Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Privacy Your Rights Online

Tech's Answer To Big Brotherism 259

StCredZero writes "Along the same lines as the earlier article about Poindexter's info being posted, C|Net has an interesting editorial by Declan McCullagh on how to protect our personal information from unauthorized snooping by the authorities, yet let them have a database for tracking down terrorists. McCullagh's solution is based on algorithms developed for Digital Cash."
This discussion has been archived. No new comments can be posted.

Tech's Answer To Big Brotherism

Comments Filter:
  • Never happen. (Score:5, Insightful)

    by wilburdg ( 178573 ) on Monday December 16, 2002 @02:30PM (#4900575)
    Your talking about an agency which tried to get a backdoor placed into Phil Zimmermann's PGP. Even if they did try to protect the information, there is not way they would do anything which would impede their ability to extract every bit on just a whim. 'Encrypting the data' would just be a PR stunt.
  • let them have? (Score:2, Insightful)

    by SirDaShadow ( 603846 )
    ...yet let them have a database for tracking down terrorists...

    let them have it? since when have we have any say on what the authorities can or can't do?
    • since when do we even have the resources to obtain an effective terrorist database?


      insert script kiddie here
      rainman
  • by wattersa ( 629338 ) <andrew@andrewwatters.com> on Monday December 16, 2002 @02:34PM (#4900593) Homepage
    The article could have been summed up in one sentence: the best way to protect yourself is to buy everything with untraceable methods like cash or money orders, and limit your recorded transactions to things like land. Oh, and don't take out any loans either, or buy anything online, or fill out a census form. In other words, all the progress of the 20th century will be reduced to us paying cash at the local general store like in the 1950s because we can't trust our government. If ordinary people can avoid the new system, how hard will it be for terrorists? Thanks a lot, Uncle Sam.
    • by Anonymous Coward
      I bet not having enough tracable transactions will also flag you as a person of interest. Best to use that credit card at least a little.

      I suspect we'll have to have barcodes tattooed on
      our foreheads before this is over....
      • by Catbeller ( 118204 ) on Monday December 16, 2002 @07:47PM (#4903279) Homepage
        No tattoos: embedded chips, probably. Something microscopic and embedded.

        First, it'll be for "pedophiles".
        Then, it'll be for The Safety of Our Children.
        Then, it'll be for anyone who goes to or leaves prison.
        Then, it'll be a requirement for employment in sensitive jobs.
        Then, it'll be a requirement, like immunizations, for joining the armed forces. And there'll be a reinstituted draft soon, if I read the sneaky 'pubs right lately. So everyone 18 and over gets chipped.
        Then, it'll become an expected part of getting a job in a corporate environment, even if you're a paint mixer at a Benjamin Moore store.
        Then, it'll become a requirement for going to a state university. Or just attending school of any sort.

        Sounds silly? Think of drug testing, and how we drop our pants on command without even questioning why we are doing it. America will swallow chipping if it's done slowly, over years.

        Ten, fifteen years from now, my objections to chipping will sound to the Americans of that time like I do to the Americans of this time when I refuse to take a drug test. A damned liberal hippy, probably a criminal.

        I hate being right.

    • by Anonymous Coward
      >If ordinary people can avoid the new system, how hard will it be for terrorists?

      Try buying air travel tickets with cash.
      • Just last week I payed cash for my one way ticket from Amman, Jordan to Baltimore. Everyone was very understanding when I explained that I had lost my wallet in a taxi and didn't have any ID. If you're just polite to people and smile, it will go a long way.
        • if i dont want to smile, that is my concern. the system should not base rights, and privacy on how you smile, if you are polite, or if you have a set of breasts.
          • Because, of course, your life would be much better if there were no humans mediating between you and the machines.

            And you know what? Any time you want to be treated like a human being, all you have to do is smile, or be polite, or (apparently) have breasts. I know you're capable of doing at least two of those things.

            Wake me up when they deploy a perfect system, that handles all eventualities without error, mistreatment, or accidental cruelty.

            In the mean time, give me people who respond to a smile any day.
            • wrong. law, and justice, and your Rights, should have nothing to do with one's disposition. You might be able to get things if you are polite, but you should not be unfairly treated if you do not. And thats the main point. The laws should not be unjust.One should not have to depend on one's pursuasive powers, charisma, etc to ensure one's rights.

              But yeah its nice when people are polite. no problem there. but i dont want to be required to suck some airport-security-officer's dick, just so i would not be harrassed about buying an airplane ticket with the true American tender, CASH.the dollar bill. the greenback... to get back to the point...

      • > Try buying air travel tickets with cash.

        Shouldn't be any trouble -- cash is money, after all. It doesn't
        make you untraceable, however, because you still have to plonk
        down ID.
      • Or just drive. Why does everyone assume all attacks concern flight on airlines?

        And everyone, please remember that the terrorists bought their tickets right out in the open. There is no way to catch a sleeper agent -- they act like everyone else.
    • by Gareman ( 618650 )
      The problem with cash and other less visible transactions is that your profile would stick out and you would be suspect.

      Terrorists understand this and would likely tend to electronically blend in. Buy your standard groceries with your supermarket card, pay for gas at regular intervals, etc., all in an attempt to create a normative profile. Save cash and other less visible transactions for the sketchy stuff (large amounts of chemicals, ammunition and firearms, etc.).

