Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

10/5/2018
10:30 AM
Richard Ford
Richard Ford
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
100%
0%

Who Do You Trust? Parsing the Issues of Privacy, Transparency & Control

Technology such as Apple's device trust score that decides "you" is "not you" is a good thing. But only if it works well.

Trust. It's a simple word, but I think it's at the heart of a recent social media brouhaha surrounding Apple's recent revelations regarding "iTunes device trust scores." Much of the discussion has made this whole situation sound rather dystopian, but in part I think the story taps into some very fundamental — and legitimate — fears that the modern consumer has about how the minutiae of their lives has become a product to be bought, sold, and traded.

But when I dug deeper into the story, the thing that caught my attention was quite the opposite: At face value, at least, the technology is not to determine if the owner of the device is trustworthy but to protect that person from someone who has stolen or is otherwise abusing the device. Put like that, it sounds significantly better.

To me, those issues around trust are why this story resonated so strongly … well, that and the fact that simply the way a feature is described can have an incredibly powerful impact, both positive and negative, on our psyche. On the one hand, we don't want our devices to decide if they trust us or not — that feels like only a few mouse clicks away from HAL calmly intoning "I'm sorry, Dave, I'm afraid I can’t do that." No pod bay doors for you!

On the other hand, I think that the concept of trust is woefully underused as a mechanism for providing protection for end users. In part, that's based on my own personal experiences working with companies that know everything there is to know about you. We have a right to be skeptical, and that skepticism comes back to the simple word we began with: trust.

Let's look at a hypothetical. Nobody wants someone to do bad things to their accounts from their phone. Thus, technology that decides "you" are "not you" is a good thing, if it works well. Even better, if you retain absolute control over the data used to make that decision, how it is used, and how it is protected, the overall privacy exposure is minimal. In this case, Apple sounds like it's doing the right thing with respect to privacy. Quoting from the same VentureBeat article, Apple says that the "only data it receives is the numeric score, which is computed on-device using the company's standard privacy abstracting techniques, and retained only for a limited period, without any way to work backward from the score to user behavior." So far, so good.

The breakdown here is the lack of trust most users have in services that offer them "better" in exchange for being able to access their data. Even if the provider of the service makes claims about protection of privacy or the single use of data collection, there's a healthy degree of suspicion among consumers. Trusting that a company is both well-intentioned in accessing one's data and is capable of actually implementing appropriate protections around it is a bit of a stretch in the current climate. It's interesting that consumers continue to use services like that — but I think it's safe to say it makes them uneasy. And it's a matter of trust.

Repairing damaged consumer trust is going to take time. We've seen some good progress on the legal front with the adoption of laws such as the EU's General Data Protection Regulation, but worldwide, the legislative framework is a patchwork at best. Furthermore, laws always lag sorely behind technology and, of course, there's always someone who's willing to run the risk of coloring outside these legal lines in order to make a quick buck (or ruble). In the interim, the solution is simple: Let's opt instead for control.

Control may seem oddly orthogonal to trust, but in fact it's related. As I like to think of it, trust is "a promise as yet unfulfilled." It's a bet, if you like, on the actions of another. Control, on the other hand, is a way of ensuring that outcome or action. It's a substitute (and a poor one at that) for trust, but it can bridge the gap until trust is established. With control, we can be reasonably sure of what's going to happen, in advance. By all means, build these systems with privacy baked in (privacy by design is a wonderful thing!) but then prove it. Open the system up to third-party inspection and audit. Transparency is a wonderful way of demonstrating what's really happening. It's hard, and it's imperfect — but it's a start.

If the best companies start actually doing this, everyone wins. Trust and reputation are powerful forces for good, and we need to harness them if we're to make progress. There's nothing really wrong with a device assessing a user's trustworthiness, but without the user trusting the system in turn, it's predestined to fail. Until we have bidirectional trust, transparency is the best way forward — there's no shortcut.

Related Content:

 

Black Hat Europe returns to London Dec. 3-6, 2018, with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

Dr. Richard Ford is the chief scientist for Forcepoint, overseeing technical direction and innovation throughout the business. He brings over 25 years' experience in computer security, with knowledge in both offensive and defensive technology solutions. During his career, ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Tor Weaponized to Steal Bitcoin
Dark Reading Staff 10/18/2019
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
State of SMB Insecurity by the Numbers
Ericka Chickowski, Contributing Writer,  10/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18387
PUBLISHED: 2019-10-23
Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the id parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details.
CVE-2019-18212
PUBLISHED: 2019-10-23
XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal.
CVE-2019-18213
PUBLISHED: 2019-10-23
XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF (as well as SMB connection initiation that can lead to NetNTLM challenge/response cap...
CVE-2019-18384
PUBLISHED: 2019-10-23
An issue was discovered on TerraMaster FS-210 4.0.19 devices. An authenticated remote non-administrative user can read unauthorized shared files, as demonstrated by the filename=*public*%25252Fadmin_OnlyRead.txt substring.
CVE-2019-18385
PUBLISHED: 2019-10-23
An issue was discovered on TerraMaster FS-210 4.0.19 devices. An unauthenticated attacker can download log files via the include/makecvs.php?Event= substring.