Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Taking Back Control of Your Data, With Fine Grained, Explicit Permissions

timothy posted 1 year,17 days | from the consent-as-a-dialogue dept.

Government 55

BrokenHalo writes with a story at New Scientist outlining one approach to reclaiming your online privacy: a software gatekeeper (described in detail in a paper from last year) from two MIT developers. "Developers Sandy Pentland and Yves-Alexandre de Montjoye claim OpenPDS (PDF) disrupts what NSA whistleblower Edward Snowden called the 'architecture of oppression,' by letting users see and control any third-party requests for their information – whether that's from the NSA or Google. Among other things, the Personal Data Store includes a mechanism for fine-grained management of permissions for sharing of data. Personally, I'm not convinced that what the NSA demands outright to be shared is as relevant as what they surreptitiously take without asking."

Sorry! There are no comments related to the filter you selected.

I see a problem... (4, Interesting)

hercludes (2935741) | 1 year,17 days | (#45047891)

Regardless if this is a good idea with good implementation, people will find a way to get data openPDS is trying to hide. And it sounds like people who use this will only store more 'sensitive' information; digging themselves in a deeper hole.

Re:I see a problem... (1)

Anonymous Coward | 1 year,16 days | (#45052503)

Yes, their naivete is so cute.
From the FA: " People hosting openPDS at home would always know when entities like the NSA request their data, because the law requires a warrant to access data stored in a private home."

Needs to be an appliance.. (2, Interesting)

xtal (49134) | 1 year,17 days | (#45047907)

I already monitor all the traffic into and out of my network - there's lots you have no idea about.

Has to be an appliance.. but that's cheap. Making it easy to understand might open quite a few people's eyes...

Re:Needs to be an appliance.. (2)

icebike (68054) | 1 year,17 days | (#45048021)

I already monitor all the traffic into and out of my network - there's lots you have no idea about.

Has to be an appliance.. but that's cheap. Making it easy to understand might open quite a few people's eyes...

Really? All traffic?
Seems unlikely. Or, that your network actually does nothing, and has no significant data.

Because there are a million ways insiders can sneak data out, some of which requires visual
inspection. (That email with pictures? No algorithm is going to detect that it is a screen shot
of your secret stuff). That wrist watch? Its really a USB drive. Someone filling out a form
on a SSL website?

Re:Needs to be an appliance.. (3, Interesting)

smitty_one_each (243267) | 1 year,16 days | (#45048167)

And did you review all of the logic on your chip, just to make sure some of the "redundant" circuits might be less redundant than you think?
That spare core seems. . .strangely active, if you know what I mean, and I think you don't.

Re:Needs to be an appliance.. (1)

Z80a (971949) | 1 year,16 days | (#45049955)

Given the ridiculously small tracks, i bet its quite easy to create some "spread" circuit that assembles a much less powerful CPU over the regular tracks. Just add a transistor here, a transistor there, and some really long "roads" and you wont be able to clock very high, but not everything evil requires fast clocking anyway.

Re:Needs to be an appliance.. (1)

smitty_one_each (243267) | 1 year,16 days | (#45050219)

You can label these shadow circuits "evil spirits", and do brisk business in the digital exorcism market.

Re:Needs to be an appliance.. (4, Insightful)

xtal (49134) | 1 year,16 days | (#45048945)

It's quite easy to monitor all traffic.

Monitoring is not the same thing as analyzing.. but I am quite certain I know where my packets are headed - at least when they're sent from my gateway. That's how the internet works.

Re:Needs to be an appliance.. (1)

Fnord666 (889225) | 1 year,16 days | (#45051589)

Monitoring is not the same thing as analyzing.. but I am quite certain I know where my packets are headed - at least when they're sent from my gateway. That's how the internet works.

But are you sure you know everything that is in those packets? Nothing extra in those DNS requests [google.com] leaving your network?

Pretty sure. (0)

Anonymous Coward | 1 year,15 days | (#45059281)

Monitoring is not the same thing as analyzing.. but I am quite certain I know where my packets are headed - at least when they're sent from my gateway. That's how the internet works.

But are you sure you know everything that is in those packets? Nothing extra in those DNS requests leaving your network?

Nothing is truly certain in this vale of tears, but if you can't depend on tcpdump and wireshark, you may as well give up now.

Oh the naivete!! (1, Insightful)

fustakrakich (1673220) | 1 year,17 days | (#45047929)

How many times do you people need to be told? If it's on a network, any network, it is out of your control! You really think you can stop the NSA, Google, or any of them?

Re:Oh the naivete!! (5, Funny)

coldmist (154493) | 1 year,16 days | (#45048101)

You bet I can! I have my robots.txt file up to date, you know.

