Saturday, November 22, 2008

Data Mining Moves from Big Brother to Baby Brother


In the past we only had reason to fear Big Brother tools from intrusive government spy agencies and monster telco's that invade your privacy by digging into your past and eavesdropping on your digital lifestream with hugely expensive tools and massive databases.

Now we all have reason to fear what might be called "Baby Brother" as more powerful tools are becoming available for free to any script kiddy hacker or truly junior bad guys and mischief makers. New open source snooping software is now available to anyone to easily mine your data and invade your personal, financial and medical privacy.

A Forbes Magazine article published Friday titled, "When Everyone Can Mine Your Data" profiles a former hacker, who is a South African electronic engineer by trade. Roelof Temmingh has created a company around new open source software he developed named "Maltego". He's built a $430 software tool which mines all publicly available databases for data on anyone.

Temmingh has begun selling his snoop software to government agencies for a 10% discount. Clearly he is going the route nobody needs to go with governments, which, rather than use a watered down open source version for free will choose the Gold Plated version that could easily cost a hundred times more.

The point here is that data mining software is becoming available as open source, meaning bad guys will bolt on suddenly available free open source plug-in tools for identity theft and Private Investigators will bolt on the open source PI plug-ins and governments will build their own versions based on the code base that anyone can use and keep those to themselves for whatever invasive purpose they can come up with.

Data mining is definitely here for the masses - but mostly for masses of troublemakers and bad guys.

Labels: , , , , , , , , , , , ,


Save To Del.icio.us    Digg! Digg This!
posted by RealitySEO at 7:11 AM 0 comments

Sunday, July 20, 2008

Private Eye Says Privacy is Dead


This C-Net news article focuses on how simple it is - through social networks, cell phone tracking, security cameras, credit card records, etc. - to learn almost anything about someone being researched or investigated.

I'm actually quite surprised how few TV cop shows or movies about crime solving detectives go into using the web, even though they do quite often show bad guys using technology to hack into places they don't belong and either make their criminal activity easier or to research or commit actual crimes. I always cheer the good guys in their use of the web to solve crimes and stop criminal activity because I'm a technology enthusiast and love that it can be used for good.

Maybe there are just so many times you can show someone tapping away at keyboards and staring at slick user interfaces before television or movie viewers tire of the scene or those inevitably geeky characters doing the typing.

But the point here is not that good-guy/ bad-guy drama of crime-fighting - but how easy it is to access data once it is digitally stored and/or distributed. The ease of access issue is the concern.

We've repeatedly heard the line from data miners and law enforcement that goes something like, "If you have nothing to hide, you have nothing to fear." That is a truism that can't be denied.

The problem for all of us comes when erroneous data or erroneous conclusions are drawn from innocent or incorrect data. The problem comes when that ease of access to data lets bad guys use technology and the web to commit a multitude of crimes.

The problem comes when data is treated with less care than it deserves by those entrusted with it and is either stolen, lost, hacked or otherwise abused due to neglect or bad policy. The problem comes when the public fails to understand how widely distributed their private data can become when posted to the web or sent digitally to anyone, anywhere.

Labels: , , , , ,


Save To Del.icio.us    Digg! Digg This!
posted by RealitySEO at 10:27 AM 0 comments

Friday, July 18, 2008

Privacy Capitulation: Where Do We Go From Here?


The idea that we have any privacy left is becoming sort of a naive and quaint concept. Nearly all services we use routinely can be monitored in real-time or mined from data stored in a multitude of digital storage farms - making digital record of all traffic and content. Phone service has moved to IP telephony, whether that is through Skype, business, home cable or call routers at the phone companies.

Corporate networks monitor employee activity through their computers and phone calls. Your internet service provider knows every web site you visit, every email you send/receive and every file you download and sells all of that data to marketers (in aggregate we are assured - so not just yours - everyone at once) to as many sources as they can find to pay for it. Your bank and/or credit card companies know all details of every electronic transaction immediately.

So that laundry list of potential breaches, security holes, hacks and thefts by both internal and external bad guys grows longer each day.

Recently I've been tempted to sign up for a half-dozen free web services, and due to my very unusual habit of actually reading those long "terms of service" pages presented during sign-up for web-based services or those software "End User License Agreement" (EULA) - which most of us click right past during download or installation to our machines - I stumble across one very common and unacceptable line.

... you automatically grant (or warrant that the owner of such rights has expressly granted) us an irrevocable, royalty-free, transferable and worldwide non-exclusive right and license to use, copy, modify, adapt, publish, translate, create derivative works from and sell and distribute such materials or incorporate such materials into any form, medium or technology without compensation to you. In addition, you warrant that all so-called moral rights in those materials have been waived. None of the materials shall be subject to any obligation ...

Now the above line, along with many variations on the theme, means you are giving up your right to any content you contribute using that web service or software if it comes under the provisions of the contract - yes I said contract, which you are signing by clicking "Agree" during signup or installation of any software carrying that language.

