« January 2008 | Main | March 2008 »
February 29, 2008
Are Comcast Flacks Scouring the Valley for Fresh Advocates?
Looks like the FTC might have decided Comcast's DoS attack on a Boston net neutrality hearing warrants a rematch:
"The FCC is considering holding a fresh hearing on net neutrality, with Comcast and Verizon again in attendance -- and this time it may be at Stanford. The do-over comes after a mini-scandal erupted over the first hearing, held at Harvard; Comcast flacks confessed they'd paid people off the street to act as seatwarmers. Let this be a lesson to you all: If you're going to meddle in politics, do it skillfully enough not to get caught."
Previously:
Posted by mhall at 1:37 PM | Add Comment
February 28, 2008
"Coldboot" Team Member Discovers OS X Password Vulnerability
"The vulnerability arises out of a programming error that stores the account password in the computer's memory long after it's needed, meaning it can be retrieved and used to log into the computer and impersonate the user.
"'This is a real problem and it needs to be fixed,' said Jacob Appelbaum, a San Francisco-area programmer who discovered the vulnerability and reported it to Apple. He said he disagreed with the company's response: 'They won't put it in the latest security update or release a security update just for this issue.'
...
"Unlike the security concerns reported last week, this vulnerability is specific to OS X. It's also more sweeping because it offers--at least in OS X's default configuration--full access to passwords stored in the Keychain, which can include passwords to wireless networks, Web sites, accounts accessed via SSH, network-mounted volumes, and so on."
The whole article's worth reading: The team demonstrates lots of ways for the attack to work.
(Link), via BoingBoing
Posted by mhall at 7:16 PM | Add Comment
PayPal: Avoid Safari
PayPal advises everybody to avoid Safari:
"'Apple, unfortunately, is lagging behind what they need to do, to protect their customers,' [PayPal CISO Michael] Barrett said in an interview. 'Our recommendation at this point, to our customers, is use Internet Explorer 7 or 8 when it comes out, or Firefox 2 or Firefox 3, or indeed Opera.'
"Unlike its competitors, Safari has no built-in phishing filter to warn users when they are visiting suspicious Web sites, Barrett said. Another problem is Safari's lack of support for another antiphishing technology, called Extended Validation (EV) certificates. This is a secure Web browsing technology that turns the address bar green when the browser is visiting a legitimate Web site."
The same green bar we're all, apparently, ignoring. From Dark Reading:
"'Across the globe, Windows Internet Explorer 7 has more than 100 million users seeing green,' VeriSign said in a press release about Extended Validation SSL technology earlier this month. About 5,000 sites are using the new technology, which gives users a 'green bar' in their browsers when they prepare to click on a legitimate link.
"There's just one problem, according to a report issued yesterday: About 70 percent of consumers either don't use the green bar or don't know what they're looking at.
"'Whilst approximately half of those surveyed said they would be prepared to spend up to [$1,000] online, 70 percent of shoppers don't understand the significance of the green browser bar, and 20 percent of those questioned do not understand what the golden security padlock represents,' said NetBenefit, a U.K. hosting service provider."
Posted by mhall at 4:43 PM | Add Comment
APA Paper Challenges Preconceptions About Online "Predators"
McClatchy has a summary of a recent paper published in American Psychologist, the journal of the American Psychological Association. The paper's entitled "Online 'Predators' and Their Victims," and it seems to present a view of online sexual solicitation that makes all the hysterics over social networking sites, online communications in general, seem even more ill advised.
From McClatchy's summary:
Internet predators are driving up child sex crime rates.
Finding: Sex assaults on teens fell 52 percent from 1993 to 2005, according to the Justice Department's National Crime Victimization Survey, the best measure of U.S. crime trends. "The Internet may not be as risky as a lot of other things that parents do without concern, such as driving kids to the mall and leaving them there for two hours," Wolak said.Internet predators are pedophiles.
Finding: Internet predators don't hit on the prepubescent children whom pedophiles target. They target adolescents, who have more access to computers, more privacy and more interest in sex and romance, Wolak's team determined from interviews with investigators.Internet predators represent a new dimension of child sexual abuse.
Finding: The means of communication is new, according to Wolak, but most Internet-linked offenses are essentially statutory rape: nonforcible sex crimes against minors too young to consent to sexual relationships with adults.