      This of course leads to the outlawing of cash and thus makes the cash-only people even more suspect. When cash is outlawed, only outlaws will use cash.

      --gary

      • by jackb_guppy ( 204733 ) on Monday December 16, 2002 @03:18PM (#4900903)
        Cash is already outlawed.

        Try to take to put more than $5000 in cash to a bank account.

        Keep $10000 is cash in a cookie jar.

        Carry *ANY* negotiable item more than $2500 across a legal boundary - state or country. Or even just have in your pocket on a street corner.

        You are a "drug runner" until you can prove otherwise. PERIOD. Your money is impounded and forfeited - unless you can quickly show receipts otherwise.

        Right now - go and by a one-way airplane ticket with cash, say SF to LA... Guess who is getting a stripe search?
        • by mindstrm ( 20013 ) on Monday December 16, 2002 @07:09PM (#4902944)
          Uhh
          You can deposit any amount into a bank account, though you may have to file a small amoutn of paperwork declaring where it came from if it's over $10,000

          You are free to keep $10,000 in a cookie jar all you want.

          You can carry any amount of negotiable item into most countries, though you have to decolare it if it's over a certain amount. In the US, it's $10,000

          Please don't spread bullshit.

        • A one-way ticket from SF to LA costs $29 on Southwest Air. Man, this "cash is illegal" thing must be getting tight!!


    • Of course, some vendors like Radio Shack, require you giving information when you purchase something. I'm so glad they're dropping that policy..

      After having my own bank tell me that my transactions were suspicious, I've gone to using cash as often as possible.
    • Cool! So I'd be protecting myself from the government and helping out small businesses and rubbing that in the face of large corperations? You sold me!
    • I believe you've missed the crux of the article. I believe that Declan was saying that the owner of a database can protect against future misuse of the database by scrambling the database itself against misuse by future owners. For instance, Slashdot scrambles the IP address of all visitors using an MD5 hash to protect against abuse of IP information. This approach is of course insecure and flawed (MD5 of an IP can be brute forced in a day), but the principle is sound. The federal government could easily implement a competent version of this principle to protect our privacy while still mining the database for terrorist threats.
  • algorith (Score:5, Funny)

    by dirvish ( 574948 ) <dirvish&foundnews,com> on Monday December 16, 2002 @02:34PM (#4900597) Homepage Journal
    McCullagh's solution is based on algorithms developed for Digital Cash.

    if (!terrorist)
    ignore ();
    else
    collect_data ();
  • Privacy is overrated (Score:4, Interesting)

    by frotty ( 586379 ) on Monday December 16, 2002 @02:35PM (#4900603)
    I only value privacy when it amounts to avoiding people pushing products, unfairly judging me, taking what's mine, and/or impersonating me.

    Other than that, knowing any amount of data about us could only be used to make generalizations about us. . . who would really have the time to come up with a fair assessment? Who's job would that be?

    It seems like it'd be less preventative and useful in the "clean up our mess" department of the guv.
    • by Hubert_Shrump ( 256081 ) <cobranetNO@SPAMgmail.com> on Monday December 16, 2002 @02:55PM (#4900665) Journal
      Detectives will tell you the reason a lot of criminals get caught is because they have this attitude. Or they think they're too smart - that no one would ever bother to Luminol the inside of their car...

      So what happens when something you've done, something you thought - becomes illegal? And what happens when they do have the time and the means? Will you just hand it to them?

      Call me paranoid, fearful, whatever - but I'd rather put up a fight.

      • > Detectives will tell you the reason a lot of criminals get
        > caught is because they have this attitude.

        I think the main reason a lot of criminals get caught committing
        crimes is because they commit crimes. Yes, they also fail to
        cover their tracks, but if your tracks are clean, there's nothing
        to cover.

        Now, I'm not saying I'm all gung-ho about giving up all pretenses
        of privacy, but the extreme privacy nuts are being silly. I don't
        particularly want any store I walk into to know my complete lifetime
        purchase history at other stores, but I sure don't have any objection
        to the government's knowing when and where I was born and how much
        money I made last year; that information is... harmless.

        As far as aggregating information various branches of the same
        goverment already had into one large database... I don't see
        why this is objectionable; if some of that information is too
        sensitive, then why did they have it in the first place? The
        objections should have been raised long ago, then. If not,
        then what's the problem? Save your protests for when something
        happens that creates a new invasion of your privacy. If you
        whine continually about stupid things ("oh, no, the government
        will know about my gun if it has to be registered!"), nobody is
        going to listen when you object to having a radio-freqency ID
        tag and GPS locator inside your body, or whatever. Pick your
        battles. Speak up when it _matters_.
        • I think the main reason a lot of criminals get caught committing
          crimes is because they commit crimes. Yes, they also fail to
          cover their tracks, but if your tracks are clean, there's nothing
          to cover.


          An act can be retroactively be declared criminal. For instance, the put-evil-hackers-away-for-life law that was passed this year declared not only that there is no statute of limitations on "hacking" as a crime, the new "crimes" are now infinitely retroactive! That is to say, if you used a Captain Crunch whistle in 1977 to get yourself a free long distance call, you can be prosecuted today as a felon with a prison term up to life.

