Is There Privacy Online

Vast Spy System Loots Computers in 103 Countries

 

Are you concerned about your private information getting into the wrong hands out there on

 the internet? You should be. An article in the New York Times dated March 29, 2009 gives us

 all cause for concern.

 http://www.huffingtonpost.com/2009/03/29/ghostnet-vast-chinabased-_n_1

According to the article: Researchers at the Munk Center for International Studies at the University of Toronto have discovered a vast electronic spying operation that has infiltrated at least 1,295 computers in 103 countries. In less than two years the spying operation has infiltrated computers belonging to embassies, foreign ministries and government offices including the Dalai Lama’s Tibetan exile centers in India, Brussels, London and New York.

The spy operation dubbed “GhostNet” by the Toronto researchers uses malware that is able to turn on the camera and audio-recording functions of an infected computer, enabling monitors to see and hear what goes on in a room. The GhostNet intruders had gained control of the electronic mail server computers of the Dalai Lama’s organization. One recipient of an email from the Dalai Lama’s exile center was arrested upon her return to China and warned not to get involved with the exile center’s activities.

Three of the four control servers used by GhostNet were traced to different provinces in China — Hainan, Guangdong and Sichuan — while the fourth was found to be at a Web-hosting company based in Southern California. Last year, one of the researchers, Nart Villeneuve who is a “white-hat” hacker with “dazzling technical skills” linked the Chinese version of the Skype communications service to a Chinese government operation that was systematically eavesdropping on users’ instant-messaging sessions.

Shishir Nagaraja and Ross Anderson, two researchers from Cambridge, England who helped the Toronto researchers, wrote in their report titled, The Snooping Dragon: Social Malware Surveillance of the Tibetan Movement: “What Chinese spooks did in 2008, Russian crooks will do in 2010 and even low-budget criminals from less developed countries will follow in due course.”

Since sophisticated hackers always seem to be one step ahead of security companies, it appears that none of us is safe from having our computers broken into and data stolen. Maybe the best strategy is to assume that there is no privacy online and that all of our most sensitive personal information and data will eventually be available to anyone and everyone on the net.

 

Digital Footprints

When and where should we be teaching students about their digital footprint?

 A valuable study done by the Pew Foundation distinguishes between an active digital footprint and a passive one. 

 “The more content we contribute voluntarily to the public or semi-public corners of the Web, the more we are not only findable, but also knowable. The more content we contribute to the public or semi-public corners of the Web, the more we grow our active digital footprint. These are the traces of data we contribute voluntarily, often in specific contexts with specific audiences in mind.”

 “There are the data points uploaded to the internet as a matter of course, along with other public records like home sales, court records, and newspaper accounts. Layered on top of these publicly available sources are proprietary databases containing information such as cell phone numbers and political affiliations. This is the passive digital footprint, the one that grows with no deliberate intervention from an individual.”

 Source: Online Identity Management and Search in the Age of Transparency  - Pew Internet.     http://www.pewinternet.org/Reports/2007/Digital-Footprints.aspx

 Whether passive or active, the digital footprint of each of us is growing and as it does, more and more of ourselves is captured forever on the Web. As the social web sites that we use become more personal, we become more and more transparent. The question is: is there a problem with these digital footprints and our ever-increasing transparency?

 Kevin Kelly, in his blog, “The Technium,” writes: “The price of total personalization is total transparency. Transparency suggests a more active role, rather than an imposed view. You have to BE transparent.  And of course, it is impossible to have total personalization with perfect knowledge.” How much transparency do we want even if we are able to actively manage it as Kelly advises?    http://www.kk.org/thetechnium/archives/2008/05/total_personliz.php

 “We cannot expect that having large warehouses of data on individuals will be free from unintended consequences, especially when there are incentives to try to build highly detailed models of everyone's lives. The price of total personalization is total surveillance.” Seth Finkelstein, The Guardian, Thursday 15 November, 2007

How many of us are ready to submit to the total surveillance that Mr. Finkelstein believes comes with total personalization?

 I believe that schools should not only address the when and where but also the how of teaching students about their digital footprint. I would like to see students take a one-quarter class in learning how to actively manage their digital footprint. This class should include teaching students to install two software applications: Tor and Privoxy.

“Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.

Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.

Hundreds of thousands of people around the world use Tor for a wide variety of reasons: journalists and bloggers, human rights workers, law enforcement officers, soldiers, corporations, citizens of repressive regimes, and just ordinary citizens.”        https://www.torproject.org/

 From the Privoxy website: “A web proxy is a service, based on a software such as Privoxy, that clients (i.e. browsers) can use instead of connecting to web servers directly. The clients then ask the proxy to request objects (web pages, images, movies etc) on their behalf and to forward the data to the clients. It is a "go-between". For details, see Wikipedia's proxy definition.

There are many reasons to use web proxies, such as security (firewalling), efficiency (caching) and others, and there are any number of proxies to accommodate those needs.

Privoxy is a proxy that is primarily focused on privacy enhancement, ad and junk elimination and freeing the user from restrictions placed on his activities. Sitting between your browser(s) and the Internet, it is in a perfect position to filter outbound personal information that your browser is leaking, as well as inbound junk. It uses a variety of techniques to do this, all of which are under your complete control via the various configuration files and options. Being a proxy also makes it easier to share configurations among multiple browsers and/or users.”          http://www.privoxy.org/faq/general.html#PROXYMORON