LIS3353 Week 10 - Anonymity and Privacy

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Julie Cohen, "Copyright Management in Cyberspace" quote

"A fundamental assumption underlying our discourse about the activities of reading, thinking, and speech is that individuals in our society are guaranteed the freedom to form their thoughts and opinions in privacy, free from intrusive oversight by governmental or private entities."

Redefining Terms (frequently courtesy of RMS)

"Software as a Service"? v. "Service as a Software Substitute"

Collusion

(secret or illegal cooperation or conspiracy, especially in order to cheat or deceive others) - All the big companies are doing it to some extent, but some are at least appearing to try to fight it.

History of Anonymity

- "Silence Dogood" - Constitutional-ish - voting

Dark Web

- .onion sites - The (former) Silk Road

Little brother

- As opposed to "Big Brother" - Yes, cameras are everywhere - but "we" control quite a few of them

Exit nodes are...

- Exit Nodes are dangerous - MANY other possible attacks (cookies, js)

maybe you don't keep a tradesecret after all example

- If CVS sees: Pregnancy tests... then thats interesting - and if Amazon ALSO sees: "What to expect when you're expecting" ...perhaps valuable info for CVS? Vice-versa? - And again, all legal: Gathered legally, traded or sold legally - little, marginal steps.

Two big legal cases relating to privacy

- Kyllo v. U.S. (Thermal imaging case) - Katz v. U.S (Wiretapping)

Threat of cyber security

- Malicious Hackers vs. the Corporations (who may not have your best interests in mind) - Or worse; both: Malicious hackers aided by the bad decisions of Corporations, e.g. password leaks or deliberate backdoors

SAAS

- Software as a service - Reason for apps in your browser

NSA justification for PRISM and why would it not work?

- Terrorism - Because of the false positive paradox... We have a very low incident rate so you'd need a super accurate test

Questioning if surveillance is wrong

- Why NOT surveil? (in this way)? - What exactly is wrong with ubiquitous surveillance? - AKA, the "What do you have to hide" question. - If everybody knows everybody's business, can this reduce shame/embarrassment?

Why is a Proxy needed when using a 3rd party for anonymity?

- can cache content, do web filtering, or just make you anonymous - You ---> Proxy ---> Destination

Dangers of using a friend as a trusted third party for anonymity?

- detection - selling out - endangering the friend?

NSA Prism survelliance program

- had roughly everything on everyone - "collect it all, perhaps analyze it later."

We have what kinds of privacy?

- technical privacy (if we're careful) - legal privacy(No explicit right to privacy in the Constitution, but..1st, 4th, 5th, amendment, and others)

Why is tor allowed?

- the military needs it too - its is NOT really encrypted by itself (but you can just add it)

Reduction of personal risk

- whistleblowers - crime victims - (literal) minorities - sometimes good ideas are (really) unpopular. - it's part of the 1st amendment

2 Types of info brokers

1. Choicepoint 2. Acxiom, etc.

4 Examples of Inferences regarding privacy

1. Credit scores 2. "Google Killed Me" 3. Target and pregnancy 4. And Graph Search...(wow, they're really that oblivious?)

Secrecy does not equal...

Anonymity - They are related, but can be different.

The Role of "Mobile"

Attach a device to your child that tracks nearly everything she does, and sends most of that information to a third party who won't give you access to most of it.

CVS "extra care" card invading privacy

Basically selling the track record of your purchases for coupons

Pre Internet's best friend

Before the Internet trashcans were the P.I.'s best friend... Specifically a receipt

Voluntary side companies taking your information?

Facebook, et al

Green likes are what and red links are what in Tor

Green links: Encrypted Red links: In the clear (not encrypted)

Example of head of the CIA not even understanding technology to spare their info

Head of the CIA was having an affair with the woman writing a bio about him and instead of e-mailing each other they saved messages as drafts on their gmail acct bc they thought they wouldn't be under surveillance

Consider - "creeping de-anonymization of consumption"

If you're using: - Amazon Books - Netflix/Hulu - Pandora/Spotify ... your stuff is reading you, too.

Why might a store record your purchasing?

Inventory, advertising, etc.

In the constitution, it doesn't say what regarding anonymity

It doesn't say "right to anonymity" but it doesn't say "right to privacy" either

TRADE SECRET (a form of IP)

Legal protection/acknowledgement

How to do anonymity online

No magic math here like encryption, but we can use real life analogies

If companies can sell info, who's buying it

Other companies and law enforcement

Pre-Internet misconception of privacy

Privacy was a big dark secret you didn't want anyone knowing but really it's little pieces of information that add up to something big

Inference (figuring things out about people) is a

Problem Ex: Facebook gets movie suggestions wrong

What NEEDS to be centralized?

Search(Google, et al) -nothing else NEEDS to be

A working definition of privacy(formula)

Secrecy + Anonymity + A belief in the first two.

Secrecy vs. Anonymity

Secrecy = hides the contents of the message Anonymity = hides the identity of the sender

Story of Fredrick Douglass

Sophie Auld taught Frederick Douglass to read(Illegally) (that happens to be literally the most important thing) - Reading, presently, is the only way to become smarter. - Also, you only TRULY control one thing in your life. he then traded for, scammed, and stole books and didn't get caught because his books did not know who was reading them and could not tell on him

What Tor is called and why

The onion router because you go between layers and layers aka computers and computers

Tor

The system that tries to do anonymity and most likely succeeds - Tor is a bunch of Proxy's that are designed to scrub as much information as possible. Ex: Erase the from address before it gets to destinations. - Path to and from will be completely different. Reassembled in your browser. - We mostly already know how to use it. ~ download "tails" and use it in Virtual Box

Why should the gov't / law inforcement directly surveill AT ALL?

This allows you to get around them pesky Constitutional rules...

A Trusted 3rd Parties regarding anonymity

This is good --- but only as good as the 3rd party. - Stranger? Can you trust them? - Close friend? But what about - detection - selling out - endangering the friend?

What is the most important anonymous speech?

Voting - we say "secret" ballot, but thats technically wrong

Can a store legally record your purchasing?

Yes

Dangerous Techs

Yes, new dangers are created but... - there are legitimate needs - there will be a demand → - Someone WILL have it, ergo better to decentralize/democratize it.

"Bank robbery getaway" example to illustrate anonymity

You can't make it so people can't rob banks with a car so do you stop having cars because people can rob banks with them? People don't understand the technology

Technical Security =

encryption

The False Positive Paradox

need more accurate test

Example of False Positive Paradox with "Gatorbola"

new disease; unspeakable consequences incidence rate: 1/10,000 people have it BUT theres a 99% accurate test SO... -99% meaning 1% false positive rate --get tested positive but doesnt mean you HAVE it ----test 10,000 people then 100 will have a positive test and 1 will atually have the disease -----Even for a test that's 99% accurate, there's still only a 1/100 chance that you have it. -------> how accurate could a terrorism test possibly be?

Don't forget the security cameras, the bank records, the credit scores, the phone records is only what is given up....

on accident

Tor is like encryption because...

the bad guys will use it too.


Set pelajaran terkait

Security+ Network Security 20% (part 2)

View Set

MAR4503 - Chapter 15 Practice Quiz

View Set

Computer Science Principles - Instructional Cycle 1

View Set