Cryptography

The History and Mathematics of Codes and Code Breaking

Tag: internet privacy Page 1 of 2

Social Media as a Brand

“Rather than asking themselves if the information to be shared is significant enough to be broadly publicized, they question whether it is intimate enough to require special protection. In other words, when participating in networked publics, many participants embrace a widespread public-by-default, private-through-effort mentality.” (Danah Boyd 62) It’s Complicated


The statement “public-by-default” resonates with me because as a teenager growing up in this time of social media and digital expansion, I know that everything that I post online is available to whoever wants to access it. Meaning that if I post something on Instagram or Twitter, I know the posts are going to be available to whoever clicks on my account either on purpose or by mistake. This knowledge makes me add another layer of thought to my posts because I have to anticipate about how people may interpret this information in a variety of ways but I don’t know if other teenagers take posting as serious as I do. I see social media as a way to brand myself and publish the parts of my life I think are important or cool, but I don’t see social media as a place to vent feelings, post private information, or controversial topics because as I said, that information is available to whoever wants it and the people who interpret it negatively will be quick to judge you as a person. If I’m posting something private online, I’m doing it through either Snapchat or in direct message with someone I trust. I feel like trust and privacy go hand in hand when it comes to the internet. When it comes to sharing sensitive information with people online or with people in general, the most secure way to do it is with people you trust. Using technology, it’s easy to hide behind a screen and screenshot or capture what’s being shared while remaining anonymous. While in an actual conversation about something private, it’s a little bit more difficult to share secrets and spread rumors without having an idea of where it all stemmed from.

The Modern Dichotomy: Protection or Privacy

Michael Morris' piece Mining Student Data Could Save Lives presents the argument that universities in the United States have the technological capabilities to monitor their student bodies and act upon any suspect behaviors they may detect. Such a breach of privacy would better enable these institutions to facilitate the safety of their students, but at the trade-off of each individual's privacy. While most of the piece is an objective analysis of the ways in which universities could employ data mining technology, he does eventually advocate for a position, saying that the American university should make use of their "crystal ball" to better prevent violent incidents on campus. I agree with this sentiment, given the current climate of gun violence within this country. Time and time again, it has been proven that the antiquated methodologies of yesteryear are insufficient to prevent the heinous acts like those perpetrated at Virginia Tech from happening again. Too often is the response to these atrocities to "send our thoughts and prayers" and simply wait with bated breath for the next one down the road. As such, the only effective system of preventing mass shootings and other premeditated violent acts is the one Morris describes: the use of a data mining algorithm to analyze suspicious behaviors and activities as they occur in real time, therefore giving law enforcement the time to respond. While this may constitute a breach in the fundamental privacy afforded to all Americans by the Constitution, the frequency and efficiency with which these acts are being carried out with forces us to reexamine the intrinsic worth of privacy within society. However, given recent events, it seems that the answer is clear: university campuses have a moral obligation to use the data they have access to to adequately facilitate the protection of their student bodies, even if that demands some intrusions on their digital privacy.

The Cryptographic Needs of the Common Man

It is said that history is written by the winners, but many forget the second part of of that statement, that history is also written about only the powerful and important. The examples of cryptography that survived throughout the ages were those that caused great uproar, such as the beheading of Mary Queen of Scots.

Besides, the common man did not have much need for cryptography before the invention of modern technology. Unless communicating about a potential insurgency plot, most people did not need any form of secret keeping. It was often unnecessary to require a secret address to the nearby woods where their secret stash of gold was buried.

The primary difference between the times then and now, is the amount of information on a person that could be used with malicious intent. Compared to the 16th century, where a person's identity was comprised of a family name, some heirlooms and the land upon which they lived, today every person is a collection of numbers and electronic impulses. Whether it is Social Security, bank account numbers, credit card numbers or even account passwords, today there is every possibility for the threat of theft.

As society continued to advance away from the tyrannical rule of the monarchies that was so well documented in chapter 1, people began to look towards their right to privacy. In the 16th century the only reason to conceal common correspondence was usually an indication that there was something to be concealed in the message. Today however, people use encrypted communication for every day conversations, to ensure their privacy, no matter the message. Electronic communication means that almost any message could be at least intercept, an impossible task with physical messages. The importance of encryption for the common man has grown tenfold.

Is cyber crime a worthwhile reason to keep the internet more secure?

One of the most surprising aspects of the radiolab episodes was the concept of the Botnet. Essentially these botnets are pieces of software that connect and can control groups of hacked or infected computers. Smaller botnets would control over 1000 computers, while larger ones could dominate over millions of computers. It's hard to imagine that somewhere, somebody sitting in front of their computer has access to a whole city’s worth of computers. I started to wonder, is my computer in any way part of one of these botnets?