          So don't say "you're clean if you don't commit crimes". Something you do today can be declared illegal and heinous ten years from now. It depends on the evil men are capable of... and I guess the profitablity of prisons, combined with that wonder free labor for business created by that large incarecerated population.
        • > if your tracks are clean, there's nothing to cover.

          A few counter-points:
          Profiling
          Yeah, maybe you haven't done anything wrong, but few months ago you bought a Teletubby video for your nephew, and statistics show that within your demographic, child molesters also tend to buy Teletubby videos. So the next time a kid gets molested in your neighborhood, the cops come knocking on your door looking for suspects. But hey, you're innocent, so no big deal right? As long it doesn't happen every time, and as long as you have a good alibi, and as long as some detective doesn't get it in his head that you are the guilty one and plants some evidence to make a conviction easier.

          Myth of Infallability
          Data gets corrupted, errors get made during entry, records get crossed, identities get swiped. What do you do when a computer glitch mixes your data with that of a serial killer?

          >The objections should have been raised long ago, then. If not, then what's the problem?....Speak up when it _matters_.
          Bit of a contradiction there, which illustrates why it is so important to speak up now. Otherwise the slippery slope will eat up our rights with no definite point at which to complain. GPS locator planted in your body sounds bad, right? Well, what about criminals on parole? - there are some places where they have ankle straps that do exactly that. So maybe we should do it for people who are charged but out on bail as well. And surely it would be OK for parents to do that in order to keep track of their kids. And by extension, we should do the same for mentally ill patients and other wards of the state. And speaking of such things, there is no reason why your employer shouldn't be able to require you to wear one on the job to make sure you aren't slacking off. After all, trucking companies already have something like that in place. And don't forget that they can keep track of you pretty well right now pretty well using your cell phone anyway. The point being, the government isn't going to stupidly cause a mass uprising by forcing this down our throats in one big dose, it will break it down into smaller ones that few people will get worked up about until you have an entire generation used to the fact that their entire personal life is on the government record. Heck, people will begin to feel frightened and vulnerable if they aren't constantly tracked.

    • Other than that, knowing any amount of data about us could only be used to make generalizations about us

      Or, it could be used against you when you started voicing the wrong opinions or hanging with the wrong people. Or more likely if you somehow became an annoyance to the wrong person. (The kinda guy that IN SOVIET RUSSIA would have good party connections)

      Whatever. Read some Solzhenitsyn. [homestead.com] He tells it so much better. Besides, it's a really good book.
  • by LoRider ( 16327 ) on Monday December 16, 2002 @02:36PM (#4900606) Homepage Journal
    Yeah, that's what it's for; tracking terrorists. The FBI just needs to read their own memos from their own agents to track down these terrorists. Why doesn't anyone ask that question? Do we really need to give up our privacy and freedom simply because the FBI isn't processing the information that is readily available to them?

    Aside from the memo sent out by their own agent, I can promise you there was way more information available to the FBI prior to 9/11 that should have made them take notice. Taking into account that they had the information prior to 9/11 before everyone was shitting in their pants about terrorism it's no wonder they didn't do anything.

    We are such reactionists. We got hit by terrorists, now lets shred the constitution and live under Marshall law and military rule until we stop shitting ourselves.

    I don't believe we need a Dept. of Homeland Defence or any of that shit. The FBI and CIA need to read their fucking email and act on the information they have. Or did they have the information and we told not to act on it? I wonder.
    • Or did they have the information and we told not to act on it? I wonder.

      If the FBI was "told" not to act on information regarding a terrorist attack of the magnitude of Sept 11th, then you're talking about a conspiracy involving a LOT of different branches of government.

      Really, what you're suggesting is the ultimate evil act... that the Sept 11th attacks were in fact supported (or at least ignored) by our own government in order to provide themselves with a blank check. But since that really WOULD require a world-wide secret organization, that's a little too tinfoil-hat-ish even for me.

      Call me naive, but I don't think for a moment that every single human being in the FBI, CIA, NSA, and all the other alphabet soup agencies would willingly allow 3000 innocent American citizens to die. I'm sure many employees of these agencies had friends or family that died in those attacks. No way could there be a conspiracy THAT massive. These people are US, they go to work, do their thing, and go home. They don't want to die, and they don't want other people to die if they can help it.

      Never attribute to malice that which can be explained by mere incompetence.
  • by Grip3n ( 470031 ) on Monday December 16, 2002 @02:37PM (#4900615) Homepage
    The thought that many people consider, like this article, that Big Brother was just the government watching everything you do really goes to show the author probably never read the book. Big Brother is much more than monitoring...actually the monitoring plays a very minor role.

    Big Brother's scariest tactic was the use of DoubleThink - and it's rampant today. DoubleThink meant you could see something one way, but you would willingly force yourself and thereby *believe* the opposite to be true, if the government requested it of you. In the book by George Orwell this was common regarding rations of chocolate, war with Eurasia or Eastasia, etc.

    In today's society it's Nike saying they free people to achieve their dreams while running sweatshops in Asia. It's McDonalds saying "My McDonalds" when really they're the ones dictating what I can and cannot eat. Its the Gap saying "People of the world, join hands" in their newest commercial while they're, once again, utilizing sweatshops [sunmt.org] in Asia. Its Microsoft saying "Where do you want to go today" while basically saying "This is where we're going to take you today".

