How paranoid are you?
I used to count on anonymity by obscurity to protect my privacy. I figured I was too boring for anyone to make the effort to track everything I do and profile me. In the less than 10 years since I last said that, it turns out that I am valuable and it is not too difficult to track and correlate every last thing I do.
Know that shopper’s card you use at the grocery or drug store? By watching your purchases, they know how many cats and kids you have, whether you live a healthy lifestyle, and possibly even specific ailments or habits. Meanwhile, your credit card company knows the health of your finances and when you’re away from home as well as how often you eat at McAlister’s and whether your hobbies are gardening or fishing. Your cell phone carrier knows within a few feet where you are as well as having a record of all your calls and copies of your contacts list, txt messages, and photos. Even your belt or shirt (and if Homeland Security gets its wish, your drivers’ license) could be blabbing your position every time you walk in or out of a store through the RFID “inventory control” chip embedded in it.
Modern voluminous databases and large amounts of computing power allow companies to gather all the information they collect and infer the pieces that apply to a single person. They can identify you even if traces don’t share identical identifying information. And then they look for a way to make money off your dossier.
You think it’s great for the grocery to send you a coupon for one oat cereal because you’ve bought another one. The competing manufacturer pays them without knowing who you are. But what if the grocery decided to sell your cigarette purchases to your insurance company?
It should be even scarier online. You’re already plugged into the biggest computer in the world and you are instantly moving from place-to-place. One moment you may be talking to your broker, the next buying a shirt with PayPal, and after that jumping among friends at MySpace.
Who can follow you at the speed of a click? How do they know who you are? Weren’t all those financial transactions protected with https?
Every webmaster knows at least what your personal IP address is, what type of browser you’re using, and where you came from if you clicked a link to get there. If you’ve got cookies on the computer (and you can hardly surf the web without collecting them), they know a lot more about you. By looking your identifiable cookie up in their database, they know everything you’ve told them including possibly your name and address, credit card numbers, and every thing you’ve looked at on their site.
It’s good that the outdoors store reminds you to buy a scarf, saves you having to look up your wife’s shirt size, and doesn’t make you retype your shipping address, right? But what if they give you a list of targets because you just bought a bow and arrow somewhere else? How did they know that?
When a site has an ad on its page, that probably is put there by another company which now has permission to add their own cookie to your gut. Go somewhere else and the same ad server reads its cookie and may have a lot of inferred or specific information from your previous stops. Don’t bother trying to parse their EULA and Privacy Statements – most of them allow free exchange with “affiliated partners.” And they are also permitted to change them on a moment’s non-notice.
A few months ago (http://pc3.org/smfpc3/index.php/topic,121.0.html) I challenged you to search on a random topic, but warned you not to be signed into your Google account while you did it. Remember that IP address I said all websites can connect to you? The search engines know it too and intentionally save all your searches by your IP address. Their stated purpose is to improve their search algorithms, but there’s a lot of information there. And that information could be available to Google’s subsidiary Doubleclick. Doubleclick is a major provider of targeted display advertising on the net and was one of the early users of the idea to track you with their cookies as you surf to various sites. If you have any account with Google, you are known across all their other subsidiaries from Checkout to Finance to Health to YouTube; it’s all in the same database.
Google is just the goliath for this example; I’m sure everyone else tries to leverage the same technology. AOL knew your identity wherever you went long before Google. Yahoo and Microsoft encourage a single login for all their services. As the old sayings go: you live in a fishbowl; be wary, very wary.
References:
http://www.sciam.com/article.cfm?id=privacy-in-an-age
http://www.sciam.com/article.cfm?id=do-social-networks-bring
http://www.google.com/intl/en/options/
http://www.sec.gov/Archives/edgar/data/1288776/000119312507044494/dex2101.htm http://www.doubleclick.com/
http://www.torproject.org/
(c) 2008 Bill Barnes
Disclaimer - Home Page - Blogs Home
Thursday, November 6, 2008
Tuesday, February 5, 2008
Logic and policy - part 2
"The US does not torture."
"Torture is an action that can cause serious injury or death to a prisoner."
If a bad guy believes the stated policies above, then he knows he'll be able to walk away from whatever his American interrogators toss at him. Just put up with a little discomfort and it will all be over with no appendages missing. Simple logic removes the incentive for the adversary to speak.
So, is (waterboarding) torture?
It doesn't matter. Any actions that may appear to be torture won't work, so why bother? The best we can do is lock a suspect up and stop by every couple days to ask "wouldn't you like to go see your family now?"