And Slashdot has some commentary from Bennett Haselton regarding the widely cited, seldom attributed "Each year 1 in 5 children is sexually solicited online" "statistic" we've seen on all the billboards:
"The National Center for Missing and Exploited Children has been running online ads for several years saying that 'Each year 1 in 5 children is sexually solicited online', a statistic that has been endlessly repeated, including by vendors of blocking software and by politicians who often paraphrase it to say that 1 in 5 children 'are approached by online predators'. While others have quietly documented the problems with this statistic, lawmakers still bring it out every year in a push for more online regulation (preempted this year only by the topic du jour of cyberbullying), so it's time for anti-censorship organizations to start campaigning more aggressively against the misleading '1 in 5' number. That means two things: framing the debate with more accurate numbers, and holding the parties accountable for disseminating the wrong ones -- and that means naming names, including those of organizations like the NCMEC that are normally beyond reproach."
Previously:
- Study: 15 Percent of 'Net Users Age 10-15 Report Sexual Solicitation
- Facebook and MySpace Back New York Sex Offender Law
- Facebook and MySpace Back New York Sex Offender Law
Posted by mhall at 4:33 PM | Add Comment
February 27, 2008
Web Server Security Best Practices
Charlie in the first of two on Web server security best practices:
Many companies, at least a few I've seen recently, have widely varying ideas about how to configure permissions for Web hosting users. The two basic schools of thought are: give every user their own group and a umask of 002, or require that the user maintain their own permissions, with a 022 umask.
In the first scenario, the benefit is that when collaborating, users never need to mess with permissions. Their umask will cause files to be written with group writable permissions, which is OK, because context matters. If they are writing files to a shared group resource, the parent directory will have the setgid bit set, and all files will be created with the same group id. Likewise, if they are in their own space, files will be written with the user's own group id. There are no obvious security holes here, but two issues quickly come to mind. First, this is training the user of the system to not pay attention to permissions at all. Second, certain security settings and third-party modules will not operate if files are group-writable, because the potential exists for malicious code to be introduced. If a single user's account in a group is compromised, the shared storage is as well.
The second scenario doesn't train users to ignore permissions, and allows modules like su_exec to run without hacking the source and commenting out the code that checks for group-writable files. In the end, the biggest concern regardless of the strategy to deal with collaboration among users, is that users will continue creating world-writable directories.
Many Web applications, even popular ones, tell the user to 'chmod 777' as part of the install process. That's fine, but they never tell them to fix the permissions after the installation process! Increasingly, especially in the .edu world, I've seen more and more malicious scripts actively looking for world-writable directories. A compromise of a single site on a server often leads to many sites having unauthorized content written to them.
You don't have to look far for "tutorials" on running just about any Web app that stop after "hello world" or "installation successful" or whatever. There's a singular lack of imagination in the Web hobbyist community regarding just how much damage a seemingly trivial app can do.
On the flip side, something as simple and elegant as the basic Unix permissions model is periodically just impossible for people to get.
Remember Debian ca. 2000? I do. It went around behind your back "fixing" permissions to stuff without regard to context or expectation, and it didn't bother to tell you when it did so. I was playing around with KDE at the time, and I spent two days wondering why it was I couldn't run the little PPP dialer app after it had worked when I went to bed the night before. A survey of the logs eventually told me what was up: kppp wasn't supposed to be setuid root, and none of the modem devices were supposed to be usable by mere users.
I don't even hold that against Debian, really. At the time, Linux was going through a small boom with a bunch of easy-to-use distributions and a lot of buzz. The old suspenders-and-beards people were watching a lot of newbies flock in not because of some particular affinity with Linux's heritage, but because it was one of any number of things: a replacement for some beloved other operating system (BeOS, OS/2), not Windows, cool, whatever. You could stick a CD in a computer, reboot, and just do what the pretty pictures told you to do, and suddenly you were in possession of a machine that could do anything.
Up through the late '90s, Red Hat was terrible for tossing in the kitchen sink along with whatever services one might want with a functional Unix-like server, and leaving it hanging out there. SMTP listeners, Web servers, assorted network services that had no business running on a machine in the care of someone who didn't even know the services were running, or what "network services" were. So when I'd see Debian pull something like turning a magical permissions fairy loose to make sure bad people couldn't get at my modem, well ... the alternative was the looming sense of dread we (and by "we" I mean "Linux enthusiasts") had that Linux's reputation for being more secure than The Alternative from Redmond was going to be undone by bad packaging and inexperienced, o.k., ignorant users.
But that didn't make it any more fun to contend with things like Debian's magical permissions fairy. I remember my first impulse when it made my modem unusable for the third morning in a row: I wanted to yank it out. Humility prevailed, though, and I found a little GUI wrapper that'd let me run my dialer from my unprivileged account. The magical permissions fairy quit sprinkling downer dust all over my stuff. I think a lot of novices were more inclined to visit a board where slightly less inexperienced novices would tell them how to defeat whatever security measure was making Linux less "friendly" than Windows.
