CFP2000 - Freedom and Privacy by Design 41
The organizers of the next Computers, Freedom and Privacy conference, to be held April 4-7, 2000, in Toronto, Canada, are issuing a Call for Participation in a workshop entitled "Freedom and Privacy by Design" - how to use technology to bring about strong protections of civil liberties against governments and businesses that would censor or snoop. I plan to attend: give me some ideas!
It's about time (Score:1)
Encryption everywhere. (Score:4)
Why, you say? I don't have any data anyone would care about? Well, you might be right, but don't use that business e-mail account for personal reasons if you care about your job. And remember that the company might be logging your web access too, checking it against company policy. Chilling, isn't it? It's practically standard procedure nowadays.
Also, if you encrypt your stuff, and you usually have nothing to hide, and others do the same, eventually it gets much harder for anyone to snoop on the internet. They'd generally want to attack people who send unencrypted streams of data... Sucks for them.
Also, some common sense: Don't leave any encryption keys lying around if you care about your identity. In the future, I'm sure this can only get worse, and not just for Sandra Bullock. And saying "encrypt everything" might sound cool, but alas there are a few places where it isn't a good idea for everything. Like slashdot, for example. I wish my user account / password was secure, that would be nice... (the lesson here: have a throw-away password for the WWW, since much of the submissions are in plaintext, or a reasonable facsimilie) But I could care less about the actual content of my posts, they definitely don't need to be encrypted as they are being posted to a public forum! Like so.
---
pb Reply or e-mail rather than vaguely moderate [152.7.41.11].
Pointing out the obvious (Score:3)
With all of the ways that your privacy can be compromised, I really can't think of any other uses for technology that would assist in protecting privacy, especially since technological advances always improve the capability for someone to invade the privacy of someone else; when there are huge companies and governments who can churn out things like spy satellites, wiretaps and shotgun microphones, technology only seems to widen the gap rather than even the playing field. Of course, maybe I'm just paranoid.
Yet somehow I doubt it.
Deosyne
Protection from Marketing Invasions (sell my soul) (Score:1)
Of course it is a double edged sword (as some entertaining ads I look forward to) - and it does support "psuto-free" entertainment. The biggest issue I have is with the ability for "customized" web sites to sell (and make loads of money) off my internet behavior. (Alladventage at lease tries to pay me for it) I really HATE all those SPAM-like messages that try to entice "get rich quick" schemes that I'm sure many people fall for.
If there was some "tool" that could filter out unwanted marketing techniques (even if it "compensated" the commecial dependant medias for the lack of advertising some how)
- I believe that that as marketing techniques become more advanced... us "privacy" finatics (what are we hiding anyway) are going to be paying alot more attention to who finds their way into our pocketbook through "targeted" marketing, and less attention to those peeping through our email or computer files.
In an ideal world, Privacy should be maintained by the privatee, not the "higher power"
What can be done with technology... (Score:3)
Not that we shouldn't still make use of technological solutions where practical, but technology isn't really going to make a dent in the real threats to privacy, i.e. the end points of the chain.
Encrypting the transmission media (for example) won't do much good if the other end of the transmission has no scruples about the distribution of the information that they receive.
Unfortunately, privacy isn't about technology, but about respect. By and large, technological solutions aren't much more than stopgap measures, and will ultimately fail, unless we address the fact that to have privacy, others need to respect that privacy (and we need to respect the privacy of others, as well).
I tend to be loathe to suggest any kind of government intervention, but in some cases, only the force of law will address the worst of the issues.
By all means, we should use all technical means at our disposal to help protect our rights to privacy, such as encryption, some kind of provable authentication that doesn't require your life history to prove your identity, etc., but without a proper social framework that provides for privacy, and meaningful penalties for those that violate it, technology will be of only limited use.
Re:It's about time (Score:2)
Face it, people still have little to know clue what Open Source is, they just now know that its there.
Re:It's about time (Score:3)
Consider the case of Harrison Bergeron (Vonnegut rules): He has an implant that prevents him from concentrating whenever he has illegal thoughts.
Now say everything you do or say is monitored. Do you really think the game stops there? Remember we're talking about humans being the monitors. Paranoia doesn't die when a particular fear is resolved. Paranoia just shifts its focus.
Sure, monitoring all phone calls will satisfy the majority of people working 40hrs a week completely detached scared to death of the world around them.
