Monthly Archives: September 2009

Gender, ZIP code, and birth date

This story from the Electronic Frontier Foundation highlights research that indicates that some ones true identity can often be determined with just the person’s gender, ZIP code, and birth date. According to the CMU study there is a %87 chance that your gender, ZIP code, and birth date are unique.

What is interesting about this is that this kind of data is routinely included in medical records that have been stripped of other personally identifying information (PII) to comply with HIPAA.

How’s that working for you?

While most journalists blame the demise of traditional news media on the internet, there is another interesting side to it. Pew Research recently released it latest poll on how the public perceives media accuracy and the results are staggering. Only %18 percent of the public believes the media treats all sides fairly, only %29 believes it general gets its facts straight, and only %20 believe that the media is willing to admit mistakes.

These numbers have plummeted in the last couple of years and there is little evidence that they have bottomed out. In fact I predict that barring a change is strategy the numbers will be worse next year.

It doesn’t need to be that way. The media can recover the public’s trust, but it won’t be easy. The first step will be to fire most of the editors they currently have and bring in new blood committed to fair and objective reporting. That will never happen, of course, it’s much easier to keep blaming the internet.

How’s that working for you media?

Thin red line

This is a rather disturbing story about how police in Idaho are increasingly using forced blood sampling in drunk driving incidents. While the goals are laudable, reducing drunk driving, the violation of personal privacy should be unacceptable to our society.

Apparently the Idaho supreme court has approved of the policy, indicating that they need to go back to remedial law school and brush up on “unreasonable search”.

Orcs in space, with one time passwords

My oldest son recently attended a games design summer camp (for 5-6 graders) and one of their tasks was to design a StarCraft level. As a result he become quite addicted to StarCraft as did my middle son. It’s very interesting watching your children take to a computer game that is older than they are.

So I was looking around the Blizzard site trying to find out when StarCraft 2 is going to be released, and I came across this, a one-time-password authentication token for securing your on-line game account for the various Blizzard games. It doesn’t explicitly say it, but I am guessing it’s SecureID, although there is the possibility it is an OATH based system.

I am sure that only a small percentage of gamers use it, but I was pretty impressed. Many financial sites still don’t offer OTP protection, but you can get it for your on-line gaming account.

It’s all a matter of consumer priorities, I guess.

Mr. Friedman praises the slave owners

Is a slave with a wise master better off than a free man that makes bad decisions?

Thomas Friedman would say yes according to this jaw dropping editorial in which he praises the Chinese government because it is in his words “enlightened”. I kid you not. Read it for yourself. He favorably compares a despotic regime with the US democracy because they are willing to ignore the will of the people and implement unpopular decisions.

Democracies aren’t perfect. But to refer to a country like China as “enlightened” is an insult to the thousands of its citizens who have been arrested, jailed, tortured, and killed for the crime of wanting freedom.

Of course Mr. Friedman is free to say whatever he wants in this country. An irony that is sadly lost on him.

Not our problem

Here is an interesting NYT article about how Amazon won’t deal with complaints about stolen Kindles without a subpoena, even though they know the device is being used on their network.

This is a really bad move on Amazons part. If a customer actually files a police report, Amazon could reasonable assume that the device is stolen and not allow it on the network. That would be unfortunate for someone that bought it from the thief, but is consistent with how stolen property is generally treated. Changing their policy would also make Kindles less likely to be stolen because there would be less profit motive.

Allowing the stolen Kindles to continue to operate on Amazon’s network just sends the message: “We know it’s stolen and we know who has it. It’s just not our problem.”

Good point, bad example

Identity Woman is talking about the chilling nature of the new everything is recorded society. She makes the good point that this Participatory Panopticon may have the effect of making people afraid to speak their mind. But she could not have picked a worse example in Van Jones.

Van Jones did not resign because of an unguarded moment between friends. There was no purloined letter. No surreptitious cell phone video. Van Jones is no Michael Phelps.

He was forced to resign because of very public statements that he made intentionally to specific audiences for specific political aspirations. Those statements are now viewed as damaging to the political aspirations of his boss so he must go.

Presenting one face to a group of constitutes while presenting a different face to others is much harder under the rules of the participatory panopticon.

That’s not a bug, it’s a feature.

Cool stuff, in twenty years

Felix Gaehtgens calls Microsoft onto the carpet about what it is ever going to do with U-Prove. Kim Cameron responds here with a call for patience. Both make good points, but I fear that as interesting as U-Prove is, it is way too far ahead of the market.

There are two reasons for this; first it is patent encumbered technology. Patent encumbered technologies fair very poorly in today’s market. After a few high profile patent fights, any technology that is patent encumbered is treated like nuclear waste by most vendors. Even if Microsoft adopts fair licensing terms it becomes a “get a lawyer first” barrier to adoption. In twenty years this won’t be a problem (so long is Microsoft doesn’t file for any more patents on related aspects).

Second, it solves a problem that the market doesn’t really care about today (although they should). This is the same problem that the notion of an Identity Oracle has. You haven’t heard much about that idea recently and for good reason. There is just no money to be made with it (yet). The use cases usually trotted out for both of these are typically edge conditions, my favorite being the RU/18 one. It’s like the Hello World of Identity.

The only people who REALLY care if you are over 18 when you buy something are your parents and the government.

In today’s world there are two privacy problems, under sharing and over sharing. Under sharing is when you have to fill out the same stupid questionnaire at every new doctor’s office you visit. Now that is an issue that people care about. I know they care about it because non-computer people complain to me about it often.

Over sharing is when you have to put your home address in to register for something even though shipping isn’t required. I almost never hear anyone complain about that and those that do just put bogus addresses in anyway. Maybe in twenty years the average person will care enough about privacy to worry about over sharing. But not today.

So U-Prove will be cool stuff in twenty years. Maybe.

54 million small dead animals later

In 2006 a lack of adult supervision allowed the EU parliament to pass an ill conceived initiative called REACH. The REACH program will require retesting for toxicity every chemical in use in the EU that predates the newer testing regimes.

Now there is a report that estimates it will cost industry 9.5 billion Euros and require 54 million test animals. All to test chemicals that are already in wide-spread use.

Scientific illiteracy is quite expensive.