Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why Online Privacy Is Broken

Posted by Soulskill on from the too-many-people-who-don't-care dept.

Trailrunner7 writes "One of the more trite and oft-repeated maxims in the software industry goes something like this: We're not focusing on security because our customers aren't asking for it. They want features and functionality. When they ask for security, then we'll worry about it. Not only is this philosophy doomed to failure, it's now being repeated in the realm of privacy, with potentially disastrous effects. A quick search of recent news on the privacy front reveals that just about all of it is bad. Facebook is exposing users' live chat sessions and other data to third parties. Google is caught recording not only MAC address and SSID information from public Wi-Fi hotspots, but storing data from the networks as well. But the prevailing attitude among corporate executives in these cases seems to be summed up by Google CEO Eric Schmidt, who famously said this not too long ago: 'If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.' If you look beyond the patent absurdity of Schmidt's statement for a minute, you'll find another old maxim hiding underneath: Blame the user. You want privacy? Don't use our search engine/photo software/email application/maps. That's our data now, thank you very much. Oh, you don't want your private chats exposed to the world? Sorry, you never told us that."

18 of 220 comments (clear)

  1. User generated content belongs to the user... by alexandre · · Score: 5, Insightful

    If we had continued improving on P2P instead of giving in to centralized servers we wouldn't be there...

    1. Re:User generated content belongs to the user... by BuR4N · · Score: 4, Funny

      No, we would be in IT support hell, maintaining our dads and moms P2P servers......

      --
      http://www.intellipool.se/ - Intellipool Network Monitor
    2. Re:User generated content belongs to the user... by TerranFury · · Score: 5, Insightful

      A big problem is simply NAT. Non-technical people are not going to set up port forwarding. This basically broke the Internet, and pushed its development in undemocratic directions.

      UPnP partially fixes this, but opens up a whole bunch of other problems, which are even worse.

      IPv6 is supposed to fix this for real, but I don't count on it because IPv4 is "good enough," and I bet that it'll be easier for people to keep throwing NAT and subdomains at the problem. E.g., companies don't need to bother maintaining their own webservers and having their own public IPs; the way things are going they'll just point people to "facebook.com/companyName" (I heard an ad do this on the radio yesterday, in fact).

  2. Ignorance, not indifference. by Striek · · Score: 5, Insightful

    I would think (and hope) that customers aren't asking for it because they're not aware of the risks, not because they don't care. Like when people stop using debit cards everywhere only after their card gets duplicated.

    --
    "Government is like fire; a handy servant, but a dangerous master." -- George Washington
    1. Re:Ignorance, not indifference. by Endo13 · · Score: 4, Insightful

      With a credit card, they're spending the creditor's money. With a debit card, they're spending your money. Even if all the protections are identical, which do you think will inconvenience you more?

      --
      There is no -1 Disagree mod. Slashdot.org/faq defines mod options. USE IT.
    2. Re:Ignorance, not indifference. by mcgrew · · Score: 4, Insightful

      Apathy is blamed for a lot of things that people really aren't apathetic about at all. One example is voter turnout: they say 50% of voters stay home because they don't care, when the real reason they stay home is they don't see much if any difference between candidate A and candidate B. It isn't apathy, it's a conscious decision to boycott the system.

      As TFA notes, security is another one. People complain about their virus-infested computers so they aren't apathetic, they're simply ignorant; they don't know HOW to not get viruses, and they bitch loudly because they bought NcAffee and Norton and turned Windows firewall on and STILL get viruses because they DLed Metallica-FreeSpeechForTheDumb.MP3.exe and played it by clicking the file. They have no clue that the file is an executable, because Microsoft hides the file extension by default.

      The same goes for privacy. As TFA (again) mentions, most users want both privacy AND social networking. As the article summarises: "Blame the user? Here's a better idea: Listen to the user."

      Fat chance of that happening though. The user isn't the customer.

      --
      Free Martian Whores!
  3. We just need legislation by MobyDisk · · Score: 4, Insightful

    The actions made by these companies, right or wrong, are legal. You can't expect companies (or governments... or individuals) to stop doing this if it is convenient, profitable, and legal. We need some legislation that basically says that they can't publish, transmit, or sell personal information without prior consent. And that any such release - intentional or accidental - must be reported to the individual.

    In the US, we have such legislation but it only applies to medical information. That is silly - there's just no reason for companies to be giving this stuff out.

