Slashdot Mirror
Why Online Privacy Is Broken
Trailrunner7 writes "One of the more trite and oft-repeated maxims in the software industry goes something like this: We're not focusing on security because our customers aren't asking for it. They want features and functionality. When they ask for security, then we'll worry about it. Not only is this philosophy doomed to failure, it's now being repeated in the realm of privacy, with potentially disastrous effects. A quick search of recent news on the privacy front reveals that just about all of it is bad. Facebook is exposing users' live chat sessions and other data to third parties. Google is caught recording not only MAC address and SSID information from public Wi-Fi hotspots, but storing data from the networks as well. But the prevailing attitude among corporate executives in these cases seems to be summed up by Google CEO Eric Schmidt, who famously said this not too long ago: 'If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.' If you look beyond the patent absurdity of Schmidt's statement for a minute, you'll find another old maxim hiding underneath: Blame the user. You want privacy? Don't use our search engine/photo software/email application/maps. That's our data now, thank you very much. Oh, you don't want your private chats exposed to the world? Sorry, you never told us that."
it's all laziness. Laziness on the part of the companies, and laziness on the part of the users of said services. A lot of people leave their stuff wide-open for the world to see. I think it's because overall, people like to feel like they're important, and their written words need to be shared. From the company perspective though, it seems to me the majority of security flaws are due to two things: 1) greed over content control, and laziness.
I can remember very vividly GM and Ford (and Chrysler and even Packard) saying basically the same things about cars - they could put in safety features, but they didn't because there was no customer demand for it. This was, mind, when cars had metal dashboards and spear-your-heart driving wheels. This went on until the Federal Government started forcing changes, and until Volvo and other foreign manufacturers started making sales touting safety. I expect to see a similar story arc about piracy on-line.
There's no identifiable information in your MAC or SSID. So big deal there. If you don't want your packets sniffed, it's easy enough to enable encryption. If you don't want your emails shared with marketers, no one is forcing you to use GMail. No one is forcing you to use Facebook for that matter either. These companies provide a service that's free to you, but in exchange for your privacy. If you don't know that's the deal, you have no one to complain to but yourself.
It's really quite trivial to maintain your privacy on the internet. Use encryption whenever possible, and don't use services from companies who's business model is selling your information. Problem solved.
Give me Classic Slashdot or give me death!
I'm so over so-called "cloud" computing and social networking sites, webmail, etc.
I've started to roll my own IT infrastructure. All it takes is a domain name, some time and skill (or the desire to acquire said skills) and away you go.
i will no longer use anyone else for email, etc. I'll host my own domain name, my own blog, my own email. I'm going to own my data, not someone else.
Blame the user. You want privacy? Don't use our search engine/photo software/email application/maps. That's our data now, thank you very much. Oh, you don't want your private chats exposed to the world? Sorry, you never told us that."
I am all for the world deserves more privacy, privacy laws should exist, etc..."trust" me! But jokes aside, there will always be entities that operate outside what we consider the ideal privacy as long as they are allowed to do so. The problem is not that of each company's policy: since when did we decide that each respective business should and would always hold itself to a higher standard?
In the corporate world these days, one of the common phrases to encompass a moral code is: "if you wouldn't want your mother reading it on the front page of the newspaper, you probably should not be doing it." That is all fine and dandy as they say for a corporate environment and ethics, but this does not necessarily apply to my personal browsing. The problem therefore, as I argue, is that of a conflict of interests:
---We want transparency with privacy. Security and privacy in a corporate viewpoint need to be high. Certified public accountants are held liable for transactions, and audits happen...very often. If the security system itself does not allow tracing of fraud, or even a way to raise a "red flag" of sorts, well then the security system is flawed in the eyes of the auditor.
---We want privacy on personal matters. This fact alone can contradict not in implementation or even feasibility, but perhaps in theory - which is enough to cause problems. As a hypothetical CEO of a corporation, I do not have much understanding of personal privacy of internet actions...I have to deal with lawyers (yes those people...), auditors, and general liability. When I am told that I need to up user privacy and not record any data, etc... this may go against what I fundamentally see my company doing!
I mean to say here that there is a bridge of "thought" between privacy and liability...even though this should not apply to the end user: us.
We assume that big companies are playing fast and loose with our personal information and that there's little we can do about it.
