http://www.databreaches.net/?p=11686
DIA official says privacy, security different for cloud
May 17, 2010 by admin
Stephen Bell reports:
The government may have to make sacrifices in such treasured concepts as privacy and sovereignty, so that public sector organisations can take advantage of the “convenience” of the cloud, says a Department of Internal Affairs (DIA) project manager.
Adam Stapleton is managing a project for DIA’s Government Technology Services (GTS) arm, to produce “guidance to allow public sector agencies to reduce the barriers” to adoption of cloud computing services. He spoke at the Future Perfect digital continuity conference, held in Wellington recently.
Read more in Computerworld (NZ). Thanks to Brian Honan for sending the link to this.
[From the article:
The current GTS project that Stapleton oversees aims to provide an authoritative definition of cloud computing, track trends in its evolution “and talk about what is the opportunity space tactically for the next one or two years and the constraints – legislation and policy and other [factors] that may preclude some classes of information being used for some types of cloud computing services.
For my Computer Forensics students. Gathering Behavioral data for advertising doesn't depend on cookies...
http://www.pogowasright.org/?p=10247
Web Browsers Leave ‘Fingerprints’ Behind as You Surf the Net
May 17, 2010 by Dissent
From a new press release from EFF:
New research by the Electronic Frontier Foundation (EFF) has found that an overwhelming majority of web browsers have unique signatures — creating identifiable “fingerprints” that could be used to track you as you surf the Internet.
The findings were the result of an experiment EFF conducted with volunteers who visited http://panopticlick.eff.org/. The website anonymously logged the configuration and version information from each participant’s operating system, browser, and browser plug-ins — information that websites routinely access each time you visit — and compared that information to a database of configurations collected from almost a million other visitors. EFF found that 84% of the configuration combinations were unique and identifiable, creating unique and identifiable browser “fingerprints.” Browsers with Adobe Flash or Java plug-ins installed were 94% unique and trackable.
“We took measures to keep participants in our experiment anonymous, but most sites don’t do that,” said EFF Senior Staff Technologist Peter Eckersley. “In fact, several companies are already selling products that claim to use browser fingerprinting to help websites identify users and their online activities. This experiment is an important reality check, showing just how powerful these tracking mechanisms are.”
EFF found that some browsers were less likely to contain unique configurations, including those that block JavaScript, and some browser plug-ins may be able to be configured to limit the information your browser shares with the websites you visit. But overall, it is very difficult to reconfigure your browser to make it less identifiable. The best solution for web users may be to insist that new privacy protections be built into the browsers themselves.
“Browser fingerprinting is a powerful technique, and fingerprints must be considered alongside cookies and IP addresses when we discuss web privacy and user trackability,” said Eckersley. “We hope that browser developers will work to reduce these privacy risks in future versions of their code.”
EFF’s paper on Panopticlick will be formally presented at the Privacy Enhancing Technologies Symposium (PETS 2010) in Berlin in July.
For the full white paper: How Unique is Your Web Browser?: https://panopticlick.eff.org/browser-uniqueness.pdf
For more details on Pantopticlick: http://www.eff.org/deeplinks/2010/05/every-browser-unique-results-fom-pa…
For more on online behavioral tracking: http://www.eff.org/issues/online-behavioral-tracking
This suggests a couple of solutions. One, ensure that your originating error rate is 19.9% so any change sends the rate over the threshold. Two, measure the rate and send the recipient that number – significant deviation is another indicator of intercept.
Commercial Quantum Cryptography System Hacked
Posted by Soulskill on Monday May 17, @06:14PM
"Any proof that quantum cryptography is perfect relies on idealized assumptions that don't always hold true in the real world. One such assumption is related to the types of errors that creep into quantum messages. Alice and Bob always keep a careful eye on the level of errors in their messages because they know that Eve will introduce errors if she intercepts and reads any of the quantum bits in a message. So a high error rate is a sign that the message is being overheard. But it is impossible to get rid of errors entirely, so Alice and Bob have to tolerate a small level of error. This level is well known. Various proofs show that if the quantum bit error rate is less than 20 percent, then the message is secure. However, these proofs assume that the errors are the result of noise from the environment. Now, physicists have come up with an attack based on the realization that Alice also introduces errors when she prepares the required quantum states to send to Bob. This extra noise allows Eve to intercept some of the quantum bits, read them and then send them on, in a way that raises the error rate to only 19.7 percent. In this kind of 'intercept and resend attack,' the error rate stays below the 20 percent threshold and Alice and Bob are none the wiser, happily exchanging keys while Eve listens in unchallenged. The physicists say they have successfully used their hack on a commercial quantum cryptography system from the Geneva-based startup ID Quantique."
Sometimes you need to repeat, repeat, repeat...
http://www.docuticker.com/?p=34462
New Study Finds That a National Value-Added Tax Could Permit Major Cuts in Corporate Income Taxes, Payroll Taxes
(Related)
http://www.docuticker.com/?p=34460
Tax Forms Cost Americans Billions of Hours – and Dollars, Taxpayer Group’s Study Finds
...and 'cause sometimes you need to cover your tracks!
http://www.makeuseof.com/dir/isendr-send-files-directly-to-another-computer
iSendr: Send files directly to another computer over the web
… iSender is a web-based program that creates a link for you to send files directly to another computer without uploading it to a third party server.
Similar tools: FilesOverMiles, PipeBytes and JetBytes.
No comments:
Post a Comment