    Actually, let me go a step further -- they shouldn't even store this information. I walked into Target and returned some merchandise. It was really simple -- because they kept my credit card on file. I never told them they could do that. As I walked away, they said "Thank you [my name]" so they knew that too. Why is it okay for a store clerk to have this? Why did my credit card company give out the credit card number and name? They don't need that. They need to know "User 81234756897 authorized purchase for $57.34 to vendor 9234857 on 2010/05/23 17:24 with authorization #239485768934." That's it. It should have been illegal for my credit card company to even give the information. Then for Target to store it. As a nice side-benefit, this also prevents fraud since no one in the chain can use my credit card.

    1. Re:We just need legislation by Todd+Knarr · · Score: 4, Informative

      Actually they probably didn't record your credit-card number. What they probably recorded was the sale number (basically a receipt serial number), the receipt information (what was bought), and the type of credit card and the authorization number. They knew your name because it was recorded off your credit card at the time of sale. To handle the refund they just use the authorization number, which the credit-card company can match to your card (but they won't tell the store the card number, they'll just give out another authorization number for the refund).

      Now, the store probably doesn't need to store your name at the time of sale. But if you're paying with a credit card, you know you're leaving a connection between you and that sale anyway so IMO it's not a major thing. If you really want no connection, pay in cash and don't give them any identifying information, not even a phone number.

    2. Re:We just need legislation by LandruBek · · Score: 5, Interesting

      "Making everyone happy" was never on my to-do list. "Not get reamed by the corporatocracy" is on my list and remains there. As much as others might enjoy the familiarity of having complete strangers call them by name, and the convenience of having merchandise instantly charged to their accounts, *I* am selfish enough to sacrifice all those pleasures just so that I might exert a little bit of control over what others know about me.

      This is a job for government regulation. We don't trust the free market with important things like ensuring food safety, protecting the environment, or verifying whether pharmaceuticals are effective. Why should we trust the free market with personal privacy?

      --
      $META_SIG_JOKE
  4. Odd and Misleading Summary by eldavojohn · · Score: 5, Insightful

    One of the more trite and oft-repeated maxims in the software industry goes something like this: We're not focusing on security because our customers aren't asking for it. They want features and functionality. When they ask for security, then we'll worry about it.

    Let me counter that with one the more trie and oft-repeated maxims from businessmen in the 80s: Don't you worry about security, let me worry about blank.

    Not only is this philosophy doomed to failure, it's now being repeated in the realm of privacy, with potentially disastrous effects.

    And yet Facebook thrives and not until last week did Google offer secure searching and they're a giant. Sounds to me like companies that don't worry about privacy are doing pretty well -- maybe even the industry leaders. Maybe they're on to something about it being unimportant to the consumer?

    A quick search of recent news on the privacy front reveals that just about all of it is bad.

    Oh give me a break. Ninety percent of news stories are negative. Because it sells eyeballs. Really, do you expect a news article about the really great privacy that Slashdot offers Anonymous Cowards to appear? When privacy works, it's not news. Hell, when privacy is kept intact people don't even know. Your reasoning here is severely flawed.

    Facebook is exposing users' live chat sessions and other data to third parties.

    Yep, marketing's a bitch, ain't it? But then again, we're getting Facebook for free and I don't think there's been any case of someone suffering serious harm from Facebook dumping a chat to marketing. Certainly unsettling but has there been any sort of actual case of abuse and harm to the user? I use Facebook and I don't care much. I'm putting my data on their servers and they had me agree to some BS impossible to read ToS so I just mitigate that by keeping anything sensitive off it. If Diaspora takes off -- hey, great -- but until I can communicate with all my friends and family on it who are half a continent away no thanks.

    Google is caught recording not only MAC address and SSID information from public Wi-Fi hotspots, but storing data from the networks as well.

    "Caught?" That's funny. If you don't want to "catch" people "recording" your shit, stop broadcasting it and put some encryption on it and use a hidden SSID. You know, like the hundred or so Slashdot posts have pointed out.

    But the prevailing attitude among corporate executives in these cases seems to be summed up by Google CEO Eric Schmidt, who famously said this not too long ago: 'If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.'

    "Prevailing?" So prevailing that you need to reference a half a year old quote that is about all we have of that attitude. That's the predominant force out there? Care to come up with more companies using that sentiment? Care to put that quote into context for me? Put the pressure on them and the companies will change. Fact is that nobody's putting any pressure on them so why should they stop doing something which allows them to better market to you with ads and make more money?

    If you look beyond the patent absurdity of Schmidt's statement for a minute, you'll find another old maxim hiding underneath: Blame the user. You want privacy? Don't use our search engine/photo software/email application/maps. That's our data now, thank you very much. Oh, you don't want your private chats exposed to the world? Sorry, you never told us that.

