Exploring the fuzzy edges of privacy and security
We’ve experience over 30 million records breached already this year in the US alone. That’s an incredible number. Sloppy security is usually the culprit and this is well known and documented as evidenced by executives all around the world are throwing money at the problem.
However, there is a kissing-cousin to this problem that seems to be getting the governments attention but doesn’t have the apparent visibility in the board room: Privacy rights violations.
Google’s missteps with Buzz landed them a n order from the FTC to audit their privacy practices for the next 20 years. Facebook dodged a bullet recently by settling with the FTC over their privacy violations as well. The big story this week has been the revelations of CarrierIQ.
These are only a small sample of the privacy violations that could have easily been avoided if someone was just paying attention to privacy rights when these projects were conceived. A lack of attention to these type of issues are costing companies millions of dollars and garnering plenty of negative public attention.
The big question is why aren’t these otherwise smart companies paying attention? My bet is that it’s because the business side of operations is relying on the information security professionals to make privacy decisions. The IT department are generally not the right folks for the job.
At their heart, the fields of privacy and information security both share the goal of minimizing the risk of data loss or misuse, and it is this kissing-cousin closeness in definition where the confusion starts. However, often time vocabularies, policies and regulations from each discipline conflict and confuse each other.
As it stands today information security has clear rules and regulations to follow. It’s a well understood professional discipline and regarded as important at the board level. Privacy isn’t there, yet. Privacy pros face laws and regulations that sometimes don’t make sense and often vary widely depending on culture norms of locale.
For those that have seen both disciplines in action the differences are clear enough, but I find myself so often failing to clearly explain the difference to others that I’ve developed an analogy. Think of the field of information security like the US National Guard. There job is to protect the homeland, including it’s people and assets, from the outsiders (foreign invaders). Privacy professionals turn that good guy versus bad guy analogy around. They are protecting the outsiders (customers, patients, etc. — anyone whose personal information they hold) from the homeland (marketing, customer service, human resources — anyone who might misuse the data).
The differences are subtle but understanding that the value of each profession is distinct can save a company from making costly mistakes. Bottom line: Understand there is a significant difference between security and privacy and make sure the right people are on board on a project from the beginning because it could save you a ton of time and money down the road.
I just finished watching a 2006 Google Tech Talk by Rik Farrow on computer security models. It’s worth watching. He spends roughly 45 minutes discussing how our current computer security models are broken and finishes with a proposed solution.
He starts by talking about the most prevalent attacks today including SQL injection, XSS and buffer overflows and how weak our current operating systems are at providing adequate protection. He then moves through the history of the mainframe leading up to our current operating systems to present where their flawed foundation originated.
He does give proper credit to more secures system like SELinux and Minux with their microkernel models, but also discusses how the complexity and/or performance of these systems prevents their widespread adoption. He also briefly touches on the failure of things like Linux and OSX to stay as true microkernels.
All of that is interesting, and he is an excellent speaker, but it’s all just a build up to his proposed solution. Spolier alert: His recommendation is to leverage the security inherent in the the traditional microkernel model but solve the performance problem by allocating the microkernel its own processor core of a multiprocessor system.
It’s an interesting concept, albeit not exactly new nor simple to implement. To his credit, the slide that introduces the concept is titled “Blue Sky” so he has no illusions about the difficulty here. However, that’s not what makes the talk so interesting. What is interesting to watch is how quickly the Googlers start punching holes in the concept. These guys are sharp!
Farrow, after an elaborate 45 minute build up, unveils his masterpiece to his audience who immediately are like, “yeah, that’s great, but what about a, b, c and d?” Farrow had answers to some of the critiques but often just acknowledges the critique (in a diplomatic and respectful way).
The talk provided some great food for thought, but I found the over-abundance of quality discussion at the end of the talk very inspirational. It fuels my desire to want to work with people smarter then myself. How cool would it be to be working in an environment where colleagues provided insightful critiques and pointed you down hidden paths.
