September 6, 2008
No Privacy Chernobyls
(Posted by adam)
Over at the Burton Identity and Privacy Strategies blog, there's a post from Ian Glazer, "Trip report from the Privacy Symposium," in which he repeats claims from Jeff Rosen:
I got to hear Jeffery Rosen share his thoughts on potential privacy "Chernobyls," events and trends that will fundamentally alter our privacy in the next 3 to 10 years.I don't believe it, and haven't believed it in a long time. As I said in 2006, There Will Be No Privacy Chernobyl. There's too much habituation, too much disempowerment, and too diffuse an impact of any given issue.
I'd love to have to eat those words. Rosen suggests five issues:
- Targeted ads
- Search term links
- The Star Wars kid
- Ubiquitous surveillance
Posted by adam on September 6, 2008 at 1:39 PM
in ID Management
, Privacy
, awareness
. You can:
comment, view comments (2),
search Technorati.
Bookmark this post:
September 5, 2008
Things only An Astrologist Could Believe
(Posted by adam)
There's a really funny post on a blog titled "Affordable Indian Astrology & Vedic Horoscope Provider:"
Such a choice of excellent Muhurta with Chrome release time may be coincidental, but it makes us strongly believe that Google may not have hesitated to utilize the valuable knowledge available in Vedic Astrology in decision making.This is a beautiful example of confirmation bias at work. Confirmation bias is when you believe something (say, Vedic astrology) and go looking for confirmation. This doesn't advance your knowledge in any way. You need to look for contradictory evidence. For example, if you think Google is using Vedic astrology, they have a decade of product launches with some obvious successes. Test the idea. I strongly believe that you haven't.
Posted by adam on September 5, 2008 at 10:06 AM
in Amusements
, Legal
. You can:
comment, view comments (7),
search Technorati.
Bookmark this post:
September 3, 2008
Quoting Dilbert is a Best Practice
(Posted by adam)
Via Alex Hutton.
Posted by adam on September 3, 2008 at 10:15 PM
in Amusements
. You can:
comment, view comments (2),
search Technorati.
Bookmark this post:
Hans Monderman and Risk
(Posted by adam)
Zimran links to an excellent long article on Hans Monderman and then says:
When thinking about human behavior, it makes sense to understand what people perceive, which may be different from how things are, and will almost certainly be very different from how a removed third party thinks them to be. Traffic accidents are predominantly caused by people being inattentive. Increase the feeling of risk, and you increase the attention. I know when I am in traffic on my bike, I'm hyper-vigilant, and this has made me a better car driver.Some interesting quotes from the article:
Without bumps or flashing warning signs, drivers slowed, so much so that Monderman’s radar gun couldn’t even register their speeds. Rather than clarity and segregation, he had created confusion and ambiguity. Unsure of what space belonged to them, drivers became more accommodating. Rather than give drivers a simple behavioral mandate— say, a speed limit sign or a speed bump— he had, through the new road design, subtly suggested the proper course of action. And he did something else. He used context to change behavior. He had made the main road look like a narrow lane in a village, not simply a traffic- way through some anonymous town.
On Kensington High Street, a busy thoroughfare for pedestrians, bikes, and cars, local planners decided to spruce up the street and make it more attractive to shoppers by removing the metal railings that had been erected between the street and the sidewalk, as well as “street clutter,” everything from signs to hatched marks on the roadway. None of these measures complied with Department for Transport standards. And yet, since the makeover there have been fewer accidents than before. Though more pedestrians now cross outside crosswalks, car speeds (the fundamental cause of traffic danger) have been reduced, precisely because the area now feels like it must be navigated carefully.We talk about Monderman's thinking about risk in the New School, and I wanted to talk a little about the implications for computer security. The idea of giving a user experience a sense of place is a great one, if we could constrain it to the good guys. Unfortunately, bad guys can design their websites to look like a narrow lane in a village, a welcoming mall, or whatever else they want. The designer of a space can make you feel safe or feel like you must navigate carefully.
What do you think phishers are going to do?
Posted by adam on September 3, 2008 at 12:04 PM
in Security
, Usability
. You can:
comment, view comments (4),
see trackbacks (0) or
search Technorati.
Bookmark this post:
September 2, 2008
Signal Boosting Amrit Williams
(Posted by arthur)
File this under "Posts I Wish I'd Written". Amrit Williams' "
The 7 Greatest Ideas in Security," really highlights a lot of my basic thoughts on how security should work. His conclusion sums things up cogently, but go read the entire post:
Some may argue that something has been forgotten or that the order is wrong, but I would argue that we must learn to develop securely, implement the proper security controls, verify the functioning of these controls, leverage the research of the greater community, ensure that what cannot be protected is hidden, and from the beginning to the end properly plan, prepare, and set the right expectation - these are the greatest ideas in security and if we learn to embody these principles, we would be moving the industry forward as opposed to constantly feeling like we can only clean up the incompetence that surrounds us.
Also, extra points for the great turn of phrase "Inspect What You Expect".
Posted by arthur on September 2, 2008 at 10:41 AM
in information security
. You can:
comment, view comments (1),
see trackbacks (0) or
search Technorati.
Bookmark this post:
