Today is amazingly enough the fifth anniversary of Adam starting this blog. It’s amazing how fast time flies when things are chaotic. Seems like just yesterday Adam was doing the initial Star Wars posts. Appropriately enough the most recent in the category was just this past Saturday. Thank you to all of our readers for making the last 5 years so much chaos and so much fun.
Monthly Archives: August 2009
What should the new czar do? (Tanji’s Security Survey)
Over at Haft of the Spear, Michael Tanji asks:
You are the nation’s new cyber czar/shogun/guru. You know you can’t _force _anyone to do jack, therefore you spend your time/energy trying to accomplish what three things via influence, persuasion, shame and force of will?
I think it’s a fascinating question, and posted my answer over at the New School blog.
We Live In Public, The Movie
One of the best ways to upset someone who cares about privacy is to trot out the “nothing to hide, nothing to worry about” line. It upsets me on two levels. First because it’s so very wrong, and second, because it’s hard to refute in a short quip.
I think what I like most about “We Live In Public” is how it shows how well that nothing to hide idea screws with people’s lives. The movie is the story of Josh Harris and some bizzare experiments he ran, including putting 100 people under constant surveillance and interrogation in “Quiet,” a bunker under New York City with free flowing drugs. After that screwed a lot of people up, Josh and his girlfriend decided to “live in public” on the web. Roughly quoting “after a fight, we’d both run to see who the people watching thought had won it.” In many ways, it was unpleasant to watch, in the way any view of dystopia is.
The movie was one of my favorite parts of the Privacy Enhancing Technologies Symposium, and not just because it was the end and I got to kick back with a beer while we watched. It was my favorite because we talk a lot about privacy in very technical ways: what it means, how to protect it. We talk less about the why or the communication of it. The movie was pretty impactful for a lot of us. One of the best, and perhaps most post-modern was having a Skype conversation with the director, Ondi Timoner, after the screening. (Another member of the household stopped by, said hi, and covered the camera. And sorry about the butt-in-camera, Ondi, we had the beer near the laptop running Skype.)
In the future, we’re inspired to have more art at the conference, and I’d encourage all of you to see We Live in Public. It’s currently in limited engagements [Updated with links]:
8/28 – IFC Center, NYC
9/4 – Brattle, Cambridge
9/25 – NuArt, Los Angles
10/2 – Roxie – San Fransisco, CA
10/9 – Alamo Draft House – Austin, TX
10/16 – Music Box – Chicago
11/13 – Landmark Varsity – Seattle
You can also follow @onditimoner on Twitter, read the blog about the movie, or get in touch with her by Skype..no, just kidding. I think she deserves some privacy.
Spinal Tap, Copyright
There’s a cute little story in the NYTimes, “Lego Rejects a Bit Part in a Spinal Tap DVD.” I read it as I was listening to a podcast on Shepard Fairey vs The Associated Press that Dan Solove pointed out. In that podcast, Dale Cendali (the attorney representing the AP) asserts that licensing is easy, but she fails to consider transaction costs or denials as a possible downside. Of course, if we didn’t commercially license out Emergent Chaos, none of us would write here. Or something.
This photo (fairly used) gives the lie to that argument. Lego prevented it from being used in the movie:
“We love that our fans are so passionate and so creative with our products,” said Julie Stern, a spokeswoman for Lego Systems, the United States division of the Lego Group, a Danish company founded in the 1930s. “But it had some inappropriate language, and the tone wasn’t appropriate for our target audience of kids 6 to 12.”
In the most appropriate language I can use: that’s some fucked up over-reaching, and the system that lets Lego prevent such a use with threats of expensive litigation is messed up.
Just Singin’ In the Rain
Hearsay podcast: Shostack on Privacy
Dennis Fisher talks with Microsoft’s Adam Shostack about the Privacy Enhancing Technologies Symposium, the definition of privacy in today’s world and the role of technology in helping to enhance and protect that privacy.
As always, a fun conversation with Dennis Fisher. Ran longer than I think either of us expected at 41:15.
And speaking of PETS, I took a bunch of photos. Should I get permission before posting them to the net? None are embarrassing or compromising. Perhaps as the organizer of a privacy conference, I should hold to a higher standard?
What’s in a name?
Brian Jones Tamanaha has an interesting post about our database-driven society. The core of it is that English is bad at recording some names. The solution? Force people to change their official names for the convenience of the database:
During public hearings on the voter identification legislation in the House, state Rep. Betty Brown, R-Terrell, suggested that Asian-Americans might want to adopt names that are “easier for Americans to deal with” when they want to vote so their names will match what is on registration rolls.
Brown made her statements during testimony from Ramey Ko, representing the Organization of Chinese Americans….
“… do you think that it would behoove you and your citizens to adopt a name that we could deal with more readily here?”
Quotes from “Lawmaker suggests Asian-descendant voters should adopt names easier for Americans to deal with’,” Houston Chronicle Texas Politics blog.
Of course, this is nothing new. Once
Or read Brian’s “Any Suggestions for My New User-Friendly Name?”
RSA 2010 Call for Proposals: August 14
RSA 2010 Call for Speaking Proposals. You know you want to.
The Myths of Security: What the Computer Security Industry Doesn’t Want You to Know
John Viega recently published a new book: The Myths of Security: What the Computer Security Industry Doesn’t Want You to Know.
It’s a great read, especially if you are new to or are interested in the security industry as a whole. However, even if you are a long term security veteran, you will find it enjoyable.
The book is a series of essays addressing a range of topics from “The Cloud” to the state of the AV industry and everything in between. The essays aren’t long, but they are very thorough. This makes it easy to pick up the book become engaged and learn something quickly.
My only complaint is that the essays around privacy and anonymity. They weren’t nearly as deep as I was either hoping nor on par with the rest of the book. Despite this, the book is excellent and well worth reading. I highly encourage you to pick up a copy.
Dear $LOCALBANK That I Use
Keeping a database of all of your ATM PINs in a clear (or possibly encrypted but easily reversible) text database is not a good idea. I honestly can’t see any use value for this, especially when they won’t tell you what your PIN is even if you have multiple forms of government issued identification.
No thanks; No love
-Arthur