The Linux world has, of course, moved on since then: The major distributors are more careful about configuring installations appropriate to the user's needs, and the user base has been herded into a life of pecking in a password for whatever sudo wrapper their distro is using whenever they want to do anything potentially dangerous, destructive or system-altering. (Same as the Mac people on that score, and, I guess, the Windows people.) It's not a perfect system, but it puts some space between the users, who just want to do whatever they need to do, and the guts of the OS, which will do harm to others if its capacity for self-regulation is tampered with.
But rather than seeing user education and better packaging overtake the problem, we've moved on to the Web as the platform of choice for punters, hobbyists and generally nice but inexperienced people, so the problem hasn't so much disappeared as it has migrated. And there's something oddly abstract to a lot of people when you try to discuss Web application security in particular.
I touched on this last summer when I wrote a column for Practically Networked on the changing nature of security threats. The mainstream news media conditioned people to think of threats in terms of deleted files, the computer "going haywire," or whatever. It was all about, for a long time, emphasizing the destructiveness of viruses and other malware. That's not what it's really about now, though:
"The overwhelming goal of malware in the wild today is not to eat files. It's to compromise computers and use them to do something the compromiser would prefer not to be caught doing himself. Like send torrents of spam directing people to sites where a) they can download malware that compromises their systems, adding to the snowball of compromised systems or b) give up personal information that can be used for identity theft or simple credit card fraud. It's to the benefit of the people compromising these systems to remain undetected for as long as possible, so the maximum amount of spam can be sent out before detection and remediation."
And don't even try to explain the way phishing sites work, or the way they rely on compromised Web apps. The value of a insecure Web site serving up an easily exploitable app is often obscured by the length of the chain of events the criminals compromising the site have set up. It may be that all they want is a tidy collection of pages coming from a domain with good search engine juice to stack Google results with the site they've got to serve up client exploits, or take credit card information. That's kind of subtle. It's definitely not "omg!1!! Michaelangelo is gonna eat all your files!11!"
Charlie does a pretty good job of outlining the basic issues in his article, though, even if it is deja vu all over again: We need better packaging from the distributors, and more user education, so people can at least know to be offended when a lazy PHP coder manages to write a beautiful, functional, professional-looking Web app, but doesn't bother to mention how to lock it down.
(Link)
Posted by mhall at 5:18 PM | Add Comment
February 26, 2008
Comcast: The Best Grassroots Support Money Can Buy
Save the Internet's blog has an entry up about strange goings on at an FCC hearing regarding net neutrality in Boston. When members of the group tried to attend the hearing, they were turned away because all the seats were taken by a group of "concerned citizens" with no particular interest in the proceedings:
"They arrived en masse some 90 minutes before the hearing began and occupied almost every available seat, upon which many promptly fell asleep (picture above).
"One told us that he was 'just getting paid to hold someone's seat.'
"He added that he had no idea what the meeting was about.
"If he was holding someone else's seat, he never gave it up.
"Many of this early crowd had mysteriously matching yellow highlighters stuck in their lapels.
"We also photographed them outside the venue being handed papers by an organizer who had been seen earlier talking with several of the Comcast people at the hearing."
Conde Naste Portfolio has more on the incident:
"Comcast spokewoman Jennifer Khoury said the company paid some people to arrive early and hold places in the queue for local Comcast employees who wanted to attend the hearing.
"Some of those placeholders, however, did more than wait in line: they filled many of the seats at the meeting, according to eyewitnesses. As a result, scores of Comcast critics and other members of the public were denied entry because the room filled up well before the beginning of the hearing.
"Khoury said the company didn't intend to block anyone from attending the hearing. 'Comcast informed our local employees about the hearing and invited them to attend,' she said. 'Some employees did attend, along with many members of the general public.'"
Ars Technica has a thorough report on the actual hearing.
Posted by mhall at 4:17 PM | Add Comment
February 25, 2008
Three Ways to Mitigate the Risk of a "Cold-Boot" Attack
Rich Mogull offers three sensible responses to the dangers posed by a cold-boot attack:
The most effective method is to power off your system completely (not sleep or hibernate mode) when it’s at risk of physical loss. This is inconvenient, but I’m going to start powering off when I’m in higher risk areas (like airport security) and can’t maintain physical control of the system.
Which brings recommendation number 2- don’t let someone steal your computer. I personally maintain physical control over my system nearly all the time when it’s out of my home (and I have a pretty good security system there). At hotels is the greatest risk, and I do tend to power off when I’m out of the room. You sales guys should start getting into the habit of not using sleep mode when you leave your computer locked in a rental car. At least until the encryption and laptop vendors come up with alternative protections.