On another front, many Americans are complacent...we know this to be a fact! I don't care about Republican this, Democrat that, Ron Paul, whatever...the world will always have ignorant individuals. Individuals will except a sacrifice of privacy and that overused term liberty in exchange for a bit of "piece-of-mind", and in many cases they just don't care.
A quick search of recent news on the privacy front reveals that just about all of it is bad.
Lastly, I'd like to say, outside of the fact that bad news means more audience, that this all is bad philosophy might not be what is needed. Sure the breaches on my personal privacy and what I like to coin as my "personal liberty" are disturbing...but in a general sense unless the actual source of the problem, a complete lack of laws protecting our privacy, is brought to light, I do not expect any real change.
I agree with this posting in the fact I want privacy and I have little patience...but I just wanted to play the devil's advocate on Slashdot for a bit...
My question to you all: How can we balance security and corporate liability today? && How could the general public be informed the "real" issues, not just the latest privacy breach?
We should start a new Slashdot and return control to the geeks. It actually wouldn't be that hard to get some users to
The problem is that all the companies are data gorging. The CC Merchants are the worst. They insist that you send them not only the total but a list of what the person is buying. They also monitor your advertising and who links to you on the internet. I use to run a lab supply company. We had a affiliate link when we first went online. The merchant account found two sites that linked to us, these sites were in other countries and were drug related. Well drug related in the US but they appeared to be legal in there country. They killed our account with no warning. $3000 a day in sales through the web site gone. They would not turn it back on and added us to a black list. We were unable to continue selling online. We still have the brick and mortar but the online store it gone. We broke no laws and there was no published list of what not to do.
All in all, not only do they collect all the information on every one and there sales, they spend a lot of time monitoring and collecting information on the stores. They need to be dinged on this, some Merchant accounts go as far as to tell you what products you can and can not carry. The second one we had would not let us carry or sell any pipettes, agar-agar or 10cc syringes that had 1.5" 18 gauge needles on them. They considered them "Drug paraphernalia"
"Making everyone happy" was never on my to-do list. "Not get reamed by the corporatocracy" is on my list and remains there. As much as others might enjoy the familiarity of having complete strangers call them by name, and the convenience of having merchandise instantly charged to their accounts, *I* am selfish enough to sacrifice all those pleasures just so that I might exert a little bit of control over what others know about me.
This is a job for government regulation. We don't trust the free market with important things like ensuring food safety, protecting the environment, or verifying whether pharmaceuticals are effective. Why should we trust the free market with personal privacy?
$META_SIG_JOKE
I walked into Target and returned some merchandise. It was really simple -- because they kept my credit card on file. I never told them they could do that. As I walked away, they said "Thank you [my name]" so they knew that too.
They do this because people like it and it encourages them to buy - my wife will buy stuff she's unsure of at Target, then decide if she's going to keep it or not. She knows it's easy to return, and she does return stuff regularly, but she'll also keep some of it & get more when she's back there doing the return. Home Depot also can do the return just from the receipt. Just like everything else with cards, they want you to use it more & they don't really care about a little fraud, the overall benefits are much bigger.
The blame doesn't necessarily fall on them - I've had extensive conversations with adults to teach them to use a computer, and among more complicated situations, they just don't think that way.
They'll get old, and then people who know whats going on will be in control, and then we can move on. They are, unfortunately, obsolete. Many can be rehabilitated, but it requires a willingness - the culture shock and resistance that technology triggers astounds me (do you really need that smartphone?, do you really need an app for that?). They think it's a Big Deal that I can use my cell phone to tag songs I like while in a bar, at a concert, or at a friends party. To them, its a Stupid Big Deal - why would you get a phone for that? - when the reality is that I got a phone so that I could do useful things. I got it so it can be responsible for me. I don't have to write down the name of the song, listen to the station until they feel like listing their song titles, or shout to someone HEY WHAT BAND IS THIS, when my phone can do, and remember, all those things for me.
There is a cultural difference here, where the tech-based culture will supercede the analog culture.
Eventually.
This wasn't a user page though; it was literally "facebook.com/companyName," and the company was actually a big one -- something like "Verizon" or the like. I sensed it was less a "we're too poor to have a website" move and more a "all the cool kids are on facebook so we should be there" move.
Yeah, you just have to know where to connect. Similarly with searching: You have to know whom to ask, so you ask the one who'll know whom to ask and that's the server.
