Essays in the Category "Privacy and Surveillance"
Page 15 of 16
Why VOIP Needs Crypto
There are basically four ways to eavesdrop on a telephone call.
One, you can listen in on another phone extension. This is the method preferred by siblings everywhere. If you have the right access, it’s the easiest. While it doesn’t work for cell phones, cordless phones are vulnerable to a variant of this attack: A radio receiver set to the right frequency can act as another extension.
Two, you can attach some eavesdropping equipment to the wire with a pair of alligator clips. It takes some expertise, but you can do it anywhere along the phone line’s path—even outside the home. This used to be the way the police eavesdropped on your phone line. These days it’s probably most often used by criminals. This method doesn’t work for cell phones, either…
Your Vanishing Privacy
Over the past 20 years, there’s been a sea change in the battle for personal privacy.
The pervasiveness of computers has resulted in the almost constant surveillance of everyone, with profound implications for our society and our freedoms. Corporations and the police are both using this new trove of surveillance data. We as a society need to understand the technological trends and discuss their implications. If we ignore the problem and leave it to the “market,” we’ll all find that we have almost no privacy left.
Most people think of surveillance in terms of police procedure: Follow that car, watch that person, listen in on his phone conversations. This kind of surveillance still occurs. But today’s surveillance is more like the NSA’s model, recently turned against Americans: Eavesdrop on every phone call, listening for certain keywords. It’s still surveillance, but it’s wholesale surveillance…
Anonymity Won't Kill the Internet
In a recent essay, Kevin Kelly warns of the dangers of anonymity. It’s OK in small doses, he maintains, but too much of it is a problem: “(I)n every system that I have seen where anonymity becomes common, the system fails. The recent taint in the honor of Wikipedia stems from the extreme ease which anonymous declarations can be put into a very visible public record. Communities infected with anonymity will either collapse, or shift the anonymous to pseudo-anonymous, as in eBay, where you have a traceable identity behind an invented nickname.”…
The Erosion of Freedom
Spying tools are now routinely used against ordinary, law-abiding Americans who have no connection to terrorism.
Christmas 2003, Las Vegas. Intelligence hinted at a terrorist attack on New Year’s Eve. In the absence of any real evidence, the FBI tried to compile a real-time database of everyone who was visiting the city. It collected customer data from airlines, hotels, casinos, rental car companies, even storage locker rental companies. All this information went into a massive database—probably close to a million people overall—that the FBI’s computers analyzed, looking for links to known terrorists. Of course, no terrorist attack occurred and no plot was discovered: The intelligence was wrong…
A Sci-Fi Future Awaits the Court
At John Roberts’ confirmation hearings last week, there weren’t enough discussions about science fiction. Technologies that are science fiction today will become constitutional questions before Roberts retires from the bench. The same goes for technologies that cannot even be conceived of now. And many of these questions involve privacy.
According to Roberts, there is a “right to privacy” in the Constitution. At least, that’s what he said during his Senate hearings last week. It’s a politically charged question, because the two decisions that established the right to contraceptives and abortion—Griswold v. Connecticut (1965) and Roe v. Wade (1973)—are based in part on a right to privacy. “Where do you stand on privacy?” can be code for “Where do you stand on abortion?”…
Make Businesses Pay in Credit Card Scam
The epidemic of personal data thefts and losses – most recently 40 million individuals by Visa and MasterCard – should concern us for two reasons: personal privacy and identity theft.
Real reform is required to solve these problems. We need to reduce the amount of personal information collected, limit how it can be used and resold, and require companies that mishandle our data to be liable for that mishandling. And, most importantly, we need to make financial institutions liable for fraudulent transactions.
Whether it is the books we take out of the library, the Web sites we visit, our medical information or the contents of our E-mails and text messages, most of us have personal data that we don’t want made public. Legislation that securely keeps this data out of the hands of criminals won’t affect the privacy invasions committed by reputable companies in the name of price discrimination, marketing or customer service…
Risks of Third-Party Data
Reports are coming in torrents. Criminals are known to have downloaded personal credit information of over 145,000 Americans from ChoicePoint’s network. Hackers took over one of Lexis Nexis’ databases, gaining access to personal files of 32,000 people. Bank of America Corp. lost computer data tapes that contained personal information on 1.2 million federal employees, including members of the U.S. Senate. A hacker downloaded the names, Social Security numbers, voicemail and SMS messages, and photos of 400 T-Mobile customers, and probably had access to all of their 16.3 million U.S. customers. In a separate incident, Paris Hilton’s phone book and SMS messages were hacked and distributed on the Internet…
Why Data Mining Won't Stop Terror
In the post-9/11 world, there’s much focus on connecting the dots. Many believe data mining is the crystal ball that will enable us to uncover future terrorist plots. But even in the most wildly optimistic projections, data mining isn’t tenable for that purpose. We’re not trading privacy for security; we’re giving up privacy and getting no security in return.
Most people first learned about data mining in November 2002, when news broke about a massive government data mining program called Total Information Awareness. The basic idea was as audacious as it was repellent: suck up as much data as possible about everyone, sift through it with massive computers, and investigate patterns that might indicate terrorist plots…
Digital Information Rights Need Tech-Savvy Courts
Opinion: The courts need to recognize that in the information age, virtual privacy and physical privacy don’t have the same boundaries.
For at least seven months last year, a hacker had access to T-Mobile’s customer network. He is known to have accessed information belonging to 400 customers—names, Social Security numbers, voice mail messages, SMS messages, photos—and probably had the ability to access data belonging to any of T-Mobile’s 16.3 million U.S. customers. But in its fervor to report on the security of cell phones, and T-Mobile in particular, the media missed the most important point of the story: The security of much of our data is not under our control…
Outside View: Security at the World Series
The World Series is no stranger to security. Fans try to sneak into the ballpark without tickets or with counterfeit tickets. Often foods and alcohol are prohibited from being brought into the ballpark, to enforce the monopoly of the high-priced concessions.
Violence is always a risk: both small fights and larger-scale riots that result from fans from both teams being in such close proximity—like the one that almost happened during the sixth game of the American League Championship Series.
Today, the new risk is terrorism. Security at the Olympics cost $1.5 billion. Some $50 million each was spent at the Democratic and Republican conventions on security. There has been no public statement about the security bill for the World Series, but it’s reasonable to assume it will be impressive…
Sidebar photo of Bruce Schneier by Joe MacInnis.