For those of you with very sensitive information, combine file and folder encryption for sensitive files with your whole disk encryption. A few vendors offer this (feel free to brag in the comments guys). Just close those sensitive files or images before entering sleep mode, and make sure they are password protected and not linked to your normal login credentials.
(Link)
Posted by mhall at 3:54 PM | Add Comment
February 22, 2008
How Do You Explain Crypto Well Enough for People to Use It?
I wrote an introductory article on IM encryption for Instant Messaging Planet. There are a number of options, but once you narrow it down to things casual users might entertain doing, the list gets a little more slim. Especially when you think in terms of people wanting to stay on their existing network, or at least stay in the realm of the more common public networks.
I included OTR, but in the process of including it realized my powers of description for both OTR and PGP aren't as strong as I'd like them to be.
For OTR, I'm not sure that's such a huge problem because the implementation is so simple. Here's a screen from Adium that shows the generation of an OTR key:
It comes close to "just works." And I can certainly see the average "dude in the cube down the row" immediately grasping and using something presented to him as "click this button, then when I IM you, click this one and nobody can read our stuff."
PGP? It's a hassle to explain on any practical level, because there is no "just do x, then do y" that doesn't involve "Oh ... right ... pick 1024 bits ... and remember to add me to your keychain ... and ... and ..." And on the description side, it gets pretty cumbersome, too.
So there's my resolution for next week: Write a working explanation of both OTR and PGP I can put in a file somewhere. Or get Vangie to put in Webo.
(Link)
Posted by mhall at 12:23 PM | Add Comment
February 21, 2008
Encrypted Hard Drives Can Fall to RAM-Based Attack
Researchers say they can compromise encrypted hard drives by pulling encryption keys out of the RAM of laptops that have been only recently powered down:
"The attack exploits the fact that RAM chips in laptops aren't cleared of data when the laptop is turned off. Instead the the data degrades in seconds or minutes - an interval that lets an attacker cut the power to a sleeping laptop and then attach a USB key with an alternate operating system. When the computer is quickly rebooted, the rogue OS grabs all the data lingering in memory and can find encryption keys (and lots of other data) in the resulting file.
"Encryption products scramble data on a protected drive, but they need to store the keys in memory when the computers running in order to encrypt and decrypt data. Without the keys, it could take an attacker decades of intensive computing to break into a well-encrypted disk, while with the keys, it would be a matter of minutes.
"But the attack does not work on a computer that has been shut down for more than a few minutes or when a computer is hibernated or suspended. (In the latter case, all the data in memory is saved to disk, cleared and the machine is shut down)."
(Link)
Posted by mhall at 5:12 PM | Add Comment
Reputation Management: It's All About the Database
BostonNOW, which appears to aggregate copy from a number of Boston television and radio stations, is very excited about "caller ID for the Internet."
"Fifty million times a day, someone, somewhere 'Googles' a person's name. Now, technology can help you figure out who's Googling you.
"Elizabeth Yekhtikian admits she's hooked on the visitor tracking service from Ziggs.com, a site similar to Facebook.com that caters to young professionals. At least once a day she gets an email alerting her she's been checked out."
"'I can check on the site and it shows me with little maps where the searches are coming from, and from exactly which town, within which state or part of the country or the world,' said Yekhtikian. 'That's kind of cool.'"
Of course, Ms. Yekhtikian, whose Ziggs profile indicates she works for PR firm Blanc & Otus, would think that: Ziggs is a Blanc & Otus client.
So the reporter got caught by one company-supplied shill ... no big deal ... the reporter had a backup source happily using Naymz, a service pitched as an identity/reputation management tool:
"A similar site, naymz.com, helped Katie May figure out that an ex-boyfriend, with whom she didn't want to maintain contact, had been searching online for her.
"'He works for a university and all those searches were coming from that university,' said May."
Ms. May just so happens to be an "advertising account executive" with Bagby and Company, Inc.. I'm sure it's just a coincidence that both Naymz.com and Bagby are based in Chicago.
Anyhow, shill-to-real-people ratios aside, the article glosses this new "technology" providing the miraculous ability to see who's Googling for you: It's Google AdWords. Premium memberships in both Naymz and Ziggs buy paid placements that turn up either in the premium slot over organic search results, or over in the traditional right-hand "Sponsored links box." Ziggs packages it as the WebPro service, and Naymz ties it all in to something it calls RepScore, a number somewhere between one and ten, which is tied, in turn, to RepScore Points. RepScore Points are earned several ways:
- "Community verification," which is driven by other Naymz users, who score each other.
