How to Muddy Your Tracks on the Internet

From http://www.nytimes.com/2012/05/03/technology/personaltech/how-to-muddy-your-tracks-on-the-internet.html:

How to Muddy Your Tracks on the Internet
By KATE MURPHY
Published: May 2, 2012

Legal and technology researchers estimate that it would take about a month for Internet users to read the privacy policies of all the Web sites they visit in a year. So in the interest of time, here is the deal: You know that dream where you suddenly realize you’re stark naked? You’re living it whenever you open your browser.

There are no secrets online. That emotional e-mail you sent to your ex, the illness you searched for in a fit of hypochondria, those hours spent watching kitten videos (you can take that as a euphemism if the kitten fits) — can all be gathered to create a defining profile of you.

Your information can then be stored, analyzed, indexed and sold as a commodity to data brokers who in turn might sell it to advertisers, employers, health insurers or credit rating agencies.

And while it’s probably impossible to cloak your online activities fully, you can take steps to do the technological equivalent of throwing on a pair of boxers and a T-shirt. Some of these measures are quite easy and many are free. Of course, the more effort and money you expend, the more concealed you are. The trick is to find the right balance between cost, convenience and privacy.

Before you can thwart the snoopers, you have to know who they are. There are hackers hanging around Wi-Fi hot spots, to be sure. But security experts and privacy advocates said more worrisome were Internet service providers, search engine operators, e-mail suppliers and Web site administrators — particularly if a single entity acts in more than one capacity, like Google, Yahoo, Facebook and AOL. This means they can easily collect and cross-reference your data, that is, match your e-mails with your browsing history, as well as figure out your location and identify all the devices you use to connect to the Internet.

“The worst part is they sell this extremely creepy intrusion as a great boon to your life because they can tailor services to your needs,” said Paul Ohm, an associate professor at the University of Colorado Law School in Boulder who specializes in information privacy and computer crime. “But do most people want to give that much away? No.”

He advised logging off sites like Google and Facebook as soon as practicably possible and not using the same provider for multiple functions if you can help it. “If you search on Google, maybe you don’t want to use Gmail for your e-mail,” he said.

If you do not want the content of your e-mail messages examined or analyzed at all, you may want to consider lesser-known free services like HushMail, RiseUp and Zoho, which promote no-snooping policies. Or register your own domain with an associated e-mail address through services like Hover or BlueHost, which cost $55 to $85 a year. You get not only the company’s assurance of privacy but also an address unlike anyone else’s, like me@myowndomain.com.

Or you can forgo trusting others with your e-mail correspondence altogether and set up your own mail server. It is an option that is not just for the paranoid, according to Sam Harrelson, a middle-school teacher and self-described technology aficionado in Ashville, N.C., who switched to using his own mail server this year using a $49.99 OS X Server and $30 SpamSieve software to eliminate junk mail.

“The topic of privacy policies and what lies ahead for our digital footprints is especially fascinating and pertinent for me, since I work with 13- and 14-year-olds who are just beginning to dabble with services such as Gmail and all of Google’s apps, as well as Facebook, Instagram, social gaming,” he said. “I have nothing to hide, but I’m uncomfortable with what we give away.”

But even with your own mail server, Google will still have the e-mails you exchange with friends or colleagues with Gmail accounts, said Peter Eckersley of the Electronic Frontier Foundation, a digital rights advocacy group in San Francisco. “You’re less exposed,” he said. “But you can’t totally escape.”

Another shrouding tactic is to use the search engine DuckDuckGo, which distinguishes itself with a “We do not track or bubble you!” policy. Bubbling is the filtering of search results based on your search history. (Bubbling also means you are less likely to see opposing points of view or be exposed to something fresh and new.)

Regardless of which search engine you use, security experts recommend that you turn on your browser’s “private mode,” usually found under Preferences, Tools or Settings. When this mode is activated, tracking cookies are deleted once you close your browser, which “essentially wipes clean your history,” said Jeremiah Grossman, chief technology officer with WhiteHat Security, an online security consulting firm in Santa Clara, Calif.

He warned, however, that private mode does nothing to conceal your I.P. address, a unique number that identifies your entry or access point to the Internet. So Web sites may not know your browsing history, but they will probably know who you are and where you are as well as when and how long you viewed their pages.

