. I remember my first year in college, I knew a couple of my fellow freshmen who learned to lock their dorm room doors when their stuff was stolen. They learned the expensive way not to trust everyone.
Accentuate the positive, don't waste your mod points on the negative.
It's beautiful and very informative.
Show them the queries of 650000 users that AOL disclosed two years ago, and eventually brows their search history with them, highlighting what information you can deduce.
Tell that that lot of recruiters will google/facebook/myspace/spocke them!
Make them subscribe to the Bruce Schenier news letter
Again and again I try to, but I never succeed.
A cousin of mine has a blog about the life of his daughter, right from birth. It's open to everyone, because his parents would otherwise not be able to follow her grandchild's life. This blog contains sensitive data about the kid itself, but also about it's friends.
Another cousin of mine made his machine secure in his special way, no sensitive data can be stolen from it -- he declared everything non-sensitive, including his mail communication with others and his communication partners' valid email addresses. He set free one of my email addresses, either by sending it to others directly or by having it stolen from his machine.
Just two cases of my nearer family.
cb
If you want to convince people then you have to provide examples that they can relate to.
I suggest you gather up a number of different examples (as no single one will appeal to everyone). Once you have some you can provide your IT lite friends with relevant examples that they can relate to.
Wardish
Ward
. Silence! Be thankful thy species is unpalatable! .
That's easy. Gain access to your friend's credit card account over the phone, by using only information you found out about him from the internet (birthdate, address, mother's maiden name, etc.). That will scare anyone shitless.
You're a complete asshole who is missing the point, yet some idiot mod will see your low userID number and automatically mod you up.
We'd have that real anonynimity still, if people gave a damn about it and valued it instead of pissing it away for the sake of convenience. And no, this is not how humans have always lived. For most of human history, it used to be that knowing very much about somebody was a difficult and expensive undertaking, as you would have had to actually physically observe them and follow them around and investigate them. It was something you did not do without a reason. Electronic transactions plus modern databases mean that this has become far easier and therefore more widespread. A few companies have more market control and a few governments have more power, but the average individual has nothing good to show for this. That is the problem, and you are in denial.
-You're gonna love this. The secretary where I work? She had a birthday coming up, and we planned a surprise party--
-Her dog likes peanut butter, right?
-STOMP STOMP stomp stomp stomp...
rj
No, because in the case of privacy, people are constantly trying to pry into each other's business. Speaking personally, I have had it confirmed at least once that an email sent to me had been maliciously faked in order to manipulate me, and I have had some circumstantial evidence that someone was reading email conversations I had with someone else. I've been approached by people who know that I am a programmer, and want to know if I could "hack into" someone else' email account so that they could read through it. This stuff isn't about the boogeyman government, it is about ordinary people who actually do have no respect for the privacy of others.
Here's another angle to consider: sometimes, a message is easily misinterpreted when read by an uninformed party. When I was in Junior High School, I was once accused of plotting to blow up the school because of a note I had written to a friend, which had been misread by a teacher who found it after class. It isn't so uncommon. There are a dozen different situations like this, where some message is ambiguous and should only be read by someone who is fully informed on the context.
Palm trees and 8
Ask them if they'd be happy getting bills on postcards. Why do they like envelopes if they have nothing to hide?
Infuriate left and right
Absolutely. People don't really care if the government is reading their email, or if Google is indexing every word they say, or if Facebook keeps permanent logs on everything they click on. People do care about real life examples of how cryptography could have protected someone, whether a fake email or a message read out of context, especially when they can relate to the situation. It also helps if the system is quick and easy to use, like OTR (or PGP if your friends aren't too attached to webmail).
Palm trees and 8
In this case we are talking about 2-3 different things:
First, the problem of formerly private information that your friends have willingly made public, either because of convienience (information given to a website that they use for shopping) or on a social networking website.
Second, the private information that they are unwittingly making public, or leaving themselves at risk of making it public.
Third, that governments may be helping themselves to information thought to be private.
The first is a cultural difference, the third is out of your control, and the second is the really important one. You aren't going to win the debate on the first one. We've seen this debate before, on anonymity for BBS users, later on the rise of cookies. On one side were the forces of good, arguing that these changes were very real invasions of privacy and made your computer do things you didn't know it was doing and wouldn't want it to do if you did know. On the other side was convenience. It sucks to have to log in to slashdot every time I open a new browser window. It's kind of nice that Amazon can make recommendations to me. Cookies let that happen and the public debate, for what it was worth was won pretty handily. Now, that doesn't mean that companies started using cookies as an outgrowth of the democratic will of internet users. It just means that the level of outrage was muted over cookies enough for image conscious companies to get by with using them.
the same thing is going on w/ facebook/myspace/etc. The tables may turn on them (and will probably turn on facebook soonish), but for now we like the fact that others can see our name/face/job/school more than we dislike that these things are no longer private. Part of that outlook comes from the fact that we are limited in imagination. We see facebook one screen at a time. We can't look at people who aren't in our group (I think, haven't used it in a while). It takes a non-trivial amount of time to look through information. Consequently, we see that as the ONLY way to grab data from facebook. We don't connect (or at least the non-IT ppl) the fact that someone broke down anon/aggregate survey data from aol and netflix to get private information automatically. We don't think about scraping programs that read sites like myspace/facebook and correlate names and zipcodes with other sources of inoformation on the web.
The last part of this failure of imagination is that there is a cost to privacy. If I want my personal information to be private wholly from facebook, I can't be on facebook. Relatively speaking, that is a large cost. There is no 'maximum privacy' level for facebook where you can post pics of you and your friends and make comments and it won't be recorded somewhere. That product doesn't exist.
Ok. I won't touch on the third point because that is a flame war waiting to happen. Needless to say, it is out of your direct control.
The second point. My advice is be direct when the situation calls for it, but don't bother when it doesn't. If you are out at a baseball game, don't strike up a conversation like "Gee bob, I noticed that your password for your computer is 1 2 3 4 5 and that you sure do have an awful lot of sensitive info on there. Don't you think that you ought to change that?".
And then just tell them to get a mac. If they aren't security conscious enough to get a virus scanner while running windows then they really should be using an OS that does everything for them.
Attacking your friend's accounts is a good way to lose your friends. Most people don't take very kindly to that sort of practical demonstration without first giving their permission.
Palm trees and 8
You could mind your own business and stop trying to push your beliefs on them.
Also, security and privacy are different things. Privacy advocates seem to have some strange motivation beyond simple protection from data and identity theft or other actual harm.
These stupid guys seem to have thought privacy was important. What bunch of Neuritics. :-)
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
I've tried to point out problems to several people (the ones with Post-It notes with their passwords on screen corners or under keyboards). They don't want to take the time to learn enough and make a method for keeping things "straight". They just want things "to work, like the TV".
I've pointed out to one friend that letting people use your account on your Mac will eventually cause problems (half a dozen teenage grandkids = reinstall the OS after God knows what was done). She wasn't interested in setting up a Guest account.
I've pointed out to one friend that with 3 late grade school kids he needs parental control software on his Dell to keep the kids in line (at least a bit), but that fell on deaf ears. I pointed out his home PC was a part of a Botnet (3 gradeschool kids on the machine, so no wonder). I specifically noted that means virtually anything on that machine including passwords he types is known to the person who controls the BotNet including any financial or work docs (he's a lawyer). He said he would fix it, but 9 months later, it is obvious nothing changed, except... they found the kids surfing porn.
I mentioned that the "Near Zero" time for a busy person to fix "the problems" is a MacMini for around $600, and they can still run Windows XP if they want. No change observed.
I simply have no answer for dumb human habits used by smart people. They are good friends, so I don't say anything more.
Perhaps you should reserve this opening statement for something less preposterously moronic than "For most of human history, it used to be that knowing very much about somebody was a difficult and expensive undertaking, as you would have had to actually physically observe them and follow them around and investigate them."
Before the rise of large cities and mass transportation, it was an expensive luxury to live in a way where you *didn't* know the intimate details of your neighbors' lives. You didn't have to follow them around -- there was no place for them to go!
What I'm listening to now on Pandora...
and see if you can find something about them(hopefully without paying) that they haven't shared with you. Something like, "Oh, so your (mother/brother/sister) was born in xxxx" or "Your middle name is Tiffany"? Or you could just show them that site. Scariest site on the internet if you ask me(well, aside from vomit porn)
Monstar L
Start by explaining a real-world current personal problem. (I do not crack so showing his bank balance is not possible.)
A friend loves his wireless laptop. We encrypted router communication at both homes. Explaining why encryption is needed led to an explanation of the dangers of handling financial transactions while wandering NYC -- that any open router could record everything including passwords and perform man-in-the-middle attacks to bypass SSL. Anybody willing to capture his information could; expecting those people not to use the information maliciously seems silly.
Once those dangers were understood, my friend was eager to hear about more insidious problems such as government policies (telecommunication recording), other insecure devices (iPhone), and deliberately open websites (Facebook).
I spend my life entertaining my brain.
Your not superman you know! (Sorry watching spiderman),
Or if you prefer....
You don't have to run faster than the lion, only faster that the other herd members.
If you already mentioned it once...
They will probably think you are a "know it all" anyway, sometimes people need to learn things for themselves.
Perhaps I'm dense, but I don't get it...?
Today you are lucky to be able to lose yourself anywhere, be able to have a private conversation in any convenient location. Most of the time you will be caught on tape at least coming and going. This loss of privacy is accepted for obvious reasons.
So, when asked about privacy I wonder what they are talking about. Is it the people who put every detail of their lives on Facebook, then whine when those details are exploited? Is it those people who use the services of google, like gmail, with no worry that such mail may be used for profit? Or the people who send unencrypted email? Or the identity thieve issue, which is not so much a technology issue, as a going through people's garbage issue.
