Feeds

Anonymity is the enemy of privacy, says RSA grand fromage

There's only one letter between RSA and NSA, after all

Beginner's guide to SSL certificates

RSA Europe 2013 A dogmatic allegiance to anonymity is threatening privacy, according to Art Coviello, executive chairman of RSA.

Coviello cast anonymity as the "enemy of privacy" because it gives "free reign to our networks to adversaries" with "no risk of discovery or prosecution."

The head of EMC's security division told delegates at the RSA Conference Europe that security and privacy need to be aligned like two poles of a magnet in a trusted environment for internet commerce to flourish.

An imbalance between privacy and security was causing customers decisions to deploy Big Data technologies that could give them a much clearer picture of hacking attacks, Coviello claimed.

"Customers are caught in a Catch-22. They're afraid to deploy technology for fear of violating workers' privacy" even though security intelligence tools are ultimately the best way to protect personal information, Coviello argued.

The security leader's remarks follow on from criticism at the same show last year that privacy concerns were hampering intelligence-sharing efforts. The combined pitch caused one French wag to note that there's only one letter of difference between the NSA and RSA.

Mindful of such unflattering comparisons, Coviello admitted Big Data systems could be "misused”. He said: "Big Brother, ethics aside, will stifle innovation.”

Anonymising services and technologies that offer anonymity, such the Tor network and VPNs, have been in the news recently because of law enforcement action and intelligence agency leaks. Coviello's line was a controversial one to peddle to European audiences in the wake of the latest Snowden revelations, which put figures on the extent of NSA's dragnet spying on the phone calls of French, German and Spanish citizens.

"Many privacy advocates hold the polar opposite view to Coviello, believing anonymity online is a fundamental ingredient for online privacy," writes security consultant and blogger Dave Whitelegg. . "Art's perspective also highlights the difference in attitudes towards privacy harboured between the United States and Europe,” added Whitelegg. “The European Union was built on its citizens' rights, including the right to privacy, a right the EU wishes to see exercised online, whereas the US view tends to be 'privacy is dead', believing the right to online privacy has been given up and the privacy fight lost."

Less controversially, Coviello added that security industry needs to act less like a police headquarters that simply responds to attacks and more like beat cops who know their environment and can recognise and respond to anomalies. Big Data technologies were key moving away from a purely reactive security model to an intelligence-driven approach.

“When we understand the context of people’s ‘normal’ behaviour or how information flows on our networks, we can more clearly and quickly spot even a faint signal of any impending attack or intrusion, ” Coviello explained, “This is what makes intelligence-driven security future-proof. It eliminates the need for prior knowledge of the attacker or their methods.” ®

Remote control for virtualized desktops

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.