Identity & The End of Privacy
Bruce Schneier says “Remember this: The math is good, but math has no agency. Code has agency, and the code has been subverted.” (read original)
What this means is that the theory behind something — in this case encryption using “hard” mathematics — may be very good, but the implementation can be full of “gotchas” — errors, omissions, faults — and that‘s what will get you in the long term. He was specifically commenting on Edward Snowden’s revelations about the US National Security Agency and whether they can read all encrypted messages, but it can apply to many other software endeavors.
If you’re thinking of writing some software whose function is critical, and especially if lives depend on it, you have to be extremely careful with your implementation. And Open Source is a big plus because other eyes can look at your code and spot mistakes that you, as author, are likely to overlook.
So whatever you’re working on, be very, very careful with the implementation.
They’re experimenting with putting up a page that shows the number of requests they’ve received, and (partially) the action they took, for the most recent six months.
You can view their map and click the pushpins to see country-specific data. For China, it says
Chinese officials consider censorship demands to be state secrets, so we cannot disclose that information at this time.
Isn’t it interesting that rather than saying “removal requests” Google used the word “censorship” in this case?
To read more about legitimate (legal) requests and requests that do not have the force of law behind them and may simply be trying to intimidate a web site owner, visit the Chilling Effects Clearinghouse.
The Open Net Initiative seeks to identify and document Internet filtering and surveillance.
Cory Doctorow posted a BoingBoing article about a recent National Security Letter requiring the Internet Archive to reveal user information to the FBI. In case you’re not familiar with this process, certain government agencies can issue these letters under the PATRIOT act, which require you to disclose information about your online users, and you can be required not to disclose even the existence of the NSL to anyone else – not your board of directors, not your employees, not even your dog. You can tell your attorney, otherwise this would violate due process of law because you would be denied legal representation. EFF stepped into this as legal adviser to the Internet Archive and Brewster Kahle. The legal grounds on which they contested this was that the Internet Archive is a library (recognized by the State of California) which is exempt from these requirements under US law. The provisions apply to providers of Internet communication services (such as ISPs, duh, by definition).
Regardless of how you feel about government agencies having unchecked access to this kind of information — If you ran an online service that promised “we never share your information with anyone else” – what would your reaction be to an NSL requiring that you give up something like IP addresses, or physical address, or other information about a user of your service, without informing anyone? Would you be happy telling your users that you never share their information?
|Neat idea – go to ReclaimPrivacy.org and get a “bookmark” that contains code that you can use to scan your Facebook privacy settings to see exactly how private you might not be!|
|I thought I had most everything set pretty well, but I was a bit surprised at my results. What’s more, this piece of code can fix the settings for you – simple as clicking a button. (continue reading…)|