• Pyretic – A new programmer-frie...
    Pyretic – A new programmer-friendly language for SDN

    Join the Bay Area Network Virtualization (BANV) group on August 21, 2013 to hear Dr. Joshua Reich from Princeton University talk about Pyretic – a new programmer-friend [...]

    Read more
  • BANV – OpenFlow and SDN Tech Ta...

    Join the Bay Area Network Virtualization Group on April 30, 2013 for our OpenFlow and SDN Tech Talk and Hands-on Tutorial. For this event we will be hosting Srini Seetharaman [...]

    Read more
  • Ben Pfaff on OVS – Past, Presen...

    On March 20, 2013 the Bay Area Network Virtualization group hosted Ben Pfaff, the lead developer of the Open Virtual Switch (OVS). Ben gave a great presentation on the histor [...]

    Read more
  • Check out BANV
    NVIRTERS Meetup

    Software-Defined Networking (SDN) is the HOT topic in the IT industry. There’s a new meetup group dedicated to the topic of SDN and Network Virtualization. Nicknamed &# [...]

    Read more
  • Myspace – from the ashes?
    From the ashes

    They may get it right this time… I’ve been hard on Myspace – very hard. I don’t think my criticism at the time was unwarranted. Myspace had done just [...]

    Read more
  • The Business Value of SDN
    The Business Value of SDN

    Cloud computing is driving technology innovation at an ever-accelerating pace. We often get caught up in the technical aspects of new innovations and capabilities, and someti [...]

    Read more
  • Software-Defined Networking Presentat...

    Here’s the presentation I recently gave at the IEEE Smart Tech: Metro Area Workshop and the IEEE Consultants’ Network of Silicon Valley. Software-Defined Netw [...]

    Read more
  • IEEE Smart Tech: Metro Area Workshop
    IEEE Smart Tech: Metro Area Workshop

    Join me on September 29, 2012 at the IEEE Smart Tech: Metro Area Workshop in Santa Clara, CA. I will be speaking on the rapidly evolving Software-Defined Networking (SDN) mar [...]

    Read more
  • Another view of the cloud…

    I’m doing a series on cloud computing over at SAP on the Cloud. Now that cloud computing has finally passed the hype stage (for the most part), it’s time to start [...]

    Read more
  • Network Virtualization is Getting Int...
    Network Virtualization is Getting Interesting

    Remember server virtualization? You know, that technology that was the buzz of the technology world just a few short years ago. The one that got supplanted by the “clou [...]

    Read more

Posts tagged privacy

OnStar, privacy, and the world of targeted marketing analytics

Sep22nd
2011 1 Comment Written by Robert Keahey

OnStar recently announced its new Privacy Statement which can be read here. For most people, this is a non-event. If you don’t own an OnStar-equipped General Motors vehicle, you may not have seen anything at all about their latest changes. But it has raised the eyebrows of quite a few people, especially watchdogs in the privacy/security world.

OnStar has been collecting data about its subscriber base since “day 1″. If you have an OnStar-equipped vehicle and you pay your monthly fee, then you get emails reminding you of maintenance schedules and such. Actually this is a very nice service, especially since it will let you know that your left front tire is slightly below the recommended tire pressure. In addition to this service related data, OnStar also collects Global Positioning System (GPS) data that shows where you are in the event that you place a request for service (where’s the nearest Starbucks?), need driving directions, or if you are involved in an accident that results in the deployment of one or more airbags. All good stuff. READ MORE »

Business    ,

Can Diaspora cause a Facebook breakup…?

Sep2nd
2010 1 Comment Written by Robert Keahey

Is there anybody on the planet who hasn’t heard about the latest Facebook privacy issue – Facebook Places? Yet another missed opportunity for Facebook to learn from its past “mistakes”. But it depends on which side of the fence you sit on. In a nutshell, Facebook launches yet another feature that requires users to “opt out”, causing another uproar, albeit not as loud as some of the previous privacy issues. Simply put, someone can include you in their “check in” at a location. So if you’re supposed to be at home with the flu and your buddy “checks you in” at the golf course… hmmm, could be problematic. But what’s to stop them from simply doing the same in a normal Facebook update? In the end, I really don’t see this as a big issue, but still, it’s generating discussion and “action”. READ MORE »

Business, Technology   

CFP Bill of Rights – Good start, but will it have teeth?