It will satisfy them about a month, if the news stations could abstain from playing the fear card (NBC and Y2K ring a bell?). Most likely that'll be a week.
Next you'll find that people are still afraid because the problem hasn't been solved and they know it. They know subconsciously that all that has happened is that they treated symptoms of fear and security agencies have made a killing.
So what next? Speculative profiling. Gateway thoughts (similar to that farce the gateway drug).
Attitude adjustment counseling.
So what's wrong with checking up on people? IT'S RUDE. It doesn't merely show a lack of class, but also it shows a lack of respect. You are a permanent suspect from the day you're born. You have no dignity. But the worst part is this:
IT IS DISRUPTIVE. Expressing an idea, producing a work, making a product, and being able to have stress-free periods to do so requires that you are not interrupted. It requires that you are not spending 90% of your time second guessing yourself wondering whether your work violates some vaguely defined votemagnet law.
It gets so ridiculous that such harrassment can be used in place of actually infringing on people other rights because it is so disruptive it hindrance in the same way as actually infringing on their rights.
"Computers should be
Time for reliable anonymous transactions .... (Score:4)
Seriously though I think there's going to be a need for anonymized access to web sites and other net resources - so we can give away our email address without getting spam, our credit card information without getting ripped off, our home address to get something shipped without getting paper spam, our IP address so we're not being tracked around the net, use our SSN without it being being passed around, use our DNA without it affecting our medical insurance rates etc etc
And it has to be done a way that's proactive from our point of view - ie we don't depend on other people that we have to business with, (like the medical insurers, or the retailers or ....) who don't put our best interest ahead of theirs, to be nice to us and respect our confidentiality - gotta start using protocols (net, commercial, social, ...) that don't give them any option
These are difficult technical and social problems.
I suspect that what it comes down to is that we're going to need some reputable 3rd parties (those datahavens) to proxy our transactions for us.
At some levels we already have these - the big companies that sell financial (credit) and medical information about us - today they don't have our interests at heart either - somehow we have to find a way to take back ownership of our data.
I know Europe has stricter privacy laws than the US - anyone want to enlighten us on how they work?
Re:What can be done with technology... (Score:1)
Fool! hehe.
I have just added several signed values that equal 10 (note signed means may include signs).
Find the values to decrypt a message that you're not to open till xmas.
"Computers should be
Australia has got Jack (Score:1)
May I also suggest some personal firewall type software, such as the late Atguard. (Now another part of Symantec)
Cheers
Crypto has to be easier to use. (Score:3)
Of course, by "sacrifice some security" I don't mean we should start using shorter keys - the cost of long keys is not very much so we might as well use them - I mean "allow some possible attacks that more secure approaches might deny", such as trying to substitute a fake public key for the intended recipient's keys. These attacks are still far more expensive and difficult than pure eavesdropping attacks, which are relatively easy to thwart.
Oh, and we shouldn't use SSH everywhere - SRP is the Right Thing for remote passwords, and again it's far more convenient for the users.
When security measures become inconvenient, people circumvent them in ways that utterly defeats any security gained - like by telling people their password over the telephone. We have to make security so convenient people don't even realise it's there, and do the best we can in the environment that has real users in it. Those who know what they're doing can of course do better, but on the other hand those who know what they're doing are vastly outnumbered by those who *think* they know what they're doing.
--
Re:Encryption everywhere. (Score:1)
Hash: SHA1
Yes, there is no pint in encryption, but since the accounts here aren't that secure (Do I need to say http), wouldn't it be a good point in signing the posts?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.9 (GNU/Linux)
Comment: Gnome PGP version 0.4
iD8DBQE4ORydHeQ6HSAJlUwRAqUTAKCn/ITqImOtsnmml4K
4+cI0f+3goMU7wznkgj1lH4=
=bwQw
-----END PGP SIGNATURE-----
Technological Solution To A Social Problem? (Score:2)
Code is hard. Programmers are expensive. The sacrifices for civil-liberties efforts are substantial and the rewards meager, especially compared to the riches of attending to the needs of corporations.
We all know "Crypto Good". Now what?
Freedom*Security = constant (Score:3)
Re:Time for reliable anonymous transactions .... (Score:4)
Germany has a federal law governing privacy, which applies to federal govermental institutions and all non-governmental institutions, including companies. There is state law governing all state governmental institutions, too, and it is usually stricter than the federal law. Privacy law came into existence in Germany as a response to a census in the Mid-70ies, where the Government asked some over-investigative questions and ran into a PR desaster. The law which came from this regulates mainly the relationship between the state as a data-collector and citizens. The relationship between companies and customers was not seen as the major problem at that time and was not as thoroughly regulated. This is changing at the moment.
