Expectation of Privacy

Expectation of Privacy

So there was a court ruling I am sure everyone has heard about by now where a district court ruled the FBI hack did not require a warrant. The part that specifically has me put off is described in this excerpt from SC Magazines article

"The judge explained that IP address data is already shared with third parties such as ISPs and, in the case of Tor, anonymous node operators, and therefore such information is fair game for authorities. "

I should note I am not American but Canadian however we know many of these laws can effect us up here as well. How can your IP being shared with ISP's be an argument for no expectation of privacy? Who truly owns IPv4 addresses then? If using them is ground for forgoing privacy I think we need to really give another thought to the internet in its current form.

I wonder if someone was to hack the FBI network if they could use the same argument as a defense. They have no expectation of privacy when there IP is shared with ISP's. Or any government organization. I feel like this ruling serves to destroy the internet and everything it represents. While I do not advocate for the dark web, and have little desire for it I cant help but feel these types of acts regardless of the noble reason for it make that uncontrolled web a better place.

This level of policing would be no different then allowing law enforcement and government agencies the right to walk into your home as they see fit. No organization should have this level of power. I think the following quote from Benjamin Franklin really serves better in these changing times then it did back then.

"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. Those Who Sacrifice Liberty For Security Deserve Neither. He who would trade liberty for some temporary security, deserves neither liberty nor security"

Benjamin Franklin

     I do believe these 3 letter government organizations  believe there doing what is right. I also believe sometimes there actions do a lot of good. The question that nags at me is at what cost? At what point does a groups good intentions become controlling? When they can operate without any rules then that power will ultimately corrupt the system. Sure there is always talk about outside overseers to monitor these groups. How much do they really get to see. It is no secret anymore with the Snowden leaks and many others that the ones who are there to oversee and protect us from our own power groups is just a feel good gesture more then effective body.

     Where will the line in the sand be drawn? How much privacy are you prepared to give up for a fabric of security that seems more like farm where we are the cattle penned in our own little paddock? I for one think the debate about law enforcement having the right to all decryption keys will come to a head very soon.

     My prediction for the future if we don't make a stand today will be simple. They will continue the cat and mouse game only until they can no longer bust current encryption. That will be the point where it will become illegal to use without being branded a criminal.

I for one love living in a Democracy and believe its worth fighting for. However it is starting to look like maybe we do live in the Matrix. The illusion of course is democracy, and if you discover this then you might find yourself in your own bit of trouble.

As always do not be afraid to challenge your mind!   

Sources used:

The fantastic article written by SC Magazine and there talented staff

http://www.scmagazine.com/district-court-judge-fbis-hacking-trick-does-not-require-warrant/article/505615/ 

The Ben Franklin quote

https://en.wikiquote.org/wiki/Benjamin_Franklin      

The Human element

The Human element

     In an age where we cannot live without mobile devices and all our information is online most us us never give a passing thought to what this means and more importantly how to keep it safe. If you employer hands you a check for a million dollars and asks you to keep it safe, you rush off and put it in the bank or a safe. We know what to do to protect the tangible things we are given. 

     What were not so good at is knowing how to protect the confidential document that we were emailed by the boss which we were equally entrusted with to keep safe. The computer age in the modern workplace is still relatively new. Many of the workers in the work place may have even predated the computer on every desk revolution. 

     

     I am sure if you have worked anywhere by now you have been given the line that I am not good with computers or they don't really like me. A good number of people in your office will likely fall in the group of non computer users. These users can be a challenge and may even be safer using an old paper and pen method. How do you protect these users? Do you just shrug them off and leave them to there own devices? Do you even think of them as a part of your Cyber Security defenses? Are these users you need to continue to repeat the same lessons over and over?

I see in many of the companies I visit the shrug them off strategy. We fix there immediate problem and wonder off. Yes I do get these users are sometimes a tremendous challenge and can be a burden to your IT staff. However much like learning to walk or ride a bike we fall over and over much to the frustration of our teacher until we don't. There is that moment when it all becomes very clear and all the repeated lessons just make sense.

     So why when we know that our users are the biggest risk in our organization are we prepared to spend tens of thousands of dollars on a single Firewall are we hesitant to spend a few thousand dollars to develop and maintain an on going education program for our employees. We have an IT budget that encompasses the hardware and software, even our IT staff. Why do we not also put some aside for use here? 