- "Profile completeness," which involves a number of point rewards for providing extra personal information (nicknames, employer, city, tags, links and photos).
- "Identity verification," which involves either buying a "Verified ID" from Trufina or signing up for a premium account at Naymz.
The points system is set up such that filling out everything required for a complete profile still puts the user well short of earning the "Perks" required for Google AdWords: That takes either buying the premium membership or paying for a Trufina background check.
What's Naymz doing with all these points-earning bits of personal information? The privacy policy offers the usual, bland "we won't sell your information to anyone" boilerplate that has nuggets like:
and"Naymz may disclose and transfer your Personal Information to a third party who acquires all or a substantial portion of Naymz' business, whether such acquisition is by way of merger, liquidation, dissolution, consolidation or sale of all or a substantial portion of our business, trade or assets."
"Naymz may disclose your Personal Information to companies and individuals it employs to perform services on its behalf that are necessary for operation of the Site and the Naymz Services, including hosting Naymz' web servers, analyzing data, processing credit card payments, and providing customer service."
"Personal Information" means "stuff with your name specifically attached to it. It's important to remember that you, specifically, do not matter to the companies that would want to buy Naymz' "assets" (e.g. its user database). What does matter is how completely what you want can be anticipated by sliding you into a demographic generalization, creating a feedback loop of your specific information being rendered into generalizations that eventually find their way back to you in the form of personalized pitches and come-ons aimed at whatever demographic pigeon-hole you occupy.
Anyhow, some of the "services" Naymz provides come from its sibling company, ListenMedia, which specializes in "social media marketing." If you've ever blogged about a bad experience with a company and had a representative pop up in the comments to drone about how sad they are that you're unhappy, outfits like ListenMedia are the reason they found your little five-pageview-a-day site. ListenMedia says it "Monitor[s] and track[s] what is being said online about your brand (blogs, social networks, forums, wikis, etc.)" and "Influence[s] the results by participating in the conversation and eliminating or properly addressing negative content."
In other words, they'll send shills to your favorite bbs, whitewash your wiki and otherwise "participate" all over your conversation.
There's something very complete about this kind of entry. I started out innocently enough wondering how, exactly, Elizabeth Yekhtikian knew who was Googling for her. Her profile led me to her company, and her company told me that the service she was so pleased with was one of her company's own accounts. Unless she disclosed her association with the companies involved and the reporter left that bit of information out, that's called "shilling." And by the time I'm done reading about the two companies providing "caller ID for the Internet," I go full circle to a company that specializes in "properly addressing" or "eliminating" negative content.
Not so different, really, from Rapleaf (see the links below), which also uses "reputation management" as a tool for aggregating personal data to make broader demographic generalizations it can, in turn, sell to other marketing people. Naymz, though, adds the neat trick of getting you to pay it to fatten its database with the information it's going to sell. Identity or reputation management is the perfect selling point because it's a little scary.
Katie May dutifully produced a story about "an ex-boyfriend, with whom she didn't want to maintain contact [...] searching online for her." It sounds sort of creepy and menacing, I guess, to the extent there's an unexpressed but implied relationship between searching for someone and initiating unwanted contact. Naymz, of course, does nothing at all about removing your information from the Web, and that anecdote is less about the actual details and more about the tone.
Why anyone would think that feeding even more personal information into yet another database that could be bought, sold, seized in bankruptcy or simply shared with a "partner" or corporate sibling would enhance their privacy or safety from stalking exes remains a mystery.
Previously:
- Rapleaf Spams You Then Asks for More Addresses to Spam
- Scare-Spammer Rapleaf Finds Kindred Spirit In New Partner
- Resolved: Feeding Your Address Book to Social Networking Sites Is Stupid and Rude
- Facebook Offers Warning Period Before Letting the Spiders In
(BostonNOW link via Pogo Was Right)
Posted by mhall at 3:03 PM | Add Comment
February 20, 2008
GoolagScan is Dork-in-a-Box
GoolagScan packages up the Google Hacking Database into a .NET app that scans hosts for documented vulnerabilities exposed through Google dorking:
"LUBBOCK, TX, February 20th -- Today CULT OF THE DEAD COW (cDc), the world's most attractive hacker group, announced the release of Goolag Scanner, a web auditing tool. Goolag Scanner enables everyone to audit his or her own web site via Google. The scanner technology is based on 'Google hacking,' a form of vulnerability research developed by Johnny I Hack Stuff. He's a lovely fellow. Go buy him a drink.