    Big Brother is not just monitoring - it's an entire way a society thinks. Sure, prevent people from possibly taking over your data, but I believe that should be the least of your concerns. The first priority should be to stop people from taking over your mind.
    • Really? McDonalds dictates what you can and can't eat? How do they do that exactly? And how do they punish people who refuse to follow their demands? With guns? Riot gear? Jail time?

      You must have a cast-iron stomach and paper-thin willpower.

      (but other than that bit o silly, you've got very good points...)
    • by sabinm ( 447146 ) on Monday December 16, 2002 @03:09PM (#4900772) Homepage Journal
      Your comments are pretty interesting
      but you would willingly force yourself and thereby *believe* the opposite to be true,

      that is mostly true. however the real insidiousness of it lay in the fact that the people were not *forcing* themselves. Infact, winston was tortured becasue he was *forcing himself* to believe what the party was telling him.

      forcing oneself to believe has the implication of somewhere knowing that one is still aware that one is lying to oneself.

      the true "converts" (there can be no converts) to the party were those who could believe two things at once with no contradiction (we are at war with Eurasia, we were always at war with eurasia).

      in other words, people unconsiously thought in terms of dual or multiple realities. there was no deception on anyone's part, only acceptance of all things at once.

      scary, huh.

    • In today's society it's Nike saying they free people to achieve their dreams while running sweatshops in Asia. It's McDonalds saying "My McDonalds" when really they're the ones dictating what I can and cannot eat.

      Maybe sombedody has already had a take on this, but here goes:

      Sweatshops as you call them give jobs and money to people who would otherwise go without.

      McDonald's is successful because people like to eat there by choice.

      I don't eat there, and that's my free choice (because I don't eat that kind of food).

      "Sweat shops are slavery" and "McDonald's force us to eat there", now that's double think!

      /jeorgen

      • Sweatshops as you call them give jobs and money to people who would otherwise go without.

        See, I've always suspected that was the case. What would be unacceptable working conditions in this country could very well be hard work for an honest wage, in a country that doesn't have the luxury of a 40-hour, 5-day work week.

        On the other hand, what if the "sweatshop" in question neglects the safety of its workers? Is that just part of the toil and trouble of a developing nation? Or is that a company that refuses to spend any money on worker health if not forced to--in spite of the fact that they're saving millions of dollars by operating in the Third World? Working hard for a living wage is one thing. Being mistreated and exploited by a sweatshop because, in spite of its inhumane policies, you have to work somewhere, and suffering in a "sweatshop" may be a better way to die than lying in the gutter--that's something else entirely.

        I'm not saying Nike runs the second kind of "sweatshop", but if they were, no amount of "things are different over there" arguments can excuse the behavior.

    • ...governments terrorizing citizens in the name of the war on terrorism.
    • You mean like this Framing our country's fight against terrorism [austin360.com]? It's all about the presentation of information, not the content. We're sheep, we don't want to think.
    • that does nothing but erode Freedom.
    • Some people are quite aware of the means that justify our current lifestyle, they just don't want to change their habits.

      A few weeks ago, I was out at a large local mall doing some Buy Nothing Day shit, and there was a guy there tabling for Vietnam Veterans against War [vvaw.org].

      I stood by and observed a conversation he started with a funny little man from out of town. They started talking about the war, the man asked the veteran if he supported the bombing of Afghanistan, and the veteran said, no, while 9/11 was really tragic, bombing innocent civilians to support the American way of life wasn't something he could agree with. The man got stiff and said something like, "well, if that's what it takes to provide me and my family with the goods we need to be happy, so be it". The vet said "Even if it means the death of innocent people [americanst...rorism.com]?". The guy started to walk away, visibily disturbed, stammering out a "yes, if that's what it takes".

      Kinda blew me away.

      By the way, don't click on either of those links, or your name will end up in a database and you'll be tagged as a potential terrorist. Have a nice day.
      • If you're going to say "bombing Afghanistan makes us no better than the terrorists", then please back it up.

        Show me the civilian casualties. Show me the civilians who were targeted on purpose. Show me either the official military plans to bomb civilians, or the unofficial military plot to bomb the civilians. Show me civilians who died for any other reason than because they were hanging around military targets.

        People die in war. Not all of them signed up for it. No matter how much you may be pained by this fact, saying it aloud or writing it down always seems callous and uncaring. But it's sad because it's true.

        "We won't fight wars, because people die," is an adimirable sentiment, and one we should all agree on. Until we do, though, it's a pretty stupid principle to base foreign policy on.
    • Big Brother is not just monitoring - it's an entire way a society thinks. Sure, prevent people from possibly taking over your data, but I believe that should be the least of your concerns. The first priority should be to stop people from taking over your mind.

      If you had _really_ read _1984_, you'd know that Big Brother _wants_ you to think exactly what you are saying here. Somehow I can see you sitting in the Chestnut Tree Cafe, with that gin-tinged tear rolling down your cheek, loving Big Brother.

  • in related news ... (Score:2, Interesting)

    by Anonymous Coward
    slashdot users have made the BBC [bbc.co.uk]. =]
  • One Problem (Score:4, Insightful)

    by xyzzy-ladder ( 570782 ) on Monday December 16, 2002 @02:44PM (#4900635)
    From the article:

    "It's true that Congress could outlaw Wayner's and Brands' techniques and force all information to be stored in a surveillance-enabled way. But until that happens, we don't have to make it any easier for Poindexter and his snoops."

