Wednesday, October 22, 2014

SecuriTea Leaves (Part Two): Privacy, Security, and Their Possible Futures

The new Internet is one of openness and perpetual unfiltered documentation, not privacy and selective sharing. What impact will that have on the future of security, when the need for privacy lessens? If our dying generation is the last one concerned over privacy, what motivation is there for security enhancements?

In this series of posts I will describe the possible futures of the privacy plate shift we're riding right now and how it relates to the landscape of security. (I will post each future separately so there may be comments on each.)

See SecuriTea Leaves Part One for more detail.

Future 1. No privacy. No security. Flying cars optional. (This future feels far away, but just how far I don't know.)

 We have spent years sharing everything and voluntarily broadcasting our lives to the point where nothing is private. Who we know, how we feel, what we eat, our daily routine, are all available to the public. And if privacy is only a concern for the singular person, then a collective needs no privacy. Individuality is practically gone, lost amongst the vastness of so many people with so much data.

  Twitter (whatever repackaged variant it comes as) wouldn't have a login. You would just tweet as a generic entry, possibly with demographic info tied to it, all performed automatically as you live. Whatever listening device you carry or is nearby, which is always on, will post your statement and question streams to join the river of worldwide conversation. Email won't exist because there are only public forums for communication. Facebook and Linkedin (whatever face they wear) will auto update with every action and career move, complete with pictures you didn't even initiate. 

 All data about you, including financial, medical, and family details are accessible by anyone, and you're fine with that because community and government services to support needs or problems with any of these categories proactively extend their reach to your doorstep. You won't care that every mistake you made or slur you've spoken is accessible as both an audio file and in transcript, or that everyone knows where you are at all times, because that is the way it is. 

 The upside of so much exposure is that it may provide more security. It will be more difficult to pull off financial fraud when every purchase by every person is documented publicly in multiple ways, matching shopping habits, visually recording the transaction, tracking an item in its full life cycle, not just shipment. Even clothes may require some ultimate biometric union with its intended owner, where no other person could successfully wear them. Financial spending could be restricted anyway, every dollar of yours so heavily tracked and tied to you personally that the initial fraudulent purchase could never happen. 

 In this future your health is constantly monitored, and with no delay in medical history or current condition, medical response and effectiveness could be vastly improved. Small changes in your health can inform your doctor while immediate changes can alert the hospitals. The likelihood of one person to harm another may be much lower when the whereabouts of every person, especially in proximity to everyone else, is well known.

 Sure, like any sci-fi movie tells us about dystopian totalitarian worlds, there will be a resistance. However, with everything public there is no need for login credentials. Everything and everyone knows who you are at all times so access is wide open. With little privacy and little security needed for that privacy, the ability of that resistance to be disruptive to the status quo may be incredibly easy, but ultimately pointless.

 Apart from a destructive "reset" of civilization, even a disruption of the system won't change it. It only sounds like a dystopia from our current point of view. The people are happy to live in the world they've helped create. It wasn't forced on them by the government or even put to a vote, other than the tiny "allow" vote made every time you accept the terms and conditions of the services and software you use. A building wave of "allows" created this new shoreline and the seaside residents moved closer together preventing any possible outliers. They even take comfort in the lack of privacy. Like confessing your sins, there is a cleansing effect to revealing your secrets, and in this future you'll never have any.

 Do you think this is a possible future? Thinking about this future as a complete world, what doesn't fit or what did I miss? Could complete lack of privacy provide total security?

Posts in this series will continue with other possible futures. See SecuriTea Leaves Part One: The Introduction.

-Matt Sully

Thursday, October 16, 2014

SecuriTea Leaves : A Series on Privacy, Security, and Their Possible Futures

Privacy and security are intertwined elements, each fuel for the other's fire. What you want kept to yourself isn't always a dirty secret but is sometimes best left hidden away from others. My grandmother kept every personal document and bill under lock and key.  She wouldn't give anyone her SSN or even her middle name unless they showed her a government ID, and even then it was after much resistance. When I see these companies providing identity theft protection services, I think of my grandmother. It is her generation that maintains that level of commitment to privacy, not ours.

