Seven:Privacy policy

From Seven
Jump to: navigation, search

This is my only window to your world. I regard this as a controlled privacy leak for my Memes. If you understand me as the associating Memeplex then this could not be any more private than it is. Other controlled Meme leaks are available through my many Public Profiles.

Contents

Privacy on the Web

In the Web there is no privacy. In the Web there is no privacy. In the Web there is no privacy. In the Web there is no privacy. In the Web there is no privacy. In the Web there is no privacy. In the Web there is no privacy. In the Web there is no privacy. In the Web there is no privacy. In the Web there is no privacy. In the Web there is no privacy. Got that? In the Web there is no privacy!

The only thing you can have is a privacy policy. As you are reading this page all your movements and how you got here and how you navigate this web site are tracked. This is personal data and falls under privacy. It is collected all over the world. Right now this server has registered your IP address, what operating system you use, which browser you have and so on.

And this is only a fraction of what other servers on the way from your browser to my server log. http://arnulf.us is located in the south of Paris. You can check that yourself by entering the IP of this server (http://94.23.196.65 | 94.23.196.65) on http://www.hostip.info/. Your IP can also be tracked down to a few kilometers, if not even a lot closer. If you are roaming and connected to the web it becomes a bit more complex but still you can be tracked as you ride the train or travel by car. In that case the information is considered 'private', but that does not mean anything really. It just means that the average user cannot check where you are. Many 'authorities' still can and do track your movements at their will. All packages that are sent and received in the network are tracked somewhere. Some legislations allow to scan and process this information. There is no transparency in who is allowed to read, see, collect, process or use that data. It is all a gaping commons. But many people still think that technology can give them privacy. Believe me, there is no such thing in the Web.

Stephen O'Grady wrote a good article on what happens to your private data when it shows up in the claws of a data gobbler. And a nice Blog by antonpa.


Privacy on the Mobile Phone

There is even less privacy on the mobile phone because you have even less control over the connection your mobile device is taking. If you want to learn more Seven recommends to read Ghost in the Wires by ex hacker, now security professional Kevin Mitnick. It is a crazy story about how in the early days Kevin eluded the Feds for years using tweaked mobile phones.

To better understand what information is collected on a regular basis by your cell phone provider you have to understand a little about how cell phones work. Every phone continually broadcast a unique ID to all nodes in the area and connects to the closest or strongest signal to relay where you currently are in case someone wants to reach you or you want to place a call yourself, send an SMS, use the Internet and so on. This information is continually stored in ever growing data stores and can - obviously - be accessed. It is absolutely intransparent who can access this information at what point in time because it is not public information but highly guarded. As we all know anything that is highly guarded will eventually attract people to break the locks and this is when your supposedly private data becomes not so private. People attracted by this information include the government, prosecutors, hackers and businesses alike. Go figure.

The German green party politician Malte Spitz requested this information for his own mobile device and had to go to the highest level of court to actually get it. The results are nicely presented in a mapping application.

Who controls your identity on the Web?

Recently a discussion has started how and where to authenticate. This is a highly relevant topic because it is anlalog to presenting your ID-card, your official identity. Some big players like Google, Microsoft or FaceBook try to make themselves the primary point of access. This would mean that you become a citizen of either of those players, rendering your identity information and lots of other details to them unimpeded. Jut read their respective "Terms of Service" to see what they claim from you.

Another take on authentication and identity provision is proposed by orgainzations like Mozilla. They would rather have you maintain your identity under your own control so that you can decide whether you want to authentication on a web site and how much private data you give them on an individual basis. This means that you shift your trust away from one single identity provider to the software that runs on your computer. Still not a perfect solution as you never know whether your computer or the software running on it is compromised, but at least you have a chance to have (more or less) good control of it. Read the Blog Who Controls Identity on the Web? by Christopher Mims to learn more.

Digital Data Privacy

Once data is available digitally it is impossible to control it. Anybody denying this is ignorant, a liar, or both. That is - unfortunately and mostly out of ignorance - pretty much everybody alive these days. Classical examples include the data that is associated with pay-back and credit cards. Once in the system we lose all control over who can access this data. Random access is granted to organizations on purpose or because of tiny technical glitches in the system. There is a saying that information wants to be free. For digital information this is especially true. It works like any system that seeks balance. A balanced information system is completely accessible and completely linked.

Security

Security is mostly a superstition. 
It does not exist in nature. 
Life is either a daring adventure or nothing.
-- 
Helen Keller

Tor Project

If you do not want all your web movement information to be collected you have to take special measure like using the tor network. In short: Tor is a network of servers that transmit encrypted packages without knowing more than the next node and the last node. Every few minutes the path that packages take changes so that is becomes very hard to trace communication. It is a bit complicated for the unknowing but it can be done by any geek. If you are a geek and you have a box out there help make the world a more private place by running a relay or volunteering as a developer.

Publicity

The opposite end of privacy may be publicity. Which is what we can create and push by using all kinds of tools in the Web. It feels a bit like it is much easier to go public than to stay private. Coming to think of it this is probably a simple systems model. Information systems are made to spread information not to prevent that. So the natural path is to have everything go public eventually. As we are managed by Memes (some have identified them as white mice) this makes a lot of sense. At the end of 2009 FaceBook started to go public by default changing it's policy dramatically.

Technology Trap

How many percent of humanity have lost us in this discussion already? How many people understand what the term "tor network" really means. It is but a few million people - if it is a million really. You - whoever reads this - is potentially capable of really moving in the web anonymously or at least almost so. All the rest has to trust. Trust whom? Google, Microsoft, Oracle or the war departments of the worlds leading aggressors. No, this is not stretching it. Not a Bit unfortunately.

Us

We - the few million who know - we have to make sure that this highly private data is protected from being collected for Evil things. As we do not know what is evil and what is not we should just make sure that the data cannot be collected and accessed at all. There is a very simple solution to the problem. Break down the big organizational architectures into individual, self sufficient nodes that protect their data as good as they can.


Stats from twittered links at http://bit.ly/3955eB