Basically privacy is a compromise. To get people hyper-concerned about privacy, they have to give up some luxuries they have become accustomed to. For people who will support torture to prevent a 1 in 10,000 million chance they might die in a terrorist attack, it seems like a deal that is unlikely to be closed.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
to claim that nosy neighbors in your locality (neighbors who only know what you tell them or do in front of them when you can clearly see that they can observe you) is the same thing as having a centralized, automated databases of millions of people is just plain absurd. don't allow your silly pride to cloud your judgment, mmkay?
...you when the trusted authorities provide mass appeal?
Information wants to be free! Whether it's your diary, pr0n collection (including home made pr0n), resume, or friends network, it will find a way to get into the wild. You cannot escape it. It is the future.
Les Miserables Volume 1 now up with my reading of
Most people don't understand non digital privacy, good luck with the digital side of the house.
---- Booth was a patriot ----
You can tell them, maybe even explain to them what the issues are, but ultimately you have to let them screw up (except with the drink/drive thing, just stay out of their car). Yes, it's sad when someone you care about suffers a loss, but in that case the worst thing to do is "I told you to .....".
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
Talk to a dentist. You'll hear a whole lot about how important it is to floss your teeth for 15 minutes a day. A fitness nut will tell you how you need to exercise an hour and a half a day. The house painter told me I should wash the house once every 3 months to preserve the paint. A mechanic friend told me to check my car's oil every week. etc etc.
Most people just don't have the time/energy to do everything they're told so they ignore most advise.
Engineering is the art of compromise.
Try this link.
If it doesn't convince them, it will at least make them think...
http://www.aclu.org/pizza/
Like ... advising them not to bite on phishing emails, instead of telling them to foil the NSA by sending encrypted emails none of their recipients will ever be able to read.
Except that it's only a very recent development that it's possible to correlate so much information on so many aspects of individuals.
No, you're making the same mistake as the "You're a complete asshole who is missing the point" guy, albeit much more courteously. Historically, your neighbors knew everything about you. It's only in the last couple of centuries that that's changed.
What I'm listening to now on Pandora...
The critical issues is forcing ethical behavior on government and companies. Even the most jaded big dumb company employee will admit that filtering the trivial details of their lives it's a waste of money. Most will also realize that such violations make it difficult for people to fight back against other violations. Domestic spying is already against the law. Anyone making use of public resources, such as ISPs using public spectrum or servitude, should be forced to obey the same privacy laws as government. It's not their network and it's not their data, it's yours and no one else has any business filtering and storing it.
Suppose the GM Ralph Nader investigation had found something nasty. US cars would not have airbags and a whole host of other public safety initiatives could have been crushed by ruining Nader before he got anywhere.
Companies today have much better ability to spy than they did forty years ago. Most people run non free software that gives it's owners the ability to read everything on your hard drive and their newest OS indexes and reports the contents. ISPs have been given the "right" to filter and read all of your email, though they have always had the ability. Government had demanded the ability to ask for any of that email and browsing on demand. You purchasing is indexed and sold to the highest bidder. Cell phones report your location and newer ones can record your conversations and filter them for key words while turned "off" and useless to the owner. There is very little the rich and the powerful can not find out about average people.
Yet all of that spy power is useless when it comes to real threats. Criminals can and to take countermeasures. All domestic spying is good for is harassing honest political and economic competition. That's nothing anyone wants to pay for.
Friends don't help friends install M$ junk.
Sometimes it's not even "for the sake of convenience" - many of us, especially prolific bloggers, enjoy sharing our ideas, identity, and intimate details of our lives as a form of self-expression. Not only are we not trying to obscure information, we're broadcasting things to the world that would cause previous generations to blush, and are eager to continue to push those boundaries. The type of strong privacy some people advocate is an alien concept to us.
Knowing where I am, who I'm with, what I'm doing, what I think about that, etc. is something that I don't mind the general public knowing most of the time. Being contactable for all that time via IM/phone/whatever is generally kosher too (although of course I'd rather not be contacted by marketers for any of this - would like advertisements and marketing banned).
I realise that not everyone is part of this new "open subculture", and that the deep privacy advocates certainly exist in fair numbers, but I'm not alone.
For every problem, there is at least one solution that is simple, neat, and wrong.
STOP READING MY THOUGHTS. Ugh. I'm having this same problem.
In summary, the Pennsylvania Department of Education now requires all student-teachers-to-be to get fingerprinted to have their federal criminal records checked. Previously, PDE required only state checks, but then it realized that a criminal could come in from out of state.
The problem with this fingerprinting process isn't the FBI, which expunges the fingerprints immediately after delivering the results of the check. The problem is with Cogent, the company that actually performs the fingerprinting and sends off the prints to be checked by the FBI. Afterwards, Cogent keeps the prints on file (on paper or electronically, I'm not sure) for at least one year.
I was in dialog with PDE regarding this, and I seem to have been dismissed as a crazy. I simply don't want my fingerprints anywhere where anyone but me can get to them, unless I have been convicted of a crime, which I have not, nor have I ever even been inside a police station or barely even talked to a cop.
I asked PDE what my recourse is, and it gave me a non-answer. I've deferred my question to my program chair, who will probably take it to the department chair. I hope to be either exempted from the fingerprinting requirement or have a special agreement constructed with Cogent saying that it will expunge my records immediately after submitting them to the FBI.
Colin Dean Go a year without DRM
My friends have been trying for years to convince me that basketball matters.
~~~
and just give people link to this slashdot article.
I consider myself to have a reasonable technical knowledge (e.g. I've just written a telnet client from scratch in c++) and I don't use a virus scanner when online banking or at any other time; they're a complete waste of space.
For now you can get by without a virus scanner if you're using OS X or another of the Unices but one is needed for online banking using Windows, even Vista with it's nagware notices. Many will turn off the "Need your permission to continue" prompts. And with today's hdds approaching terabyte sizes space isn't nearly as much of a concern as it used to be. I've got a 500 GB external hdd I can stick in one of my pants' or shorts' pockets. And I used to use a cassette tape for storage.
FalconShould there be a Law?
There was a brief window of history between urbanization and computerization when real anonymity existed; that's closed and we're returning to the way humans have always lived.
Not to quibble, but before censuses and technology humans were generally anonymous up until the 1870s (varying country by country). Sure you knew your neighbors, but it wasn't quite hard to move to another town and change your name or publish works anonymously without a good way to track you. Many great works were actually published anonymously over the centuries that were often critiques of the powers that be or society in times when their life or limb was threatened.
The internet has provided some persons a way to speak out since anonymity has been repressed by the powers that being during the 20th century in many totalitarian governments.
Secondly, it isn't far fetched that someone given what you buy at a grocery store could target you in someway or another. They wouldn't do it on an individual basis but imagine if a "pro-dolphin" group saw that you were buying tuna from a questionable company and then targeted you by exposing you name on a list on their website.
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
I agree. There's a whole generation growing up knowing everyhing about their peers. This is not bad at all.. and in many ways is much more healthy than the insular 'omg he knows where I shop!' mentality of the older generation.
This is entirely different to government/corporate interference/monitoring which *is* a debate that society needs to have. To try to conflate the issues is to make yourself out to seem to be a complete nutter.
After I did trucking, and racing, and a few other things, I ended up pre-tripping my daily driver at least once a week. That's called "check fluids, tires, mirrors, seals, etc".
As a result? My vehicle requires FAR less maintenance than it used to. Surprising? Why should it be. Its like the idiots who think guns work like in videogames. Pick up a dusty old rifle that's been hidden in a warehouse for half a century, and pull the trigger. Reminds me of that Lara Croft movie where she picks up the rifle and clicks the empty chamber. Was she stupid enough to think rifles would be shipped A) loaded, and B) chambered and C) that they would fire through a 70 year old, possibly obstructed barrel without exploding in their hands?
The status quo is stupidity and ignorance. I choose not to be part of that. If my friends choose to remain so, I simply negate our "friendship"... I will not be a friend to those whom would not be friends to me. That simple. That easy.
As for other things. Maintenance checks are not that difficult. Most people skip them and bitch when the BIG problem occurs despite having been visible with a mere routine check. Ignorance should be expensive, and stupidity, should, as it does, be ungodly expensive! Same goes for email, virus checks, etc. First, use a clean OS. Secondly, don't download everything marketed as free. Thirdly, don't communicate with people who do this. If they refuse, then you should refuse their messages.
Far too many people associate with losers who bring them down to their level. I've yet to hear of a loser uplifting a winner. Usually the loser wants the other guy to be a loser also... misery and company and all that.
Prime Example: Someone who practices unsafe sex with AIDS patients would be a POOR choice of marital partner to anyone, but try telling that to the stupid or ignorant lazy schmucks out there!
" What luck for rulers that men do not think" - Adolf Hitler
The difference is, you have decided to reveal those things and in most cases had to go out of your way to make them known. The information was yours and you were able to do with it as you pleased. The people who want privacy are only asking for the same ability, but that ability is growing scarce when the shoe is on the other foot.
A separate problem is that if your information is out there, there's not much that will stop the marketers from using it as well.
It is a miracle that curiosity survives formal education. - Einstein
The operative phrase here:"most of the time". We are not discussing selective privacy here. We are not talking about something you have voluntarily posted on your blog. We are talking about information you have explicitly not made public and may very well not want others to use against you. This is not information you chose to share. This is information someone else has chosen to collect/use/share without your knowledge or consent. Please bear this in mind when talking about your "open subculture" and the people who you believe are not in it!
Personally I think the onus is on YOU to prove your point, not the GP. What exactly are you afraid of? That the government will see you bought fertilizer and make you 'dissapear'? If you think that is a real danger, then you need to show why you think it is so.
Maybe less anonymity is a good thing? Did you ever think of that? Maybe the fact that people know what you have been doing will help you avoid being falsely accused. For example, when DNA testing came out, a number of people were released from jail because it was proved they were not the ones who had committed the murder.