Our generation still respects the idea of privacy. We're just not as steadfast. We invest in curtains and aren't too gabby with our neighbors. We still have a few secrets, but we have become more than comfortable putting most details of our lives online. We email, share pics and status updates, file our taxes, fill out government forms, enter our email address everywhere, and blindly agree to dozens of contracts each year (SLAs). We look through the details of what the new app we downloaded will access, huff and puff for a bit about why it needs what it needs, and then reluctantly agree to its demands because desire wins over caution.

When we read about breaches that result in thousands of emails and passwords being stolen, we still care, but we don't rush to change our passwords. Our online behavior goes unchanged. Our level of sharing goes unaltered. We might not shop at Target for a few months, but we will return again, with our credit cards in hand. It is this awareness of risk with little personal effort to combat it that proves the fight for privacy and security is dying. We are connected. We are plugged in. There is no turning back. The idea of reverting to offline banking and consumerism is laughable. A want for knowledge and access combined with forfeiture of privacy is diluting security.

Interest in data breaches will wane, to the point where they are no longer big news, and what seemed of upmost importance will be forgotten history. Now when we see data breach stories we feel saddened by the state of data security but assume things will get better. We think, "New security measures will surely be put in place. Existing ones will be made stronger. It will get better."  But, like generations before us, our generation is giving way to new thinking and new ideas of privacy. The new Internet is one of openness and perpetual unfiltered documentation, not privacy and selective sharing. What impact will that have on the future of security, when the need for privacy lessens? If our dying generation is the last one concerned over privacy, what motivation is there for these security enhancements?

In this series of posts I will describe the possible futures of the privacy plate shift we're riding right now and how it relates to the landscape of security. (I will post each future separately so there may be comments on each.)

Next post: Future 1. Individuality is practically gone. If privacy is only a concern for the singular person then a collective needs no privacy.

Do you have examples of privacy perspective changes you've made over time? Have you resisted personal data sharing or online activities out of concern for security or privacy?

Monday, September 8, 2014

How to survive Apple's big day.

 If you’re like me, you are at best mildly curious to see what Apple unveils in Flint, MI, tomorrow.  At worst, you’re dreading the onslaught of Apple news, commentary, and reactions.  If the rumours about the iWatch and iPhone 6 are true, tomorrow could be the most annoying launch day in Apple’s history. 

It won’t be easy, but it is possible to get through tomorrow without being bombarded.

  • Don’t turn on the TV.  There will be speculation about what will be revealed, what effect it will have and why we should care.  I can assure you that it won’t be all that interesting.
  • Do not turn on your radio on the way to work.  If you still listen to traditional radio in your car, now might be a good time to look into streaming services, satellite radio, mix tapes, audio books, meditation, anything.
  • When you get to work, avoid anyone wearing an Apple shirt.  Just skirt around them a la  Office Space.  If they’ve chosen today to show their undying support for a brand, you don’t want to talk to them.  Trust me.
  • Turn off all updates on your phone.  Twitter, LinkedIn, Instagram, vine, Facebook, flipboard, all of them  Do the same on your computer. Uninstall your browsers if need be. Filter all emails with Apple in the subject line to your junk mail.  You may not think that certain feeds will be filled with Apple gushing, but you’ll be wrong.

At some point during the day, someone will probably want to talk to you about an iSomething.  I have two surefire strategies for this scenario.  For the more casual conversation partner, I suggest a quick change of topics.  Ignore the question completely and ask them about something else they care about.  How’s your kid doing in softball this year? or You look great, are you exercising?  The key here is to sound really excited to talk to them.  I’ll leave it to you to decide whether hearing about little Billy’s last home run is better than hearing about how “revolutionary”, “game changing”, or “disruptive” the iWatch will be.

If they have the glazed eyes and sweaty palms of a rabid fan boy, they will need something a little more...jarring.  If you can feign a good cry, do it now.  Clutch your mouth and start sobbing. Maintain eye contact for a few seconds before running away while flailing your arms.  If you can’t cry on demand, I’d substitute an urgent bathroom trip. Key here is a sudden look of surprise mixed with sheer terror.  Exit the area immediately with one hand on your stomach and the other on the seat of your pants.

If you can make it through the work day, you should be home free.  Just remember to stay away from any sort of live news or comments.  It’s not easy, but it can be done.  Things should be back to normal in a couple of days.  Of course, it may just be easier to call in sick and cocoon yourself in bed until the hysteria subsides.  Good luck.

Photos courtesy of