Jackson Shaw recently wrote this comparing smoke detectors to automatic screen lock policies for desktop PCs. While I agree that both smoke detectors are a great idea, there is another fire safety mechanism that far too few people take seriously, that is a fire extinguisher. Everyone should have a fully charged fire extinguisher in their house, but not in their kitchen.
Statistically the vast majority of fires occur in the kitchen, and most of those occur on the stove top. You want you fire extinguisher to be near the kitchen, but not too close to the stove so that retrieving it won’t expose you to harmful heat or flames.
So if screen locks are the equivalent of smoke detectors, what security mechanism is the equivalent of a fire extinguisher?
Coincidentally Bruce Schneier recently wrote this in which he make the risible argument that if one hears a fire alarm while sleeping in a hotel, you should ignore it and go back to sleep because hotel fires are very rare. Quite the contrary, completely false alarms in hotels are quite rare. While many alarms are due to small localized fires (such as in a trash can), they are seldom completely false. At a minimum it’s worth investigating what situation is before deciding to simple ignore it.
Categories: Security
Tagged: Fire Safety, Security
It was great great sadness that I learned that Don Bowen was welcomed home on All Hollows Eve. I did not know Don well, but I knew him to be a man that was always friendly, with a happy enthusiasm that was a wonder to behold. To know Don was to instantly like him.
Don was open about his Faith in an industry that does not always welcome it. I always respected him for that.
Godspeed Don.
Categories: Uncategorized
Tagged: Don Bowen
Bob Blakely is getting a lot of attention lately for this post about a report the he and Ian Glazer wrote on privacy. On the one hand I completely agree with him that privacy is a social rather than a technical issue (which is why I have never been that interested in concepts like the minimal disclosure tokens and identity oracles).
But I feel the Bob and Ian give too much emphasis the how your personal information is handled after it has been disclosed rather than the issue of not asking for it to be disclosed in the first place. In other words, no one can abuse private information if they don’t have it in the first place.
Obviously some information needs to be disclosed to drive the required social interactions. But today there is too much information being asked for and I feel that is also a serious violation of privacy. Let me give you an example, following Bob’s Dr’s office example. Suppose you take your child for a check up and the pediatrician asks your child:
Has your daddy ever slept with another man?
You would be appalled at that for several reasons. First, it not remotely relevant to your child’s check up, and second it’s none if his business. Even assuming the Dr would scrupulously keep secret the answer, he shouldn’t even ask the question. I think we can all agree on that. But what if he asks your child:
Is there a gun in your house?
Now how do you feel about that? How is that any different? This is not a hypothetical question either, but a regular screening question asked today by pediatricians across the country. The American Academy of Pediatrics has instructed your pediatrician to routinely screen for household gun ownership because some irresponsible people have left loaded guns where children could get them, and they feel your privacy as a parent has no value. Further they are instructed to ask your children, not you for this information.
And that is just one of many examples where we are asked to divulge personal information beyond what is needed for the social interaction. At the point of asking the privacy is already being violated regardless of what happens to that information later.
Categories: Freedom · Gun Control · Identity · Privacy
Tagged: Data Privacy, Freedom, Privacy
This story from the Electronic Frontier Foundation highlights research that indicates that some ones true identity can often be determined with just the person’s gender, ZIP code, and birth date. According to the CMU study there is a %87 chance that your gender, ZIP code, and birth date are unique.
What is interesting about this is that this kind of data is routinely included in medical records that have been stripped of other personally identifying information (PII) to comply with HIPAA.
Categories: Healthcare · Identity · Privacy
Tagged: HIPAA, Identity, PII, Privacy
While most journalists blame the demise of traditional news media on the internet, there is another interesting side to it. Pew Research recently released it latest poll on how the public perceives media accuracy and the results are staggering. Only %18 percent of the public believes the media treats all sides fairly, only %29 believes it general gets its facts straight, and only %20 believe that the media is willing to admit mistakes.