"'It's no big secret that the Web is the platform,' said cDc spokesmodel Oxblood Ruffin. 'And this platform pretty much sucks from a security perspective. Goolag Scanner provides one more tool for web site owners to patch up their online properties. We've seen some pretty scary holes through random tests with the scanner in North America, Europe, and the Middle East. If I were a government, a large corporation, or anyone with a large web site, I'd be downloading this beast and aiming it at my site yesterday. The vulnerabilities are that serious.'
Posted by mhall at 1:41 PM | Add Comment
February 19, 2008
"The Kids Don't Care" Is a Stupid Argument
Leave it to a Google lawyer to reiterate one of the dumbest "arguments" going regarding user privacy.
A column published at the NYT today considers the issue of privacy and social networking, noting the shear between our ability to control the privacy we enjoy off the 'net and our relative inability to do the same with our virtual privacy.
I'm not any better than anyone else when it comes to the occasional "dude posts something stupid on the Web somewhere, career & reputation go up in a fiery cocktail of lameness and cruel luck" story. I have to read that kind of thing the same way my wife reads People.
I kind of like People, too, I guess. At least, I like entering a dialog with the content on its cover, along with the covers of all the similar (if more tawdry) glossies on the checkout stand. It's possible to read their finger-wagging over the starlets and pop singers flaming out all over their pages as a kind of moralistic crusade against the dangers of any pleasure, or a chummy affirmation that for all the things we, the reading public, have done wrong to get us in a situation where we're waiting in the checkout line instead of paying a domestic servant to do it for us, at least we're not stumbling around Hollywood in a narcotic stupor, flashing what VH1 has decided to call "the va-jay-jay" at paparazzo.
You can also read all that coverage as a sort of class warfare, designed to warn the proles away from aspiring to the same wealth and fame as the people they're watching unravel.
Coverage about Internet-blunder wrecks that clip the wings of promising young interns at major New York brokerages share similar readings. When a local paper runs one, it's easy to read a sort of panicked consternation over the dangers of the Internet, which is just a stand-in for the panicked consternation people have been feeling about all manner of machines, technology or progress for a very long time. Then the stories fall into the hands of everyone besides the reporter, where they become an opportunity for us all to celebrate our own lack of the kind of ignorance, fecklessness and simple lameness that caused a brilliant young person's career to end in a spectacular fireball of third-hand wire service human interest rehashes and YouTube parodies.
As a kind of folklore, that mass outpouring of condemnation, schadenfreude and simple glee isn't hard to explain: Someone else got into a kind of trouble we could just as easily have gotten into ourselves if we made the mistake of being around a computer after a night on the town, so we push aside our fears by constructing a little lesson we can tell ourselves about how we'd surely never do anything so reckless as call our boss a mean name or air some dirty laundy from work. "Blaming the victim" has a certain, dubious pedagogical value.
It also gives Google, Facebook and every other entity interested in extracting as much of your information as possible a convenient device for deferring responsibility for what their users entrust to them:
"In a visit to the editorial board not long ago, a top Google lawyer made the often-heard claim that in the Internet age, people — especially young people — do not care about privacy the way they once did. It is a convenient argument for companies that make money compiling and selling personal data, but it's not true. Protests forced Facebook to modify Beacon and to ease its policies on deleting information. Push-back of this sort is becoming more common."
The thing is, there's always a catch-up period between something new coming along and people internalizing its benefits and dangers. It's way too early to know whether people don't care about privacy anymore, the same way it would be inappropriate to point to a number of people who fell victim to a heretofore undiscovered side effect of a prescription drug and sagely proclaim that people just don't care about being alive anymore.
I think the NYT columnist is wrong, though, if protests over Beacon are supposed to represent some nascent pro-privacy groundswell. People protested Beacon because it did something of immediate bad effect. Facebook retooled it and they all shut up, but they continue feeding information to the likes of Facebook, and Facebook continues to provide a lot more information than required. In other words, we haven't really seen the worst that could happen, nor have we seen an incident that demonstrates how extensive and interconnected all the information gathering is.
If, or when, it does happen, people like that Google lawyer will shrug and tell us we were all asking for it, anyhow.
(Link)
Posted by mhall at 2:00 PM | Add Comment
February 15, 2008
Quitting Facebook - Why Did It Take the NYT?
I passed on linking to an NYTimes article on how hard it is to unregister from Facebook because, well, I've already linked to people complaining about that, and I didn't feel like linking to what I suppose would be considered The Complaining of Record on the matter.