Now, tell me, why are you so worried about your privacy? Don't give me some answer about having cameras in your house, because nobody is trying to put cameras in your house. Some privacy violations are obviously a problem, whereas nobody seems to care about others. The fact is some of them -really- -don't- -matter.- Why do you care?
(Incidentally, if you do happen to care, there is no reason to give up your anonymity. Don't use credit cards, don't use the "Safeway Select" card, use anonymous proxies on the internet and turn off cookies. It's a little less convenient, but hey, every decision is a trade off).
Qxe4
I believe the original poster was asking how to convince his associates to become very private people. I'm suggesting that there are many of us who are pleased not to be private people in the way he's envisioning.
It's interesting, btw, when you have circles of friends who include some private folk and some exhibitionist folk - I've occasionally run into issues with my blog wrt mentioning the private folk, as for me events I attend and everyone there are part of my life and possibly worth mentioning, while for them it's not fun to be named as being somewhere. The privacy folk tend to be proprietary with the information and regard it as property (as your "yours" language suggests), while for many of the rest of us, information cannot be owned and independent of our easing its flow we don't believe rights can be asserted regarding other people's use of it.
Being a unix geek who doesn't watch TV, I do have some of the best technology out there to keep advertisements and spam out (from firefox extensions to sophisticated mail filters), and cellphone laws protect me from a lot of the marketing by that venue. I feel bad for those who don't have such measures though...
For every problem, there is at least one solution that is simple, neat, and wrong.
Beyond the normal protections of corporate and true trade secrets, personal privacy in the US is gone as you once knew it.
Since 2001, pre 9/11, all data from the main fibers of AT&T and other companies have been 'split' (advantage of fiber that you can easily do this), so that a copy of all communications whether data or voice communications in the US has been saved by the NSA and FBI.
So when people wonder why some politicians roll over to the leaders like Bush and Cheney, remember that they have more dirt on EVERYONE than anyone in history could have anticipated. Hoover would be envious, and not because they are wearing a better dress...
Privacy boils down to 'what' is truly important to protect and what isn't. I see friends locking up their PCs like they have the secrets to the H bomb on it, and when I ask, they are like, oh just some letters, resumes, photos, etc and will give friends unfettered access to their desktops because nothing is 'that' important.
Most people's information is NOT worth hackers time to steal nor hitting their computers is worth it. Getting access to a computer to use it for Spam and other things is more important than 'WHAT' is on the computer.
Tinfoils hats may be necessary...
I'm quite often laughed at by various friends because I encrypt all my hard disks, I do not log in cybercafes or open networks. I do not use a BlackBerry, nor Facebook. I usually pay by cash and rarely by credit card, etc
I just get used to it and stop trying to teach them even the basics (e.g. do not post your work email on a public forum for instance). I just try to insist a bit with good friends.
However, the problem is that there has been a general trend educating people to relinquish their privacy. Many governments (most notably the US) have rather clearly stated that "state security" was more important than individual privacy and many people agreed. Many media, and most notably the online ones have also distilled that fact that privacy was unimportant. I was amazed to see that the "youngest" generation does not communicate by email, not by IM, but by blogging. I have seen kids that would write a blog entry when they want to send one message to one person...
Also, oddly enough, giving examples does not work. Even real examples with real people whose life have been screwed badly. The first reaction of people is that it cannot happen to them.
It really seems people only get a grasp of what privacy is when they have lost it.
Anyway, there are of some interesting tidbits on privacy at
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=998565
Ouch. Are you so sure you are the one doing all that "negating"? Misery may love company and all, but denial ain't just a river in Egypt, either.
Let them get ass-raped by their own insecure behavior a time or two.
Amongst religious personages, there is NOBODY so zealous as a recent convert.
The same thing applies to information security and insecure end-users.
Chas - The one, the only.
THANK GOD!!!
Sorry, but both halves of this are wrong. One, you have no idea what life in a village is like, and two, when everyone you know knows everything about you that you don't go to elaborate lengths to conceal, it's irrelevant that there aren't millions of other people for them to know about as well.
(It's relevant for other discussions we could have; it's certainly not relevant to the original AC's view of the world.)
What I'm listening to now on Pandora...
It's been said that soon people will stop looking for their 15 minutes of fame... instead they'll be looking for their 15 minutes of privacy. I.e. in the future it will be a much bigger issue than it is now. But at the present time I'm glad the future is still as wide-open as it is, and I say let's cross that bridge when we come to it; there are so many far more interesting problems to work on, and the outcome of the privacy thing is predictable anyway (people are people... you already know who is going to do what.)
I agree, when you post data on Facebook it's a public disclosure. That's to be expected; there's no point in being paranoid about it... just don't post information you don't want the world to see. Same thing with YouTube or Slashdot postings. I can still google and find stupid postings I made to usenet, myself, like 15 years ago. But it's only slightly embarrassing, hardly a tragedy.
Bank security is another matter, but what can you do about it? Just pick a bank that takes it seriously, or if you are a billionaire maybe you can go start your own bank. At the very least, I wonder if there is some web site that ranks them on this basis so you can find the best one. Maybe start a site like that, if not?
All in all though we're just going to have to adapt. Usability is just as important, and security wonks often seem to screw it up; that's what pisses me off. My bank's web site is a good example of that. I wish they were using smart cards instead of labyrinthine login procedures. And I'm not convinced that what they did is actually so much more secure anyway.
Your comment conjured up a little mind movie: 2 techie guys driving around the neighborhood on a Sunday afternoon, wearing their dark slacks, white shirts and ties. They ring the doorbell. "Hi - would you happen to have a few minutes to talk about the importance of information security and privacy?"
Dark Reflection
You're both missing an important factor-- in the small town world where all your neighbours know your details, they also know they will have to face you every day for the rest of their lives. So injuries they do to you will ultimately harm their own interests. The new factor that exists now is that the people who have *even more* detailed information about you than your small-town neighbour don't have to give a damn what happens to you. Injury to you is profitable to them and there are no negative consequences for them.
Don't even waste your time. Most non-technical people don't care to hear what you have to say. The only thing most people can understand are real-world activities... i.e. show them the money. Dig out your copy of cain-&-abel, wireshark and/or metasploit and show them _how_ its done. Persuade one of them to let you use them/their account(s) as an example. I will guarantee they shit their pants. And if they don't, well, take their money!
them. Leave a pile of printouts of all the shit they put online.
Point will be made.
I'm often floored at how much information people post on Facebook, Myspace, etc. I'm one of those weirdos that uses a screen name for everything and only a few people in the world know who I really am from my screen name.
I use decent passwords, and keep info that could be used to harm me to a minimum. I don't put a message up on Facebook saying how excited I am to have just bought a $750,000 new house and $37,500 new car or and here is my address and the key is under the doormat.
This was my boss's and her children's attitude prior to my employment. I'm the IT guy so of course I ended up fixing their PC when it got riddled with spyware/virii/worms/etc. When they asked me what those programs did I put the fear of God into them. I had them so scared they were on the phone changing bank passwords, switching from using "1132" as a password to something 16 digits long, deleting more private info off of places like Facebook etc.
Yes I stretched the truth about the dangers of the apps they had managed to be infected with but they are a hell of a lot better now. They shred mail and those fracking "you've been pre-approved!" credit offers.
They didn't get burned but I made them think like they narrowly dodged a bullet and they are better for it.
You took the words out of my mouth. "tux" in the nick is a clue.
And you know what? I just want to use my computer and have fun with all this cool stuff. I've been doing it for over 30 years and so far so good. I'm tired of the self righteous like the FUD masters at Boing Boing that are out to "save" me and "save" the public. If you really want to fix what you see is a problem, then fix it. Fix it with your creativity not with a pulpit.
Take mailing a letter for example. Our name and address are right there on the envelope along with name of address of the person or organization we have affairs with. OMG!
Radio Shack asks for your postal code when you buy batteries. OMG!
People enter drawings and sweepstakes at the mall to win a prize, giving name, phone number and address. OMG!
Yea, it's a good thing government can track everything you do. NOT!!! Because of anonymity many people were willing to fight again the Red Coats during the American Revolution. Fact is is anonymity is important because if a person can't reasonably expect to remain anonymous they will be less willing to use political speech or fight for what they believe in. Most of those who wrote in support of the revolution did so anonymously. One of the few who signed his work was Thomas Paine, who wrote "This are the times that try men's souls" while he was serving under George Washington.
FalconShould there be a Law?
A common response is "I have nothing to hide". This is the answer I hate the most. I want my data secure from those who would take it - that mean large corporations that want to target me, and big brother who wants to make sure I am safe (see WTC7, MIT's forensic evidence of thermate for more information on that subject). The only way to keep me safe from these intruders is to have large numbers of users who remain secure. If the intruders can get at 60% of users then they can run stats. to determine types of people. One tiny mess up later and you are in the system with a predetermined personality id on your forehead.
Security in this since is the community's responsibility.
His entire point was that people don't particularly value privacy and anonymity.
Pointing out that we would probably have them if people did value them is nicely tautological, but it isn't really a counterargument.
Nerd rage is the funniest rage.
I assume you also get an hour of exercise per day, eat no more than X grams of saturated fats every day, don't eat any trans fat or HFCS, eat a good 25g of fiber every day, floss your teeth twice a day and go to the dentist every few months, rotate your mattress on time, etc etc etc? If not, maybe you should stop to admire how pretty your glass house is before you pick up that rock...
Warning: Apple/Nintendo fangirl. Likes her electronics cute & cuddly. May be rabid.
If they don't get it after you explain that, walk away, as you are never going to convince them.
I think you may misunderstand a few things. I am a fanatical "private folk type", so I will attempt to speak as one to you.
What you are saying about information not being owned is not entirely accurate. Some information can clearly be "owned". If you have your ear up to a doorway and are eavesdropping on 2 people having a "private" conversation, was that information ever intended for you? Are you correct in disseminating the information to others? Clearly not.
