Gadgetopia

Concerns loom as Google begins testing health records system: I can’t decide if this is scary or not. Dangerous? How do you manage security for something like this?

The pilot will involve transferring the health information of between 1,500 and 10,000 patients who have records at the Cleveland Clinic, which already has over 100,000 records stored in its own digital database. Patients will then be able to have access to their own records online, wherever they go (with an Internet connection), which Google thinks will help reduce conflicts in diagnoses and prescriptions between doctors.

Clarkson stung after bank prank: Jeremy Clarkson, host of the awesome Top Gear, thought people were too uptight about privacy breaches. So…

Clarkson published details of his Barclays account in the Sun newspaper, including his account number and sort code. He even told people how to find out his address.

“All you’ll be able to do with them is put money into my account. Not take it out. Honestly, I’ve never known such a palaver about nothing,” he told readers.

Something tells me he won’t be doing that again…

“I opened my bank statement this morning to find out that someone has set up a direct debit which automatically takes £500 from my account,” he said.

I’m leaving tonight for FM’s Conversational Marketing Summit. I’m flying from Sioux Falls to Denver to San Francisco.

I need to work from my hotel room, and I can’t stand laptop keyboards or pointing devices, so I’m taking a full-size keyword and trackball in my carry-on. So, in the luggage that will go through the x-ray machine, I will have two mechanical-looking devices with wires coming out of them.

Anyone want to lay bets on whether or not this gets a second look from security? I’ll report on actual events when I get to my hotel late tonight.

Toll records catch unfaithful spouses: Big Brother pops up in all sorts of places.

Adulterers, beware: Your cheatin’ heart might be exposed by E-ZPass.

E-ZPass and other electronic toll collection systems are emerging as a powerful means of proving infidelity. That’s because when your spouse doesn’t know where you’ve been, E-ZPass does.

E-ZPass has been used in court cases all the time. Tough to complain about the privacy implications, however, since it’s all voluntary. You give up privacy for convenience.

TorrentSpy ruling puts your RAM on trial: This is fascinating. Apparently you can be forced to persist your RAM so it can be turned over in court proceedings.

In a decision reported late Friday by CNET News.com, a federal judge in Los Angeles found that a computer server’s RAM, or random-access memory, is a tangible document that can be stored and must be turned over in a lawsuit.

If allowed to stand, the groundbreaking ruling may mean that anyone defending themselves in a civil suit could be required to turn over information in their computer’s RAM hardware, which could force companies and individuals to store vast amounts of data, say technology experts.

How would you even do this? RAM is ephemeral. Do you write it to disk every X number of minutes or something? When someone comes to you with a subpoena for your RAM, do they specify a time? And if that time is three weeks ago, how are you supposed to get that data unless you continually log all the contents in your RAM to persistent storage?

Google Photos Stir a Debate Over Privacy: Google’s new Street View is making some people nervous.

Ms. Kalin-Casey, who manages an apartment building here with her husband, John Casey, was a bit shaken when she tried a new feature in Google’s map service called Street View. She typed in her address and the screen showed a street-level view of her building. As she zoomed in, she could see Monty, her cat, sitting on a perch in the living room window of her second-floor apartment.

What’s Street View, you say? It’s pretty cool.

NPR “Xeni Tech”: Jigsaw wants your data: This is a tricky little service that makes Plaxo look almost legit. If you upload someone’s contact information, you can search for and download someone else’s. So anyone who gives you a business card is currency for you to use to get someone else’s contact information.

Members pay $25/month to obtain 25 contacts from the site, or agree to put in 25 contacts a month to get 25 others out. Users maintain the data, but unlike Wikipedia, they don’t do it for love here — they do it to score points, so they can download more contacts.

This seems a little oppressive…

An antiterror law makes Internet cafe managers check their clients’ IDs and track the websites they visit.

…Maurizio Savoni says he’s closing his Internet cafe because he doesn’t want to be a “cop” anymore.

[…]

…Savoni had to obtain a new public communications business license, and purchase tracking software that costs up to $1,600.

The software saves a list of all sites visited by clients, and Internet cafe operators must periodically turn this list into their local police headquarters.

Eavesdropping on typists: This probably is not a practical concern for most people, but a little disturbing anyway.

Sounds from typing on computer keyboards are distinctive enough to be decoded, allowing security breaches caused by “acoustic snooping,” University of California researchers said on Wednesday.

Tor: An anonymous Internet communication system: Tor is an anonymizer on steroids. It was built by the U.S. Navy, of all groups, and is currently maintained by the EFF.

Your traffic is safer when you use Tor, because communications are bounced around a distributed network of servers, called onion routers. Instead of taking a direct route from source to destination, data packets on the Tor network take a random pathway through several servers that cover your tracks so no observer at any single point can tell where the data came from or where it’s going.

Found via this Wired article.

Talk about stupid background processes — I found this in my system tray this morning. Does InstallShield really need an update manager? I can’t imagine a program I use more infrequently.

Couldn’t it just check for updates when it’s run? Why does every company program feel like they’re so important that they need to take up memory on machine?

RFID For Dummies: Does the existence of a “For Dummies” book mean your technology just went mainstream? Half-tempted to buy this so I can RFID my kids.

Go Daddy Promotes Privacy Fight: I have some domains hosted with GoDaddy, and I got a scathing letter from the president — a guy by the name of Bob Parsons — about a recent NTIA decision:

A February decision by the US Department of Commerce requires new registrants of .US domains to submit their phone numbers and addresses for listing in publicly searchable databases.

More on that decision.