Shielding your I.P. address is possible by connecting to what is called a virtual private network, or V.P.N., such as those offered by WiTopia, PrivateVPN and StrongVPN. These services, whose prices price from $40 to $90 a year, route your data stream to what is called a proxy server, where it is stripped of your I.P. address before it is sent on to its destination. This obscures your identity not only from Web sites but also from your Internet service provider.

Moreover, these services encrypt data traveling to and from their servers so it looks like gibberish to anyone who might be monitoring wireless networks in places like coffee shops, airports and hotels.

While V.P.N. providers generally have strict privacy policies, Moxie Marlinspike, an independent security researcher and software developer in San Francisco, said, “It’s better to trust the design of the system rather than an organization.” In that case, there is Tor, a free service with 36 million users that was originally developed to conceal military communications. Tor encrypts your data stream and bounces it through a series of proxy servers so no single entity knows the source of the data or whence it came. The only drawback is that with all that bouncing around, it is very S-L-O-W.

Free browser add-ons that increase privacy and yet will not interrupt your work flow include Ghostery and Do Not Track Plus, which prevent Web sites from relaying information about you and your visit to tracking companies. These add-ons also name the companies that were blocked from receiving your data (one social network, five advertising companies and six data brokers on a recent visit to CNN.com), which is instructive in itself.

“Companies like Google are creating these enormous databases using your personal information,” said Paul Hill, senior consultant with SystemExperts, a network security company in Sudbury, Mass. “They may have the best of intentions now, but who knows what they will look like 20 years from now, and by then it will be too late to take it all back.”

A version of this article appeared in print on May 3, 2012, on page B7 of the New York edition with the headline: How to Muddy Your Tracks on the Internet.

IEEE ComputerWise- Two US Appeal Court Opinions Throw Software-related-theft Laws a Curve

From http://newsmanager.commpartners.com/ieeecw/issues/2012-05-02-email.html:

IEEE ComputerWise
Software, Systems and IT: News and Analysis May 2, 2012

Two US Appeal Court Opinions Throw Software-related-theft Laws a Curve

by Robert N. Charette
The U.S. Congress may have to revamp laws that ostensibly set the rules regarding what constitutes illegal activity when it comes to information technology. The U.S. Court of Appeals for the Ninth Circuit overturned the conviction of someone charged with stealing proprietary data from a former employer, reasoning that the wording of the law that prosecutors said he violated points specifically to hacking into computer systems and not the misappropriation of information residing there by an otherwise authorized user. A day later, a separate appeals court overturned the conviction of another defendant whose lawyers successfully appealed his conviction for violating that same law and two others—again arguing that the facts of the case didn’t fit the wording of the criminal statutes.

IEEE ComputerWise- Two US Appeal Court Opinions Throw Software-related-theft Laws a Curve

From http://newsmanager.commpartners.com/ieeecw/issues/2012-05-02-email.html:

IEEE ComputerWise
Software, Systems and IT: News and Analysis May 2, 2012

Two US Appeal Court Opinions Throw Software-related-theft Laws a Curve

by Robert N. Charette
The U.S. Congress may have to revamp laws that ostensibly set the rules regarding what constitutes illegal activity when it comes to information technology. The U.S. Court of Appeals for the Ninth Circuit overturned the conviction of someone charged with stealing proprietary data from a former employer, reasoning that the wording of the law that prosecutors said he violated points specifically to hacking into computer systems and not the misappropriation of information residing there by an otherwise authorized user. A day later, a separate appeals court overturned the conviction of another defendant whose lawyers successfully appealed his conviction for violating that same law and two others—again arguing that the facts of the case didn’t fit the wording of the criminal statutes.

How to Delete Your Google Browsing History Before Google Changes its Privacy Policy – Dr. Carolyn Turbyfill

turbyfillFrom http://www.digitaljournal.com/article/320137:

How to delete your Google Browsing History before new policy

JohnThomas

By JohnThomas Didymus

Feb 24, 2012 in Internet
1 more article on this subject:

ACM Tech News – an excellent resource

From http://technews.acm.org:
Welcome to the April 27, 2012 edition of ACM TechNews, providing timely information for IT professionals three times a week.

ACM TechNews mobile apps are available for Android phones and tablets  and for iPhones  and iPads .