The IAPP uses Avectra’s netFORUM AMS to manage our membership information. I’ve never been all that happy with the netFOURM software and certainly not Avectra’s horrific support, but last week they did something that makes we want to scream.
They launched an online community. To kick-start this community they decided it would be a good idea to take every user of their system and set up a profile. These profiles contain the user’s full name name, email, business address, phone number and the organization they work for (which they have on file to manage netFORUM access). That’s fine, I guess, but they took it one step farther. Not only did they set up the profiles without seeking consent, but they decided to opt everyone in to displaying all of their information to every other user of the system.
However, as bad as that is, it is even worse than that. Everyone they signed up, which is everyone that uses netFORUM, was set up in the community with a default username and password. The username is the person’s email and the password is, by default, the same password for everyone! So, not only don’t they care about their users’ privacy, they don’t care about security either.
I won’t give away what that password is, but anyone who is part of this new community can easily log in as anyone else. All they need to know is the target’s email — a pretty low bar for even a computer novice. This whole launch is pathetic.
If you are an Avectra user and haven’t gone in and changed your password, do it now! And, if you are like me, you will set everything to “private” which should have been the default to begin with.
The W3C published the first draft specification for “Do Not Track” (DNT) in an attempt to addresses online privacy. The document proposes an official specification for a mechanism that allows users (via browsers) to broadcast tracking preferences to websites.
The intent of DNT is fantastic. Users should be empowered with the ability to opt-in or -out of being tracked on a website, or across sites, and this specification would achieve exactly that. However, it’ll never catch on. One of two things need to be in place for something like this to take hold.
1) Both Sides Benefit
In this case “both sides” are the users and the advertisers who collect tracking data. The benefit to users is obvious: They gain control over their privacy. But what do the advertisers gain? According to the draft:
Since advertisers desire an audience that is receptive to whatever they happen to be advertising, a significant premium is assigned to sites that can demonstrate a favorable target audience, and even more so for sites that are able to identify their audience dynamically and adjust the advertising displayed to be specific to the interests of that user.
That sounds good, but it just doesn’t hold water. It’s commonly stated that people hate advertising, yet advertisers keep at it. Why? Because it works, that’s why. The dichotomy between people hating it, but it works anyway, virtually eliminate any hope that advertisers will risk letting everyone just opt-out of being targeted.
2) Fear of Enforcement
The other option is enforcement, and that isn’t anywhere in the document nor does the W3C have the authority to enforce anything in any case. Without the threat of enforcement DNT is just a suggestion that’s not likely to be take seriously.
All Hope is Not Lost Though
There is one other hope. The specification lays out a handful of methods for the server to communicate back to the browser what it intends on doing with the DNT header. When all is said and done that could be the missing enforcement piece.
Giving the browser the option to report back to the user whether the DNT preferences are being respected or not by a particular site empowers the user to make a decision to visit or not. If a large enough percentage of users opt not to visit sites that don’t affirmatively respond about respecting DNT settings then that will give advertisers a real reason to follow this specification. It’s a weak enforcement method but it is the only one.
In closing I should state that I am decidedly in favor of DNT and the user empowerment it brings. I also appreciate all of the work Mozilla and others have put in to this specification. However, unlike others, I still believe this is DOA.
One unrelated note: In the specification it says this about the DNT header: “The remainder of the DNT field-value after the initial character is reserved for future extensions.” I’m going to be the first to predict this detail will allow for the first security vulnerability with DNT. It is marked as an issue.
I’ve had this idea bouncing around inside my head for a long while and I’ve come to the realization that I’m never going to see it to fruition. Instead of letting it just rot on my computer, I thought I’d give it away instead. If you want it, take it. If you want to chat about it feel free to contact me.
Note: I’m trying to write out this idea as clearly as possible but since it isn’t a fully formed idea in and of itself I may not make complete sense — proceed with caution.
Quantifying the output of a workout is hard for many of us. If you’re a runner or cyclist then you can use distance, speed and even heart rate easily enough. But what if you do CrossFit, P90x or lift weights. Well, you can record weights lifted and time it took but, as this style of workout is designed to do, it changes so often that measuring your performance over any significant length of time is not all that useful.
