• United States



Privacy Freaks Rejoice: Privacy to be a ‘Hot Job Skill’ in 2012

Dec 20, 20115 mins
BiometricsData and Information SecurityData Center

Predictions continue to pour in for 2012, including privacy to be a hot job skill. Computers and smartphones that read your mind will no longer be science fiction. The latest hacker intelligence report says password security is up to enterprise; but better salt those hashed passwords or brute force and rainbow tables will crack them in a heartbeat.

Unlike, from the Captain Obvious department, when the FBI warned hacktivists are breaking the law…. IBM did go “out on a limb to predict the next five big things” but to quote Richi Jennings those IBM predictions are “full of FAIL.”

IBM claimed mind reading via computing is no longer sci-fi wishful thinking. While one of the examples given in this video was full of wow, mind reading devices could be trouble. “IBM scientists are researching how to link your brain to your devices, such as a computer or a smartphone, so you just need to think about calling someone and it happens.” Have you ever been in lust or in love where you can’t hit the zone to focus or do anything except think about a person? Your mind reading mobile device would be calling that special someone frequently, even if it wasn’t every seven seconds.

Another IBM prediction is that junk mail will become priority mail? Perhaps if you like being bombarded with ads that track you, but not if you value your privacy. Biometrics will allegedly make it so you will never need a password again — which could open a whole new can of privacy and security worms. But most users are so horrible at mixing security wisdom with passwords, that Imperva’s latest hacker intelligence report [PDF] said, “When it comes to consumers implementing good passwords, we give up. Instead of consumers, [the] responsibility rests on enterprises to put in place proper password security policies and procedures as a part of a comprehensive data security discipline.” Yet “contrary to common belief, cryptographic hash functions in general-whether they are SHA-1 or any other cryptographic function-are not impervious to hackers.”

As we’ve seen repeatedly in 2011 breaches, apply a little brute force via dictionary attacks and deadly rainbow tables, then voilà; the attacker has the keys to the kingdom. Imperva’s enterprise password worst practices [PDF] noted that cryptographic hash functions are “not a silver bullet” against rainbow tables. “Salting” when a random value is assigned to the password prior to encryption, does helps by increasing the time to crack passwords — even if it doesn’t make the salted password “hack-proof.” Imperva reported, “A salt of just a three bit length increases the storage and pre-computation time of rainbow tables eightfold.”

One of the 2012 privacy predictions by online privacy solution provider Truste states, “Privacy becomes a hot job skill – Companies will conclude that they need to hire people with in-depth privacy backgrounds to deal with increasingly complex privacy regulations, as well as emerging marketing programs like targeted advertising.” Well it’s about dang time, since I recall when being a privacy connoisseur was considered a freaky security trait.

Truste believes that in 2012 the FTC will set the attack dogs loose on “websites for privacy violations related to third-party tracking.” Hopefully the U.S. will be forced to follow EU countries individual privacy standards instead of “business as usual for the Yanks abroad.” If a product has the European Privacy Seal, such as Privnte that self-destructs after being read, then it’s a good deal.

“Location-based technology breaks national news – TRUSTe foresees innovative usages of location-based technology that will make national headlines, for example, crime solving (e.g. finding a missing child) or instigating a political downfall (use your imagination).” My skeptical viewpoint sees less of a Suzy Sunshine outlook and more like “Please Rob Me” or “I can stalk you” and even the Amazon patentto track and predict your movements via mobile devices.”

As is being seen by the great Carrier IQ disabling, if enough of us will unite, we can fight for privacy. It remains to be seen if enough geeks trying to save the Internet will be enough to save us from SOPA. If not, then maybe we should all wear t-shirts with copyrighted images, bands, or logos as bumper stickers so that all those IP surveillance cameras spying on us have to go down too? Got Firefox? Add DeSopa to “bypass SOPA DNS blocking.”

Like this? Here’s more posts:

  • Can Microsoft Xbox’s voice as a remote control win the hearts of Siri lovers?
  • Fourth Amendment’s Future if Gov’t Uses Virtual Force and Trojan Horse Warrants?
  • 4th Amendment vs Virtual Force by Feds, Trojan Horse Warrants for Remote Searches?
  • Irony: Surveillance Industry Objects to Spying Secrets & Mass Monitoring Leaks
  • Skype Exploits: I know where you are, what you are sharing, and how to best stalk you
  • Real life HAL 9000 meets Skynet: AI controlled video surveillance society
  • Lulzlover Hacked Coalition of Law Enforcement, Data Dumped for 2,400 cops and feds
  • DARPA’s Spy Telescope Will Stream Real-Time Video from Any Spot on Earth
  • Busted! DOJ says you might be a felon if you clicked a link or opened email
  • Microsoft Research: Hunting for HIV vaccine with techniques that fight spam
  • Secret Snoop Conference for Gov’t Spying: Go Stealth, Hit a Hundred Thousand Targets
  • PROTECT-IP or control freaks? Monster Cable blacklists Sears, Facebook as rogue sites
  • CNET Accused of Wrapping Malware in Windows Installer for Nmap Security Tool
  • Do you give up a reasonable expectation of privacy by carrying a cell phone?

Follow me on Twitter @PrivacyFanatic

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.