Taking Back Control of Your Data, With Fine Grained, Explicit Permissions 55
BrokenHalo writes with a story at New Scientist outlining one approach to reclaiming your online privacy: a software gatekeeper (described in detail in a paper from last year) from two MIT developers. "Developers Sandy Pentland and Yves-Alexandre de Montjoye claim OpenPDS (PDF) disrupts what NSA whistleblower Edward Snowden called the 'architecture of oppression,' by letting users see and control any third-party requests for their information – whether that's from the NSA or Google. Among other things, the Personal Data Store includes a mechanism for fine-grained management of permissions for sharing of data. Personally, I'm not convinced that what the NSA demands outright to be shared is as relevant as what they surreptitiously take without asking."
I see a problem... (Score:4, Interesting)
Needs to be an appliance.. (Score:3, Interesting)
I already monitor all the traffic into and out of my network - there's lots you have no idea about.
Has to be an appliance.. but that's cheap. Making it easy to understand might open quite a few people's eyes...
Re:Needs to be an appliance.. (Score:4, Interesting)
That spare core seems. .
Re:More useful (Score:4, Interesting)
not really they don't care about bad or missing data. the piles of data are to large.
Seriously my credit report lists a name of a relation that hasn't existed in 18+ years. And when it did exist it lasted less than 6 months.( a very short marriage of a relation,not mine). But nobody cares about accurate useful data, only if they have it or not.
Take Amazon. they have a record of every purchase I have made over a similar time span. yet they only ever show me adds for things i already have. amazon won't show me something new. What good is showing me stuff that I already own/watched?
I figure just let them keep on collecting it. sooner or later they will have so much useless old data clogging their systems that it will hide you better than trying to delete and police everything.
Re:More useful (Score:3, Interesting)
Even better a botnet that does this - dictionary of names, generate pseudo-biographic info, but distributing across devices you own, device signatures similar to what you own, spoofing MAC addresses etc. Enough noise to reduce their quality & quantity of matches, but not to the point where positives csn stand out..
Now how to wreck matching against LexisNexis matches w/o wrecking Lexis-Nexis per se...
Potential problem (Score:5, Interesting)
Instead of a gatekeeper, I'd rather have a layer of software that automatically lies about myself (such as always giving my name as "John Doe" or my GPS location as being somewhere in the open desert near Timbuktu or something), so that not only the data hoarders don't get my personal information, but their data pool gets polluted. Bad data is much more of a problem to them than no data at all.
I've been doing that for some years.
In early September, my bank implemented a new type of authentication process. Before I could log in, it asked me a series of questions culled from the public records of my name - it said as much when it started.
The questions were multiple choice, five answers, and went like this:
In what town is 35 Granite Ave located?
. Greenville
. Lexington
. Berwick
. Nashua
. Holliston
Needless to say, I've never been to 35 Granite Ave (that I can remember), never lived there, and don't have the first clue what they were on about. My "polluted public records" came back to bite me.
The bank representative couldn't help because they don't make the web page, the web page techs can't help because they outsource to a service, &c &c. It took extreme measures from one very helpful bank rep to allow me to log in, on a system which had been giving me no problems for many yeas. I'd be screwed if it were the cable, ISP, or phone company.
I'm still in favour of polluting records. If the person asking doesn't have any business knowing whatever it is they're asking, I will lie.
It looks like I'll have to start keeping track of the lies.