The basic idea behind all privacy law in Germany is that you cannot collect any data at all without stating clearly and in advance what data you will collect and - that is the catch - without stating beforehand what you will use that data for. It is a violation of the law to use such data for other purpose than specified.
There is a federal privacy commissioner, who supervises federal institutions and (at the moment) companies and other non-governmental institutions. There are state privacy commissioners, who deal with state govermental institutions. The privacy commissioners are fairly independent and report only to the parliament. They have the ability to check about any personal data records anywhere, without stating that beforehand. Usually they do so because some citizen has complained about some irregularity and the commisioner is now investigating this. As a counterweight the commisioner cannot act directly upon his findings, but can only file a report, which will then be acted upon by other institutions, for example the Police, a prosecutor or somebody else, depending on the case. All privacy commisioners produce annual reports of their findings.
The work of the commissioners is currently changing, as responsibility for companies and other non-governmental institutions is shifted from the federal commisioners to the respecive state commissioners. Also, some of the state commissioners (the "gang of 5") are begining proactive work such as technology evaluation, best-practice definition and sample implementations. The best-practice definition is particularly interesting, because privacy law requires that you use state-of-the-art techniques for privacy protection.
There are some interesting alliances forming at the moment between the privacy commissioners and the federal ministry for commerce, as the ministry learned about the importance of trustworthy software in cryptographic applications and understood that only Open Source and peer reviewed software is able to generate this kind of trust. There are several projects coming up in Germany which involve cooperation between the privacy commissioners and the ministry, such as governmentally operated anon remailers, anonymizing web proxies, governmentally sponsored developement and distribution of the Open Source software necessary for this and other projects. These projects will fit nicely into a frame as sketched by the above CfP.
© Copyright 1999 Kristian Köhntopp
Re:Freedom*Security = constant (Score:1)
Freedom(of individual) * Freedom(of government) = K
=and=
Security(of individual) * Security(of government) = K2
Add these two to get Niven's formula.
The spooks's methods are not the only method of limiting and containing folks like that Abu dude. How 'bout some good foreign policy too? Try taming that Berlin embassy for one. ; ) I'd bet that int'l terrorism will subside as foreign policy objectives move to actual peace from East block containment. One must wait a few decades for the anger of many to subside tho'.
Why is it that we (the good folks of the West) once spied mainly on the "enemies" of the West, but now we mainly spy on friends? Did we have too much cash to spend?
The US case is where internal terrorism will likely be much more prevalent. Most of these (survivalists?) believe that their government is out to get them already--spying with systems like Echeon simply flame these fears.
In short, the West can grant more freedom to its citizens and make genuine attempts to improve the well being of foreigners. Both cut at the heart of terrorism.
cheers,
Bobzibub.
Encryption: Loop leading nowhere (Score:2)
People who lurk around sniffing out plaintext messages and attacking them are usualy bored script kiddies. They are not something to worry about, unless you annoy your younger brother whos idea of a great retaliation is to post your logfile showing your access to www.spank-me-harder.com.
Against serious attacks, be they privacy or denial of service, the average user has no defence except anonymity. To hide in the masses is a cowardly concept but it works. If noone knows you're there they wont seek you out and attack you. And before you ask, yes I am quite familiar with the 'It's not the voices of the evil but the silence of the good' reasoning and I agree with it. But on the net, if you want to stay somewhat safe, don't stick out. Just take a look at how many attacks are made on the FBI's net resources and how many on John Doe's@Xoom. Anonymity works.
This brings us to the next point. Defending privacy on the net is not only a question of cryptography. The main problem is the usage of information that is gathered. If I wish to post in alt.binaries.terrorists that's my concern, but any ISP can, without threat of legal reprimand, enter my log and punish me by declining me their services. And that's a sanctioned privacy breech.
The same goes for push marketing (see the article further down). It's the companies that log access that choose how they will use their information. And use it they do. Just check AltaVista, the ads they show are tailored based on which country suffix you're connecting from. This is a mild form of push marketing, but it's concievable that someone would store information on what you search for and correlate it against which ads you're most liable to click-trough. And once such databases are in place they become a real threat to the integrity of the average joe.
