Doctor Eclectic

Doctor Eclectic
Doctor Eclectic

Wednesday, May 28, 2014

Warrant Canaries

I recently read a mystery by Dick Francis of horse mystery fame that had as a subplot a background story about breaking codes.  For some reason that got me thinking about hacking Passwords and the recent call-to-arms that if we ever bought anything online from Amazon or in a Target store we should change all our passwords.

I don’t believe I am alone in having password problems.  A firm I consult for, requires a change every three months and has common restrictions: Capital and lower case letters, numbers, symbols, and the dreaded “you cannot use a password used more recently than your last ten changes.” 

A recent count showed that I have more than fifty active passwords, many requiring similar restrictions.  For years I have had them stored on my desk (not a bad hiding place, since I seem to be the only one who can find anything on my desk), but some are in “housing groups like Quicken, where one password gets access to several others.  Mosby in the WSJ reviewed several Apps that can do that, but they all cost about $100 per year, and I was financially dissuaded.

Access to accounts by knowing a password, or clues to changing a password have recently been overtaken by concerns over maintaining privacy.  At the root of those concerns are companies engaged in data-brokering, where not only is online information collected, but it is analyzed and marketed to companies who value your interest profile and social position.  One of those companies that has interest as we gear up for a midterm election is called Politico.

In March of 2012, the FTC issued a Report expressing concern for protecting consumer privacy and setting forth restrictions designed to allow greater transparency in data collection.  There was one glaring omission: it did not control the Federal Government, a fact made obvious when the story broke about what, when and why the NSA was engaged in their own field of data collection.  Results from the two years since the FTC Report was published have recently been released.

In some fashion so have the policies of the NSA.

A response to concerns about the NSA has been for some companies to attempt to reassure their customers that information shared with their company will not be passed through to the Federal Government.  The means for this reassurance has been a novel approach, taking a lesson from the traditional Canary in the Coal Mine where, actually or not, canaries preceded the miners to detect poisonous gases in the mines. These companies would skirt the federal restriction to providing what information they passed on by posting a disclaimer that “The company has received no request from Federal authority to provide them any information from our records.”  This process has been termed a Warrant Canary Statement.

I heard on NPR recently a report on another data collection that is perhaps as frightening, if not more so than the NSA  One of the companies is called Knewton, which is engaged in a long-term collection and analysis of such information as: how much time is spent gaming and on what games, what grades are reported in school and what effect is there on them from such diverse causes as socio-economic status, parental composition, social networking, and perhaps time spent watching television.

The goal is admirable and financially significant, since these data are sold to educators to improve efficiency, but the very breadth of the project, currently encompassing more than 10 million children over a period from pre-school through graduation, scares me a little.

I am definitely going to be following this closer than before.

I don’t know about you, but I’m a little confused about a path to citizenship through joining the military.  I’m going to do a little research on that and will be sharing my findings on my next Post.  I hope you will find it interesting.

No comments:

Post a Comment