    [citation needed] Prosecutor is leading the witness. Seriously, you're putting words into their mouths. Evil, yes they are. Saying that they claim your data is now theirs by way of their actions is ridiculous. Then from there y

    --
    My work here is dung.
  5. anyone vs everyone by xs650 · · Score: 5, Insightful

    Google CEO Eric Schmidt, who famously said this not too long ago: 'If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.

    There are very few things that I don't want anyone to know, there are a host of things that I don't want everyone to know.

  6. I call TROLL by Gorimek · · Score: 4, Insightful

    Both the Facebook chat bug and the Google recordings are unintentional mistakes. If they show anything, it's that completely bug free engineering is hard to do. I think we knew that already.

    The Schmidt quote is just a statement about how this flawed world is, not how it should be.

    The concept of privacy in these times and the future is a very interesting topic, but this post is just a whiny mini rant, not a serious attempt to understand the real issues.

  7. When ads are more important than users by dominion · · Score: 4, Insightful

    The whole idea of "if you don't want it public, don't put it on the internet" always reminds me of this Onion video:

    Google Opt Out Feature Lets Users Protect Privacy By Moving To Remote Village
    http://www.theonion.com/video/google-opt-out-feature-lets-users-protect-privacy,14358/

    There's no reason that we can't have a reasonable expectation of privacy, even in our online lives. Especially from a technical standpoint. If I share some photos with 10 people, and one of those people decides to copy that photo into an email and send it off to 100 people, then that's a social failure, not a technical one. People I trusted betrayed my trust, on a social level.

    But on a technical level, I should be able to share videos or photos or journal posts with a small group of trusted people, and be reasonably secure in the idea that only they will see them. That advertisers won't have access to that photo, that an api won't be able to pull the data without permission, etc. There's nothing extraordinary about that requirement, and that it's treated as absurd and unreasonable shows how far we've fallen from a basic perspective on internet privacy.

    Open source can fill the gap. Our incentive, as open source software developers, is to provide the best software possible, and to not skimp on important features like privacy and security. We aren't trying to cater to advertisers, or to build empires based on fads and hype. I've been working on an open source, distributed social networking alternative to Facebook (and Myspace and other "walled gardens") that called Appleseed that focuses on strong privacy.

    http://opensource.appleseedproject.org/

    But most of all, by distributing these services, and allowing users to cancel their profile on one site, sign up for another site, and plug right back into the network they lost, it creates a level of competition so that social networking sites *have* to listen to the concerns of their users. They can't take them for granted. Not just in social networking, if we can continue push for open standards, open protocols, open platforms, etc., it means we have some leverage when a popular service decides to privilege it's revenue stream over the privacy of it's users.

  8. You ARE to blame by ADRA · · Score: 4, Insightful

    Sorry, but please take some responsibility for yourself. If in fact there is something so important that you don't want anyone to know, then don't do it online, PERIOD. This is nothing new and there are very few if any technological measures that can ever be deployed that will guarantee that your privacy / security will ever be secure. The level of hassle involved with making really improbable-to-break security is really hard and requires diligence on the part of the individual. If Vista taught us anything, it is that users do NOT want real security. They want to do what they want and not worry about how the system does it. Well guess what? The system isn't perfect and neither is the security. We live with the imperfection for the sake of simplicity.

    "Facebook is exposing users' live chat sessions"
    This was a defect in their IM system. This could happen in EVERY SINGLE store and forward based messaging system (AKA basically all of them).
    If you expect each facebook user to generate their own Public/Private key then you're diluted (plus it breaks the online chat thing unless you're sharing your private key with facebook which would defeat the purpose).
    If you expect software to be perfect then you're an idiot.

    "and other data to third parties"
    You agree to this when you clicked through their EULA (which is your fault).

    "MAC address and SSID information from public Wi-Fi hotspots ..."
    Data was wide open (which is your fault) and the company erroneously captured it.

    --
    Bye!
  9. How Precisely Could P2P Solve This? by eldavojohn · · Score: 4, Insightful

    If we had continued improving on P2P instead of giving in to centralized servers we wouldn't be there...

