[LINK] Keeping our web browsing safe from News International
Tom Worthington
tom.worthington at tomw.net.au
Mon Jul 18 10:33:10 AEST 2011
On 17/07/11 16:54, Roger Clarke wrote (was: "[LINK] RFC: Negative
Assessment of Mozilla BrowserID"):
> ... comments are urgently sought on ... Reactions to Mozilla's
> BrowserID Proposal http://www.rogerclarke.com/II/BrowserID-1107.html
Okay, some quick comments below. I suggest you could make it a little
more topical by connecting it to the News of the World phone hacking
scandal:
"Title: Keeping our web browsing safe from News International
The UK government is investigating claims of phone hacking by staff of
the News of the World with the assistance of corrupt police officers.
But this may be just the tip of the iceberg. Browsing the web leaves a
trail of information. Are these Internet records safe from media
intrusion, with, or without, the assistance of corrupt government
officials? Has this information been used to invade the privacy of
ordinary citizens and breech the security of governments? What steps are
needed to prevent it? Will new web browser features, such as Mozilla
BrowserID, make us less, rather than more, secure?"
> 1. Introduction
>
> In July 2011, Mozilla announced an identity authentication mechanism
> based on email-addresses and digital signatures. Its intention is to
> embed the facility in Mozilla browser-functionality, and to provide
> an at least interim identity-server in the meantime. ...
But what is the BrowserID actually for? What is Mozilla trying to
accomplish? Is your concern that it will not do what it is intended to
do, or that what it is intending to do is not a good idea, or that it
has bad side-effects?
> On reading the ArsTechnica article (15 July 2011) that publicised the
> announcement, I felt a number of concerns about the initiative, and
> expressed them to Lauren Weinstein, and the comments were published
> on his Privacy Forum. ...
Who is "Lauren Weinstein"? This might make an interesting footnote, but
doesn't explain what the problem is.
> This document expands on my original expression of concern. It is
> based on a critical reading of 'How BrowserID Works', of c. 3 July
> 2011, mirrored here. ...
You still haven't told us what the problem is.
> It is important for many personal, social, economic and political
> reasons to sustain separation of a person's multiple identities in an
> electronic world. ...
So is the problem that the BrowserID doesn't allow multiple
personalities? Would allowing them fix the problem? If so, then perhaps
you should suggest it.
> ... wide variety of assaults are being conducted
> on individual freedoms, by governments and business alike, and a
> considerable amount of invasive technology is being developed in
> support of those assaults. ...
You are more likely to have your article read if you leave this out.
Just tell us what the problem is in this case, rather than make an
X-files conspiracy out of it.
> It is vital for a number of personal, social, economic and political
> reasons to sustain anonymous communications and anonymous access to
> information in an electronic world. ...
Most governments and organizations would argue that anonymous
communication is a threat to
civilization/democracy/capitalism/communism/baathism/newslimitedism
(except where they are trying to undermine someone else's regime).
By including this strong assertion for anonymity you are likely to have
your paper dismissed as the rantings of an extreme libertarian opposed
to
civilization/democracy/capitalism/communism/baathism/news-limited-ism.
Better to just address the issue of BrowserID.
ps: How much bigger would the News-of-the-World scandal be if the
journalists hacked into on-line accounts, not just phone messages? How
can it be that with the resources available to a publication like
News-of-the-World they did not hack into on-line accounts?
--
Tom Worthington FACS CP HLM, TomW Communications Pty Ltd. t: 0419496150
PO Box 13, Belconnen ACT 2617, Australia http://www.tomw.net.au
Adjunct Senior Lecturer, School of Computer Science, The
Australian National University http://cs.anu.edu.au/courses/COMP7310/
Visiting Scientist, CSIRO ICT Centre: http://bit.ly/csiro_ict_canberra
More information about the Link
mailing list