     Imagine the cost of a single data breach. or the constant flow of accidental data outside our company infrastructure. These costs usually lead to the termination of the IT Manager and a lot of lost revenue. Usually just one of these breaches equal the cost of a decade of training.  The threats to our network change every day. This increase is going to cost billions of dollars that may have been saved if we took the initiative. As an IT guy I know the challenge of keeping up with all the latest threats. Many are technical certainly but the way these end up in our network is often not.

I guess the point of this is simple. We need to view our employees as part of the entire IT infrastructure and like our annual licensing costs we need to be spending an annual amount to ongoing training. You may never see this in a monetary return of savings, you will see the loss of money if you do nothing.

As always do not be afraid to challenge your mind! 

Your Identity

Your Identity

     Over the past few months there have been literally hundreds of millions of user accounts compromised across many large sites and services from Twitter to UTorrent.

Each time your personal information ends up in jeopardy and on an auction block in the DARK WEB.

     I am starting to wonder why we even bother. As it stands we know our personal information is not safe as the last year has demonstrated. What should we do. How much money is the criminal element making off of your life.

     I am starting to think I may as well sell my own personal information in order to put the profits in my own damn pocket. What recourse is there when you lose this sensitive information. What do we get when this happens besides a password reset and an apology. 

     

     Now let me ask this. How many people just decide they have had enough with certain sites and the lack of security so they close there account. Do you really think they remove your account information thus putting your identities security back into your own hands. Or do they hold it close until the end of time? What if when you close your account you want all your data completely purged do you get this choice. I am guessing no to all the above questions.

     So if my assumptions are right on the above that once your in there systems your now permanently forced to trust they wont lapse in security. One thing is clear is the need to improve the protection of people who are signing up to online sites and services. What this protection is remains a challenge as many of these sites could be in different countries in the world. This is evident in the lack of effect the Anti-Spam laws introduced in Canada were. Foreign entities just do not have to play by our rules.

     I guess if I was to pick a starting point for how I would shape the future of online protection for the people it would be as follows. I would mandate sites must identify the countries there servers will live in. Giving users an opportunity to make an informed decision on if they want to put there personal information in an environment that is not in a country with strict cyber protection rules in place. 

     The second part is the ability to have a user submit a request to close there account and the site/service hosting this would have a window of time in which to remove ALL personal data for this user. Sure if they want they can provide an option for people to opt out of this purging though i cannot imagine anybody wanting to.

     One thing is clear through all of the breaches is that doing nothing just is not an option anymore. You have one identity unless your a super spy and should have the right to protect it. There needs to be an international body that can help create a set of rules and policies that all countries should follow and publicly identify those who do not.  The future is coming fast and our policies are just not adapting quick enough. 

As always do not be afraid to challenge your mind!   

Virtual Reality VS Augmented Reality

Virtual Reality VS Augmented Reality

First I guess I will share what I consider to be the key points to both of these great new technologies!

Virtual Reality

     This one is really interesting. I think if you were to give it a quick glance the obvious main use is games. The gamers are going to keep this technology moving fast. They always drop a lot of money in these technologies to keep innovation going! 

Now for other uses for this amazing technology. I see this as a way to help mentally stimulate the elderly in nursing homes. Imagine linking a couple together and letting them enjoy a virtual cruise. Or a visit to some far away country to see landmarks and sites. All the while still in a safe and controlled environment.

A lot of the depressed states and moods of the elderly who are now losing a lot of there independence would quickly abate with the right stimulation.

Now also think of the value in the classrooms. Imagine just how engaged the kids would be to learn about history and geography if they were completely immersed in the various times and places. Museums would come to life just like in the movie "Night at the Museum".

  People could get together in virtual cafe's regardless of geographic location.

Its not hard to see all the places this technology could thrive and enhance the world we live in but what about Augmented Reality? 

Augmented Reality

     This one I feel has a very exciting future ahead of it. Starting with the obvious stuff like virtual TV's that appear anywhere you feel like watching something. virtual interfaces for your personal mobile devices appearing like floating holograms.

