|
|
|
source code UNIXPrivacy
by Bob Gray
Bob Gray is co-founder of Boulder Labs, a software consulting
company. Designing architectures for performance has been his focus
ever since he built an image processor system on UNIX in the late
1970s. He has a Ph.D. in computer science from the University of
Colorado.
Most people are not aware of the widespread practice of selling and exchanging collected personal information. Fast, cheap computers and data networks make it easy for organizations of any size to participate in this activity. It's an invasion of privacy that will eventually affect all of us. In 1991, Lotus Development Corporation offered a product called "Household Marketplace." It's a database on CD-ROM with the estimated income and a profile of the buying habits of 120 million US residents. The database does not contain any of the data covered by the Fair Credit Practices Act, so Lotus is under no legal obligation to let you see what it is saying about you.[1] While the public offering was withdrawn because of negative publicity, the information is still being collected and quietly sold. Do you use credit cards or supermarket cards, or fill out product-registration forms? That's where this information originates. Just recently, several state governments decided that driver's license records are public and can be sold for profit. The personal data, including dates of birth and photographs, was to be made available to anyone with a PC, a CD-ROM, and a few dollars. If the CIA hadn't been involved, privacy-advocate outcry might not have been enough to overcome the in-place business deals. (And we think it's bad that a telemarketer has just our name and phone number — imagine the abuse and stalking if our entire driver's record were on CDs.) In this case, the Feds may come to the rescue with a Drivers Privacy Protection Act.[2] Microsoft's Office 97 products covertly embed a unique identifier in your documents that is tied to your software-registration record. How will you feel when you receive replies to your "anonymously" posted documents or letters to editors? Who knows what the monopoly plans to do with the records. After being exposed, Microsoft now offers a "Removal Patch."[3] Why wasn't this "feature" advertised from the beginning with a dialog box to disable it? The "Windows 98 Registration Wizard" also collects hardware-identification data without your permission. It's scary to realize that sometimes when an honest, innocent computer user connects to the Net for a specific purpose, other private information may be covertly transmitted without his or her consent.[3] People who are in the limelight of public service or corporate office, or who share controversial opinions, are especially vulnerable to having personal information used against them. Judicial appointments have been derailed by videotape-rental records. US vice presidential nominees have withdrawn from campaigns when past health issues, ones that had been managed, have been exposed. Last month in my area, one Baby Bell CEO had the privilege of having his personal family records published in the newspaper. (But the writer's point was, since the phone company decided to sell its customer records, then what's sauce for the goose. . . .) People's expressed opinions on controversial issues such as religion, sexual orientation, abortion, and politics sometimes generate enough resentment that the opposing side may resort to below-the-belt tactics. What better way than rummaging through dirty laundry to find damaging information . . . Even those of us who keep to ourselves have cause for concern. Most of us believe that our private lives aren't of interest to others . . . until we are violated — but then it's too late. Increasingly, we will be denied opportunities and services because of past events. (Of course, society reserves the right to reduce freedoms of criminals.) These days, it's frightening to see what information is being requested on applications for anything from apartment rentals to local radio station "Freeloading" cards.[4] Participation in extracurricular school activities is beginning to be contingent on passing drug tests. Yep, some schools require clean urine to be in the chess club. Individual medical insurance is routinely denied to people who "have problems" and might be more expensive than the average. It gets worse: US House bill H.R. 10 would allow insurance institutions to share your sensitive and personally identifiable medical information, without your knowledge or consent, with a wide variety of agencies and financial and research entities.