The threat of cyber crime is larger than that of an invasion of privacy by the government. While the government can create and monitor your metadata and keep track of some of your movements, cyber crime actually harms you either financially or through actual attack and destruction of your data. The thing is: that for either of these two situations, it is difficult to know that we are being watched and much less by whom. With it is so easy to become infected with a virus and even become a part of a Botnet, it makes sense to view the internet as a terrifying sea full of danger. With privacy and security in mind however, would a better crackdown on the internet actually inhibit these cyber crimes? In discussions about privacy and security, it might help to also talk about the benefits of creating a safer environment for the internet.

Don't hack me

The first part of the RadioLab episode “Darkode” is probably the most interesting episode I’ve ever heard. Though it’s probably not very ethical of me, the story, the tone, and the voice just kept me laughing all the time. On the other hand, it does tell us something about internet privacy protecting. First of all, we should avoid visiting suspicious websites or downloading files from insecure resources. Maybe not in this case in the podcast, but many victims got infected by a virus created by hackers because they went into the websites that shouldn’t be opened. Therefore, surfing the internet in legal ways is an important step to protect yourself from hackers.

What’s more, in the episode, the woman was about to erase the computer files completely so that the virus will go away. However, there was important data in her computer that her husband needed. So my suggestion is to keep a backup file in a hard disk regularly, or back the files up on those online storing websites. Doing so can help to reduce your total dependence on your computer. Even if being infected by a virus is inevitable, you can still protect your data and have your files back. It’s also going to reduce the loss if you lost your laptops or phones.

In the end, for college students, there are many places to turn for help or learn about privacy protecting in the university. Try to find professional help when you’re under a potential hacking attack. There are many new things or websites in college life. Stop filling out too much personal information on the websites can help reduce the risk of private information being leaked out.

Communicating in Plain Sight

One passage from It's Complicated by danah boyd that caught my attention was, "Many teens are happy to publicly perform their social dramas for their classmates and acquaintances, provided that only those in the know will actually understand what’s really going on and those who shouldn’t be involved are socially isolated from knowing what’s unfolding. These teens know that adults might be present, but they also feel that, if asked, they could create a convincing alternate interpretation of what was being discussed."

This passage illustrates the concept of social steganography, a strategy that teens often use to privately communicate.  What I find interesting is that I have always been aware of the existence of this technique, even used it myself, but I had never realized that it was a form of steganography.  Now, it seems quite obvious.  When someone posts an "inside joke" or uses vague or special language that means something to a particular group but appears meaningless to everyone else, they are basically hiding a message in plain sight.  Anyone with access to their online profile could see what they are putting out there, but only a specific target audience would understand what they are really communicating.  Clearly, steganography has a much larger presence in everyday life than I previously thought.

As boyd explains, many adults often criticize teens for posting information publicly while also caring so much about their privacy.  They see these things as acting against each other, but what they don't realize is that teens are very careful in deciding what they expose to the public.  By using strategies such as social steganography, it is possible to have an easily accessible online presence while simultaneously maintaining control over who you share sensitive information with.

The Case for Strong Encryption

In my opinion, strong encryption should be available to the public, even terrorists and criminals, for two primary reasons, one theoretical and the other more practical.

The theoretical reason is the one that Singh identified as the primary argument in favor of strong encryption: privacy rights. As Singh notes, the Declaration of Human Rights protects privacy and communication from “arbitrary interference,” and this is a notion that most democratic governments seem to support and protect. But at the same time, virtually every government in the world conducts mass surveillance on its citizens which seems to conflict with the declaration of values. Is collecting, storing, and mining personally identifiable communications from innocent people not “arbitrary interference”? It seems that if that phrase is to mean anything at all, mass surveillance surely must be an example.

Of course, one might argue that although it is interference, it is justified by the hopes of cracking down on and deterring crime, securing the safety of the people, and ensuring national security. But this leads to the more practical argument I see in favor of publicly available strong encryption, which is that despite strong encryption being publicly available, crime and terror are no more rampant now than they were prior to the advent of the internet. And of course, as exposed by Edward Snowden, even with strong encryption available, the NSA can still effectively conduct mass surveillance.

Even if strong encryption were outlawed, criminals would still find secure avenues to communicate. For example, breakable codes and ciphers could, in some instances, provide criminals with enough security to pass on time-sensitive information before law enforcement had time to decipher the message and act on its contents. Digital steganography is also a potential subtle form of communication that would obscure messages from law enforcement to stop them from even realizing a message was being sent. And of course, meeting in person is a reliable way of communicating which is much more difficult to wiretap than an email or phone call.