    I'm sure the government will make use of the techonology he describes illegal, which means using it will just make you a criminal.

    TIA is obviously not about terrorism, it's about keeping track of political opposition. I also suspect at least some of the info will be shared with campaign contributors, for commercial reasons.

    The Bush administration knows quite a bit about radical Islamicist terrorists, considering Bush's father is the one that armed, trained, and funded them.

    <tinfoil>

    If there's another election, I'm not voting against Bush.

    </tinfoil>
    • > "It's true that Congress could outlaw Wayner's and Brands' techniques and force all information to be stored in a surveillance-enabled way. But until that happens, we don't have to make it any easier for Poindexter and his snoops."

      Lone Ranger: "Damn, that's a lotta injuns we gotta make it past!"
      Tonto: "What you mean 'we', paleface?"

      Congress doesn't have to outlaw non-surveillance-enabled data storage, they just have to fund projects that require (as part of their specs) that the data be in a form amenable to insertion into the proper FedGov databases.

      Declan: "Hey, we gotta write systems that store data in a way that Big Brother can't access!"
      Programmer working for huge [Airline|Telco|ISP]: "What you mean 'we', ACLUface?"

  • Algorithms (Score:2, Insightful)

    Limited disclosure certificates solve that centralization problem. They use a clever bit of mathematics to protect the identity of honest people, but reveal the identity of people who attempt to commit fraud. As soon as you try to cheat someone, the privacy protection evaporates.
    Maybe it's just my inner mathematician screaming to get out, but is anyone else interested in what the "clever bit" really is? I'd be wary of trusting my identity to anything like this - that is, to an algorithm that I couldn't see - or would they try to make this a case of "security through obscurity"?
  • The abuses wrought by expanded monitoring, search and detention powers can and should be cataloged and exposed. The Internet is the perfect medium to do it with. I call this "Little Brother."
  • by infolib ( 618234 ) on Monday December 16, 2002 @02:59PM (#4900695)
    ...is people willing to stand up for their convictions.
    • But where have those people gone? It seems the majority of people just act like sheep nowadays. IMO, it's the consumer oriented culture we live in. We're not alive to LIVE, we're alive to CONSUME.
      • It's also the fear culture we live in. The mass media only report on the horrible things that happen in this world, like terrorism, murder, natural disasters, financial disasters, etc. This makes people more willing to suport Big Brother. To escape, we consume. Create our own private paradise where we can be safe and happy.
  • Seriously, does the government not think that terrorists are smart enough to pay with cash whenever they are doing anything that might get them caught? Or does it expect us to believe that the real reason for building the database is to catch terrorists? Either our government is retarded or it thinks we are. And I'm pretty sure I know the correct answer.
  • From the article:
    Limited disclosure certificates solve that centralization problem. They use a clever bit of mathematics to protect the identity of honest people, but reveal the identity of people who attempt to commit fraud. As soon as you try to cheat someone, the privacy protection evaporates.

    And it's the *politicians* who are deciding when someone cheats?
  • If you think... (Score:5, Informative)

    by NilObject ( 522433 ) on Monday December 16, 2002 @03:03PM (#4900719)
    If you think this is our biggest problem, you should check out: http://www.orwelltoday.com

    You'd be surprised what goes under even our meticulous radar of freedom infringement...
  • by Anonymous Coward on Monday December 16, 2002 @03:06PM (#4900743)
    Although corporate databases CAN be made to hinder or thwart gathering personal information, WHY would said corporations bother to implement this?

    Here are just three reasons it won't happen:

    1) Purposely hiding customer transactions and data may draw unwanted attention of the feds. Not officially, of course (or maybe...). But lots of "unofficial" attention by federal agents and agnecies can be a real headache. Maybe the company finds itself the target of yearly IRS audits, for instance.

    2) As explained 14,000 times a day on Slashdot, corporations don't care about us except as a source of revenue. Their declared objective is to make as much money as possible. So why go to any extra effort unless it results in higher profits?

    3) Even if a company did bother how can you, as a consumer, ever be certain it even works? Maybe it's just a PR campaign (i.e. lying) in an attempt to increase revenue (see #2 above). Without detailed insider knowledge about the methods used, there is no way to ensure that any database privacy measuses exist or work even if they do exist.

    You want some privacy, make small transactions and pay for everything in cash.
    • by Deven ( 13090 ) <deven@ties.org> on Monday December 16, 2002 @03:32PM (#4901030) Homepage
      Although corporate databases CAN be made to hinder or thwart gathering personal information, WHY would said corporations bother to implement this?

      To reduce liability and to avoid adverse publicity, in the event the database is compromised. Sensitive databases have been compromised before, and will be again. The potential damage is limited if the data is encrypted in the database. Corporations don't care about our privacy, but they certainly do care about liability and adverse publicity! (A PR campaign doesn't provide those benefits, only the illusion of them...)
  • by Anonymous Coward on Monday December 16, 2002 @03:07PM (#4900752)
    Here's something interesting ---

    I wonder what will happen in schools in a few years? When we were all kids growing up, we were taught that we were the greatest nation because we had certain freedoms, that the government had limited power over watching us etc, instead of places like soviet Russia (where the CD players listen to YOU--- woops, wrong post) that watch and control their citizens.