What about preparing a new meal and that recipe just there like a HUD for you to follow. Or not just follow but work beside a virtual chef to prepare new and exciting dishes with an expert guiding you.

Hands free driving use with maps that are always off to the side but visible without taking your eyes of the road.

Maybe your stuck on a handyman project and need an expert to guide you through the work? the virtual hands performing the motions in front of your eyes to ensure you understand the steps completely.

Also a great tool for education as well. Just imagine teaching the periodic table of elements and each kid being able to manipulate each element in there hand. To be able to study it easily from any angle.

Both of these technologies are often perceived as competing however i prefer to think of them as sitting in there own niche market. They both have so much to offer the world and in such a way that the areas they do overlap would be minimal. I would consider both of these technologies here to stay. You cant go wrong buying into either of them. 

As always do not be afraid to challenge your mind!  

Facebook, What they may not advertise!

Facebook, What they may not advertise!
 

     In today's world when every social network seems to be giving up users passwords and accounts on a daily basis to the elite hackers of the world it begs the question, is the reward worth the risk? Are we even aware of all the risks we are exposed to by using these sites?

The first question is likely to be the easiest to answer. In most cases the risk vs reward ration almost always becomes worth it. If you do your best to ensure your limiting how much of yourself you put out there then the risk is reduced. This balance is pretty easy to maintain if you use social media for just that, being social. After all we have a lot of experience in meeting people in our daily lives where we have meaningful relationships without giving up our deepest secrets. This of course leads to the next challenge. When we use social media do we somehow feel separated from those social graces and rules we guide our real life conversations with?
     Do we feel somehow that we can say anything and share anything without consequence? I find the this part to be interesting. People quickly show who they are inside when they feel shielded by the thought of not being seen. This of course would merit its own discussion that I will just skip for my first blog. 
I am more focusing on that stuff we put out there without wondering what happens to that information. What about information you do not intent to put out there? When we post pictures out there do we ever consider how quickly these images spread out across the internet? The fact is once its posted anywhere you lose all control of that image. So it is important to know what that image can tell someone. Aside from the usual ethical nature of posts such as not posting indecent images which by now most people know better about. I am talking to the stuff in the picture that could potentially tell someone too much personal information about you and where you live. There are subtleties in many pictures that we do consider! 
     For example when you share a selfie of us at our favorite retail store we start narrowing the scope of where we live. What our shopping habits are. These are small details for sure, but they can be clues to those who are interested in less then honorable things. These are things that are important to keep in mind when you share any photo even the most innocent pictures.
     The next threat of course to me is the most interesting. This one is the threat that comes from the very places we trust to keep us safe. Such as the social media site itself like Facebook. We sign up to these sites knowing that all our personal details are being stored by them. Our lives being digitally captured by each post and image we store on there servers. These are the things we post consciously and should have already gone through our own internal filters of what we know to be safe for sharing. The scary part is when a story breaks that challenges what we thought Facebook was. The story I am referring to is the one covering the listening in when your App is just open. This is something that you cannot see. Something missed by even those who carefully rip apart that user license agreement. It is what happens without our consent. 
     Facebook of course quickly announced that they do not record you for the purposes of focusing ads. They did not imply of course that they do not listen. This may or may not be true, I am still testing by speaking openly to my phone everytime Facebook is open on a specific topic to see if ads start changing to reflect words spoken.
The fact is the technology exists to give the power to companies like Facebook to spy on you 24 hours a day 7 days a week. So while we worry about our passwords being compromised we gloss over the fact that we may have a bigger threat we invited in. This information can be used for so many purposes both good and bad. The down side is you do not get to choose  either way. It is taken without your permission. We may live in a free democratic society but we are not free when we are always being watched.


     If the testing does show that Facebook is secretly listening to me i unfortunately will like many continue to use it as it does make it possible to stay in touch with family in friends in a way we otherwise may not be able to. This does of course mean i will be more conscious of where my mobile device is and  when it is better to leave it put away. We as a society need to do our part to keep people safe online. Most of these technology stories never reach the vast majority of our friends and family unless we share it. Together we can educate those who maybe do not follow the world of digital security and each do our part to protect them online. Share security breaches to the sites like Facebook to your friends to make sure they know what they can do to stay safe.

As always never be afraid to challenge your mind!