HEADLINES AT A GLANCE
In U.S.-Russia Deal, Nuclear Communication System May Be Used for Cybersecurity
Computer Surveillance Will Help Keep an Eye on National Security
Tiny Crystal Revolutionizes Computing
Tech Needs Girls: World Leaders Draw Up Roadmap for Female Tech Education and Careers Push
CAPTCHA, Crowdsourcing Pioneer von Ahn Captures Grace Murray Hopper Award
Algorithmic Incentives
Dynasty? U of W Repeats as National Cyber Defense Champ.
NSF, SRC Partner on Failure-Resistant Systems
In U.S.-Russia Deal, Nuclear Communication System May Be Used for Cybersecurity
Washington Post (04/27/12) Ellen Nakashima

U.S. and Russian negotiators are close to completing a deal in which a secure communications channel originally established to prevent misperceptions that might lead to a nuclear conflict will be expanded to accommodate cybersecurity. U.S. officials and experts from both countries say the Nuclear Risk Reduction Center would be a major step forward in the initiative to guarantee that misunderstandings in cyberspace do not escalate to full hostilities. The system features computer terminals at the U.S. State Department and the Russian Defense Ministry that are manned 24 hours a day, and it permits the rapid translation of electronic messages to key officials. Officials say that in the event of a cyberincident, the communications channel could be triggered if either Russia or the U.S. identifies seemingly hostile cyberactivity. The channel’s use would only be mandated if the activity is of “such substantial concern that it could be perceived as threatening national security,” according to an Obama administration official. The official notes the Russians asked for a phone-based hotline between the White House and the Kremlin for cyberincidents that is separate from the nuclear hotline. The pact would be the first between the U.S. and another nation that aims to lower the likelihood of a cyberconflict.
View Full Article | Return to Headlines

Computer Surveillance Will Help Keep an Eye on National Security
Queensland University of Technology (04/26/12) Stephanie Harrington

Technology that combines two-dimensional (2D) and three-dimensional (3D) video images taken from a variety of challenging environments will make it easier to identify people who are not facing cameras, according to Queensland University of Technology researchers. Queensland professors Sridha Sridharan and Clinton Fookes plan to develop mathematical algorithms that will make it possible to take features from video and convert them into a model capable of recognizing and matching facial features. “What we are trying to do is use multiple cameras in space to reconstruct a face in 3D, or use multiple images over time of the same face to reconstruct into 3D,” Fookes says. “Once we have the information, the system will then be able to identify a shortlist of possible candidates and it will then be up to a human observer to authenticate the correct match.” The result of the project will be a set of tools for facial analysis in visual surveillance and video content extraction applications. The surveillance technology would benefit law enforcement agencies, which often struggle with poor quality video and images during investigations.
View Full Article | Return to Headlines

Tiny Crystal Revolutionizes Computing
University of Sydney (04/26/12) Verity Leatherdale

Researchers at the University of Sydney, the U.S. National Institute of Standards and Technology, Georgetown University, North Carolina State University, and the Council for Scientific and Industrial Research have developed a tiny crystal that enables a computer to perform calculations that are too difficult for the world’s most powerful supercomputers. “The system we have developed has the potential to perform calculations that would require a supercomputer larger than the size of the known universe–and it does it all in a diameter of less than a millimeter,” says Sydney’s Michael Biercuk. The new quantum simulator is potentially faster than any known computer by 10 to the power of 80, according to the researchers. They say the crystal goes beyond all previous experimental attempts in providing “programmability” and the critical threshold of qubits needed for the simulator to exceed the capability of most supercomputers. The simulator also can be used to gain insights about complex quantum systems. “We are studying the interactions of spins in the field of quantum magnetism–a key problem that underlies new discoveries in materials science for energy, biology, and medicine,” Biercuk says.

Tech Needs Girls: World Leaders Draw Up Roadmap for Female Tech Education and Careers Push
International Telecommunication Union (04/26/12)

American, European, African, and Asian leaders recently gathered for a high-level dialogue hosted by the International Telecommunication Union (ITU) to outline a roadmap to get more girls into technology-oriented studies and careers. ITU Secretary-General Hamadoun Toure says information and communications technology (ICT) jobs are expected to greatly outstrip the supply of professionals to fill them within the next 10 years, which represents “an extraordinary opportunity for girls and young women.” He stresses that stereotypes and obsolete attitudes about ICT careers being too difficult, unfeminine, or boring for girls should be abolished. “Encouraging girls into the technology industry will create a positive feedback loop–in turn … inspiring new role models for the next generation,” Toure says. Other factors the dialogue identified as collectively impeding girls’ progress in technology fields are a geeky image of the tech discipline promulgated by the popular media, misguided school-age career counseling, a lack of inspirational female role models, and a shortage of supportive home- and workplace-based frameworks. Toure urged the event’s participants to work with ITU on a three-year Tech Needs Girls campaign concentrating on the themes of empowerment, equality, education, and employment.