But I do not believe that the situation is as bad as people are painting it up to be. If one thinks back to the 50s and the Communist paranoia, the 60s and the 'big brother' and later atomic war paranoia and the 70s with its drug wars, none of these problems were as bad as they were made out to be. The privacy issue on the internet will most likely go the same way, it's going to be present, and potentialy dangerous, but it will be forgotten for newer fears.
Re:Encryption: Loop leading nowhere (Score:2)
I agree that on the internet, this can work well, and all of the Anonymous Cowards on slashdot and those darn 'cypherpunk'(s) who have accounts everywhere, and the deserted old computers doing anonymous re-mailing can rejoice. However, you'd better shut off all your ports, and hope that no one is scanning for interesting info... Staying anonymous can be fine for some people, but I consider staying uninteresting as both a good defense, and a horrible curse.
Heh, AltaVista (av.com) also tailored their ads according to what you search for. And they didn't check the modifiers. So if you searched for something like: "paisely box -xxx", you'd get porn ads. Is that pitiful, or what? I think they fixed that eventually, but they still try to use your searches to show ads. (no, america, if you search for "mp3", they don't show you porn.
I'd worry a little, just because we found out in the 90's that big brother built a computer, and it really was watching us. Fortunately, the gov't has either been a little less corrupt than some members of Generation X-Files would like you to believe, or really good at covering their tracks. (Ooo, conspiracy theory!
---
pb Reply or e-mail rather than vaguely moderate [152.7.41.11].
Re:Encryption: Loop leading nowhere (Score:2)
Heh, AltaVista (av.com) also tailored their ads according to what you search for. And they didn't check the modifiers. So if you searched for something like: "paisely box -xxx", you'd get porn ads. Is that pitiful, or what? I think they fixed that eventually, but they still try to use your searches to show ads. (no, america, if you search for "mp3", they don't show you porn.
I still remember a run in I had with a guy on IRC who was complaining vocally in a channel about Altavista running porn ads. He shut up pretty fast when he found out that the reason that he was seeing those adds but not the rest of us
Morality, thy name is hipocracy...
-
We cannot reason ourselves out of our basic irrationality. All we can do is learn the art of being irrational in a reasonable way.
Re:Technological Solution To A Social Problem? (Score:3)
In the case of privacy technology does offer a number of things that will help us. Secure communications and anonymous information access and sharing (go read about the mixmaster) have been made possible, and if there is call for it will become prevailent and easy to use.
The problem is that the very technological innovations that help our privacy are exactly those under most attack by society. People advocate non-technological solutions to these issues not because they do it better, but because they offer less absolute privacy, privacy that can be fucked with given a court order or if enough people want to. With technology you have a situation of all or nothing, which society (in the form of our governments, but also companies and orgs (like RIAA, who would attack a truely free forum the second it came into being)) doesn't seem ready for.
-
We cannot reason ourselves out of our basic irrationality. All we can do is learn the art of being irrational in a reasonable way.
Two way streets (Score:2)
Don't get me wrong here. I get irritated at corporate intrusion, too. The other day I had to threaten an AT&T telemarketer with a lawsuit. I was getting at least two calls a day from people wanting to know who my long-distance carrier was (as if it were any of their business).
But think about it. If I buy a widget from Joe Schmoe, do I have a right to tell everyone that I bought a widget from Joe Schmoe? Can I tell people that the widget was good/bad/cheap/expensive... (e.g., can I give a review in a magazine)? Can I state publicly that Joe Schmoe was easy/hard to deal with? Free countries throughout the world claim the ability to do a product review as a basic right of free speech.
If I can talk about a transaction that I have with Joe Schmoe, Inc., why can't Joe Schmoe, Inc. talk about it? You can say that it isn't fair because Joe Schmoe, Inc. profits from the information, but don't product reviewer's profit from the information they provide? How do we justify taking the right of freedom of speech from Joe Schmoe, Inc.?
And may be just a kind of an open-source solution? (Score:1)
The Bigger Picture (Score:1)
Infrastructure must support civil liberties (Score:2)
Others have mentioned the importance of very strong, easy to use encryption. This is important. However, I think a far better approach would be to design the underlying protocols to allow for transparent use of strong encryption, strong authentication, and double-blind anonymouty.
This may sound at first absurd, the idea of having both strong authentication capabilities coupled with (ideally) unassailable anonymouty. However, the key is that one's cyberspace handle, while an authenticable on-line identity, should not be able to be matched up with a real-world, physical being without that person explicitly identifying themselves willingly and deliberately.
