Thursday, August 10, 2006

Opposition to nominated US Chief Privacy Officer

I'm so tired of seeing privacy officers and council members who are lawyers first. They may understand the law, but they often don't understand privacy. And lawyers tend to not consider risks outside of the legal/liability context. I've experienced privacy lawyers say that it was okay to not encrypt data anywhere internally because we only said "via our website" in our privacy policy. That may be true in a strict legal sense, but from an overall customer privacy and privacy threat model perspective, it doesn't adequately ensure either adequate protection for customer privacy (the intent of the policy and assurances to customers) nor does it ensure an adequate privacy environment or mindset in a company (which itself often leads to more lax treatment of sensitive information and therefore breaches).


EPIC Alert 13.16


Open letter to DHS secretary Michael Chertoff

Latest airline "security" hysteria

Educated Guesswork: Threat modelling airplane explosive detection

A good analysis of why the threat model of materials in checked luggage may be sufficiently different than carry-on that would need to hold for the new security measures to make sense.

I'm not sure I agree with Bruce Schneier's assessment that, "Given how little we know of the extent of the plot, these don't seem like rediculous [sic] short-term measures." I don't agree with this because if it is too risky to bring these kinds of materials onboard today, then why would it ever be okay to allow them tomorrow? It's kind of like the precautionary disconnect from the Internet, "Why, why, why do they let employees use the Internet at all if they occasionally stop trusting its safety? Threats don't magically shrink just because you updated the antivirus package." It doesn't make much sense occassionally stop trusting liquids/gels on airplanes, They are either a threat (someone can always masquerade a bomb as benign liquid at anytime and can always disguise a detonator as anything--imagine if terrorists use cellphones instead of keyfobs for a detonaor--the public reaction to banning cellphones in carry-on would be huge) or they aren't. I agree that there is a heightened threat right now, but that threat has been and will be nonzero, so when will it be "safe" to allow them back on board and what criteria would determine this?

The other danger of taking such drastic measures is that the terrorists could be counting on that. Terrorists can just change tactics while the TSA is busy keeping someone's Frappuccino off the plane but allowing supposed breastmilk and liquid prescription drugs. As if the terrorists wouldn't have anticipated that loophole.

I wish I wasn't flying in a couple of days--not because I'm afraid of the possibility of a terrorist on board my plane, but because it's going to be a nightmare to go through security. And now I have to rethink everything I was planning to bring on board.

Tuesday, August 8, 2006

Illogicacy

Atheist Ethicist: Well Founded Beliefs

Great treatise on how the inability for people to properly reason (I called it Illogicacy here after Innumeracy) leads them to make terrible mistakes that result in harm to others, often worse than those that society often feels harm society most.

This blog is really, really excellent, BTW. Really makes you think. Sometimes just think that you would have never come up with that or could never have expressed that so logically and eloquently.

Tuesday, August 1, 2006

DIY RAID-5 NAS

Build a Cheap and Fast RAID 5 NAS | Tom's Networking

I'm going to need to get one of those cards and a bunch of drives to augment my data server with a terabyte of RAID-5 goodness. *yum*


Desalinate water while ascending your space elevator?

Technology Review: Cheap Drinking Water from the Ocean


A water desalination system using carbon nanotube-based membranes could significantly reduce the cost of purifying water from the ocean. The technology could potentially provide a solution to water shortages both in the United States, where populations are expected to soar in areas with few freshwater sources, and worldwide, where a lack of clean water is a major cause of disease.