So privacy is important. So is anonymity. They both have important places in our society. For those that choose to be free with information regarding them personally and their actions with others, that is a personal decision. It is neither right, nor wrong. We all are desirous at some point of sharing information with other people, as that is a human quality. What I would find wrong, is one person making that decision for another, or even making a judgment about it.
As for your example about circles of friends and events, I would actually propose that those people are being unreasonable. The fact is that the vast majority of information out there is "owned" in a partnership if you will. If I am at a party with a dozen other guests, I cannot reasonably expect all of them to make my presence, or any of my actions, private from all outside parties. If there was a picture taken of me, I agreed to be in that photograph. So even though I am a privacy "freak" if you will, I do recognize that my actions with others, and especially in public, cannot always be private, and that I certainly do not "own" 100% of it. That would be presumptive and arrogant.
Your examples about advertisements fall under a different area of "privacy". There is a difference between wanting your own thoughts, feelings, actions, property, etc. private and wishing for peaceful enjoyment of your own personal space. So it is not so much "privacy" as it is "give me my space". Kind of like being at the beach in public, but not wanting to be bothered by a traveling salesman wanting to sell you a vacuum.
Now when it comes to advertisements that are targeting you based on personal information and information collected from other companies, even I would say you have little recourse. When you engage in a business transaction with another company, I feel that they have just as much right to the "information" present in this mutual transaction as you do. There are reasonable expectations of what is done with that, and even contracts that outline the specific terms of its use. So I would say it is Caveat Emptor. You need to know the business that you are dealing with, just as you should know the individuals that you are dealing with.
I am not sure the original poster was intending to force his, or my, level of privacy on everyone. I think what he was asking was how best to explain the possible benefits of privacy, and the consequences of not having it.
I personally, will turn off my music when rolling down my windows on my car. That is how private of a person I am. I can go into detail, about just how private, but at its extreme I obfuscate information present in government databases with outright lies. That is a personal decision, and I do not believe everyone needs to be like me.
What I am concerned about with Privacy, and Anonymity, which the two are often confused, is that there may not be a choice. I think the pendulum has swung the other way, and that people are not getting the privacy they expect, or even understand. So although you may want to live out in the open free, with no boundaries on the information ever present, ever flowing around you, that is a choice you have made. I would hope you not think me oppressive or wrong, that I desire the exact opposite for myself.
So I think the real goal of the poster was to attempt to explain to people that they are not receiving the privacy that they are choosing.
one argument regarding privacy and digital rights i hear quite often is: "i don't worry about , some smart nerd will worry about (and 'fix' it)". that usually means someone discovers something really clever (tor, decss, the blue-ray master-key). but what i see happening is that nowadays
a) it get's much harder to 'fix' sth.
b) it is often illegal to 'fix' sth.
c) non it-people are not even aware aware that there is problem because they still get free porn^H^H^H^Hmovies^H^H^H^H^H^H lunch.
the whole thing is starting to get me really pissed - cause life could be so easy if everyone just stopped acting so stupid:
1. we don't need governmental data retention (executed by the telcos)
2. we don't need total surveilance
3. we don't need software patents
4. we don't need drm
5. we don't need that much advertising
i'm not saying that the internet should be free of rules, nor that digital goods (methods and content) should be free of charge. all i'm saying is that people need to get aware of these problems, that we need a public dispute on this and that 'fixing' things might actually delay it.
as a starter:
*) what would be the very minimum of data that telcos need to save to allow _sane_ criminal proceedings
**) how can artists, inventors, creators be compensated? $1.99 is not what i'm going to pay for one episode of a tv series!
***) what do advertisers and networks think? do they honestly expect me to watch 20 minutes of advertising for a 40 minuts show?
oh, someone is knocking on my door, gotta go!
The joke basically goes something like this.
The employees hide in the womans basement for the "surprise." When she gets home she starts calling for her dog, which the employees carefully took downstairs with them so it wouldn't make any noise. Then the secretary, calling for the dog, walks into the basement naked except for the peanut butter strategically spread on her honeypot.
I'm not not licking toads.
Don't tell people what to do, teach them to understand that they have the means to determine what information is made public, and what is held back. Sure there are people who have managed to disappear on the web, or even in real life, but any sensible person is looking for a balance between privacy and convenience.
Teach them how to decide what they want to tell Facebook, or Amazon.com, or their bank, and how to obfuscate when needed - for instance not giving a real e-mail address every time they download Adobe Reader, not handing over more than one phone number, maintaining a pseudonym for those on-line activites could come back to haunt them.
Just telling people to be afraid, and that they're idiots, does no good. Give them choices instead.
Three Squirrels
Google around for the Slashdot story on the FBI using the purchase of falafel as an indicator of terrorist intent. There was a serious proposal put forth by law enforcement to datamine for people who bought falafel (and presumably no pork and no alcohol :) at the Wrong Sorts Of Grocery Stores, and to feed that list into some other datamining operation, presumably because people with those dietary choices are more likely to be terrorists than us beer-and-bratwurst types.
Ask the descendants of Japanese WW2 internees. Both Japanese immigrants and American citizens, whose only crime was being "of Japanese descent" were rounded up, sent to camps in the middle of nowhere, and their homes and fishing boats were sold at sub-foreclosure prices. The data used to figure out whom to round up came from the Census.
The only thing that separates those two programmes is the whim of a Congressman and the stroke of a pen.
Those who do not remember the past are condemned to repeat it.
Speaking of which, there are still a few old fogies from Europe who never had trouble remembering the past, because they had funny numeric tattoos that remind them of it. Most of them lived like you did -- freely practising their religion (and buying wine, but not pork), proudly sleeping around with whoever they liked, being active in some of the new political movements of their day, and it's not Godwinning the thread when you're pointing out that the "open culture" of which you speak made it a lot easier, once the Weimar Republic fell, for its replacement government to figure out who should get a yellow star, a pink triangle, or a red triangle to wear.
> How exactly would a router bypass SSL?
You do a MitM attack and hope that they ignore the certificate warning because they don't know what the hell it means and it won't let them get to their bank unless they click okay.
Seriously, we have something that does this very attack on SSL at work for some reason. It only happens when not logged in, so it may just be trying to give me the proxy login page. I'm not too sure. I've never accepted the bogus certificate to find out.
I actually don't misunderstand you, as I've had conversations with private folk before - I do use terms based on my own conceptions, of course, but I've spoken with people who share your perspective in the past. I'm glad to see you laying out the perspective in a clear manner here though - it's well-phrased. I suspect that your perspective does differ from the original poster's.
I am, as you note, on the "other side", and I personally hope to see privacy rights beyond that which flows naturally from a limited form of "this is my space" (not privacy as such but fills some of the same ends) abolished, but it's always nice to see various perspectives conveyed clearly.
For every problem, there is at least one solution that is simple, neat, and wrong.
After spending around 8 years trying to convince friends and family that privacy is important, I gave up about 3 years ago trying. In that time, I've graduated high school, picked up a CS degree, and work now as a developer.
Nobody cares. As I said about 1.5 years ago on a related topic, the realization that privacy is important requires strong knowledge of multiple fields of study. But most people are lucky to have strong knowledge of more than 1 or 2. People are largely too stupid to understand the subject of privacy, especially where it intersects with the world of computing.
Is Capitalism Good for the Poor?
is either already knowledgeable enough to take care of themselves, or completely ignorant. There seems to be little middle ground, because those that consider their personal information valuable take steps to protect it, learn what they need to learn in order to accomplish that. They ask questions like, "I understand I need a firewall, can you recommend a good one?" or "I'm looking to get a wireless setup at home ... how do I configure it so it's more secure?" I can deal with people like that. They're willing to learn.
... but I always come back to find the firewall turned off because "Facebook stopped working and I thought it might be the firewall" or "this game I got off the Internet kept throwing up little windows saying 'this program is trying to access the Internet' and I got tired of clicking Allow." Gagh. That's not even counting the utter inability of these people to take even the slightest precautions when it comes to email. It's not like they haven't been told, in no uncertain terms, what they need to do to keep their data safe. They just refuse to do it ... and when something bad happens to them I just shrug. An "I told you so" just isn't worth the effort.
Then there are the clueless ones, those who agree that privacy and security are important, but simply refuse to see their friendly personal computer as a potential threat in that regard. Just can't see it. Sure, I've set up security for people, done my best to keep them from screwing up too much, tried to educate them a little
It's very frustrating: you just want to smack them with a cluebat, you really do. I guess I'll just have to get used to willful ignorance. Might as well wish that SUV drivers would stop being four-wheeled sociopathic assholes. I don't see either situation improving any time soon.
The higher the technology, the sharper that two-edged sword.
Does privacy matter? The poster presumes it does, but somehow is unable to think of any reasons. If privacy REALLY mattered to him, he could think of reasons why it mattered and then tell them.
What I think is that the poster is one of those people who latch onto an idea without ever fully realising why. Instead of just flapping out that privacy is important and then wondering why nobody seems to "get it" is useless. First ask yourselve why YOUR privacy is so damned important, then you will have the answer you can tell to others.
But don't just take a position and then look for arguments to convince others. That works for a debating club where you are given a topic, not for persuading people to do something you care about.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Maybe a more interesting question is how to show folk in general that privacy is impossible, in the long run. If you give information out, it's out. Conduct your life accordingly.
Property law should use #'EQ, not #'EQUAL.
Friends don't help friends install M$ junk.
Which is too bad. It doesn't really matter if you save the world - if you fart afterwards that's what people will remember forever.
Look around. We are nowhere near Germany in 1930s Germany, which politically was still living half in the dark ages. When was the last time a president of the US had one of his political opponents killed? You think the McCarthy era was bad? Well, if it were the middle of the 19th century in France, those people wouldn't have been brought before congress to testify, they would have been stabbed in the middle of the night. We are a far cry from that style of politics.