The thing is, it took an entity like the New York Times, apparently, to get Facebook to stop being so obnoxious:
"On Monday, Facebook modified its help pages to tell people that if they wanted to remove their accounts entirely, they can direct the company by e-mail to have it done. But on Tuesday, representatives of Facebook stopped short of saying the company would introduce a one-step delete account option.
"'We're always working to improve the user experience,' Katie Geminder, director for user experience and design at Facebook, said in a statement sent by e-mail.
'We are measuring the effects of the change we made yesterday, and if we think more needs to be done to improve the user experience for deleting an account, we'll test different implementations and measure them accordingly,' she added.
"The updated Facebook help page now includes the question 'How do I delete my account?' The answer: 'If you do not think you will use Facebook again and would like your account deleted, we can take care of this for you. Keep in mind that you will not be able to reactivate your account or retrieve any of the content or information you have added.'"
(link)
Mark Hachman at AppScout suggests that Facebook isn't being transparent enough, since the site help doesn't bother to mention "deletion" in its "deactivation" entry. But searching for either "deactivate my account" or "delete my account" yields both the deletion and deactivation entries. On the other hand, they reference "the form at the bottom of the page," which doesn't exist unless they mean the "Write us a message" link.
Either way, it was stupid of Facebook to wait so long to make the process anything approaching "simple," and the company's essentially grasping, clingy refusal to delete any accounts except those scoured of every single bit of personal data was obnoxious. Clearly the management would prefer to give only incremental ground on the issue until enough people are satisfied to make sure that anyone who's not looks like a bitter crank.
(Thanks to Michael B. for passing along the link.)
Posted by mhall at 7:11 PM | Add Comment
February 14, 2008
Toward a Post-Constitutional Best Practices
Colleague Chris Nerney at his blog on Datamation, regarding telco immunity:
"I would just as soon grant the telecoms immunity if we could merely see how eagerly and quickly they went along with the NSA's request. I think it's important to understand the process. That way we could develop a Best Practices for giving up our remaining freedoms."
(Link)
Previously:
- Telco Immunity Passes Senate, 31-67
- Filibuster Is On to Block Telco Immunity
- FISA Refit Emerges from Senate Committee with No Telco Immunity
- House Passes Immunity-Free Bill
- Updated: Obama & Clinton Come Down Against Telecom Immunity
- Congress Urged to Shut Up and Make With the Telco Immunity
- Telcos Scrambling for Wiretapping Immunity
Posted by mhall at 5:30 PM | Add Comment
February 13, 2008
DNS Advantage Phish Blocking: Lame?
Charlie Schluting took a look at DNS Advantage over on ENP. Like OpenDNS, which has been around for a while, DNS Advantage provides free, optimized DNS services. It also claims to provide a filter for phishing sites, but Charlie found that filter ... sub-par:
"Furthermore, DNS Advantage advertises that its DNS servers will block access to malicious sites, such as ones containing malware or phishing pages. During our testing we were unable to trigger this blocking.
"Using publicly available data from anti-phishing sites such as Spamhaus and PhishTank), we attempted to access sites that have been identified as suspicious or plainly malicious for months. We were never denied access via DNS Advantage's blocking service. Firefox, on the other hand, ended up blocking most of the sites using its blocklists. Using DNS Advantage provided no Advantage in this regard.
"The DNS Advantage FAQ concedes that the service's malicious site blocking isn't perfect:
"Q. I found a website DNS Advantage should be blocking. What should I do?
A. We do our best to stay on top of the growing list of blocked domains. However, there may be some that we don't protect against yet. We are in the process of creating a mechanism to submit these types of websites to us."During our testing, the value of 'some' was equal to 100 percent of the 150 sites we attempted to visit while using DNS Advantage for DNS queries."
Ouch. Anyone else have any experiences with it? Charlie's not claiming some definitively scientific figure for DNS Advantage's success rate, but 0 out of 150?
(link)
Posted by mhall at 5:15 PM | Add Comment
Some of Sandy's Documentation Does Privacy Warnings Right
I wrote Sandy up for Instant Messaging Planet a few days ago. Sandy is an e-mail based "personal assistant," which is to say it's a to-do list that can process lists and reminders based on e-mail messages you send it. I've got a Sandy account, and I'd like to use it more, but the jury's still out. In the mean time, while looking up the service's information on ways to get my information back out of it, I checked out the iCal subscription options. Sandy uses the same approach for that kind of thing other services do, relying on obfuscatory "secret" URLs instead of authentication. The part I like about Sandy's approach is the disclosure. It reads:
WARNING: Before you click that "Add" button!
Make sure the "Allow others to find this public calendar via Google Calendar search?" checkbox is *NOT checked! If you check that box, your I want Sandy calendar, it's contents, and private address will be added to Google Calendar's public calendar feed listings.