However, I don't think the original poster isn't talking about random file sharing - such as BitTorrent. He is perhaps talking about decentralized (social) networks with peers/users/friends having their own servers (see SheevaPlug), and controlling both data and software on it (see http://ur1.ca/lch5 and http://groups.fsf.org/wiki/Group:GNU_Social/Project_Comparison - the right part of this page).
This is something I've been wondering about for a while, I'd love if anyone can enlighten me.
My country has a constitutional provision saying everyone has the right to know their rights. I don't believe the US constitution has such a provision but I'm sure there's something similar in the legal system. Anyway, I'm wondering about the highly complex legal language used in EULAs and the like. Does that not, essentially, violate one's right to know your rights? Understanding such texts is pretty much impossible without legal training because of how certain words have meanings that differ from their meanings in daily life, and how certain phrases actually refer to something that's defined in another law, etc. Why is it legal to give people agreements they can't reasonably understand?
To use an analogy. Let's say I have a shop and for an item that costs 50$, I choose to post a visible price tag that doesn't say 50$ but says integral(0, 10) xdx. It's the same thing largely. People who have taken calculus will recognize that as amounting to 50, people who haven't will recognize the numbers and letters but won't understand what it means, similar to how people without legal training sort of understand the words in the contract but not actually their meaning.
I suppose my question also applies to the language laws are written in. Over here, they're written (largely due to the country' short history, I assume) in fairly simple language. Of course you need to be a lawyer to understand all the details, but a simple understanding of the language is enough to understand most provisions. This is unlike US law - I've read a few sections from the US Code and the language there definitely seems unlike everyday English, with very complex and unnatural sentences, to the point where understanding the law is really hard.
Yes, that's intentional. In cryptography it's known as Kerchoff's principle: only the key should be secret, everything else (the encrypted data, the system design, the source code) should be assumed to be known to an attacker. That approach leads to strong designs because the designers can't rely on handwavy arguments like "Oh, nobody's likely to hack the Facebook servers" and "Facebook's thousands of employees are all trustworthy".
And how long before key collecting viruses run rampant and phone home to a black market provider's server where all Diaspora data is cached?
The same argument applies to Facebook passwords, except that with Facebook, the black market provider doesn't even need a server. Viruses are a problem, but they're just as relevant to client-server systems as P2P systems.
I understand how asymmetric key encryption works in PGP but that requires that you have a single person you are sending the message to ... do you need to build a PGP public/private key for each of your friends?
No; you only need to generate one public/private keypair, regardless of how many people you want to communicate with. But PGP's probably not the best model for a P2P social network - something like Tahoe is a lot closer (I hope the Diaspora guys have the sense to use it rather than reinventing it).
Then I guess my next question is where does this decryption take place? Obviously it has to take place on your friend's box otherwise the people in the middle would have your key and your unencrypted data. So your friend logs on to check out your picture on Facebook ... but he's on his netbook so he has to wait to get the encrypted data then decrypt the data on a possibly low CPU intensive device.
Encryption is cheap. Seriously, it's cheaper than water. Once you've established a shared key with your friend, which only has to happen once when you first friend each other, all the rest of the encryption is symmetric. Again, PGP's not the best model here because it does asymmetric crypto for every message. Think about HTTPS web browsing or a GSM phone call instead; mobile devices have no trouble handling those.
And then when people start posting unlicensed songs and movies to their pages you'll have the MPAA and RIAA trying to sue the crap out of everyone ever connected to it and then they'll start caching as a Diaspora node ... and wait for legal action to get a potential file sharer's key by court order ...
That's still a lot more secure than Facebook, where copyright holders can get stuff pulled from your page by sending a DMCA takedown email with no court oversight at all, and you're subject to arbitrary censorship by Facebook itself.
People seed on bittorrent because they can use the files that they're seeding but they're not going to be able to use my encrypted files that people might want when I'm offline nor will I be able with a netbook to help them out with hosting their files.
Yup, downtime and mobility are major challenges for P2P networks. The most likely solution I see is a little fanless Linux device that sits beside your cable or ADSL modem and participates in the P2P network 24/7, trading some of its storage with other devices so your data stays available during its occasional periods of downtime. Another possibility is that if you can't run a node yourself, you rent or borrow a share of someone else's node, just like you do with email servers. That's more like a federation than true P2P, but, crucially, like email and unlike Facebook, there's no single party providing accounts to everyone, and you're always free to change providers.