The fact is, the government is going to know something about us, the only question is how much. They need information to collect taxes, for example. Most people have no problem with the amount of information the government collects on us. People don't want video cameras in every house, so if that starts happening people will listen to you about 'privacy violations'. But that's not happening. You seem to think it is a problem if the collect ANY information about us, and when you give that kind of impression, you shouldn't be surprised when people lose interest in what you have to say. The US isn't going back to a dictator/nazi/totalitarian style government any time soon.
Qxe4
The point is, not everyone wants to be so open as you have chosen to be and they should not be forced to do so. That is all. To disagree with me on this subject means that either a) you think that everyone does want to be as open are you are, or b) you think that people who don't want to be so open should be forced to do so anyway. The point is, what you want for your own life and whether or not you can understand why somebody wants something different is completely irrelevant, and the attitude of "what's good enough for me should be good enough for everybody" hints at a certain arrogance, especially when you think this is about whether or not information can be owned. It's not necessary for information to be owned to respect when people want to be left alone and to recognize their right to make that choice.
Personally, I have yet to ever receive a single benefit of any kind from a stranger who knew (or thought they knew) anything about me that I did not personally disclose to them. If you feel that this has benefitted you, then goody for you; I for one feel fulfilled in my life without the recognition and admiration of a bunch of complete strangers, most of whom I will never meet, and I really question the motives of someone who thinks they need that kind of attention. Personally, I think there's something unhealthy about it, and most people I have met who needed the admiration of strangers were terrified of real, personal intimacy due to various insecurities (most were children of divorce). If you don't have this need for attention from strangers, then you gain nothing from having everyone know your business and now it will either accomplish nothing or will make it much easier for someone with ill intent to cause damage. I consider it unwise for me to do something that has no chance of benefitting me and does have a chance of harming me. Simple.
"Proprietary" is a mischaracterization really, as I never claimed information could be owned in the same sense that you can own a car. That some of your friends feel that way is great; don't lump me with them because our beliefs sound superficially similar. This isn't isolated information for the sake of truth; it's about my life (which most certainly is mine) and whether random people have a legitimate claim to it. That the claim in question is informational in nature is irrelevant to this idea; on the same basis and for the same reasons, I would oppose anyone who thought they could help themselves to my time or my labor against my will (that's the key here) as well.
What I am saying is really a simple thing. If I want you to know something about me, I will tell you. If you don't like that I haven't told you something about me and you take it upon yourself to pry into my business against my will (again that's the key here), then I'm going to treat you like any other intruder and within the limits of the law, I am going to find a way to stop you. Consider it from the opposite viewpoint: if someone wants you to leave them alone and stay out of their affairs, as evidenced by the fact that either t
It is a miracle that curiosity survives formal education. - Einstein
When they lose their dream job because their MySpace/Facebook/YouTube drunken frat party photos surface during their job interview, they may feel differently about privacy. Especially if they are absolutely certain that they limited those photos to only their closest circle of friends, and deleted the account entirely before applying for that job at Google.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
I would interpret that to mean that you need to choose your advice carefully. The best thing my dental hygienist ever said to me was, 'Floss while you're watching TV.' It was a perfectly simple and eminently practical piece of advice, and made me a flosser for the first time in my life.
<obShamelessSelfPromotion>I've been writing a series of columns about the issue of online privacy in a local weekly newspaper. Living as I do in a developing nation, I need to put things as simply as possible. Here are the last three:
Crumb's Corollary: Never bring a knife to a bun fight.
Thanks for the link. I like the layout of the front page. Being in the Twin Cities, are you a member of IFP Minneasota?
FalconShould there be a Law?
Oh, btw I've also been using the same passwords for 16 years.
Engineering is the art of compromise.
You've probably never had a stalker.
I could give a rats ass less about the grocery being able to associate my name with the fact that I like Heinz ketchup, or that I don't buy many pre-made heat and eat foods. Let them send coupons in the mail, or printed on my register receipts, that's all fine and well.
The government, well, I once held a security clearance, so that's a moot point. As long as they don't stick a GPS tracker on my truck and fill my mail box with speeding tickets, there's not much to hide.
Just don't let that homo-nutjob who stalked me for months know how to get ahold of me, or have an easier way to follow me around.
While I agree in general, there's more to be considered than just "we're IT, so we care more." Privacy doesn't exist solely in the IT world; for most people, the majority of the privacy that they get isn't from their IT policies, it's from their home's walls, the blinds on their windows and the door on the bathroom. Likewise, most identity theft comes from dumpster diving and other traditional means, with online identity theft actually going down. If you use that as a metric of privacy (the important data not getting into the wrong hands), then that would indicate that IT privacy is actually getting better than other areas.
What this actually means is that people are more used to dealing with privacy than other areas. Everyone in the world cares about privacy to one extent or another, and it's practically (if not literally) an instinct since we're taught it from birth, which puts advocates of online privacy in a better position than a fitness nut or a dentist. We can draw real, direct analogies between facebook's policies and brick and mortar company's policies. If my credit card offers me double rewards at a coffee house, should that coffee house get my address, full name, mother's maiden name and social security number just for having that relationship with my card company? Should the guy who sets up a chess game in a cafe get all the personal information of the people they play against?
Privacy isn't new, and it's problems aren't unique to IT. All we need to do is put the issues in plain terms and let people make their own decisions.
[Citation needed]^
All rights are granted to us, by ourselves. Scathing diatribes of the current US administration, and the state of the US country as a whole aside, the stated fact is that government is by the people and for the people. So via a social contract, our government exists to enforce the will of the people.
So I must ask you, and I am very interested in your answer to, the following:
1) What are the privacy rights we currently have? State of Federal does not matter, in general will suffice.
2) What rights need to be outright abolished? Modified? Created?
3) What are your justifications for these actions? Their benefit to society viewed through the eyes of personal liberty, national security, etc.
Can you please explain what you mean by that?
I ask all these questions, since you would seem to propose a society that conducts all of its transactions out in the open, with neither privacy nor anonymity. Is this a Utopian ideal? I must also say that I am not judging you for this, only that I am very curious to hear your thoughts on how such a society is constructed and run.
I'm thinking primarily of the strong privacy rights in France and Germany, actually. The right to be excluded from databases, prohibitions of many kinds of data collection, and (both in Europe and the US) restrictions on personally identifiable data... I believe the benefits to stem from greater autonomy as well as various unseen benefits coming from a less constrained flow /availability of information (although I am uninterested in benefits to the public sector).
I have largely similar views to you, FWIW, on the role of government - to enact/enforce the will of the people (although I think an idealised will of the people - a notion of the "public good", is perhaps better than the actual will).
With regards to the "my space" thing - I feel that existing property protections (e.g. the right to bar photographers from one's home, limited ability to set policy on one's property, etc) and possibly contract law (although I'd like to see contract law be accepted by the public as being more alterable when the public good is at stake, perhaps a bit further yet than Professor Llewellyn in the American Legal system) are adequate to the task of providing the minimal conception of privacy that I'd like - if someone snuck into my place and setup webcams to watch me do things, we might consider that treyf, but not because of privacy but rather the unauthorised entry and violation of policy.
In general, yes, I think society should be conducted largely in the open (especially businesses), so people can readily compare the public good to what actually happens, so less misunderstanding would (ideally) happen, and to generally provide more material for people to consider the whole of society.
For every problem, there is at least one solution that is simple, neat, and wrong.
Daniel Solove, an associate professor of law at George Washington University Law School, has a good paper on this subject titled, "I've Got Nothing To Hide" and other Misunderstandings of Privacy (http://www.scribd.com/doc/187371/-Ive-Got-Nothing-To-Hide-and-other-Misunderstandings-of-Privacy).
One way or another, there will be a legal regime and societal expectations pointing one way or the other, and people will be living in a system that doesn't suit their tastes. If we take the protect-privacy route, antiprivacy folk are forced to alter their behaviour to accept a notion foreign to them, and if the take the antiprivacy route, private people routinely feel violated. If going one way or the other is arrogant, there is no way to avoid being cast as arrogant. I don't have anything against privacy to the extent that it makes no demands on me to respect it - if someone doesn't want to tell me something, I won't make them talk, but if they ask me to close my eyes, or if they want legal protections beyond those that flow smoothly from those protecting land and physical property, we're back to that same struggle of concepts that defines politics. They may have a consistent view, but so do I, and just as openness might not be their thing, accepting privacy (beyond those inherent in limited property rights) isn't mine. We could talk of respect, but if I respect that they want privacy and they respect that I don't want obligations to protect their notions, where does that leave us?
For every problem, there is at least one solution that is simple, neat, and wrong.
So wait, you are saying America is right on the edge of falling into a horrible dictatorship like Nazi Germany?
A car engine can break in many ways. It can throw a rod on the highway, or get an oilpan puncture on a back road. It can fail to start one day, or it can simply wear out.
If someone warns you that your engine is failing, is it prudent to push aside their concerns with "So, wait, my engine's going the throw a rod? I don't drive on the highway."?
There are many ways for a country to lose it's freedom. The 'slow boiling frog' method seesm to have you fooled. Since the water temperature hasn't risen suddenly, it'll never rise, huh??
All civilizations go from Aristocracy to a series of bad governments, including military rule, oligarchy, and democracy, which finally leads to tyranny.
Point out to them that they can't trust governments.
Then point out how much of their data is out there, and who knows who controls it.
Spread fear and disbelief.
Post goatses to all their forums.
Anti-Globalism
I think you can remove the "Non-IT"-part from your question.
I have a lot of friends that work in the IT, most have years of experience, but when i talk to them about privacy they always reply with "I have nothing to hide.".
They don't worry about things like identity theft and other important risks.