Re:Oh the naivete!! (2)

Samantha Wright (1324923) | 1 year,16 days | (#45048175)

It's basically like asking Google to set the evil bit [ietf.org] when they poll your data. I am mesmerized that the MIT Media Lab would turn out something so obviously incapable of disrupting the current ecosystem.

Re:Oh the naivete!! (1)

fustakrakich (1673220) | 1 year,16 days | (#45048273)

Redundant? Redundant?? I'll show you redu... oh wait, you're right. NSA and Google are redundant!

Oops..

I feel so very sorry...

More useful (5, Insightful)

Rosco P. Coltrane (209368) | 1 year,16 days | (#45048099)

Instead of a gatekeeper, I'd rather have a layer of software that automatically lies about myself (such as always giving my name as "John Doe" or my GPS location as being somewhere in the open desert near Timbuktu or something), so that not only the data hoarders don't get my personal information, but their data pool gets polluted. Bad data is much more of a problem to them than no data at all.

Re:More useful (3, Interesting)

peragrin (659227) | 1 year,16 days | (#45048171)

not really they don't care about bad or missing data. the piles of data are to large.

Seriously my credit report lists a name of a relation that hasn't existed in 18+ years. And when it did exist it lasted less than 6 months.( a very short marriage of a relation,not mine). But nobody cares about accurate useful data, only if they have it or not.

Take Amazon. they have a record of every purchase I have made over a similar time span. yet they only ever show me adds for things i already have. amazon won't show me something new. What good is showing me stuff that I already own/watched?

I figure just let them keep on collecting it. sooner or later they will have so much useless old data clogging their systems that it will hide you better than trying to delete and police everything.

Re:More useful (2)

bdcrazy (817679) | 1 year,16 days | (#45048327)

God help you if you order gifts through amazon as well. 'I saw you buy X, you might like Y.' Uh, nope. That was for my sister. Thanks for trying though.

Re:More useful (1)

Anonymous Coward | 1 year,16 days | (#45048551)

There's specifically a feature to say "Don't take this into account in my buying history." It's just to give Amazon even more info of course, but the suggestions will go away.

Re:More useful (1)

peragrin (659227) | 1 year,16 days | (#45049759)

the suggestions go away but it is buried deep under an odd name and your history is still there.

Re:More useful (0)

Anonymous Coward | 1 year,15 days | (#45055219)

So I should help them offer me more stuff? Its always amusing buying textbooks through them. The suggestions based on these are useless.

Re:More useful (1)

smitty_one_each (243267) | 1 year,16 days | (#45048173)

Yep. Signal-to-noise ratio. Said Smith.

Re:More useful (3, Interesting)

Anonymous Coward | 1 year,16 days | (#45048265)

Even better a botnet that does this - dictionary of names, generate pseudo-biographic info, but distributing across devices you own, device signatures similar to what you own, spoofing MAC addresses etc. Enough noise to reduce their quality & quantity of matches, but not to the point where positives csn stand out..
Now how to wreck matching against LexisNexis matches w/o wrecking Lexis-Nexis per se...

Re:More useful (1)

Anonymous Coward | 1 year,16 days | (#45048329)

Look, they have all of the data and do not have to prove a thing. As far as you or anyone else knows, the whole story is bullshit and the NSA has nowhere near the ability that we are lead to believe.

However, since what I just said sounds so stupid and obnoxious, not to be taken seriously, you know, because it's so silly and stuff, but anyway, suppose that they want to lie about having data on you that links you to the scene of the crime, what the hell could you do to argue about it? They don't have to state the ways that they have the information, because that would reveal to much "national security". So if they want to say that they have this data, then show me the data. Otherwise, shut up about it. It's all bullshit to me.

The whole idea that there's a security measure to sell to someone will be the next zeitgeist for salesmen to tamper with. If the NSA does have the things in place mentioned by Snowden, then there's nothing that you can install (software or hardware) to not route traffic through the Utah data center.

Re:More useful (2, Informative)

Anonymous Coward | 1 year,16 days | (#45048399)

If you use Android... openPDroid: http://forum.xda-developers.com/showthread.php?p=36678558

Re:More useful (2)

Nemyst (1383049) | 1 year,16 days | (#45048459)

That's too obvious, though. In order to properly pollute data, you need to provide information which seems legitimate, but isn't. John Doe in Timbuktu one hour and Mexico City the next will likely trip any check they might have, and they'll either strip the data or try to watch you in a different fashion. A believable name with consistent locations which are entirely faked is much, much harder to filter, while still quite easy to generate.

Potential problem (5, Interesting)

Okian Warrior (537106) | 1 year,16 days | (#45048565)

Instead of a gatekeeper, I'd rather have a layer of software that automatically lies about myself (such as always giving my name as "John Doe" or my GPS location as being somewhere in the open desert near Timbuktu or something), so that not only the data hoarders don't get my personal information, but their data pool gets polluted. Bad data is much more of a problem to them than no data at all.

