Posts Tagged privacy
In IST 618 (information policy class), my group is working on a policy paper regarding the USA PATRIOT Act and libraries. In my IST 400/600 Information Design class, I’m doing our second “field study” on the self-checkout kiosk as an example of a human-computer system.
While doing some quick research to round out my knowledge of how circulation was handled completely without computers, I realized that, despite all the concerns with how easy it is to track and store information in the digital era, it’s actually easier to anonymize patrons today than it would have been 50 years ago in the paper circulation era. A patron’s name was written down on the check-out slip retained by the library, or patrons were assigned a number to be written down on the slip and kept track of in a ledger. Either way, it would still be …not necessarily easier, I suppose, to track down everything a person had checked out, but it would certainly be more difficult to purge their history, as well.
At the Toorcon 12 security conference, Ian Gallagher and Eric Butler presented Hey Web 2.0: Start protecting user privacy instead of pretending to. Eric Butler released a free open-source tool and Firefox browser addon called Firesheep. Now any person, or idiot, can use Firesheep to scan local Wi-Fi networks and find users who are logged into Facebook, Twitter, Amazon, Google, FourSquare, Dropbox, Hacker News, Windows Live, Cisco, Evernote, WordPress, Flickr, bit.ly and many other services. There is a list of sites that Firesheep will sniff and hijack.
Butler blogged “On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy….When it comes to user privacy, SSL is the elephant in the room.”
I kind of like this. It brings attention to the insecurity of WiFi connections. I wonder if this will get big enough that anything will actually change. It seems to have worked on Hotmail already.