A couple of months ago i started a shell account provider, I also offer a web-based terminal at http://jaguar.garofil.be/terminal/ . You can see that there is a BIG warning next to the terminal that warns users that the traffic is not encrypted because it goes over http instead of https and that terminal should only be used when they have no other way to access the system. But when i look at my logs I see that are always at least 3 users logged in with the web-based terminal...
- Print off his myspace page
- Show him it
- Ask if he'd have any objections putting it on the town notice board or pasting copies up all over town.
(1st post btw, Hello"Shut up friends. My internet browser heard us saying the word Fry and it found a movie about Philip J. Fry for us. It also opened my calendar to Friday and ordered me some french fries."
I just tell them I don't want Google/MySpace/Facebook/etc making money off my data.
Ask them if they use envelopes when they mail out bills or other correspondence. "Of course I do!" will usually be the response. Then ask them if they'd mind if you listened in while they talked on the phone or in person to their doctor or lawyer or spouse or significant other. "That's none of your business!" will again be the usual response. "But why? If you're not concerned about privacy, why should you care about other people seeing what bills you pay, what you write or say to your lawyer or doctor or spouse or lover?"
-- Ed Carp, N7EKG erc@pobox.com PGP KeyID: 0x0BD32C9B What I'm up to: http://intuitives.mine.nu
Regarding your post, I'll give a simple analogy that should demonstrate why what you just said is a non-issue. If you want to give away all of your money, you're free to do so. I might have an opinion about that, but I will do nothing to stop you, nor will I advocate that anyone else should try to stop you. However, this does not mean that you are obligated to give away all of your money, nor does it mean that my refusal to give away my money is doing anything at all to interfere with your ability to do so.
Likewise, feel free to publish the details of your life if you want to. I have my opinions about that, but I will not try to stop you (that would be silly), nor will I advocate that anyone else should try to stop you (that would also be silly). However, this does not obligate me to do the same thing. If you are truly secure in your beliefs about how you should live your life, then you are happy with what you do. If what you want isn't good enough for you unless the other guy does the same, then you're another insecure bastard who wants to force his will on everyone else and that's the part I have a problem with. Note, there's nothing wrong with trying to persuade people to see things your way, but there is something very wrong with any failure to recognize that they have the right to choose how they want to live their lives just like you do.
Why would an antiprivacy person such as yourself feel forced to do anything? If you want to publish your entire life on the Internet (about most public place imaginable), no one is stopping you. I do not understand your objection here. Are you complaining that you have to go through a little effort to publish this information? Are you upset that there is not an automated system that publishes everything for you? I would call that a minor inconvenience (at worst) compared to how it feels to desire privacy and then have someone violate that right. That is why the reasonable default is "lots of privacy" and then someone can be more open than that if they please. It's just a fact that it's far easier to waive a right that you have than it is to reclaim a right that you have lost. Therefore, the two positions are not on equal ground. There is a superior choice, a reasonable default.
For the same reasons, I greatly prefer "opt in" advertising to "opt out" advertising. The people who opt in want what they are receiving; the people
It is a miracle that curiosity survives formal education. - Einstein
*** Privacy is there for the imperfections of others ***
Idiots who think there are no (racists, homophobes, jealous girlfriends, criminals, dodgy companies) out there don't care about privacy.
People who think they are perfectly going with the flow think they have `nothing to hide`.
But these people are ignorant to the world.
Until you've been on the end something resulting from a privacy invasion you don't really feel it with all your soul.
For me Facebook has been the great teacher in this.
So the best advice I can give is:
tell them to add people from:
work, social life, gay lovers, all previous girlfriends, your mother, weird old school friends
all into one facebook account and see what happens.
A blog I run for the wealth
This is why there is a significant movement amongst security professionals to take the effort out of the process.
Companies like TrustMe (http://www.trustmesecurity.com/) are distributing free software that runs in the background to encrypt and decrypt information without any effort on your friend/parent/grandparent/co-workers/children's part.
The way of the future will be to appeal and supersede user indifference. Auto updaters, AV scans on boot etc. are just first steps.
Rather than convincing people that "privacy matters", explain specific situations that they should be aware of.
There are varying degrees of harm that may occur and varying degrees of risk, depending on how important private information is. Your best bet would be to target the most dangerous habits first, their twittering isn't likely to actually matter compared to getting phished.
Talk about something they know - deer hunting
"Imagine you knew everything about a deer. Which particular tree it liked to nibble leaves from, where it slept, exactly where it drinks from the river. Exactly where it was any time of day. And so on... How hard would it be for you to go find and kill it? It would take you 10 minutes."
Now imagine someone is hunting you. Not for meat, but for your money. If they know exactly what you wear, exactly where you go, your every move... You are an easy target. It will take them 10 minutes... Yes, you are a smart guy, but none of us can defend ourselves against someone who knows everything about us."
Or, "Imagine if there was some part of our government that was acting like Stalinist Russia, where anyone who had a grudge against a neighbor could report them as an enemy of the government, and that's all they'd need to haul you away in the night."
Or, "Imagine that those left-wingers (or right-wingers, or a tyrant) took over the government and start jailing all of the gun owners. Or they go after people who have talked to one on the phone. Or they go after everyone who has bought Hustler. Or they start harassing people who vote republican. Or they kill people who raise geraniums. Such a thing is unlikely to happen in our great country, but it could. And no one can predict who a tyrant would choose to be the bad guy."
Discuss.
And by the time it does, those of us who cared about privacy will have (a) left, (b) shut up about it for our own safety, or (c) already have been rounded up.
Actually, the East German system was pretty good at avoiding (c). Very few people had to be disappeared, but a lot of people with the wrong kinds of friends just didn't seem to do very well in their job interviews, where the people with the right sorts of friends did better at job interviews. You might also want to see The Lives of Others. (East Germany's STASI is also a good example of what happens when a state security apparatus tries to vacuum up too much data for it to process: the economy implodes after a critical mass of the economy is consumed by employing people on surveillance duty than on actually producing anything. The tipping point varies depending on how good your computers are, but no amount of technology short of Singularity-level Strong AI is going to eliminate the tipping point.)
It always starts slowly. It always starts for the same reason -- keeping society safe from miscreants. The names of the bureaucracies and the miscreants vary; sometimes it's Jews, sometimes it's gays, sometimes it's Japanese infiltrators (you don't like the Nazi analogy, fine, look at our own history! Census data was, by law, not supposed to be used for that.... two stroke of the pen later, and it not only happened, it happened not only in the US, but the Canadians did it to their citizens too!), sometimes it's commies, sometimes it's reactionaries. The end result of a surveillance state is always the same, and while it doesn't necessarily last forever, it sucks. It's basic primate psychology; it's happened multiple times in many human societies, and it'll happen again. We're just trying to make it a little harder to implement, and in so doing to delay it, make it suck a little bit less, and make it last for a shorter duration.
I found this interesting paper which attempts to define the concept of privacy from a legal perspective:
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=667622#PaperDownload
The author takes a look at how the use of IT can change our understanding of privacy and even create new ways of infringing personal privacy.
He suggests a taxonomy of privacy to enable a more sensible application of existing laws and the development of new legislation:
Information Collection, including Surveillance and Interrogation
Information Processing, including Aggregation, Identification, Insecurity, Secondary uses, and Exclusion
Information Dissemination, including Breach of Confidentiality, Disclosure, Exposure, Increased accessibility, Blackmail, Appropriation and Distortion
Invasion, including Intrusion and Decisional Interference
I'm interested to hear a Slashdot perspective on whether you feel that these categories would be sufficient to plan future legislation to protect privacy?
I came across this paper while researching the question of privacy of personal health records.
An elderly person that we interviewed commented, "You could post my information on the Internet, if that's what it takes to get me well".
I have heard more concerns about health information privacy from healthy people, than from those who are ill.
Which raises the question of whether privacy is only important when our more basic needs are already satisfied?
Easy, sniff their user names and passwords, then transfer some of their hard earned cash to a charity...
Excuse me, but please get off my Pennisetum Clandestinum, eh!
I normally pull the role of tech support for the family and found a way that was quite effective for me. My mother-in-law bought her first lap top and asked me to set it up. I configured a nice remote desk top so I could handle the minor issues with out making the trip to her house once a week. Since she nothing of this or even had a clue as to how it worked, I began doing random things such as creating text files on her desk top. These would include things like her address and phone number. When she asked about them, I informed her just how important it was to make sure she stayed secure and that she could be infected with a virus, trojan, or other nasty program. She brought the computer to the house and I deleted the files and ran a virus scan which, of course, turned up clean. This happened twice.
She has since invested in a higher quality router with firewall, uses anti-virus and spayware regularly, and is considerably more cautious with her email. Her experience has also led her to spread the word through the family about what happened. Since this began, I would estimate that the family has increased thier awareness and protective measures by 300%. One advantage, none of the family outside of myself were/are experienced with computers but they are slowly coming along.
And that's real key - the hyper-neurotic demographic on Slashdot haven't been able to come up with a reason to care. When pressed they either come up with some tinfoil hat variant on "well, don't you think the Jews would have liked to hide from Hitler" or go off an another tangent where they confuse privacy with security.
I actually had made plans with a group of students at the university to go around my city to various high schools, giving physics demonstrations and talking about what sort of jobs are available in science. There was also talk of a mentoring sort of thing for students interested in science but that do not have the resources to learn more. It made me feel good, I was going to be volunteering to help my community! Exciting.
I inquired about how to contact teachers to do these demonstrations in science classes, and was told I could set up a meeting with this one outreach program representative. No big deal I thought. We made the appointment and I met with her. Well, I was given an hour-long meeting on how to fill out a stack of papers about who I was, what organization I was with, who authorized me, what I wanted to do, where I wanted to do it, what days of the week I proposed to give these presentations. It included authorizations for background checks at both the state and federal levels. Finally when I thought it was all over, she hands me a fingerprinting kit and says I have to go on my own time to a local company, get fingerprinted, and wait to get verified before I can finally start.