These numbers have plummeted in the last couple of years and there is little evidence that they have bottomed out. In fact I predict that barring a change is strategy the numbers will be worse next year.
It doesn’t need to be that way. The media can recover the public’s trust, but it won’t be easy. The first step will be to fire most of the editors they currently have and bring in new blood committed to fair and objective reporting. That will never happen, of course, it’s much easier to keep blaming the internet.
How’s that working for you media?
Categories: Media · Skeptic
Tagged: Legacy Media, Media, Skeptic
September 14, 2009 · 1 Comment
This is a rather disturbing story about how police in Idaho are increasingly using forced blood sampling in drunk driving incidents. While the goals are laudable, reducing drunk driving, the violation of personal privacy should be unacceptable to our society.
Apparently the Idaho supreme court has approved of the policy, indicating that they need to go back to remedial law school and brush up on “unreasonable search”.
Categories: Freedom · Privacy
Tagged: Freedom, Privacy
My oldest son recently attended a games design summer camp (for 5-6 graders) and one of their tasks was to design a StarCraft level. As a result he become quite addicted to StarCraft as did my middle son. It’s very interesting watching your children take to a computer game that is older than they are.
So I was looking around the Blizzard site trying to find out when StarCraft 2 is going to be released, and I came across this, a one-time-password authentication token for securing your on-line game account for the various Blizzard games. It doesn’t explicitly say it, but I am guessing it’s SecureID, although there is the possibility it is an OATH based system.
I am sure that only a small percentage of gamers use it, but I was pretty impressed. Many financial sites still don’t offer OTP protection, but you can get it for your on-line gaming account.
It’s all a matter of consumer priorities, I guess.
Categories: Authentication · OTP · Security · Standards
Tagged: Authentication, Gaming, OTP, SecureID, Security
Is a slave with a wise master better off than a free man that makes bad decisions?
Thomas Friedman would say yes according to this jaw dropping editorial in which he praises the Chinese government because it is in his words “enlightened”. I kid you not. Read it for yourself. He favorably compares a despotic regime with the US democracy because they are willing to ignore the will of the people and implement unpopular decisions.
Democracies aren’t perfect. But to refer to a country like China as “enlightened” is an insult to the thousands of its citizens who have been arrested, jailed, tortured, and killed for the crime of wanting freedom.
Of course Mr. Friedman is free to say whatever he wants in this country. An irony that is sadly lost on him.
Categories: Censorship · China · Freedom
Tagged: China, Freedom, Slavery, Thomas Friedman
Here is an interesting NYT article about how Amazon won’t deal with complaints about stolen Kindles without a subpoena, even though they know the device is being used on their network.
This is a really bad move on Amazons part. If a customer actually files a police report, Amazon could reasonable assume that the device is stolen and not allow it on the network. That would be unfortunate for someone that bought it from the thief, but is consistent with how stolen property is generally treated. Changing their policy would also make Kindles less likely to be stolen because there would be less profit motive.
Allowing the stolen Kindles to continue to operate on Amazon’s network just sends the message: “We know it’s stolen and we know who has it. It’s just not our problem.”
Categories: Security
Tagged: Anti-theft, Crime, Kindle, Security
Identity Woman is talking about the chilling nature of the new everything is recorded society. She makes the good point that this Participatory Panopticon may have the effect of making people afraid to speak their mind. But she could not have picked a worse example in Van Jones.
Van Jones did not resign because of an unguarded moment between friends. There was no purloined letter. No surreptitious cell phone video. Van Jones is no Michael Phelps.
He was forced to resign because of very public statements that he made intentionally to specific audiences for specific political aspirations. Those statements are now viewed as damaging to the political aspirations of his boss so he must go.
Presenting one face to a group of constitutes while presenting a different face to others is much harder under the rules of the participatory panopticon.
That’s not a bug, it’s a feature.
Categories: Privacy · Surveillance
Tagged: Media, Particpatory Panopticon, Privacy, Surveillance