CAPTCHA, Crowdsourcing Pioneer von Ahn Captures Grace Murray Hopper Award
Network World (04/26/12) Bob Brown

Carnegie Mellon University associate professor Luis von Ahn has received ACM’s 2011 Grace Murray Hopper Award, which recognizes outstanding work from young computer professionals and comes with a $35,000 prize. Von Ahn’s latest project, Duolingo, helps people learn foreign languages while translating text on the Web. “Professor von Ahn’s breakthrough research has changed the game for how we use computers,” says ACM president Alain Chesnais. “His innovations impact our personal usage of computing devices and make commercial applications of computing more secure.” Von Ahn’s accomplishments also include the development of the widely used Completely Automated Public Turing Tests to Tell Computers and Humans Apart technology, a challenge-response test designed to ensure that the response is from a person. A second generation of the technology uses crowdsourcing to simultaneously digitize books. Chesnais says von Ahn’s “potential for further altering how we work and play in the digital age seems boundless.”

Algorithmic Incentives
MIT News (04/25/12) Larry Hardesty

Massachusetts Institute of Technology (MIT) professor Silvio Micali and graduate student Pablo Azar have developed a type of mathematical game called a rational proof, which varies interactive proofs by giving them an economic component. Rational proofs could have implications for cryptography, but they also could suggest new ways to structure incentives in contracts. Research on both interactive proofs and rational proofs falls under the designation of computational-complexity theory, which classifies computational problems according to how hard they are to solve. Although interactive proofs take millions of rounds of questioning, rational proofs enable researchers to establish one round of questioning. With rational proofs, “we have yet another twist, where, if you assign some game-theoretical rationality to the prover, then the proof is yet another thing that we didn’t think of in the past,” says Weizmann Institute of Science professor Moni Naor. Rational-proof systems that describe simple interactions also could have applications in crowdsourcing, Micali says. He notes that research on rational proofs is just getting started. “Right now, we’ve developed it for problems that are very, very hard,” Micali says. “But how about problems that are very, very simple?”

Dynasty? U of W Repeats as National Cyber Defense Champ.
Government Computer News (04/25/12) William Jackson

A team from the University of Washington recently won the National Collegiate Cyber Defense Competition for the second straight year, defeating regional champions from nine other schools. The tournament, which began in 2005, is part of a nationwide effort to identify and develop cybersecurity talent. The U.S. Air Force Academy finished second in the competition and Texas A&M University came in third. As part of the competition, each team was given an operational network for a fictional Web services hosting company with subsidiary retail operations, such as email, Web sites, data files and users. The network had to be operated and services maintained in the face of outside attacks. The teams were scored on their ability to maintain services while completing business tasks and lost points for failing to meet service-level agreements. In addition, cloud computing was a major component of the competition this year, says University of Washington cybersecurity program director Melody Kadenko. She notes that teamwork helped the Washington team win the competition. “The most important component was how they interact with each other,” Kadenko says. “They already had the knowledge … but you can’t teach how to get along with somebody.”

NSF, SRC Partner on Failure-Resistant Systems
CCC Blog (04/24/12) Erwin Gianchandani

The U.S. National Science Foundation (NSF) and the Semiconductor Research Corp. (SRC) recently announced Failure-Resistant Systems, a joint initiative that seeks proposals for new techniques that would ensure the reliability of systems. The proposals should focus on a system-level cross-layer approach to reliability, and encompass the failure mechanisms of both digital and analog components. Such a technique would potentially offer high reliability and lower power and performance overheads. “By distributing reliability across the system design stack, cross-layer approaches can take advantage of the information available at each level, including even application-level knowledge, to efficiently tolerate errors, aging, and variation,” the initiative’s solicitation says. “This will allow handling of different physical effects at the most efficient stack layer, and can be adapted to varying application needs, operating environments, and changing hardware state.” NSF and SRC plan to fund 15 to 20 awards, each ranging from $300,000 to $400,000, over three years. The deadline for proposals is June 26, 2012.