Jun20th
2010 Leave a Comment Written by Robert

Last week the 20th ACM Conference on Computers, Freedom and Privacy was held in San Jose. CFP is comprised of privacy advocates, computer professionals, scientists lawyers and others focused on defining and promoting security and privacy in the digital age. The focus over the past couple of years, and the theme of this year’s conference is the “networked society”. No doubt the stumbles of Facebook, Google, AT&T and other lesser players were the “buzz” of the conference.

CFP has been pushing for years for a “bill of rights” to define acceptable behavior in the digital world. The final document, which was passed with only one dissenting vote, is officially known as the “Social Network Users’ Bill of Rights”. Much like the first 10 amendments to the US Constitution (aka the US Bill of Rights), the CFP Bill of Rights spells out how we would like service providers (social networks, ISPs, et al) to behave in our pursuit of “life, liberty and happiness” in the digital age. Unlike the US Bill or Rights, CFP’s version has no legal basis to enforce these rights we hold so near and dear. But in the end they “may” help shape future security and privacy legislation (some areas are already covered by internal laws). Short of that, the CFP version has little teeth. READ MORE »

Business, Technology

What Facebook could learn from the mainframe days…

May28th
2010 Leave a Comment Written by Robert

Facebook is at it again. In the latest act of this ongoing play, they’ve had a crack team “heads down” for a couple of weeks coding yet another set of changes to the privacy management features of their service. After several iterations they still haven’t gotten it right – of course “right” depends on your point of view. The data privacy advocates will continue to argue that Facebook should not share anything by default. The open internet advocates will argue that “hey, it’s the internet… get over it – you have no privacy”… Both arguments are valid.

Back in the early days of widespread mainframe deployments (at least in the IBM world), there were two basic security systems – IBM’s RACF and SKK’s ACF2 (later acquired by Computer Assoicates –> CA). These two systems took fundamentally different approaches to security. RACF assumed an “everything is open” approach, and you had to take proactive steps to secure sensitive data. ACF2 assumed an “everything is secure” approach, and you had to grant access to data. Binary approaches to the problem. Understanding these approaches is fairly easy for the end-user. It’s either secure or it’s not by default, and you work from there. READ MORE »

Business, Technology    ,

It’s 10 o’clock… do you know where your personal information is?

May2nd
2010 Leave a Comment Written by Robert

There’s been a lot of talk lately about Facebook and privacy. A lot… We all know about those scammers out there trying to seduce us into their lurid traps. And there have been numerous (and unfortunately, increasing) faux pas when it comes to losing or exposing sensitive data – some fairly significant and some not quite so far reaching, but nonetheless just plain stupid. Then there’s the issue of “big brother“…

If there’s a positive outcome to all the press about privacy and security it’s that we as participants in the digital age are becoming sensitized to the perils of sharing our personal information. Most of what we “share” is pretty benign. Name, birth date, graduation date, reading lists, what movies we like, etc. Stuff that really has little value or potential impact if it’s “discovered” by some nefarious person with evil intentions. We have been been trained not to share our credit card or banking information in response to strange emails. We take care in ensuring that websites are secure before we provide our credit card information. We use PayPal to build a firewall between buyer and seller. We have become savvy netizens…

What if I told you that some of your most sensitive information could be readily available to just about anyone who has a little technical prowess and a desire to mine thousands of documents that are easily obtained – all without your knowledge or consent? What if all the details of your bank accounts were available for full scrutiny? Or your income tax return? Or your medical records? How about your divorce decree? Or all the documents related to your DUI arrest? Pretty scary huh?

We’re all aware that when you sale, donate or recycle your computer that you need to erase all your personal information. We take these necessary precautions, even though much of the data is still recoverable unless you use sophisticated erasure techniques. But what about your documents that are owned by those in whom you place your trust? Your doctor? Your lawyer? Accountant? Bank? Law enforcement agencies? We assume that since there are laws on the books (e.g. HIPAA, the Computer Fraud and Abuse Act of 1984, the Electronic Communication Privacy Act of 1986, the CAN-SPAM Act of 2003, etc.) that reasonable steps are taken to protect our sensitive information. And in most cases, those steps are taken. But is your personal information really safe?

Here’s an example that most of us never consider. Pretty scary when you stop and think about it. Even if you’re not copying sensitive information at work, it’s a certainty that your banker, lawyer and doctor are. Next time you’re in their office, ask them about their security practices. Don’t be bashful, it could save you a lot of grief…

Technology   
Older Entries

Archives

Categories