A second entry explains the whole obfuscated URL thing in useful detail, and offers more warnings:
Is Sandy's calendar feed public?
No, your calendar's public feed is not shown to anyone on iwantsandy.com. But it is publicly accessible by anyone who knows the your private iCalendar feed's address.
To keep your stuff safe, your feed's address is made extremely hard to guess by obscuring it with a randomly-generated key (that string of letter and numbers at the end of the address)
WARNING: Anyone with whom you share your private iCalendar feed's address will be able to see your reminders, appointments, and to-dos. If you've accidentally shared the address with someone you didn't mean to, click here to reset it ...
That's plenty more explication than I've seen elsewhere, even when other services do bother to offer a reset button.
Posted by mhall at 5:02 PM | Add Comment
February 12, 2008
Telco Immunity Passes Senate, 31-67
"The Senate voted Tuesday to shield from lawsuits telecommunications companies that helped the government eavesdrop on their customers without court permission after the Sept. 11 terrorist attacks. After nearly two months of stops and starts, the Senate rejected by a vote of 31 to 67 a move to strip away a grant of retroactive legal immunity for the companies.
"President Bush has promised to veto any new surveillance bill that does not protect the companies that helped the government in its warrantless wiretapping program, arguing that it is essential if the private sector is to give the government the help it needs.
"About 40 lawsuits have been filed against telecom companies by people alleging violations of wiretapping and privacy laws.
"The Senate also rejected two amendments that sought to water down the immunity provision."
(link)
Glenn Greenwald also notes:
"Perhaps even more repugnantly, even Dianne Feinstein's amendment merely to provide that the FISA bill they are about to pass would be the "exclusive means" for presidential eavesdropping failed by a vote of 57-41 (it fell 3 votes shy of the 60 votes needed for passage, under the agreement which requires that every amendment attract the number of votes it cannot get)."
(link)
Posted by mhall at 1:44 PM | Add Comment
February 11, 2008
Security Software Should Try Shutting Up
Adrian Kingsley-Hughes on security software:
"Over the past few years I've noticed a disturbing trend where security software is constantly clamoring for your attention – telling you that updates are needed, that updates have been installed, that your system is protected, that your system needs more protection, that your system has been scanned, that you've sent an email, that you've received an email.
"In fact, I'm amazed just how many prompts and messages a security suite can generate. The only message that I've yet to see is that the program has done its job and caught some nasty bit of code trying to get a foothold into my system.
"I'm guessing that the reason for the vocal nature of security software is that it wants to keep reminding the user that it's there so that come time to renew the subscription, the user actually pays up for another year. And now we have reputable security firms such as Lavasoft, now in talks with Ask to bundle toolbars with the application. Yeah, let's burden the user's PCs further with unwanted junk."
I think all that security software chattiness is my least favorite part of Windows computing. But where Kingsley-Hughes suggests it serves as a simple reminder, I'd suggest that the designers don't mind if you just suffer a periodic start, too. I had McAfee's AV on a Windows machine several years ago after a long spell on Linux, and there were a few times its "helpful" reminders came festooned in a red just urgent enough to suggest that something was going on right that second that I needed to know about. Obnoxious. And it cost them a customer when it came time to re-up. I was already uneasy about running a Windows machine ... I didn't need additional inducements to panic.
(link)
Posted by mhall at 6:03 PM | Add Comment
Yahoo Notes Incremental DKIM Progress
Some followup on Yahoo's use of DKIM, and food for thought on what might happen to it if that Microsoft acquisition goes through. According to this article, Yahoo has an arrangement with PayPal/eBay that causes non-DKIM-authenticated mail from those domains to bounce.
"A year from now, will you be stopping a lot of mail at the front gate because of DKIM?
"No. Stopping mail at the front gate will be limited to a small number of senders. But I do hope that a year from now, a lot of marquis brands sending e-mail from a variety of sources will be using e-mail authentication based on DomainKeys and DKIM so receivers can more clearly determine if the e-mail came from the source. Once that happens, e-mail administration becomes simpler. If a company maintains 118 different IP addresses for sending mail but they send e-mail under one domain, it's 118 times easier for me to deal with one domain than 118 IP addresses."
Posted by mhall at 3:16 PM | Add Comment
Social Networking Shocker: People Lie About Their Ages
The biggest problem with efforts to "get tough" on MySpace and other social networking sites in order to protect children from sexual predators? There's no meaningful age verification and everyone knows it:
"But even the pact's backers - MySpace's security chief included - admit it would not keep a predator like Shawn Little from underage prey.
"That's because the safety barri