News
3/21/2008
10:38 PM
Terry Sweeney
Terry Sweeney
Commentary
Connect Directly
RSS
E-Mail
50%
50%

But Cling If You Must To The Illusion Of Privacy

I'm trying to work up a head of steam over the presidential candidate passport snooping. But my contract with TechWeb limits my self-righteousness to certain decibel levels, which, frankly is quite smart when the subject is data privacy.

I'm trying to work up a head of steam over the presidential candidate passport snooping. But my contract with TechWeb limits my self-righteousness to certain decibel levels, which, frankly is quite smart when the subject is data privacy.That, plus I thought I probably emitted all the harrumphs I possibly could over the snooping in Britney Spears' medical files earlier this week. So there won't be any more calling the wrath of justice down on the overly curious.

Instead, the takeaway here is that personal data snooping is common, pervasive, and probably considered a perk by those who do it. As Machiavelli might have said, "What good is access to information if you don't use it?"

A lot of what makes the personal information of pop stars and presidential candidates so enticing is that they're public figures. That information also can be used for blackmail, commercial gain, or political advantage. But my bet is that Medicare files, Social Security contributions, or tax returns get reviewed (and passed around, and talked about) way more often than we care to think about.

The difference is the tabloids don't care about my peccadilloes or yours, and my political opponents are much more obsessed with the wall I built along my driveway. (Built to code or not? Do your own snooping.) And god only knows what your enemies are trying to dig up on you.

Speaking of peccadilloes, this also circles back to former New York governor Eliot Spitzer. His downfall, as we all know now, was triggered by automated reviews of financial transactions he was making. The point: There's a good deal of legal scrutiny that's completely transparent where our bank accounts, credit cards, and phone records are concerned.

So whether you and your big sunglasses appear frequently on page one of the National Enquirer, or you're just another member of the great unwashed, let's save the self-righteousness about infringement on personal privacy. Hooray for well-meaning laws, but they don't lock down the personal bits and bytes any tighter.

In this era of data mining and an information-based economy, personal privacy's no longer a reasonable expectation. Those days are long passed.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
DevOps’ Impact on Application Security
DevOps’ Impact on Application Security
Managing the interdependency between software and infrastructure is a thorny challenge. Often, it’s a “developers are from Mars, systems engineers are from Venus” situation.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7392
Published: 2014-07-22
Gitlist allows remote attackers to execute arbitrary commands via shell metacharacters in a file name to Source/.

CVE-2014-2385
Published: 2014-07-22
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter t...

CVE-2014-3518
Published: 2014-07-22
jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal Platform 5.2.2, and Red Hat JBoss SOA Platform 5.3.1, does not properly implement the JSR 160 specification, which allows remote attackers to exec...

CVE-2014-3530
Published: 2014-07-22
The org.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory method in PicketLink, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 5.2.0 and 6.2.4, expands entity references, which allows remote attackers to read arbitrary code and possibly have other unspecified impact via...

CVE-2014-4326
Published: 2014-07-22
Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Where do information security startups come from? More important, how can I tell a good one from a flash in the pan? Learn how to separate ITSec wheat from chaff in this episode.