Near torture by Americans shouldn't be an issue because there's no logical reason to use it.
"Torture is an action that can cause serious injury or death to a prisoner."
If a bad guy believes the stated policies above, then he knows he'll be able to walk away from whatever his American interrogators toss at him. Just put up with a little discomfort and it will all be over with no appendages missing. Simple logic removes the incentive for the adversary to speak.
So, is (waterboarding) torture?
It doesn't matter. Any actions that may appear to be torture won't work, so why bother? The best we can do is lock a suspect up and stop by every couple days to ask "wouldn't you like to go see your family now?"
Near torture by Americans shouldn't be an issue because there's no logical reason to use it.
Thursday, January 17, 2008
Logic and policy.
Our town has a rule that a billboard can't change more than once a day - except for time and temperature. Unfortunately, the billboard companies claim the town doesn't have jurisdiction over state roads; which is just about all the roads that have businesses on them. So; first the "rotating triangle" billboards, and now, partial- or full-video boards are starting to proliferate.
I'm waiting for someone to hold the billboard companies liable for an accident because the driver was distracted by the motion. Their defense will be "our boards aren't a distraction." But I argue that any motion has to be categorized by the driver to decide whether it requires action and thus is a distraction.
Maybe we could compromise that a certain level of motion is not a distraction. Perhaps if the image changes no more than once during the time it typically takes a driver to pass.
But the companies are selling impressions - a car driving by while your ad is displayed. If you say they can only display an average of one ad while a car drives by, then that cuts their impressions by 50% - 75%. And if they are telling their customers that a certain number of people will see their ad, they are selling the fact of driver distraction. Or are they guaranteeing their customers a certain number of babies in their car seats?
The bottom line is: If the billboards aren’t a distraction, they aren’t doing their job. So anyone who has an accident in the presence of a billboard should be able to place some liability on the companies.
(c) 2008 Bill Barnes ... More like this: http://numbersforeveryone.blogspot.com/Tuesday, January 15, 2008
We don't . . . any more
This is a starting point. Feel free to add your comments (they will be moderated). Credit will be given for originality -- skip the obvious (such as the first few).
We don't walk any more.
We drive to the mailbox. We take the elevator to the second floor (if the stairs are even available).
We don't talk any more.
We TXT, we IM, we email, we trade voicemails, we might even "chat" -- but that doesn't mean "talk".
We don't use words any more.
See previous listing. And I'm not necessarily just referring to technical jargon or government acronym-speak, either. To me, most personalized license plates are gibberish and it takes me longer to read an SMS than a page of Dostoyevsky.
We don't type any more.
I used to be a fair typist. I could hit 70 WPM on transcription with keyboard-entered formatting codes. Now I spend most of my time with my right hand on a mouse and my finger on the Ctrl key to copy and paste. I tell my ergonomist that I can't use a "natural" keyboard because I so often work one-handed that I have to stretch my left hand from the shift to a far-right letter. (Don't tell me to get a 15-button mouse. I use too many computers to install customized drivers and then learn a set of non-mnemonic commands. At least MSWord [pre-07] carries most of its customization in a single file.)
Even when I'm coding, which is straight typing without too much thinking, there are too many odd characters for me to get up any real speed.
. . . More to come.
(c) 2008 Bill Barnes ... More like this: http://numbersforeveryone.blogspot.com/
We don't walk any more.
We drive to the mailbox. We take the elevator to the second floor (if the stairs are even available).
We don't talk any more.
We TXT, we IM, we email, we trade voicemails, we might even "chat" -- but that doesn't mean "talk".
We don't use words any more.
See previous listing. And I'm not necessarily just referring to technical jargon or government acronym-speak, either. To me, most personalized license plates are gibberish and it takes me longer to read an SMS than a page of Dostoyevsky.
We don't type any more.
I used to be a fair typist. I could hit 70 WPM on transcription with keyboard-entered formatting codes. Now I spend most of my time with my right hand on a mouse and my finger on the Ctrl key to copy and paste. I tell my ergonomist that I can't use a "natural" keyboard because I so often work one-handed that I have to stretch my left hand from the shift to a far-right letter. (Don't tell me to get a 15-button mouse. I use too many computers to install customized drivers and then learn a set of non-mnemonic commands. At least MSWord [pre-07] carries most of its customization in a single file.)
Even when I'm coding, which is straight typing without too much thinking, there are too many odd characters for me to get up any real speed.
. . . More to come.
(c) 2008 Bill Barnes ... More like this: http://numbersforeveryone.blogspot.com/
Subscribe to:
Posts (Atom)