Thursday, July 08, 2004

Streeetchhhhh Okay, I know this is a bit of a stretch, but I do want to point another thing out about privacy. Basically, we complain about our privacy every time something (usually tech) or somebody makes it easier to collect and distribute information about us. Most recently, I have been reading a bit about RFID and privacy. So the technology is evil because our privacy is at risk. On the other hand, many times the same people also support things like "full disclosure" of information when it is available. But they ignore the value provided (to the bad guys) when it is used to collect and distribute this information. The basic response here is "they would have gotten the information some other way anyway." I guess my basic complaint is that they worry about how easy technology makes some things in the case of privacy, and yet in the case of some other information (how to build a nuclear bomb) they completely discount the value associated with collection and distribution. Of course, there are many better examples in history that demonstrate the value proposition associated with the person willing to go through the effort of collection. It's late. I will need to think about this a bit more... 12:21:54 AM    comment [] Privacy Information I know there are lots of definitions of privacy-related information out there (PII and PHI are two big ones) but I would like to provide a quick taxonomy (mostly for my own purposes). I think of three different types of information that affect privacy: 1) Identity information (who I am) - general information about who a person is as well as demographic information (address, phone number, etc.). This type of information is necessary to disclose in various ways and can be used for activities like identity fraud. 2) Identifying characteristics (more about me) - information that provides insight into the person that is generally unknown. Included here is fnancial information, health information, and other sensitive information. 3) Identifying activities (what I do) - actions that provide insight into the person. For example, the clubs someone frequents, online activities, etc.  Humans leak this personal information all the time. From a biometrics perspective, we do it without knowing it (check out CSI for details). In our personal activities, we provide insight into who we are. Everything around us - our garbage, the color of our house, the music coming out the window - all tell something about who we are.   12:12:14 AM    comment []

© Copyright 2004 Pete Lindstrom. Last update: 7/23/2004; 3:55:40 PM. This theme is based on the SoundWaves (blue) Manila theme.

Drawn and Quartered

Goodbye FUD, hello RAL

Streeetchhhhh

Privacy Information

Microsoft's actions speak louder than words

Extremists Using Web to Spread Terror

Security vendors preach convergence

Radio USB

Shall We Dance?

Preventive Measures

Start-up takes a crack at blocking hackers

Securing XML

Security tool more harmful than helpful?

Firms Dig for Rivals' Software Flaws

Security product flaws attract attackers

T-Mobile Woes

Security Appliance Form Factors

Howard Stern's Website

Private Information Stolen from Providence, Utah, Office Computers

Credit agency reports security breach

If a tree falls in the woods

Matchstick Men

A Method for Protecting against E-voting Fraud

Guess What I am not Buying?

Thanks for Ruining my Sunday

Don't Rain on my Parade

Urban Legends in Security: Vulnerability to Exploit Period

Surviving the Insider Threat

Slammed by the Wall Street Journal

Email Notice: Politeness Earns Points

Plaxo, Orkut, LinkedIn and Email Invitations in General