As a former Facebook user, I was sad to see the direction and risk that the company was taking on when it began partnering with web sites to integrate their tool. Of course, Facebook has a long history of setting its own course and has suffered minor setbacks in the past as a result.
With the media hype coming down from the iPad, it appears from my vantage point that Facebook will continue its death spiral at a more rapid pace. The questions will be coming from all angles in the media, but I think there is more to learn than "violating trust is bad" from the Facebook model. Social networking as we know it has some very real benefits and constraints, and there are certainly some ethical boundaries that need to be addressed so that the data that exists on these sites are used only for its intended purpose.
Essentially, Facebook is the worst example of our best social networking community. As is the case in research and scholarly writing, we must continue to evolve, let the market forces play themselves out, and not only question, but apply the lessons learned to advance the technology.
For now, the question is simply... will Facebook survive?
Friday, May 21, 2010
Tuesday, May 4, 2010
New Research Project
I am beginning a research project today that will attempt to explore how humans can possibly use the kinetic energy that is transmitted through the body to charge and power Implantable Cardioverter Defibrillators (ICDs). With an average lifespan of 7 to 10 years, and the earlier onset of obesity that causes Chronic Heart Disease, these devices will need to be changed more frequently, with each surgery (however minor) resulting in independent game theory outcomes.
I am finding the convergence of biology and technology very fascinating, and while researchers like Kevin Hu are squarely focused on the security of these devices from malicious wireless transmissions, I am becoming particularly interested in the business applications of biotechnology.
I am finding the convergence of biology and technology very fascinating, and while researchers like Kevin Hu are squarely focused on the security of these devices from malicious wireless transmissions, I am becoming particularly interested in the business applications of biotechnology.
Thursday, April 8, 2010
Is Lock Picking a Lost Art?
By now, most of the people in the security field have become aware of near foolproof means of bypassing pin tumbler locks and the like using a special key and hammer. My naive thought was that once the new method would come to light, the art of lock picking would soon fall by the wayside.
Furthermore, particularly in information security circles, people mostly lose sight of the need to address physical security as a means of ethically penetrating a client's infrastructure. To this end, I encourage information security pratitioners to expose themselves to lock picking as a means of increasing concentration, and solving puzzles. Whether it be a door to a server room, or a lock protecting a rack of servers, having a basic understanding of how locks work and some general techniques to defeat them can make all the difference in the world.
Furthermore, particularly in information security circles, people mostly lose sight of the need to address physical security as a means of ethically penetrating a client's infrastructure. To this end, I encourage information security pratitioners to expose themselves to lock picking as a means of increasing concentration, and solving puzzles. Whether it be a door to a server room, or a lock protecting a rack of servers, having a basic understanding of how locks work and some general techniques to defeat them can make all the difference in the world.
Tuesday, April 6, 2010
Data Disclosure and Compensation
I was recently thinking about the data disclosure breach of 3.3 million from ECMC, and as I read the article, I was becoming increasing disturbed about the lengths that companies that sustain a data breach are taking to compensate the victim. It seems as it is customary to send a letter to the victim and offer one year of credit monitoring services. This is garbage in my opinion, as many of the victims are already under a credit monitoring service from some other company and their data breach.
We are quickly heading towards two unique tipping points:
1) Credit monitoring service is not retributive justice for the violation of one's private, personal data. Sure it stings the company bottom line, but chances are, this is in a cash account just waiting for the day it may need to be used. The real victims are the one's whose data is stolen, kicked around, and ends up who knows where. So we give the victim the equivilent of a carnival prize. "Thanks for playing."
2) It appears that the information security community places a high value on private (PII) information. We spends trillions of dollars protecting 9-digit SSNs because they can easily be paired with a name as the basis of identity theft. What if we devalued this information, instead of throwing everything but the kitchen sink at it to keep it secret. Maybe it is biometrics, or maybe it is some form of smart card. I don't claim to know the answer; however, we should consider all options to protect the identity of the victims and potential victims, not the random bits and bytes that identify us.
I would be interested in hearing others' perspective on these points.
We are quickly heading towards two unique tipping points:
1) Credit monitoring service is not retributive justice for the violation of one's private, personal data. Sure it stings the company bottom line, but chances are, this is in a cash account just waiting for the day it may need to be used. The real victims are the one's whose data is stolen, kicked around, and ends up who knows where. So we give the victim the equivilent of a carnival prize. "Thanks for playing."
2) It appears that the information security community places a high value on private (PII) information. We spends trillions of dollars protecting 9-digit SSNs because they can easily be paired with a name as the basis of identity theft. What if we devalued this information, instead of throwing everything but the kitchen sink at it to keep it secret. Maybe it is biometrics, or maybe it is some form of smart card. I don't claim to know the answer; however, we should consider all options to protect the identity of the victims and potential victims, not the random bits and bytes that identify us.
I would be interested in hearing others' perspective on these points.
Subscribe to:
Posts (Atom)
Posts