My group gave up our plans for demonstrations and meet a scientist day right after she left. That is completely ridiculous, a huge intrusion into our lives that doesn't need to exist. We work for the university physics department, you can verify that, what else do you really need to know? We wanted to come talk to a class during school hours about physics; it's not like I was planning "Physics Sleepover! No Parents Allowed!".
What this guy is *really* asking is how can I make other people think the same way I do about something. That sort of thing is very tricky.
I think the best he can hope for is explaining why he feels the way he does, and hope for the best.
Your answers assume privacy, as the examples you use by analogy assume property. Assuming privacy is what I'm calling into question - I might as easily take the counterpart position and say "If you are complaining that other people don't necessarily respect your notions of privacy, then I say you would do yourself a favour by losing this entitlement mentality. You are not entitled to privacy that requires a special respect from me any more than you're entitled to steal my money or ..." and so on. Same argument. Either you accept privacy or you don't. We can describe either the with-privacy or the without-privacy option in a world-outlook as impinging on those who hold the other outlook. Perspectives like these go into our formulation of what we owe to each other - phrases like "I will not voluntarily give you something that I do not owe to you" are meaningless outside a particular formulation of these obligations, just like saying "I believe in justice" without talking about which conception of justice and what set of nuances apply.
For every problem, there is at least one solution that is simple, neat, and wrong.
I have found a way to exemplify the problem to all people, nerd U !nerd alike:
When you have a conversation at breakfast before starting your working day you may have a sensitive conversation with your partner for which you assume a private and unthreatening environment.
Why then, should you call them to discuss a sensitive matter at lunch time instead, should you not assume the same private and unthreatening environment?
The sensitive conversation could be anything:
- you may have trouble conceiving a child
- you could be thinking of changing jobs
- you might be thinking of voting for a certain political party
- you might be fighting for freedom in an oppressive regime
- your interpretation of taxation law may be a tad liberal
You may also, however:
- be planning to download an mp3
- be planning to attack a free and open society
(Are these the same?)
This is the best I've come up with to assert the "privacy is a right" line with colleagues.
If they don't care about a minuscule chance that the government is listening to their conversations, then that issue isn't important from their perspective. Important is a relative term.
The Gospel according to lolcat
First of all you are effectively spreading FUD about privacy loss by confusing totally different issues. There is the issue of security in terms of using firewalls, patching browsers and avoiding malware, there is the issue of true privacy in protecting details they share only with their spouse or close friends (bank account balances, credit scores), there is the issue of identity theft and finally there is the issue of obscurity in terms of sharing information about them on social networks.
Really the internet is no particular threat to true privacy since no one is releasing truly private details on the internet...well maybe in email but the truth is email is statistically fairly safe even if no particular safeguards are taken. Malware and identity theft are simple risk/reward calculations and for most people the risk simply isn't great enough to justify spending lots of effort on computer security. It's just like using a credit card at a restaurant. Sure the waiter could steal your card number and cost you $50 and some effort but the risk is worth the convenience. What you have to understand is that for non-techie types the cost to keeping their computer all patched up and worrying about security all the time is quite high so the risk they take is worth the cost.
As far as obscurity goes, that is the exposing of details that would be fairly easy for people who know you personally to find out, I don't see the big deal. Everyone gets all worked up about these being in databases or these being available on the internet but I really don't think it is that big of a threat. For thousands of years we lived in small communities where everyone knew each others secrets but it wasn't a problem because everyone knew each others secrets. Not only is our loss of obscurity inevitable but resistance will just make things worse by creating two classes of observers: big corporations and governments who have the resources to build private databases and hire investigators and the regular people. Once obscurity is eliminated I suspect we will have a much more tolerant society since it's hard to judge others harshly for their stupid shit when everyone knows the stupid shit you did back when you were a kid.
If you liked this thought maybe you would find my blog nice too:
Ask them how they feel about unsolicited calls from India trying to sell them a new phone carrier.
.... ..... ....
It surprises me how easily people are willing to give away this sort of information. My case study today will be my partner:
I got a call from a telemarketing person one night, and as a joke, I decided to pass the phone to my partner to handle. To my horror, I hear:
My name is Susan*
I'm 22*
I'm paying off my home*
At this point I took the phone from her and hung up. I then explained to her they would on sell the information and we would no doubt get more phone calls aimed at her demographic.
Then the "How am I supposed to know", "I'm not a mind reader", "Don't talk to me like I'm stupid", etc comments started. The physical wounds have healed but this is the first time I've been able to talk about it, it's an ongoing process.
* This data may or may not be correct. Possibly.
It warms my heart to see someone rightfully take this to the larger topic of privacy, not just IT security and privacy. It is sometimes difficult for me to explain to others why this issue is so important, whether some simpleton thinks it is relevant in modern times or not. You have helped me today Sir Holo, and I will make use of your talking points...damn shame I'm out of moderator points.
Other than this text, there is no discernible information contained in this sig.
You don't need a technical background to understand the value of privacy. Of course, with our understanding of the internet and its ability to spread information instantly worldwide, we can much more easily see the damage possible, but it's quite easy to make this accessable to people who aren't so deeply in the matter.
First: The "nothing to hide yet" angle. Our world is in change. Especially our laws are. Think back 20 years and you'll notice that you could not have thought possible what became law, will become law or at the very least causes people to turn from you. Twenty years ago, it was still kinda cool to be smoking. It was socially accepted to have a good cigar after dinner, actually it was a sign of class and to some extent, wealth. Smoking cigarettes was pretty accepted, too. Turning your nose on someone who lights a cigarette or even yelling at him would have made you look like a asocial tool. Today, it's exactly the other way 'round. Now, can you be sure that your habits will be socially acceptable, or at the very least legal, in the future? Drinking wine or beer? Eating fast food? Enjoying those fatty snacks? Eating meat? Who knows what the next health craze brings us. Maybe we'll discover that it's highly unhealthy to work out daily. How about your pastimes, your hobbies? Could it be that you'll be a paria of tomorrow's society because you enjoy eating sushi, for you are the reason some fish populations are on the brink of extinction?
Second: The "well, then I'll stop" angle. Yes, you might. But information is persistant. It is here to stay. What is caught on cam, what is posted on the net, it is there to stay forever, if someone deems it important enough. That can easily happen. Even for a completely unrelated reason. You made a certain funny face that people thought is hilarious while eating your first piece of sushi and it circulates. In 10 years, you'll be the poster child for those tuna-eating assholes that are responsible for it that the tuna died out. Yes, you. Not the millions or billions that also do it, you are the "this is the kind of asshole that costed us a species" person.
Third, and a direct descendent of the second reason, the psychologic aspect of being exposed. Star Wars Kid anyone? This is the prime example of how a loss of privacy has severe psychologic consequences. He was the laughing stock of the internet. Even people who never heard of the person he is, watched the video and at the very least shook their heads. This video will be on the internet, forever, immortalizing his moment of privacy for the amusement of the unwashed internet masses. How would you like it if your baby pics would somehow find their way onto the net? Maybe with you sitting on the potty? What about that time when you were really drunk and pissed on that electric fence? Oh, how hilarious. Well, for everyone except you, of course. Or do you want people to greet you with "Oh, I know you, you're that moron that got a shock from takin' a leak". Even when you're the most uptight, self-possessed person on the planet, you are not safe from being photoshopped into something that will be found in the encyclopedia dramatica. Maybe especially because you're the epitome of self control.
Fourth, the expected response "But I don't tape myself in such situations". No, you don't. But without "mandatory" privacy, anyone could. Anyone could fire up his cell cam and take away your privacy. You have nothing to hide? Great. Be prepared to be the next big thing on the internet when LOLcats gets stale.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
My hygienist told me that too. I didn't inform her that I never watch TV.
Tell them to take Freedom, Privacy & Technology at Portland State University with Professor Christopher Carey.
Dear Anonymous:
Yes... I am quite certain I did most of the negating. I find that discarding the people who pulled me down gave me LOTS of spare time for my research and for my life (business and personal)... That being said, even my family and close friends know very little about my life nowadays. I find that even if they wanted to sell me out to anyone buying, there's nothing they can truly sell out. There is a reason why "private info" is called that. But, to each his or her own, far be it for me to forbid others what to do. Their lives are theirs to waste, and I will never stand in someone's path to their own harm. To do that would be to enslave them... and I don't believe involuntary servitude of others to be something I would uphold.
" What luck for rulers that men do not think" - Adolf Hitler
You make a very good point about what the professionals say.
However, not revealing info about yourself requires less energy than, say, quarterly paint jobs.
A little paranoia is healthy in my work, but it takes less effort not to put up info about school, friends etc than it does to put it there.
The hardest trick about informing the non technologically minded about the risks and the things that they should 'not do' and the few bits of software they should install (which they can get for free and only need to install once), is not to scare them of using the Internet. Generally I find helping them install the security software (firewall, antivirus, antispyware software and of course a few firefox add-ons) and providing a simple explanation about what the software does and combining it with the warnings about what they should not do, helps to balance things out.
Add to that a warning about the vagaries of M$ software, and a quick introduction to the salient parts of M$'s non-warranty warranty 'er' eula, and why it is much better to use a non-M$ product when connecting to the internet or when attempting to secure that connection.
Chaos - everything, everywhere, everywhen
My experience is the opposite of the headline of this story. I think most non-IT types are more worried about privacy than they should be. They are terrified of MySpace, paranoid about their SSN's, warn me that file sharing will inevitably lead to me being "hacked," etc. It's true that the internet can be hazardous, less than crossing the street but true. But is also true that of the millions of people on MySpace of the millions of servicemen's SSN's that have been stolen, I am not an attractive target in a very target rich environment. I have long felt that a little bit of common sense in the face of "the internet is DANGEROUS" meme popular on FoxNN would go a long way. My neighbors won't let their kids have a facebook account, my inlaws are afraid of online banking, my parents are afraid of debit cards. I think it's time for the non-IT people to calm down.
cogito ergo oro
Floss your teeth while reading slashdot.