So I've signed up for a couple, realizing that anything I post, record or upload can be recorded, stored and sold. I resolve not to put anything there that I'm not willing to lose or lose money on by selling myself. But my point here is that most users fail, not only to read, but to care about the loss of privacy or content or money due to that ridiculous provision that has become standard for most web services and many EULA's signed by millions of users.

So if nobody knows they are signing away their privacy and sometimes their profits - and even fewer care when they do know - where do we go from here? I don't have an answer and don't expect others to either. It seems we've traded privacy for convenience and in most cases, are willing to make that trade-off in order to use free or ad-supported services or software.

I've given up hope that people will begin to care about privacy until they experience identity theft or get fired from their job or lose their potential profit from great ideas because they traded away their privacy and content rights for that convenience. It's just plain sad.

Scott McNealy of Sun Microsystems said it in January of 1999 - "You have no privacy - Get over it!"

Labels: , , , , , , , , , ,


Save To Del.icio.us    Digg! Digg This!
posted by RealitySEO at 10:03 AM 0 comments

Sunday, September 23, 2007

What Will Make Privacy Important to Public & Business?


For several years now I've blogged about privacy laws, data mining, data breaches, search privacy, cookies, phishing, spyware, data theft and big brother.

What never fails to amaze me is the fact that few people care about privacy until it touches them personally through identity theft, harmed reputation, excessive spamming, loss of work or public embarrassment.

I've searched for ways to spur public discussion of the need for effective privacy laws and protections. There is the ocassional flare-up in public interest when AOL leaks the private searches of their users to the world. There are dumb moves by our government when they over-reach their authority and exceed reason as when the Department of Justice demanded 30 days of search data from the top tier search engines.

There are silly stumbles of companies when they expose users to spam by including ALL their customer database of emails in stupid slip-ups. There are major cases of careless greed when data mining companies continuously sell consumer data to criminals because they won't bother to check their own customers need for (or even the right to) private financial data. There is the proposal by the Bush Administration that we have a (poorly designed) defacto National ID required of us to travel anywhere, which becomes an even greater risk to security and privacy.

I could go on for days with this. But to get to the point of this post, I've searched for ways to engage the public in discussion of important privacy issues of the day, so far without effect.

So when I see ways that may help expose the privacy issues discussion to more people, I leap on it with gusto in the hopes that it will bring more attention to privacy laws and protections. I've discovered a tool that may help bring privacy to more bloggers and those involved in building the technologies of the web.

It's called BlogRush and works on the principle of the old banner exchange model - but this one operates with an embeddable widget. The more times you display the widget, the more "credits" you get for your posts being displayed within the widgets of other members of the BlogRush Network. The concept is extended beyond simple one-to-one numbers as those who get their widgets from you, then expose your widget to their own audience and you gain more credits for display of your post headlines across the network on all bloggers using the widget. It seems like the model will overextend itself at some point unless growth is phenomenal and sustained over time.

Nevertheless, I'm happy to try it out and see if the model works for exposing privacy concerns to the world of influential bloggers. Take the BlogRush widget you see to the right on this blog and see how it works for you to increase the visibility of your most important topic. If your topic involves the need to research privacy at all - try out our Privacy Search Engine which draws ONLY from authoritative privacy sources via the Google Custom Search Engine.

Labels: , , , , , , ,


Save To Del.icio.us    Digg! Digg This!
posted by RealitySEO at 7:01 PM 1 comments

Friday, September 14, 2007

Privacy Conference, Ottawa, Canada September 25-28, 2007


OTTAWA, Sept. 6 PRNewswire - The who's who of the privacy world will meet in Montreal this month to explore ways to better protect privacy in the face of rapidly changing technologies and heightened national security concerns.

The Office of the Privacy Commissioner of Canada is hosting the 29th International Conference of Data Protection and Privacy Commissioners in Montreal from September 25 to 28th. Among the topics to be explored are: public safety, globalization, Radio Frequency Identification, nanotechnology, children and privacy, location-based tracking, data mining and Internet crime.

Speakers include:

  • Michael Chertoff, Secretary of the US Department of Homeland Security, who will give a keynote address on privacy and public security.
  • Peter Fleischer, Google's global privacy counsel.
  • Bruce Schneier, internationally renowned privacy and security guru and best-selling author of books such as Beyond Fear: Thinking Sensibly about Security in an Uncertain World and Secrets and Lies.
  • Katherine Albrecht, widely recognized as one of the world's leading experts on consumer privacy for her work as director of CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering), an organization she founded to address retail privacy invasion.
  • Simon Davies, a pioneer of the international privacy arena and the founder and director of the watchdog group Privacy International.
The complete program and speakers list are available at: http://www.privacyconference2007.gc.ca. Media are encouraged to complete and submit an accreditation form, also available online, before the conference.

Out-of-town journalists are encouraged to reserve hotel rooms as soon as possible.

Labels: , , ,


Save To Del.icio.us    Digg! Digg This!
posted by RealitySEO at 9:47 PM 0 comments