[5] Whom we communicate with and what we say also need to remain confidential. With today's technology, it would be straightforward to record all telephone conversations, index them by caller, callee, and date, and sell the collections for profit. As developers and expert users of computer systems, we have the responsibility to identify abuses. When we suspect that binary-only applications are "misbehaving," we should investigate. Fortunately, with our Source Code UNIX systems, we have thousands of eyes looking at the code and setting the standards for proper behavior. Our self-policing organizations come down quickly and hard on software that violates privacy. In contrast, binary-only products are fertile grounds for abuses. Witness the new Microsoft Crypto API with the "back-door" key.[6] A combination of vigilance, publicizing problems, and public outrage will help keep binary vendors in line. We live in an age when individuals have very little influence over technology implementation. You and I cannot reformulate chemical compounds at home, nor can we reengineer automotive components in today's sophisticated vehicles. But we do have enormous control over our Source Code UNIX systems and the applications they run. If you don't want ICMP requests acknowledged, just change a table. If you need to change the behavior of a device driver, it's usually not too much work. Tired of spam? Put up filtering software. With Source Code UNIX, we don't care that Intel wants to put a unique identifier in every Pentium III chip, because we can control which applications have access to that register. We have a duty to put a stop to abuses and share the results when source code is provided. If we take the lead and educate other computer users to the problems, we will make a difference. What else can be done? You know how computer databases work. When you are asked for information, question whether the request is valid. Why does the gas and electric company need my employer's name? They don't. Telephone companies will ask for your Social Security number and date of birth — resist giving it, or give them just the absolute minimum to achieve your goals. I have known people who use dates different from those on their birth certificates. For obtaining cable-TV service, I consider this practice prudent. All they really need is a service address and a service deposit. The other requested information, which they sell, should not be free. Even though it is a pain, encourage the use of multiple identifiers for yourself. For example, let schools, health insurance companies, and driver's license bureaus each generate a different ID number for you. You'll have to keep track of the IDs, but then the bad guys will have more trouble cross-indexing your information to make a saleable product. Learn to use Public Key Encryption for both privacy and strong authentication before you need it. Make it a project to exchange public keys with your friends. Learn about key fingerprints that help validate public keys. Download and compile PGP from the source code.[7] Play with Pretty Good Privacy Phone, which allows private telephone conversations with the help of PCs and sound cards.[8] Use Secure Socket Layer for Web commerce. (The lock icon on Netscape will be shackled and the protocol will be https:// ) For US citizens, choose the stronger, 128-bit encryption.[9] Encrypt sensitive files on your computer. If your PC is network-attached, assume that hackers have access to your information. What data are you happy to share with some kid in Belgium? Encrypt the rest. (This is a good time to point out the "toy" encryption offered by numerous mainstream products, including Excel, Word, and WordPerfect.[10] If you are put in charge of creating a Web site, adopt a privacy policy with these ingredients:[11]
Keep informed and join advocacy groups that stand for privacy rights. The American Civil Liberties Union (<http://aclu.org>), Computer Professionals for Social Responsibility (<http://www.cpsr.org>), and the Electronic Frontier Foundation (<http://www.eff.org>) are good starting places. Check out <http://www.research.att.com/projects/crowds>, a site that gives you tips on how to "blend into a crowd." The site <http://www.junkbusters.com> contains information on controlling your computer privacy. Among other things, they suggest you watch your "cookies" when Web browsing — plenty of less ethical businesses will be happy to steal this information file and sell it for profit. What are the ramifications of doing nothing? Our freedoms will undoubtedly erode when there is a profit to be made. I'm livid at how much abuse we have tolerated. Does anyone else care? [1] <http://www.infowar.com/iwftp/CPD/CPD-z-Telecom/V1_042.txt> [2] <http://www.freedomforum.org/press/1999/7/28driverrecords.asp> [3] <http://officeupdate.microsoft.com/downloadDetails/pf_setup.htm> [4] <http://www.infowar.com> Archives of <Comp.Privacy> [5] <http://www.eff.org/pub/Privacy/Medical/19990922_hr10_alert.html> [6] <http://www.counterpane.com/nsakey.html> [7] <http://web.mit.edu/network/pgp.html> [8] <http://web.mit.edu/network/pgpfone> [9] <http://home.netscape.com/download/index.html> [10] <http://www.crak.com/>
[11] <http://www.cpsr.org/privacypolicy.html>
|
|
 Need help? Use our Contacts page.
Last changed: 13 Dec. 1999 mc |
|
Issue index