- Brazil undertaking all digital census, using smartphones, Slashdot
- Contribute to SETI@home from your browser
Via Hacker News. - Re-targeting ads stalk surfers for weeks after they shop
Slashdot links to a story at NYT that I find fascinating for its potential to drive home the point about widespread behavioral advertising. If more users notice these sorts of creepy practices, the more fuel we’ll have for debate around better practices around transparency and affording the ability to opt out. - Cyanogen, after market mod for Android smart phones, now supports FroYo, ReadWriteWeb
- GPU assisted sorting algorithm breaks giga-sort barrier, Slashdot
- iPhone app in approval limbo goes open source, Slashdot
- New model developed to help organize, keep private massive amounts of online data, Science Daily
HT @joabj - Some California schools decide to track students with RFIDs, EFF
Tag: RFID
TCLP 2010-08-08 News
This is news cast 221, an episode of The Command Line Podcast.
In the intro, my thanks to Mike for his donation for which he has earned a merit badge. A final reminder there will not be a feature cast this coming week, I’ll be out in San Francisco for most of the week. Also, a quick review of George Mann’s “The Osiris Ritual“. I reviewed his first novel, “The Affinity Bridge”, earlier in the Summer.
This week’s security alerts are RFIDs can be provably read at over 60 meters and an algorithmic attack on reCAPTCHA.
In this week’s news an algorithm to improve the energy efficiency of mesh networks, concerns over a citizen vigilante group monitor ISPs though the groups claims may be overstated, Google ends Wave development though is dedicated to learning from its failure in this case probably from its complexity despite adding more resources and opening up to more users, and unpacking what exactly went on between Google and Verizon especially as they deny claims of an anti-neutrality pact (even on Twitter). Odds are good they are still meeting and talking to some end which may be why the NYT is sticking to its story. Cringely has the most intriguing guess at their possible goal.
Following up this week EFF offers assistance to targets of the US Copyright Group and the FCC ends closed door discussions on its net neutrality plan.
[display_podcast]
View the detailed show notes online. You can also grab the flac encoded audio from the Internet Archive.
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.
Quick Security Alerts for Week Ending 6/6/2010
- More high security flaws in Adobe software
- Adobe warns of more critical flaws
- More on Facebook “likejacking” attack
- Mac spyware shows up on popular download sites
- Keylogger vendor gets a slap on the wrist from FTC
- New rules for Facebook developers not rogue proof
- Open source anti-XSS library from Microsoft
- Facebook plugs email indexing hole
- Month of PHP security uncovers 60 bugs
- RFID hoaxes and hexes
- Yahoo requires opt out to prevent use of contacts for socialnetworking
Excellent Interview with Privacy Commissioner Ann Couvakian
Search Engine’s Jesse Brown interviews the Canadian Privacy Commissioner in his usual fearless and thoughtful style in this first of a two part series. My only complaint is that there is a bit of fear mongering here. Jesse cops to that but beyond his witty hyperbole, repeatedly pants centric, there are a couple of telling omissions. There are indeed secure RFID implementations out there despite the poor choices many governments are making, most likely in pursuit of the lowest bid. RFID is by and large a passive technology, it doesn’t radiate anything in and of itself. That being said, he is not wrong about the accessibility of off the shelf readers and the attractiveness of the target. It actually makes the governments’ various roll outs more tragic as what is really going on here is that they could be pressing for much more secure implementations–strong encryption, randomized serial numbers, authenticating readers–but they are not.
I will give Couvakian credit for advancing a beautifully simple idea that should be cost effective enough for the cheapest bureaucrat to approve–an off switch. I don’t know why I haven’t heard anyone else espouse this idea. Or that it hadn’t occurred to me in my own criticisms of poor implementations of the technology. If you introduced a simple gap into the RFID’s copper loop antenna and add the kind of contact switch she describes in the piece, voila–the RFID is inert until the carrier takes some action. I think this is a beautiful compromise given the point that Jesse and Ann make that RFIDs are just going to get more ubiquitous.
That should now be our rallying cry in the face of any kind of RFID rollout that threatens our individual privacy–give us an off switch!
That and make sure the corresponding databases are secure. While I am glad that Jesse pressed this point, I wished Couvakian had given her response more thought. Perhaps she is right in the case of the enhanced driver’s license that data will be centralized and access controlled. But that is one case in an emerging trend. Jesse’s question should be the very next one on the lips of citizens after asking how secure the RFID implementation itself is–how secure is my associated data?