    What is probably going to happen is that kids in schools today will be taught (slowly as not to draw attention to it) that it is good and proper for the government to watch its citizens, that there is no such thing as a "right to privacy" etc... and kids being kids will dismiss our ideas of personal liberty, privacy, etc as old fasioned - or worse, that they see mommy or daddy using PGP or linux, or planting a tree in front of the security camera in their house, and thinking that mommy or daddy must be terrorists...

    Just my 2 cents' worth...
  • It strikes me that another agency wouldn't be able to access your data in a usable form either: the company holding it. They'd need your permission every time they wanted to compile a management report, or research sales trends, or whatever, so the cost of this sort of activity would be so high there'd be no point in them developing IT solutions for these tasks at all. This would adversely impact on corporate efficiency and profitability (also, other projects with interdependencies on these tasks would probably find it harder to justify claims for funding with the board - i.e. no jobs for us).

    Any company that implemented a solution like this for its sales data would probably be cutting it's own throat.

    Or, if they had a key to unlock the database, then the spooks could just take that too. And you're right back to where you started.
    • The general idea is that the identifiers are one-way hashed using a public algorithm, so that the same ID will be encrypted to the same value on all systems that use the method.

      Aggregation by customer ID, or into different customer segments, is no different than with unencrypted ID's, except that the ID doesn't trace back to a known person.

      Whether this method is immune to brute-force attacks is another matter.
  • by AugstWest ( 79042 ) on Monday December 16, 2002 @03:23PM (#4900958)
    The whole concept ITSELF is out of line. The TIA database isn't just for your financial transactions -- it will also be storing biometric information about you, along with facial recognition images that will be put together when you get your drivers license.

    Articles like this are giving people false hope that they will be able to circumvent the system without mentioning the whole camera/surveillance/REAL big brother part of the equation. They won't need your credit card number if they have a positive visual ID of you purchasing something that may be considered threatening.

    The fact of the matter here is that the whole TIA database idea must be scrapped, and no more federal funding should be granted. It has already sucked up well over $100million of our tax dollars.

    Please write to your representatives [house.gov] and let them know how abhorrent this whole program is. It is an unprecedented invasion of our privacy, and it should be stopped dead right now.

    Sending email to your elected officials is pretty much copying it to /dev/null. Noone reads their email, not even their interns most of the time. Either snail mail the letter or, if you're in a hurry, fax it to them.

    At any rate, LET THEM KNOW. People made enough noise to force Kissinger to resign, people made enough noise to get Trent Lott in some serious hot water, people made enough noise to stop the exploratory oil drilling off the coast of California...

    The point is clear -- make A LOT of noise to support your cause, and chances are you will be heard.
  • Why it won't work (Score:3, Insightful)

    by nuggz ( 69912 ) on Monday December 16, 2002 @03:24PM (#4900966) Homepage
    Yes one way databases could work. They can be fast, accurate, reliable and secure.
    But there are a few reasons why I don't see it happening.

    1. Linking transactions together is seen as valuable to those tracking data. The grocery store would love to know that I buy Doritos every day, and that I just moved so they should order fewer Doritos.

    2. People don't understand this technology. Since we can't read who did what, how can we really track what is going on, how can we be sure that only paying customers get service. They don't understand so they don't trust. Complicated solutions like this are new, and implementations are seen as generally troublesome. I wouldn't bet my company on it, and the current crop of mangers won't either.

    3. Not enough pressure from customers. Why go for this complicated, expensive risky new technology that is less useful to us when our customers don't even care about it.

    I think it is mostly a perception and Cost/Benefit problem.
  • by RalphTWaP ( 447267 ) on Monday December 16, 2002 @03:26PM (#4900995)
    *throwing hands into the air*

    I have to admit, it's probably me. As I understand it, the article points out that there exist designs for data-collection and data-mining that would allow non-disclosure of personal information. True, the public/business could use these designs when constructing data-collection systems.

    However, posters have rightly pointed out that mandates to "all your data belong to us" by the Gvt will probably either explicitly cover the case "you must be able to turn over all your data, don't design it otherwise", or they will implicitly cover the case "failure turn over all the data will result in a fine". Almost certainly, the second statement is easier for the voting public to accept than the first. In either case, the same result obtains: The designs utilized will be the easiest ones, the ones in use today, and those are the ones that provide simple, bi-directional links between John Doe and his pr0n/weapons/libertarian-prose purchasing behavior.

    Surely, it is in some sense more seemly to collect the minimal data required, and to store it in such a way that the system itself maintains user privacy quite aside from the database's access permissions; however, in light of the technology barriers (it's _harder_ to implement such a system, and harder during the classically shorted design phase), and the possible future legislative barriers, it seems unlikely in the extreme that these protections will make it into most systems of this kind.

    At the root, our loss of privacy protections is a societal/legal matter. Slashdot maintains firmly that piracy issues (societal/behavioral matter) can't be solved by technology (DRM), don't be so quick to embrace the thought that privacy protection could possibly be so solved.

  • Mom will understand how to use this, I guess I have nothing to worry about.

    Really, one way hashes are a good idea -- obviously the best of us probably use them every day when we log into our *nix boxes, but I can't see this becoming the standard for all identification applications -- consumers just won't get it and therefore won't choose it over less secure methods.

    Let's say Citibank begins to offer this for credit cards. Would your average consumer be able to glean from a 30 second commercial what a significant difference this would make for their privacy? I don't think so. Citibank may get a few extra customers, but not enough to cover the cost of implementing such a system. I certainly don't think they'd do it on general principle.

    Maybe it will happen. But I would be surprised.

  • by Confused ( 34234 ) on Monday December 16, 2002 @03:37PM (#4901064) Homepage
    In the past years, technocrats, maketroids and burocrats of all kinds have had their wet dreams about the global database and total information about their victims.

    In the beginning, those databases will probably work and be a menace to our privacy, but as they're fed on a constant stream of uncaring data input, random garbage, errors, the quality of the data will deteriorate quickly. Just have a look at the Times registration database (are there really that many Mr. Goatse?) or the mailing list from the wonderful Real-Media Player download page.

    Once this stage is reached, the conclusions of those databases will get discounted more and more, and transparent anonymity will be reached. People will simple learn how to feed the system on the crap it likes best. We have that already today in accounting (just keep below the radar of the IRS) and other offical reporting duties. The trend will just continue.

    In the end, any query will produce a lot of chaff while missing much important data that they won't be worth the the processing time.

    The idea that those databases can be used to combat Terrorism and crime is quite ludicrous. I'm certain Mss. Nasty and Dr. Evil will manage to have completely harmless profiles in all of those databases. At worst, it will just give those criminals with access to power an additional leverage (see current Mafia-trials in Italy).

    At the moment we're in atransitional phase, where people still believe in Big Brother, and those poor sods having their data in the wrong place will suffer most. Anybody who got associated with somebody else's credit record can attest that.

    But once enough people are made to suffer from the garbage produced by those databases, things will normalise again.

    We just need more databases, more agressive datamining, leading to more mistakes. The bigger the mistakes, the merrier. If those reports hit the evening news often enough, the systems will find their rightful destiny:

    A big garbage dump for burocraties to wank over.
  • I'll bet my shorts that *Alan M Ralsky* will have FBI's database hacked within a week.
  • by K-Man ( 4117 ) on Monday December 16, 2002 @04:45PM (#4901622)
    10. Lose your keys, Poindexter brings them back the next day.
    9. To stop brute-force attacks, first names like "John0xF8A94388xyzzytangoalpha" become common.
    8. Get a free battery after ten trips abroad.
    7. World's richest man, John Doe, sets world record for simultaneous grocery transactions.
    6. To avoid long check-in lines, precision guided smart luggage becomes popular.
    5. Free CueCat with every truckload of fertilizer.
    4. Oliver North's credit cards cancelled.
    3. Radio Shack wins contract for immigration.
    2. Missiles 30% cheaper with frequent-shopper card.
    1. Terrorist operations disrupted by flood of Penis Enlargement spam.
  • This database thats been proposed relies on certain common identifers to be able to track people. Ask anyone who has ever worked on a large database - with out a common id tracking system, you can never find anything.

    I'm guessing that there will be two different id tracking methods: Social Security Number and Alien Registration ID.

    This is why this database is not about tracking terrorists. Terrorists, you see, don't like to be tracked. They can sneak into the country off a container ship thats passing near the coast. They can sneak in via the Mexico or Canada borders.

    Terrorists don't like leaving paper trails especially if something they are planning will take an age to achieve, so they pay with everything in cash (either stolen or given to them by fine upstanding, but sympathetic citizens).

    ID theft is so easy in the US these days it's not even funny, and nobody has taken any steps to correct it. If the current administration was serious about clamping down on terrorists they would first make the current system so foolproof that ID theft was impossible - then track people.

    Take this example:

    John Q Nobody is a foreign terrorist whose goal is to attack the US Capitol Building

    He sneaks off a ship somewhere off the coast of California and meets up on shore with Peter D Alias, second generation immigrant who feels strongly about US intrests. He'd recieved a call from a mentor to meet someone on the beach, and give him a package because he had to be out of town that weekend. Peter meets him and gives him package containing a stolen SSN and papers that identify John as Jack Y American. Peter also gives him a large sum of cash and a legally registered car to use.

    John/Jack uses the money to buy several batches of chemicals in different states. After 2 weeks he meets up with Joe P Somebody, a disaffected American who one vistied the country that John/Jack comes from and hates the fact that the US bombed it into the stoneage several years ago. He's been talking with a friend from that country who sends him a parcel that another friend will pick up. He meets John/Jack and given him the parcel containing the stolen SSN and a birth certificate of a dead infant. John/Jack assumes the identity of the dead infant and is becomes William Stonewall of Minnesota.

    As John/William he now buys several more batches of chemicals in a few more states, and drives to DC. There he combines the chemicals sticks it in some plumbing supplies bought at Lowes and mortars the US Capitol building.

    He then meets up in DC with a contact from an embassy and recieves a passport made up with a valid identity. He drives to Canada and flies off to his home country.

    The OHS starts investigating, and finds that a gang of 3-4 people were involved and worked as a team to do this, little realising it was one guy and he's long since left. After several months they find that the ID's were stolen.

    All that will be left is some grainy security tape footage of some guy that was never in the system in the first place.