Workouts of varied intensities and ever changing routines are now trendy. P90x, CrossFit and lots of local “boot camps” serve this crowd. It’s still a minority of the general exercising public but it’s a segment that is growing rapidly and those trend-setters have no way good to measure their performance.
There are plenty of sites that allow you to record and track these types workouts and even compare them to other individuals, but none do anything clever to compare across different workouts (in an “apples to apples” way) or handicap based on body type or size.
In short, these people, who have money to spend, have a need that isn’t being met.
The common denominator in every exercise routine, regardless of its methodology, is that you’re moving weight (even if it is just your body-weight) over a distance for a given amount of time. Using those inputs you can calculate power output (in Joules and Watts) and use that measure to compare anything, equitably. Rowers, treadmills, stationary bikes and ellipticals often provide this measurement but there is no reason you can’t get this measure for everything else. That includes pullups, pushups, cleans, deadlifts, runs, swims, etc.
Power output measures can not only factor in weight lifted or distance traveled, but it can include other variables such as a person’s height and weight. Using power output to measure performance is a great equalizer. Imagine a method where you can compare a power-lifting session to a run to see which was “more work.” Or how fun would it be to get fair comparison of performances between a 250lbs bruiser and a 100lbs waif.
How it Applies
With me so far? Here a some ways the measurement can be presented to users:
The first problem I faced, how to actually calculate the power output, was simple enough to find in Google — Joules = force x distance. Joules is a measure of power and Joules over time is described as Watts. To follow is a breakdown of the Joules equation.
That’s a very brief overview. If you’re interested in learning the details in this formula you can read more about the particulars in the Work section of this article — or just take my word for it and keep reading.
Lets put this to an example:
As a result I generated 343w in that second. That’s enough to power a 100w light bulb for 3 seconds or this computer for almost 2 minutes!
Here is the breakdown of the above calculation (Remember Joules = force x distance and force is weight against gravity in our calculation):
343 Joules = (70kg * 9.8) * .5m
343 watts = 343 Joules/1 second
Thats a pretty simplistic example but it gets across the main premise anyway.
Deriving the Variables
With the power calculation figured out I next needed to determine how to fill the variables of the equation. Distance traveled seemed easy at first until I started to think about it. How far does the weight travel in a deadlift or a pullup? (I’ve done some work here but more needs to be done.) I started with this graphic which shows the average percentage of the body a particular part represents. For example, the distance from the ground to your hip is 53% of your height. Lets say I’m 1.8 meters tall. That means the distance from my hips to the ground is .95 meters (1.8 * .53). Follow?
Using these measurements you can compute distance traveled for an exercise. Let’s look at the pullup as an example. I’m 1.8m tall and, according to the chart, the distance from my forearm to my shoulder is 33.2% of my height or .60m. That is the distance I travel in a pullup. With that I plug that distance and my weight of 70kg into the aforementioned equation. According to the calculation my pullup would generate 416 Joules and if I did a pullup at a rate of 1 every 3 seconds I would generate 136 watts per pullup. Pretty cool huh?
((70 * 9.8) * (1.8 * .332))/3 = 136
Now you may be thinking what about the body weight moved? In the case of a pullup it is 100% of your body weight but that isn’t true for all exercises. What about a sit-up? For that problem I used the same sort of methodology I did for distance. I found this PDF which has a percentage of a body’s weight each body part represents (check out the tables in the front of the publication). A sit-up would be your body weight less the weight of your legs.
What’s Already Done For You
I’ve gone through the trouble of putting all of the information I gathered into a spreadsheet which includes the blueprint for measuring over 30 exercises. That should be enough to get anyone started. It’s a bit messy but if you’ve read this far and understand where I am trying to go with this it should make sense. I hope.
I’ll leave it to your imagination how to implement this for the user but I hope for three things with this post:
I’d love to hear any feedback on this idea and certainly let me know if you take the idea and plan on bringing it to life — I’d love to see that!