No, You Go First

Bruce Schneier talks about how security companies sat on knowledge and research data about military-grade Regin malware for at least six years. They only decided to share their knowledge because the Intercept was about to publish an article about it. Their arguments for why they withheld their knowledge until now range from “our customers asked us not to disclose what had been found in their networks” to “we didn’t want to interfere with NSA/GHCQ operations”. :/ It’s safe to say that they sit on a bunch more.

Privacy Consequences of the SPE Hack

Bruce Schneier in his comments on the recent Sony Hack cites a Gizmondo article that sums it up very well why privacy is important to everyone even for mundane everyday stuff we do on the internet:

These are people who did nothing wrong. They didn’t click on phishing links, or use dumb passwords (or even if they did, they didn’t cause this). They just showed up. They sent the same banal workplace emails you send every day, some personal, some not, some thoughtful, some dumb. Even if they didn’t have the expectation of full privacy, at most they may have assumed that an IT creeper might flip through their inbox, or that it was being crunched in an NSA server somewhere. For better or worse, we’ve become inured to small, anonymous violations. What happened to Sony Pictures employees, though, is public. And it is total.

And in Bruce’s words:

These people didn’t have anything to hide. They aren’t public figures. Their details aren’t going to be news anywhere in the world. But their privacy has been violated, and there are literally thousands of personal tragedies unfolding right now as these people deal with their friends and relatives who have searched and reads this stuff.

Schizophrenics Were Right, Probably, Maybe, Hopefully Not …

An interesting article on how schizophrenics’ thoughts that they are controlled by an outside power or living in a world crafted for them has become a matter of possibility for all of us – or “how reality caught up with paranoid delusions.” Exploring advances in technology, its ubiquity and the way we consume it, we assume we perceive an altered *cough* enriched and augmented version of the world around us. We silently ignore that this allows us to be easily toyed with and manipulated without us necessarily noticing it.

This is an interesting phenomenon that is not widely known and mostly ignored. But the matter of the fact is that if you have two computers, side-by-side, open up your browser and search for the exact same thing, you won’t get the same list of results. The same happens on social networks: try looking for a non-person and compare the results and their order.
Search gurus will tell you this is the magic of “personalized results” and finding things “most interesting to you” … but what they don’t tell you is that this comes at the price of having  the possibility of doing a global and unbiased search.

Any search you do is biased, by the region you are accessing the internet from (continent, country, city), your internet history, your search history, your language preferences, time of day … basically anything quantifiably different will alter your search results. You can’t (even if you try) do a unfiltered, repeatable and global search on the internet. And anything you click in those already tailored results will only reinforce your perceived “interest.”
Eli Pariser also talks about this in his “Beware online filter bubbles” Ted Talk where he quotes Google’s Eric Schmidt:

It will be very hard for people to watch or consume something that has not in some sense been tailored for them.
Eric Schmidt, Google

So, what would prevent any of those search providers from manipulating results deliberately? Actually, pretty much nothing. The amount of manipulation they would have to do e.g. to influence voter preferences in an already close election would probably be too little to be noticed and it wouldn’t even be illegal. So that’s why people like Bruce Schneier demand regulation for secret algorithms that have become part of our infrastructure.

One thing is clear: it can’t stay the way it is now.

OK … enough dystopic thoughts for today. 😛

Update 2013-12-08:
Seems like reality caught up already. Case in point: South Korea.

Interview with Bruce Schneier on Privacy, Security & the Future

Bruce Schneier talks about how the mechanics of privacy changed since the advent of social media, who holds control and power in the new arena, what are real issues and what are just generational differences in dealing with them. He has a lot of good analogies to make his points. 🙂

Paper: Does Terrorism Really Work? Evolution in the Conventional Wisdom since 9/11

Bruce Schneier points to a new paper by Max Abrams titled “Does Terrorism Really Work? Evolution in the Conventional Wisdom since 9/11“. From the abstract:

The basic narrative of bargaining theory predicts that, all else equal, anarchy favors concessions to challengers who demonstrate the will and ability to escalate against defenders. For this reason, post-9/11 political science research explained terrorism as rational strategic behavior for non-state challengers to induce government compliance given their constraints. Over the past decade, however, empirical research has consistently found that neither escalating to terrorism nor with terrorism helps non-state actors to achieve their demands. In fact, escalating to terrorism or with terrorism increases the odds that target countries will dig in their political heels, depriving the non-state challengers of their given preferences. These empirical findings across disciplines, methodologies, as well as salient global events raise important research questions, with implications for counterterrorism strategy.

I hope my university has access to it …