    Whats sad is that because ID's were stolen it was never flagged that this attack was being planned...
    • Vveerrrii cleverrr skeeem!!

      However, if you really have to go to such great lengths "just" to mortar the Capitol I think it's actually a lot less probable that somebody's gonna do it. The system works.

      The problem is that a lot of innocent civillians are also monitored, and that this will give their powerful enemies so many more ways to make their lives miserable if they happen to cross their way. This will mean that no one dares challenge the ones in power, and corruption, nepotism and neglect runs rampant.

      The system would really scare me if it wasn't run by a man of such great personal integrity as John Pointdexter
      • Look at the lengths they went to on 9/11 - Getting into the country, learning to fly 747's, checking out security at airports, dry runs, co-ordinating the simultaneous hijacking of planes. It's much easier to mortar somewhere. The IRA mortared 10 Downing Street in London in the middle of the day during the last Gulf war, using home made mortars. Later they mortared Heathrow airport. Twice. And then had to phone the police to tell them that the police had missed a third set of mortars that didn't go off.

        If someone is determined enough, they will find a way to commit acts of terrorism.

        My problem with this system is that it not addressing the problem. It will gather information on people who don't even matter, and the people that DO matter won't be flagged because the system cannot recognise them.

        The whole TIA is a way to give money to GOP friendly businesses while making the public think that Bush is hard on terrorism. The system itself is a distraction from the fact that regular people no longer have any civil rights.

        Also as far as I can make out there are no checks and balances to ensure that the system will not be abused.
  • Here are just a few passages from chapter 1. It's worth going back and reading.

    "How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live -- did live, from habit that became instinct -- in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized."

    "The Ministry of Love was the really frightening one. There were no windows in it at all. Winston had never been inside the Ministry of Love, nor within half a kilometre of it. It was a place impossible to enter except on official business, and then only by penetrating through a maze of barbed-wire entanglements, steel doors, and hidden machine-gun nests. Even the streets leading up to its outer barriers were roamed by gorilla-faced guards in black uniforms, armed with jointed truncheons."

    "The thing that he was about to do was to open a diary. This was not illegal (nothing was illegal, since there were no longer any laws), but if detected it was reasonably certain that it would be punished by death, or at least by twenty-five years in a forced-labour camp."

    "It was curious that he seemed not merely to have lost the power of expressing himself, but even to have forgotten what it was that he had originally intended to say."

    "Once when they passed in the corridor she gave him a quick sidelong glance which seemed to pierce right into him and for a moment had filled him with black terror. The idea had even crossed his mind that she might be an agent of the Thought Police. That, it was true, was very unlikely. Still, he continued to feel a peculiar uneasiness, which had fear mixed up in it as well as hostility, whenever she was anywhere near him."

    "As usual, the face of Emmanuel Goldstein, the Enemy of the People, had flashed on to the screen. There were hisses here and there among the audience. The little sandy-haired woman gave a squeak of mingled fear and disgust. Goldstein was the renegade and backslider who once, long ago (how long ago, nobody quite remembered), had been one of the leading figures of the Party, almost on a level with Big Brother himself, and then had engaged in counter-revolutionary activities, had been condemned to death, and had mysteriously escaped and disappeared. The programmes of the Two Minutes Hate varied from day to day, but there was none in which Goldstein was not the principal figure. He was the primal traitor, the earliest defiler of the Party's purity. All subsequent crimes against the Party, all treacheries, acts of sabotage, heresies, deviations, sprang directly out of his teaching. Somewhere or other he was still alive and hatching his conspiracies: perhaps somewhere beyond the sea, under the protection of his foreign paymasters, perhaps even -- so it was occasionally rumoured -- in some hiding-place in Oceania itself."

    "He was an object of hatred more constant than either Eurasia or Eastasia, since when Oceania was at war with one of these Powers it was generally at peace with the other. But what was strange was that although Goldstein was hated and despised by everybody, although every day and a thousand times a day, on platforms, on the telescreen, in newspapers, in books, his theories were refuted, smashed, ridiculed, held up to the general gaze for the pitiful rubbish that they were in spite of all this, his influence never seemed to grow less. Always there were fresh dupes waiting to be seduced by him. A day never passed when spies and saboteurs acting under his directions were not unmasked by the Thought Police. He was the commander of a vast shadowy army, an underground network of conspirators dedicated to the overthrow of the State. The Brotherhood, its name was supposed to be."

    "At those moments his secret loathing of Big Brother changed into adoration, and Big Brother seemed to tower up, an invincible, fearless protector, standing like a rock against the hordes of Asia, and Goldstein, in spite of his isolation, his helplessness, and the doubt that hung about his very existence, seemed like some sinister enchanter, capable by the mere power of his voice of wrecking the structure of civilization."
  • Reading this story I had two thoughts.

    1: why couldn't terrorists etc use these same one-way ciphering techniques to hide their plans and schemes from the FBI?

    2: regarding the smart cards etc. with fast transaction times for tollbooths, mass transit etc, here's the tangent idea: when you walk by a scanner and it charges your bank account for some purchase, how about if the card gives the scanner the bank's id in the clear, but gives your customer info in an encrypted form that only the bank can decrypt? Then once the bank validates the transaction, it could transfer the money to the vendor without saying whose account it came from.

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...