Feeds

Security: Is technology saint or sinner?

Data pragmatism

SANS - Survey on application security programs

Analysis The latest problem to be thrown at us, on top of war, global warming, disease etc, is that we are "sleepwalking into a surveillance society".

The worry is that, owing to all the data being collected these days, we no longer have any real privacy.

We are covered by cameras, the "powers that be" have oodles of information on every one of us, and the private sector has got in on the act with the likes of loyalty cards.

Yet, the vocal groups (and who knows if these are the minority or the majority) want it all ways.

They want their privacy, while trying to make sure that all these Johnny Foreigners don't come over uninvited, that the "man next door" doesn't claim sickness benefit while on a mountaineering holiday in Tibet and, that when needed, the emergency services will have everything at their fingertips to know exactly what drugs can and can't be given to you while you're lying in the road, and/or have access to high-definition CCTV footage to identify who it was who kicked seven shades of the proverbial out of you.

I think that we need to look at pragmatism and try to put "privacy" into context. What do we mean by privacy here?

Do we really think that all of the 13 million CCTV cameras in the UK are being watched by forces which are just waiting for us to inadvertently drop a paper hankie on the street?

Do we really believe that hordes of people are sitting in some dusty basement in Cheltenham reading the email that you sent with that particularly non-PC joke in it?

Are we worried that we might just get caught after we've mugged some poor unfortunate?

Could this be it? We're not really bothered about privacy as such, but we're worried that we might get caught? Speed cameras would seem to be a prime example of this privacy argument.

There are many groups and individuals whose worries are more pragmatic: the security, integrity and accuracy of the information being held on us. This has less to do with privacy, and more to do with reality.

For example, if I'm the person lying in the middle of the road, I do want the paramedics, police and fire brigade to know that I am allergic to penicillin, that I have epilepsy, and that I am already on a collection of prescription drugs for a range of problems.

This knowledge could save my life and, as I am a simple soul, I don't care who knows all of this. Now, let's say that I was the chief executive of a major company that is just going through a sensitive acquisition.

My medical records could say that I have only a few months to live. This is very important for the medical profession to know, but probably not what I'd want splashed over the financial pages of the papers.

There's also the problem of what the "powers that be" will do with information. All we have to do is look at the likes of Hoover, Beria, Trotsky, and Hitler as to what can happen when too much information is given to someone who is a little on the unstable side.

But, the majority of these despots did their dirty work without technology. So is it technology that is to blame? Yes, technology means that we can gather and analyse a lot more information.

Yes, technology means that people thousands of miles away are just like the risks of having cleaners in the office 50 years ago: if you don't take careful steps, you're leaving everything available to them. Yes, the black hats (bad hackers) are cleverer than ever and there are relatively more of them.

But does this mean that we should ban any database of information held on us? Does it mean that all information should be kept in isolation from other information?

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.