Project's like "freenet" are important, though I would suggest going further and redesigning the lower protocols (e.g. an ip protocol - perhaps a variant of ipv6) which would incorporate these characteristics at the lowest level. Obviously this is not a panacea -- traffic analysis could for example be used to trace messages to a particular, physical location despite whatever electronic anonymouty has been designed into the system. These and other problems would of course need to be addressed. Even if they couldn't all be solved, a great many of our existing difficulties and vulnerabilities would be alleviated.
I think that, as long as the technology makes an all-intrusive, omnipotent state possible, it is only a question of time (apparently not a very long time at that) before such becomes a reality. Echelon, the litigation of the RIAA and MPAA, the censorship imposed by the Scientologiest on their critics, and so forth, are only the tip of an emerging iceberg. Redisign the technology to make that sort of thing impossible, very, very difficult, or unacceptably expensive, and you go a long way toward preventing it from ever happening. After all, what good is a court order if the physical and logical infrastructure make it impossible to carry out?
anonymity versus accountability (Score:1)
I think that Slashdot itself had a fine idea when it started the points system--it preserves the right of anonymity but lends more credibility to "signed" things. E-mail and other electronic communication should be the same way: one should have the right to post anonymously.
At the same time, there must be such a thing as a digital signature that is not traceable back to a real person. This is the sort of strength that anonymous remailers have--or used to, before the "church" of Scientology coerced the Swedish (I think) government into confiscating the identities of an anonymous remailer's system. In order to protect political speech, there must be a way to sign things verifiably but privately. Prior to the American Revolution, the influential Federalist Papers were published as a series of pamphlets, all signed by "Publius". In this modern age, if anyone can sign "Publius" to any document, the real message would be drowned out by spam, mockery, satire, and possibly even subverters of Publius's message. On the other hand, if Alexander Hamilton and James Madison had to sign their own, real names to their works, they would have been arrested, shipped to England and hung as treasoners after the first pamphlet was published. Always remember that several of the signers of the Declaration of Independence were arrested; of them, a few were tortured or executed, or died in prison. That's what can happen when you chose to speak out against a government, but use your own true name.
So, how do we protect the right of safe free speech without having meaningful speech drowned out by spam?
--
Active defense (Score:2)
The media somewhat fulfills this role, but the mainstream media seems to have been greatly corrupted by the influence of their sponsors (i.e., business) and the resultant coverage tends to be biased to avoid offending those sponsors. (It defies common sense that a media outlet will REGULARLY defy their sponsors - they might occasionally run something to show their independence, but in general they will not risk the revenue stream which allows them to exist.)
There are lots of little advocacy & watchdog groups which are attempting this function - but they aren't working together & the general populace is not taking an active part in supporting their activities, therefore their overall effect is somewhat insignificant.
I guess an effective system would provide a way a way to organize & tie together the efforts of these groups, including generating reports for & accepting input from the general populace. It would be decentralized & have some kind of builtin self-checking feedbacks to resist corruption of the information. Anonymous whistleblowing would be a necessity, along with validation through cross-reference & investigation, to try and dig out the dirty "secrets" that students of Machievelli (sp?) are so adamant about hiding.
*sigh* nice daydream, eh?
Keep the owner in charge of the information (Score:1)
1) One of these "anonymizing sites", or even my own server, would be recognized as the authoritative source of personal information about me.
2) I could establish my own rules for access to my information: how much, by whom, when it's available, and how it could be used.
3) There has to be a mechanism for one-time access to certain info -- I'll give my address to company X to ship me something, but the mechanism kicks in and erases my address once they've printed the label.
4) All information that might persist on someone's database would be date-stamped, so that it would be clear that the info may no longer be accurate.
Even a limited version of this system would sure stop a lot of the credit-bureau misidentification nonsense -- the credit bureaus would have a place to go to verify changes to data, and data that had long since been identified as inaccurate wouldn't come creeping back in, as happens today.
If you think this would be impossible to enforce, ask yourself: who but you knows your new phone number, or a new address, or when your child is born, or what your blood tests said? Lots of people know each item individually, most of them already are or could easily be bound by law to keep it secret, and virtually no one but you knows all of these things, until you let them.
Of course, if we all just paid in cash (need digital cash!), much of this would be unnecessary.
Re:Australia has got Jack (Score:1)
--
Re:Encryption everywhere. (Score:1)