Thursday, February 19, 2015

Privacy as currency of the digital world

At some extent, everyone wants to defend his privacy. We all understand privacy as a right, and therefore, do not hesitate to fight for it when we feel that it is being violated.

However, we jump to our Facebook profile and carelessly upload photos of us and other people. We chat shamelessly on Twitter letting the rest of humanity to know our geolocation, and we open our email account on any computer, whether it is a personal or a public one. The way we protect our privacy is quite poor indeed.

The Spanish agency for data protection AEDP recently published the results of a cookie analysis carried out on the 500 Europe's most visited websites. Data is overwhelming: only 16% of sites properly inform users of the use they do of cookies and offer them basic control over these files. 26% do not even inform of their use, and 70% are from third-party services, which more than half of them are controlled by 25 major advertising companies and social networks.

Privacy concerns us, but when we really have to take action, no one moves. If this happens in fully democratic countries, you can imagine how it will be in places like Russia. The Russian government plans to 'ban' any VPN service in its territory, including those working on the TOR network. The reason given may sound pretty familiar: the fight against terrorism. Actually it has repeatedly been said that this is the “weapon” of most governments to restrain the freedom of anonymity of their citizens. In fact, anonymity and privacy are two inseparable values.

Sometimes danger comes from where you least expect it. Can a Barbie become a vector for espionage and / or data theft? Well, it could be possible thanks to the new talking Barbies. This dolls are able to connect to the Internet and find the right answers for their owner’s questions. But a man-in-the-middle attack may allow the attacker to spit insults or take the toy as a "scapegoat" for large-scale attack.

We love jokes indeed. While a few months ago researchers found some ways to deny WhatsApp service on Android devices by sending a large text, now two Spanish researchers did the same with GMail client. Mismanagement of the headers (content disposition) by the app seems to be enough to deny Gmail service to any Android devices. If you are affected by this kind of bad joke, you will have to access your webmail and delete such large message to regain access to your account from your Gmail app.

Personal security is highly important, but it is even more critical in industrial environments where a breach can mean loads of sensitive data published or endanger many people’s lives. The Spanish National Cybersecurity Center recently released a paid manual on how to manage security in industrial environments, regarding experiences from 2014.

As you can see, privacy and security in communications are sadly the currency of the digital world.


Post a Comment