The Intimate Social Graph 21
jamie tips an article by Slashdot vet Keith Dawson about the uncertain state of privacy protection for one-to-one online communications through social sites and services. Quoting:
"The privacy of these communications is protected mainly under a law — ECPA, the Electronic Communications Privacy Act — dating from 1986 and crafted for then-existing email (think Compuserve and Prodigy) and emerging cellular networks. This law is an increasingly poor fit for modern and emerging communication modalities. Email stored on servers is treated differently depending on whether or not the user has read a particular message; and messages older than 6 months in storage enjoy different protection than newer messages. In attempting to apply the ECPA to social networking media, courts have interpreted users' privacy rights in a variety of ways. ... One shortcoming of the ECPA is that it does not require email, search engine, cloud computing or social networking sites to report how many requests for private data they get from authorities. Whatever the number, it almost certainly dwarfs the number of real-time online intercepts (wiretap, pen register, and trap and trace orders), for which statistics must be kept."
GPG FTW (Score:2, Informative)
GPG is ported to about everything in creation. If you care about email privacy, use it. It makes whatever the law says some company must do irrelevant, and guards against "accidental" leaks by those companies.
Nearly every ISP provides you with POP or other mail. Run your own mail client: most have built in support for GPG so it's transparent to you once you have made your keys.
Depending on some "benevolent entity" to protect you is unwise.
Re:GPG FTW (Score:5, Interesting)
Of course, getting your recipients to accept and send encrypted mails is a different matter.
I have GPG configured and sent the grand total of 3 emails using it. Nobody else I know (in an entire CS course, both teachers and colleagues) has a public key I can use. Even if they understand the concept (I've explained it some times) they simply don't care.
Re: (Score:1)
Just refuse to send sensitive data over plain e-mail. Recipient, if they need the data, can then offer alternatives, or ask for suggestions from you.
I'm way past the point to go out of my way to convince people to use correct solutions if they do not want to. I value my free time much more than 10 years ago.
It could be made easy, with cooperation (Score:2)
If operating systems (including the desktop environments) treated keys and certificates as interesting standardized objects complete with consistent/appropriate icons, it would help people feel familiar with and in control of privacy measures like PGP.
It would help further if the FOSS world and other techies had their druthers and started an initiative to identify/brand communications software as adhering to a certain standard that is both consumer-friendly and devoid of any backdoors. If the software carri
Re: (Score:2)
Interestingly, the ZPhone website now has this:
Submitted to IETF as a proposal for a public standard, and source code is published
So maybe ZPhone itself would serve as a kind of assurance of privacy/trust.
Re: (Score:1)
Re:Ahahahahahaha that's funny! (Score:5, Funny)
Re: (Score:2, Insightful)
kdawson is a "vet"? (Score:2)
Does this mean he no longer works at Slashdot?
Re: (Score:2)
From your lips to CmdrTaco's ears.
Intimate Social Graph WTF? (Score:2)
Re: (Score:1)
Anything with "social (network|graph)", "web 2.0", "html5" "i(phone|pad)" in the title will get more pagehits on /., don't you know that?