Thing is though that they are paranoid for all the wrong reasons. Mostly fearmongering out of various news outlets about THE DANGERS!!! OF THE INTARWEB!!! (okay okay... exaggerated but hey).
Fact remains that they might be paranoid about privacy on facebook and so on, but due to their misdirected paranoia, they're also the sheep that will gladly vote for a bill to just monitor everyone and make sure that their precious offspring won't lose their privacy, conveniently forgetting that big brother watching you equates to the same thing.
But at least seemingly Big Brother has a nice hat, so that makes it okay...
There is no sig...
It is from their foes, not their friends, that cities learn the lesson of building high walls. ;)
- Leonard Nimoy
i find that after a person is a victim of identity theft, they are far more likely to take privacy seriously.
A good friend of mine used to never wear his helmet when we'd go mountain bike riding. I tried in earnest twice to convince him that he was really pushing his luck. He continued to ride sans helmet. Then one day as we were riding home, he hit some railroad tracks at an angle and went down hard. On his head.
It took a while for the ambulance to arrive. The pool of blood around his head was fairly expansive. He got a serious concussion. Not good.
He now rides with his helmet.
As others have suggested, sometimes people won't figure things out until they feel the pain. But just as important is the net effect of seeing other people getting hurt. The bike helmet trend didn't take off until people realized that a lot of people were getting injured or killed on bikes, and that many of those incidents could be mitigated through the use of helmets.
There was a painful outcome, an easy solution to reduce the probability of the painful outcome. Right now online privacy is not seen as a threat because hardly anyone actually knows someone else who has been bitten by lax online privacy. But that's starting to change, slowly. Now what we need is an easy (for those people in the world who are not inherently fascinated by computers and privacy) mechanism for managing online privacy. I don't expect the latter to come into being any time soon, given the political climate in the United States, where there's simply too much money telling the government to look the other way as companies gobble up more and more personal data.
Read the EFF's Fair Use FAQ
The more the masses continue with bad privacy protection, the bigger and more vibrant will be the cracker population feeding on them. This cracker community will get its training and sustenance from the easy marks, but many of them will always be trying for the higher hanging fruit -- that's you and me. If we can vastly reduce the low-hanging fruit, the masses who don't protect their privacy, then we can snuff out much of this cracker community. Many of those crackers will get other jobs as hackers never becoming dependent on cracking, and we'll all live better. Greg
FUD, however distasteful, works on Joe Average. Quote worst-case scenarios, no matter how unlikely.
Or just be happy that you understand security well enough to be part of the solution.
Sorry to see you modded down to zero Parent. I agree with you, and I would do my part to mod you up.
Is it really the "right thing" do this kind of vigilantly 'justice' modding the parent down to zero?
> When was the last time a president of the US had one of his political opponents killed?
Nobody can prove anything, of course, but the leading opponent of the Iraq war in Congress, Sen. Paul Wellstone, died in a plane crash shortly before the invasion began...
Just how much worse would it have been if their last boyfriend/girlfriend could see online how much they're hurting, or could flood their email/MySpace/Facebook accounts with hurtful or pathetic messages.
A recursive sig
Can impart wisdom and truth
Call proc signature()
No no no....
Give them the old "screenshot of existing desktop as replacement desktop" trick, don't forget to slap the task bar up to the top of the screen & turn hiding on. Now txt them a warning about a new virus which locks the desktop while it sends all the nudie pictures of their wife & recent pages visited/passwords entered back to Mother Russia.
Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety.
Nobody cares. As I said about 1.5 years ago on a related topic, the realization that privacy is important requires strong knowledge of multiple fields of study. But most people are lucky to have strong knowledge of more than 1 or 2. People are largely too stupid to understand the subject of privacy, especially where it intersects with the world of computing. just saying
Many social networking sites allow pictures to be uploaded and people's accounts linked to those pictures, where they were captured.
I got some people sensitive, when mentioning that many corporations have an account with the most popular sites, to check out applicants. Especially for drinking pictures or other information that might be normal between friends, but interesting for your future employee. Like putting liquors as your favorite free time activity or mary jane...
I find telling the non IT literate that the worst case scenario is a fraudster using their credit card details to buy and download kiddy porn to their home computer as a temporary staging post. This followed by arrest, incarceration and all the associated trauma of being a convicted pedophile in an all male prison.
Actually not so fanciful recent campaigns by US and EU law enforcement officers using credit card lists seized from kiddy porn sites have uncovered individuals who were inadvertently funding the purchase of illegal material with funds stolen from their credit card accounts. These individuals were subject to protracted investigation and in some cases lost their jobs/partners before being cleared.
even when reposessions reduce the cost of your home.
As long as you can afford your repayments, it doesn't matter if you're in 100% negative equity. It's still your house, it's still keeping you dry.
And if you can't afford it, that goes back the the GP's point.
They say they simply don't care that the data they share on social networks may be accessible by others, that some laws passed by governments today might be privacy-infringing and dangerous, or that they shouldn't use on-line banking without a virus scanner and a firewall.
Install a keylogger on their PC. Get their account credentials. Post threats on their MySpace/Facebook page and then drain their bank account. They'll very quickly gain an appreciation for privacy.
Yestersday, my accountant friend came over with his infected laptop. After backing up all his data and re-installing win-crap on it, I tried giving him a very strong warning that since you have personal data of all your clients (more than 500 people, one of them being me), you should be more careful and try to at least encrypt the damn data. It seemed like I was talking to to wall. Real sad.
Ask them if they trust the CCTV operator isn't checking out their child as they walk to school. Ask them if they know the CCTV operator is watching at all. Ask if the operator is keeping stills and short movie clips of what the CCTV is showing.
If they believe the operator to be trusty, ask them if they'd read the report about Mall CCTV operators using the cameras to watch the fit women rather than the other possible threats to the stores.
And should there be privacy about how to make a nuclear bomb? Where our spies are? Privacy in those cases is EXPECTED, but that goes against "if you have nothing to hide" because they DO.
I'm sure somebody will whine about netbots or something, but as far as I know (I might be wrong), being an MS-free Mac OS X user, I don't think I'm contributing much to this problem.
Work while reading Slashdot.
'Floss while you're watching TV.' ??
I was thinking NOT since my hands are usually busy with something else when I watch TV.
Then I thought, why not invent a combination 'TV remote control/dental floss dispenser'?
Why, what did you think my hands were doing?
Normally I ascribe all life to intelligent design, but in your case I'll make an exception.
How do you floss without a mirror without hurting yourself?
Give me Classic Slashdot or give me death!
First someone needs to make up a bunch of booklets (wallet CDs?) containing the 5 laws of information security. Color coded.
Personally, I think having IS Ed courses in highschool would be useful... seperate out the geeks and the non-geeks into different classes, go over "this is a firewall, this is antivirus software, and this is how you use them" with the non-geeks and talk about server hygiene with the geeks.
Good. I can then go to the tax board and have my SEV reduced.
SEV? I don't know what that is but if it's anything like property taxes, do you really think government will reduce the value of your property without you fighting them over it?
I'm not sure why people are so bugged about having their property values decrease.
They don't want their property value to go down because they are then hurt. Much as you may dislike it, I do myself, much of the world runs on finances.
I think it comes down to people thinking they've got to keep buying bigger and bigger houses. That's ridiculous. Buy a house and live in it. If it gets too small, you probably have too much crap and should get rid of some of it.
So you've never bought a small house as a single or recently married then had your family expand? Most people start with a small house then buy a bigger one when their family expands, it's called a starter home. What a smart or intelligent person will do is first buy a small home, then when they have children buy a bigger one. Or if they can afford it they will go ahead and get a larger house then rent out one or more bedrooms until they have children. And when the nest is emptied of children buy a small home again.
FalconShould there be a Law?
In a real emergency, we would have all fled in terror, and you would not have been notified.
English isn't rocket science either: It's "their" not "there".
Only his tendency toward a dazed stupor prevented him from screaming aloud.
Can you tell me your annual salary?
:-).
Do you close the curtains at night?
Could you please get me the salary details of your boss?
Can you show me how you fiddled your expenses? (this last one veers into an implied assumption of unethical behaviour - your counter to protests is that without evidence you are free to assume either).
Just some examples, because "can I look at your daughter undressing" may be too risky from a physical/legal point of view
Insert
With the exception of checking the car oil every week (which seems excessive), those are all the proper things to do. Do them, and you will see a benefit.
None of those things are difficult to do, and especially the personal care (including exercise), it is your own fault if you get sick and die. Its not difficult to do.
I have to agree with the OP; people do need to invest time to maintain themselves and their posessions, and if they don't they really don't have room to complain. People always seem time to eat, why can't they find time to make sure what they're eating is healthy? It really isn't that hard.
But is also true that of the millions of people on MySpace of the millions of servicemen's SSN's that have been stolen, I am not an attractive target in a very target rich environment.
Do you have even an ok credit score? If you do, you're in the target range. All they need is one credit card in your name.
i've got more trouble convincing some of my "it-friends" of the importance of privacy.
Are you using razor wire for floss or something? O.o
(OK, just kidding. I hurt myself even when I floss with a mirror. Sensitive gums)
I'm a she-slashdotter... but I make up for it by living with my folks.
per site
Thanks.
FalconShould there be a Law?
My own usual demonstration is to hold out my hand and ask for their wallet/purse. "If you have nothing to hide, you have nothing to be afraid of."
Actually, LOL, I am, right now. Got me one of those reach flossers with the handle you keep and little bows of floss you replace when they break. Makes it so much more practical, and safer, I never pull too hard and cut my gums now.