    Alright, I know that a few projects like Diaspora are supposed to utilize this but I am still largely confused by this. Peer to peer implies that by owning my own personal data, it is on my home computer or laptop. Some people only have a laptop and some people like to power down their machines when they're away. So this seems to imply that you need to either have this disseminated to other peers in order for people to access it while you're offline. On top of that if you're disseminating photos or videos, this could get crazy for upload speed. So then your stuff is on another person's machine and who knows if they didn't just take and modified the Diaspora code to record all your stuff. Can you trust their node anymore than Facebook? Sure, it might be encrypted but it's hard to believe that it wouldn't be susceptible to a man in the middle attack or eventually crack the encryption by brute force. So you're kind of at that point back to the same problem as you are with entrusting Google or Facebook with your data. Otherwise you need to pay for a dedicated hosting server and they're not going to be cheap if you're miss popular with thousands of photos and that's not really P2P.

    So how was P2P supposed to fix this problem? Especially for people with just a laptop or even like my parents who have a dial up connection out on a farm house with very tiny upload bandwidth. I'm just not getting a clear picture of how the average person would handle this.

    --
    My work here is dung.
    1. Re:How Precisely Could P2P Solve This? by betterunixthanunix · · Score: 4, Informative

      There are a few ways P2P would solve the problem. The first that comes to mind is that it would reduce the incentive to undermine privacy, since the social network would not be funded by the sale of personal data (or data derived from personal data). It would also increase the cost of undermining privacy, since people would not just be throwing their data at a single centralized datacenter.

      As for distributing the data across the network, it is very easy to solve that problem cryptographically. You encrypt your data, and the decryption key is distributed as part of the "friending" process. In theory, if your friends are out to get you and want your privacy to be undermined, they could distribute the key further, but this is not much different than the current situation, where they could just copy your data from a website and hand it out to people.

      --
      Palm trees and 8
    2. Re:How Precisely Could P2P Solve This? by alexandre · · Score: 4, Insightful

      The difference there is that your relatively small key holds the potential for everything on your page.

      Why does it have to be a global key?

      I understand how asymmetric key encryption works in PGP but that requires that you have a single person you are sending the message to ... do you need to build a PGP public/private key for each of your friends?

      Why not, it's cheap? You don't have 1M friend either...

      Then I guess my next question is where does this decryption take place? Obviously it has to take place on your friend's box otherwise the people in the middle would have your key and your unencrypted data. So your friend logs on to check out your picture on Facebook ... but he's on his netbook so he has to wait to get the encrypted data then decrypt the data on a possibly low CPU intensive device.

      It's not so much about encryption solution (that could be worked out anyway) as it is about access control.

      The main question is actually how are update going to be disseminated and validated chronologically... beyond that it's already an improvement on the current situation.

      And then when people start posting unlicensed songs and movies to their pages you'll have the MPAA and RIAA trying to sue the crap out of everyone ever connected to it and then they'll start caching as a Diaspora node ... and wait for legal action to get a potential file sharer's key by court order ...

      FreeNet integration?
      Popular files get spread more...

      I don't know, my imagination just takes off sometimes but it's not like your proposed method is a silver bullet for Social Networking ...

      Nothing is, just much better socially than what we currently have, let's talk about its weaknesses and improve on them :-)

      there's gotta be a lot of storage donated from people getting absolutely nothing in return from using that storage.

      Oh, like everyone's hard drive is not on average 70% empty or such?

      My gigs of pictures need to be hosted by dogooders who have no access to them when I'm offline and my friends want to see them. I just don't see that sort of mentality happening.

      The concept of being offline is not really trendy these days and is going away very rapidly in any case, you should really think about running a small home server like Eben Moglen suggested in that case to solve the issue.

      People seed on bittorrent because they can use the files that they're seeding but they're not going to be able to use my encrypted files that people might want when I'm offline nor will I be able with a netbook to help them out with hosting their files.

      Some people also don't upload on Bittorrent cause they are selfish fools. If we want this to work, just like FOSS, we need to have enough people willing to share bandwidth for the model to work.

      And it seems like P2P and FOSS has proven to work up till now quiet well in that respect despite the morons... And in a social case you'd be dealing with your friends who are much more willing to share with/for you.

  10. Stop spreading disinformation by Aqualung812 · · Score: 5, Informative

    If you use it as a debit card--snip--you are fully on-the-hook when it comes to losses - if they steal $2000 from your account, you have lost $2000 - there is no disputing charges or limited liability like with a credit card.

    I worked at a financial institution, this is completely incorrect. Your liability is limited by law to $50, and most small banks and credit unions just limit it to -0-. Just make sure you have email alerts on so you know your card is being abused & call your bank & police if so.

    http://usa.visa.com/personal/security/visa_security_program/zero_liability.html

    http://www.fdic.gov/regulations/laws/rules/6500-1350.html

    --
    Grammer Nazis - I mod you "troll" unless you actually add something on-topic. Yes, I know I have mispellings in my sig.