Saturday, March 31, 2007

Privacy, Social Media, Censorship and more

I just read several papers presented last June at the 6th Workshop on Privacy Enhancing Technologies in Cambridge, England. They were fascinating reads and are highly recommended.

Imagined Communities Awareness, Information Sharing, and Privacy on the Facebook focuses upon the quantity of data that is unwittingly shared on Facebook and other social networking sites.

Some [users] manage their privacy concerns by trusting their ability to control the information they provide and the external access to it. However, we find significant misconceptions among some members about the online community’s reach and the visibility of their profiles.

Ignoring the Great Firewall of China examines how governments, not only China's, prevent access to websites. Sometimes there is a bona fide law enforcement aspect of it such as access to child pornography and in counter-terrorism. Regardless of the legitimacy of a particular action, anyone interested in privacy issues ought to be aware of the activity.

The so-called "Great Firewall of China" operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST tag set) are sent to both endpoints of the connection, which then close. However, because the original packets are passed through the Firewall unscathed, if the endpoints completely ignore the Firewall's resets, then the connection will proceed unhindered. Once one connection has been blocked, the Firewall makes further easy-to-evade attempts to block further connections from the same machine. This latter behaviour can be leveraged into a denial-of-service attack on third-party machines.

No comments:

Post a Comment