Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

3/21/2008
10:38 PM
Terry Sweeney
Terry Sweeney
Commentary
Connect Directly
Facebook
Twitter
RSS
E-Mail
50%
50%

But Cling If You Must To The Illusion Of Privacy

I'm trying to work up a head of steam over the presidential candidate passport snooping. But my contract with TechWeb limits my self-righteousness to certain decibel levels, which, frankly is quite smart when the subject is data privacy.

I'm trying to work up a head of steam over the presidential candidate passport snooping. But my contract with TechWeb limits my self-righteousness to certain decibel levels, which, frankly is quite smart when the subject is data privacy.That, plus I thought I probably emitted all the harrumphs I possibly could over the snooping in Britney Spears' medical files earlier this week. So there won't be any more calling the wrath of justice down on the overly curious.

Instead, the takeaway here is that personal data snooping is common, pervasive, and probably considered a perk by those who do it. As Machiavelli might have said, "What good is access to information if you don't use it?"

A lot of what makes the personal information of pop stars and presidential candidates so enticing is that they're public figures. That information also can be used for blackmail, commercial gain, or political advantage. But my bet is that Medicare files, Social Security contributions, or tax returns get reviewed (and passed around, and talked about) way more often than we care to think about.

The difference is the tabloids don't care about my peccadilloes or yours, and my political opponents are much more obsessed with the wall I built along my driveway. (Built to code or not? Do your own snooping.) And god only knows what your enemies are trying to dig up on you.

Speaking of peccadilloes, this also circles back to former New York governor Eliot Spitzer. His downfall, as we all know now, was triggered by automated reviews of financial transactions he was making. The point: There's a good deal of legal scrutiny that's completely transparent where our bank accounts, credit cards, and phone records are concerned.

So whether you and your big sunglasses appear frequently on page one of the National Enquirer, or you're just another member of the great unwashed, let's save the self-righteousness about infringement on personal privacy. Hooray for well-meaning laws, but they don't lock down the personal bits and bytes any tighter.

In this era of data mining and an information-based economy, personal privacy's no longer a reasonable expectation. Those days are long passed.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29430
PUBLISHED: 2021-04-15
Sydent is a reference Matrix identity server. Sydent does not limit the size of requests it receives from HTTP clients. A malicious user could send an HTTP request with a very large body, leading to memory exhaustion and denial of service. Sydent also does not limit response size for requests it mak...
CVE-2021-29431
PUBLISHED: 2021-04-15
Sydent is a reference Matrix identity server. Sydent can be induced to send HTTP GET requests to internal systems, due to lack of parameter validation or IP address blacklisting. It is not possible to exfiltrate data or control request headers, but it might be possible to use the attack to perform a...
CVE-2021-29432
PUBLISHED: 2021-04-15
Sydent is a reference matrix identity server. A malicious user could abuse Sydent to send out arbitrary emails from the Sydent email address. This could be used to construct plausible phishing emails, for example. This issue has been fixed in 4469d1d.
CVE-2021-29447
PUBLISHED: 2021-04-15
Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has be...
CVE-2021-30245
PUBLISHED: 2021-04-15
The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to ...