I've been doing that for some years.

In early September, my bank implemented a new type of authentication process. Before I could log in, it asked me a series of questions culled from the public records of my name - it said as much when it started.

The questions were multiple choice, five answers, and went like this:

In what town is 35 Granite Ave located?
. Greenville
. Lexington
. Berwick
. Nashua
. Holliston

Needless to say, I've never been to 35 Granite Ave (that I can remember), never lived there, and don't have the first clue what they were on about. My "polluted public records" came back to bite me.

The bank representative couldn't help because they don't make the web page, the web page techs can't help because they outsource to a service, &c &c. It took extreme measures from one very helpful bank rep to allow me to log in, on a system which had been giving me no problems for many yeas. I'd be screwed if it were the cable, ISP, or phone company.

I'm still in favour of polluting records. If the person asking doesn't have any business knowing whatever it is they're asking, I will lie.

It looks like I'll have to start keeping track of the lies.

Re:Potential problem (2)

Jah-Wren Ryel (80510) | 1 year,16 days | (#45049021)

It looks like I'll have to start keeping track of the lies.

Or get a new bank. I've heard of similar things - like BofA asking what color your first car was. The thing is that the low quality of information in these databases is well known. If a bank doesn't have a way to deal with their pseudo-authentication data being bad then they are just negligent - maybe ignorant, maybe sold snake-oil by the data 'proprietor' but either way it is a level of failure that should cause you to question how competent they are in other areas.

Re:Potential problem (1)

Anonymous Coward | 1 year,16 days | (#45049271)

What's even worse is when the bank asks where you stash the bodies as a recovery question...

Re:Potential problem (1)

BrokenHalo (565198) | 1 year,16 days | (#45049627)

It looks like I'll have to start keeping track of the lies.

Or else maybe train your system to send null data rather than fake stuff? I'm going to investigate openPDroid that AC mentioned earlier. Looks like a start...

Re:Potential problem (0)

Anonymous Coward | 1 year,16 days | (#45049869)

...I'm going to investigate openPDroid that AC mentioned earlier. Looks like a start...

I highly recommend it myself.

Re:Potential problem (1)

Tom (822) | 1 year,16 days | (#45049693)

It looks like I'll have to start keeping track of the lies.

Use mnemonics - if you invent an address, make the first letter of the street and the town identical. If you invent a birthday, use the same day and vary years, or the other way around. Some people use spam-catch email addresses including the sites name - e.g. tom.nameofthesite@mydomain.com - so if they get spam they know who sold their address. You can use the same trick in your invented personal data. So your G+ address is 1 Google Ave. while your FB address is 1 Facebook Road. Stuff like that.

Re: Potential problem (2)

UnknownSoldier (67820) | 1 year,16 days | (#45050537)

Uh, why aren't you using a password manager and adding a note about the fake data in the notes/extra info field??

Re:More useful (0)

Anonymous Coward | 1 year,16 days | (#45048595)

I think this is a great idea!

--
John Doe
16.775833 N, -3.009444 W

Re:More useful (0)

Anonymous Coward | 1 year,16 days | (#45048611)

I would pay for this.
I want this. No. I NEED this on my android phone.
Time for privacy to be put back in the hands of the user.

I can understand why some information is needed
Seriously though do websites really need to know my exact location? No. Not even close. They just need to know what city I am, perhaps, and even then that is something I would like to be able to select.

I came across a cinema website a year ago which automatically detects and shows you the closest cinema. There were a few problems with this the main one being that my ISP is based in another city which means that anyone trying to find my location will have it wrong.
No matter what I did I could not get the site to show me the local cinema. I sent them an email about it and now they have changed it to allow the user to select which city they are in. Why they didn't allow for change of city in the first place is frustrating. I quote this as a good example of how allowing a user to review and change metadata is needed.

The user agent plugin for firefox is very useful for 'pretending' to be another browser, in particular for websites which insist on specific browsers and versions.

Re:More useful (0)

Anonymous Coward | 1 year,16 days | (#45049351)

Ha! you mean like a disinfoBot! great idea

Re:More useful (3, Insightful)

Tom (822) | 1 year,16 days | (#45049687)

Depends on what they are using it for. If the purpose is individual identification, the data doesn't have to be correct, just unique. If they want to track you, behavior is more important than data, and so on.

But in general, I agree. When those "bonus card" systems for the supermarket etc. came to Europe, I was the guy at the CCCamp to propose everyone in the room stand up and exchange their cards with someone else at random.

But life is turning into a cyberpunk story in one important regard: The vast majority of the population doesn't know nor care about fighting this crap. Those of us who do, we are very few. We are the 1% in this aspect. Your and my data polluting doesn't change a thing in the big picture.