Here’s some of the letter. He went ballistic — it was way, way more impassioned than anything you expect to get from your domain registrar:

Today I have the unfortunate responsibility of informing you that there has been a decision made by bureaucrats of a Federal agency that takes away your right to privacy as guaranteed by the United States Constitution. […]

I personally find it ironic that our right to .US privacy was stripped away, without due process […] For the NTIA to choose the .US extension is the ultimate slap in your face.

Here’s his personal blog and a Web site devoted to the cause.

A quick read discussing public perception in the world of online banking:

The updated report from the Better Business Bureau study shows that fear has unrealistically worsened. “Our numbers show that fears about online identity fraud may be out of proportion to the relative risk, causing consumers to ignore the most glaring issues,” Javelin’s founder and chief analyst, James Van Dyke, said.

Despite the rising perception among consumers that online transactions are very risky, this latest study shows results to the contrary. It concludes that identity fraud problems are not worsening. In fact, the total number of victims is declining.

I’m not sure I believe this last bit, though:

The average time to resolve an identity fraud crime dropped by 15 percent from 33 hours in 2003 to 28 hours in 2004.

A year or two ago, my friend’s debit card was compromised. Later, he found out that he’d purchased a bunch of stuff from Digital Blasphemy. That took several weeks to clear up! (I think the red tape at his bank was responsible for the length of time involved, though.)

Personally, I have no problem logging into my accounts online. I’ve even convinced my parents that its safe to do so — no easy task.

Do you Yahoo? Were you aware of this:

Yahoo is using something called “Web beacons” or a “super cookie” that tracks not only where its users go on the Yahoo network but also tracks where they go outside of the Yahoo network using a persistent file on the hard drive. Note that you have to have a Yahoo account to be tracked.

The article goes on to explain how to disable this in your Yahoo! preferences.

World Cup 2006 ‘abused for mega-surveillance project’: The 2006 World Cup is going to put RFIDs in all the tickets.

[…] you receive a fully personalized ticket containing an RFID chip; this enables authorities to check the ticket against your passport. Very little information resides on the chip: the identity check is conducted against a database at the German Football Association.

MetroPipe Products: I knew it was just a matter of time before someone did this with a keychain drive.

Carry your entire Internet communication system on a tiny USB drive. Contains a complete virtual Linux machine with privacy-enabled Open Source Internet applications.

Gmail is too creepy: Will Google become the next Microsoft — great for the masses, but looked down upon by geeks?

Presumably you have a Gmail account, and do not object to Google’s policies. But many of us will not send mail to gmail.com …Problem 1: Gmail is nearly immortal…

I touched on the some of the same issues here. I said:

Essentially GMail is a big bribe. Google is saying, “We know this system is creepy, but we give you one gigabyte of storage.” They’re counting on the fact that the downside of email scanning is offset by the generous storage limits. I guess it’s up to the consumer to decide if this is true.

On another note, have you finally arrived when a “[your name]-watch.com” site hits the Net? When gadgetopia-watch.com is launched, I’m buying a Lexus.

According to a New York Times article,The Spring (TX) Independent School District is trying a new program to help keep track of the 28,000 kids in the system, and hopefully track them down in case they get kidnapped. The system uses ID badges with RFID chips; readers on the buses and others at the schools’ entrances log when and where the kids get on and get off the bus, and when they arrive and leave the building, using cel phones to transmit that information back to the office. The system is monitored by the local cops and school administrators, and eventually parents will have access to the information about their own kids.

The system sounds like a good idea; keep track of the kids to make sure they get to school and back home safely. But once a system like this is in place, people will be bound to start exploring other things they can do with it, which makes the thing more complex and costly to administer. I think that it would also make the kids tend to be less adventurous. Doing stuff you’re not supposed to do and going places you’re not supposed to go is part of growing up; if a kid can be tracked by satellite (not yet, but it could happen) where is the adventure? And given the presence of certain systems already in place, the Big Brother possibilities are downright scary.

The Spring, TX, system, like other systems being used in other schools around the country, is prone to huge failures not because of inherent problems with the technology, but because it relies on the kids taking their badges with them, and keeping them. If the kids in Spring, TX, are anything like mine, they have to be reminded to take a coat along with them in the morning, so why would they be any better at remembering a little badge that doesn’t do anything for them? Then there are the class clowns who will inevitably swap cards with their buddies just to screw with the system. Lots of possibilities.

The trouble is, school administrators are aware of this built-in flaw, and are already talking about implanted RFID chips. That’s where it gets a bit scary. I carry a badge with me with an RFID chip in it for work; it’s part of the security system that lets people into the places they are allowed, and keeps the riff-raff out (or is supposed to anyway.) So I have nothing against using the technology, but don’t be talkinig about sticking something like that under my skin, or under my kids’ skin. That’s where I draw the line.

Does Big Brother Want to Watch?: Security Guru Bruce Schneier writes about a supposed plan to embed password details in RFID chips under the skin. They could be read by a holding some device within a few centimeters of the skin.

Unfortunately, RFID chips can be read by any reader, not just the ones at passport control. The upshot of this is that travelers carrying around RFID passports are broadcasting their identity.

Think about what that means for a minute. It means that passport holders are continuously broadcasting their name, nationality, age, address and whatever else is on the RFID chip. It means that anyone with a reader can learn that information, without the passport holder’s knowledge or consent. It means that pickpockets, kidnappers and terrorists can easily — and surreptitiously — pick Americans or nationals of other participating countries out of a crowd.

It’s tough to think of a worse idea than this. Isn’t there some Biblical angle to this as well?