Data Mining: A Lifesaver if Done Right

In the essay, "Mining Student Data Could Save Lives," author Michael Morris claims that universities should use data mining to monitor the online activity of students as a safety precaution.  Access to information about students' online behavior could theoretically be used to identify individuals at risk of committing acts of violence and allow university officials to intervene before anyone gets hurt.

Personally, I agree with the idea that university officials should have access to information that could end up saving lives.  While a certain degree of individual privacy would inevitably be sacrificed, I believe the overall benefits outweigh the costs.  It is unlikely that a typical student would even be affected by the presence of increased surveillance.  However, data mining is a controversial concept and any implementation of such practices would require clearly outlined procedures and restrictions.  First of all, it would be necessary to ensure that the algorithm used to identify red-flag behavior is reliable.  You wouldn't want it to constantly raise alarms at behavior that turns out to be completely harmless, but at the same time, it's important that when there is a real threat, even a subtle one, university officials are able to catch it and determine the correct steps of action.  Additionally, university protocol would have to be designed so that personal student information is only disclosed to appropriate parties, in accordance with FERPA regulations.

One of the most important considerations with online surveillance is the response protocol used when at-risk students are discovered.  In order for university data mining to be successful, potential threats must be dealt with tentatively.  No accusations could be made based solely on analysis of online activity; intervention would have to be non-hostile and carried out with the intent to understand the student's behavior without jumping to conclusions.  Officials must have the mindset to help at-risk students, not attack them.

In conclusion, universities should be allowed monitor student activity via data mining, since it can potentially identify risks of violent behavior.  If implemented correctly, universities could prevent tragedies without interfering with students' daily lives.  As Morris mentioned, we are all already subject to data mining from other sources, and many people are still unaware of its existence.  To me, the fact that data mining could save lives makes it well worth the sacrifice of a small degree of privacy.

Mining Student Data Could Save Lives - or Make Life Harder

In his essay, "Mining Student Data Could Save Lives", Michael Morris argues that universities should implement data mining algorithms to detect patterns in student activities on their networks (e.g. any activity occurring on the WiFi network, school computers, or communications through university email accounts). According to Morris, the implementation of these algorithms could potentially prevent violent acts from occurring on campus; after all, almost every large-scale act of campus violence has been preceded by warning signs which, if recognized before the incident, would have indicated that an act of violence was imminent and could have been prevented.

Indeed, there is something compelling about Morris' argument. A student who purchased high-powered firearms on the school network sending emails on a clearly detailing plans to perpetrate an act of violence  clearly warrants a breach of individual privacy to ensure the safety of the campus community. However, very few scenarios are this clear cut since most evidence would not be as damning as an explicit description of a violent act sent on a university email.

This raises the issue of false positives, one that is inherent in all data mining algorithms. In the article, Morris specifically cites the example of banks using data mining to detect stolen credit cards. And while these algorithms are good at detecting stolen cards, they are equally adept at generating false positives, deactivating cards after valid transactions that were deemed suspicious. Similarly, algorithms designed to monitor communications on university networks would need to be extremely sensitive even to small red flags in order to effectively prevent violent acts. However, designing the algorithm in this way would lead to false positives being regularly detected, incriminating students who had no violent intentions simply for their normal browsing activities and communications with others. If even one student is called in to "have a conversation" because of something the algorithm detected, it has already failed to do its job at the cost of individual freedom and privacy.

In principle, Morris' idea is persuasive. The perfect data mining algorithm would be ideal for stopping campus violence without the need for extreme invasion of privacy or the generation of false positives. However, the implementation of a data mining algorithm in our complex world would require sacrificing students' digital privacy for little to no benefit.

Our Version of Privacy

“Kids today. They have no sense of shame. They have no sense of privacy. They are show-offs, fame whores, pornographic little loons who post their diaries, their phone numbers, their stupid poetry—for  privacy God’s sake, their dirty photos!—online.” - Emily Nussbaum

I strongly disagree with this statement, as it makes a lot of assumptions about today's youth. Maybe the vocal minority do all of the things stated above, but the vast majority of us are very private about our lives. I, for one, have all of my social media behind a private wall, and even then I pay careful attention to what I post. The same goes for all of my friends. I don't know a single person who has posted a 'dirty photo' online, and I've only heard of those types of photos circulating a handful of times. Sure, some of us might post our diaries, but we're doing it behind closed doors, on private accounts, for very specific people to see. While older generations might not consider this private, it's more than enough for our generation. As teenagers, we present a very cultivated public online presence to the world, one which doe does not include rantings or poetry or 'dirty photos'. We post things that make us look good. Everything else (things that won't make us look 'good') is private, in a sense. So, yes, we do have a sense of privacy.

Page 1 of 2

Powered by WordPress & Theme by Anders Norén