And that's where you are right on the money: If someone came up with a device that does that automatically, and had some other benefit related to this feature so it is of interest to grandma to use it, then you'd have ruined the current Internet top dogs business model in one brave stroke.

A little misleading (1)

fred911 (83970) | 1 year,16 days | (#45048103)

This seems to be an Android only app. What did I miss?

Re:A little misleading (3, Insightful)

icebike (68054) | 1 year,16 days | (#45048225)

You are missing the fact that the the summary, the article, and the so called detail description give not a single
clue about how it works, or even precisely what it does.

One would have to assume its some sort of elaborate ruse to see if they can sucker more people into handing over more data by offering a nebulously described so called private data gatekeeper as a free app. Undomesticated equines could not drag me to installing that app.

Re:A little misleading (1)

BrokenHalo (565198) | 1 year,16 days | (#45049653)

You are missing the fact that the the summary, the article, and the so called detail description give not a single clue about how it works, or even precisely what it does.

You can thank the /. editors for that. (Sigh...)

In my (now totally re-written) submission I provided a link to the actual NS article (which is still up there on the main page) and a detailed description from the developers here [idcubed.org] (PDF).

HTH.

Re:A little misleading (1)

gl4ss (559668) | 1 year,16 days | (#45048377)

it's a joke.

how the fuck could the app know if your information was requested from google by the nsa? it couldn't. furthermore google wouldn't be at the liberty to tell you.

They can still hack the guard software (1)

manu0601 (2221348) | 1 year,16 days | (#45048117)

From TFA:

People hosting openPDS at home would always know when entities like the NSA request their data, because the law requires a warrant to access data stored in a private home.

They disregard the constitution and you want them to respect the law? Indeed the government will not physically get into your house without a warrant, but we know they have no problem remotely hacking your computer [wired.com] .

Re:They can still hack the guard software (2)

Guest316 (3014867) | 1 year,16 days | (#45048149)

>Indeed the government will not physically get into your house without a warrant
The residents of Watertown might disagree:

https://www.youtube.com/watch?v=YWsbBhzxYw8 [youtube.com]

Re:They can still hack the guard software (1)

manu0601 (2221348) | 1 year,16 days | (#45048279)

Mmmm... you suggest USA's democracy is even more rotten that what I thought.

Summary (0)

Anonymous Coward | 1 year,16 days | (#45048177)

Bullshit.

(As anyone with any real knowledge of networks should know).

MIT? Garbage.

That won't work (0)

Anonymous Coward | 1 year,16 days | (#45048191)

That won't work. The NSA will just probe everyone's data. You won't know if you are targeted or just swept up like everyone else.

Fine-grained permissions? (2)

tftp (111690) | 1 year,16 days | (#45048311)

I never felt the need for fine-grained permissions. Here is the configuration that I use:

permissions {
deny all;
}

If you need something that doesn't pass through that filter, come and see me.

Reminiscent of .pdf "redaction" circa 1995 (0)

Anonymous Coward | 1 year,16 days | (#45048323)

With redacted data just paved over by a layered black line, whoops.

Because nobody would bother to.. nah. It's a BLACK LINE. Trust that the data beneath it is forever secret.

Easier to configure than SELinux? (1)

the_B0fh (208483) | 1 year,16 days | (#45048375)

Configuring it is always the hardest problem, even if everything else worked right.

Lessons of SELinux (2)

Antique Geekmeister (740220) | 1 year,16 days | (#45048979)

If the control is too fine grained, people give up and just turn off the controls altogether. I see this constantly with SELinux and complex firewalls and filesytem permissions, and two-part authentication.

DRM (0)

Anonymous Coward | 1 year,16 days | (#45049293)

I believe this is what we call Digital Rights Managment

Permissions? (1)

jandersen (462034) | 1 year,16 days | (#45049519)

...the Personal Data Store includes a mechanism for fine-grained management of permissions for sharing of data ...

You mean like in Oracle, where the list of system and object privileges cover 14 pages in the manual (version 12)? In my experience this is simply too unwieldy to use in practice; in most cases you end up defining a small handful of roles (in Oracle: a bundle of privileges) that are used for everybody. Or if you are the average, lazy guy, you just grant dba to all users; you wouldn't believe how many Oracle instances I have come across, where the SYS account still had password "CHANGE_ON_INSTALL".

There is a reason why the admittedly crude and primitive permission model of UNIX is still around: it is easy to understand and use, and it can be surprisingly effective.

Oh Great... (1)

GerryHattrick (1037764) | 1 year,16 days | (#45050159)

Ultimately-brave men are going right in to Somalia and other hell-holes to take out the nasties, while you-all are trying to make more difficult the work of the services which our taxes pay to protect us.

Re: Oh Great... (0)

Anonymous Coward | 1 year,15 days | (#45062629)

go suck on a fat dick you shill

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?