You are unique… In so many ways…

The accounting systems on which modern society depends are surveillance systems when viewed with another lens. All administrative, financial, logistics, public heath, and intelligence systems rely on the ability to track people, objects, and data. Efficiency and effectiveness in tracking have been greatly aided by improvements in data analysis, computational capabilities, and greater aggregations of data.

Advances in social network analysis, traffic analysis, fingerprinting, profiling, de-anonymization/re-identification, and behavioral modeling techniques have all contributed to better tracking capabilities. In addition, modern technological artifacts typically contain one or more unique hardware device identifiers. These identifiers—particularly in mobile devices, but also RFIDs, and soon Intelligent Vehicle-Highway Systems—are widespread, but also effectively unmodifiable and relatively unknown to most of their owners. For example… Continue reading

Problem Areas for SSL

The security of the transactions for much of the consumer Internet relies on the Secure Socket Layer (SSL) protocol. SSL and its Public Key Infrastructure (PKI) are critical Internet infrastructure. Most consumer Web, email, and VoIP traffic relies on SSL for security as does substantial portions of enterprise Internet traffic both from SSL enabled Web applications and SSL-based VPNs.

Fundamental problems increasingly put this infrastructure at risk. Significant risks include flawed implementations of the SSL protocol and PKI, inadequate verification mechanisms for certificate issuance, limited implementation of revocation mechanisms, and involvement by state actors in the issuance process. There are no viable alternatives to the mainstream use of SSL that are currently widely accepted or deployed.

Cryptographic Flaws

The… Continue reading

It’s happened to all of us. You are busy writing, entering data, or working on a slide deck and all of a sudden something freezes and then the application crashes. If either we recently saved the document all is well, otherwise the inevitable explicative follows. It is 2011 and there is no excuse for not having autosave, but there are still a depressing number of applications that do not automatically save documents. Blaming the user who lost work to an application or operating system crash is blaming the victim. People are far better served by applications that automatically name, save, and version their files without requiring manual intervention. This way users can easily undo or revert to an older version after application crashes, machine hangs, and power outages, no swearing… Continue reading

Trouble in Time Machine Land

In my recent article, A Simple and Effective Backup Strategy for Mac OS X, where I recommended a three part backup system: 1) a full disk clone, 2) local incremental backups with Apple’s Time Machine, and 3) networked incremental backups with CrashPlan. I found Time Machine problematic for my own setup, for reasons I explain below, so I now use CrashPlan for both local and networked backups.

For most people with configurations that are not highly customized or complicated, Time Machine is a great “set and forget backup” solution. The primary interface is a single on or off toggle switch. Its ease of use can make the difference between having backups and not having backups for many. At… Continue reading