"Cloud computing - why it matters?" by Simon Wardley (OSCON '09). I like the presentation style and the presentation itself.
Wednesday, February 24, 2010
Saturday, February 20, 2010
Identity 2.0 keynote
The following keynote (found thanks to a friend of mine) is quite old, but I thought of adding it here as the presentation style used is quite interesting (the content is very useful as well). I liked it so much that I watched it twice. I think I am going copy some of his style in my presentations.
Monday, February 15, 2010
Health care identity theft
A good news article on health care identity fraud and its current status.
Theft of health care identity is relatively new; partly because it's only now people are starting to use electronic health care records. Last year, in the stimulus package, the US government allocated billions of dollars to start build a nation wide online health care record system over the next couple of years. So, I think there will be more such incidents than what we currently see.
Some stats:
...It is estimated that the number of identity fraud victims in the United States increased by 12 percent, to 11.1 million adults in 2009, while the total annual fraud amount increased by 12.5 percent, to $54 billion.
"Health insurance-related identity fraud is particularly troublesome because of the relative costs. The average identity fraud victim pays $373, while a health insurance fraud victim pays $2,228, and a health insurance fraud typically is about $12,100 in total, compared with $4,841 for an average identity fraud case."
A simple solution to minimize such frauds is to ask for multiple credentials (driver's license, student photo ID, etc.) along with the health insurance card; it is unlikely an impersonator possesses all these.
This is good news for those who do research in protecting medical records - there is a real need.
Theft of health care identity is relatively new; partly because it's only now people are starting to use electronic health care records. Last year, in the stimulus package, the US government allocated billions of dollars to start build a nation wide online health care record system over the next couple of years. So, I think there will be more such incidents than what we currently see.
Some stats:
...It is estimated that the number of identity fraud victims in the United States increased by 12 percent, to 11.1 million adults in 2009, while the total annual fraud amount increased by 12.5 percent, to $54 billion.
"Health insurance-related identity fraud is particularly troublesome because of the relative costs. The average identity fraud victim pays $373, while a health insurance fraud victim pays $2,228, and a health insurance fraud typically is about $12,100 in total, compared with $4,841 for an average identity fraud case."
A simple solution to minimize such frauds is to ask for multiple credentials (driver's license, student photo ID, etc.) along with the health insurance card; it is unlikely an impersonator possesses all these.
This is good news for those who do research in protecting medical records - there is a real need.
Sunday, February 14, 2010
Friday, February 12, 2010
The Good, the Bad and the Ugly at the same time..
It is sad to see that if you criticize or are open minded about the current ruling, they think you are a conspirator..and if you speak for the people in the north and east, they think you are a traitor. I agree with most of the things that Shahani mentions in her blog .. whatever happens politically, still Sri Lanka is one of the best (my public photos bear witness :-)
Thursday, February 11, 2010
Google buzz is criticized for privacy concerns
After setting up buzz, if you don't change the default settings, others can see who you most frequently (not sure about the most frequent part, I guess they pick almost all the contacts that you ever had conversation with if your contact list is not too long) chat with or email to due to the default automatic friends feature. Looks like they have not learned from the Facebook beacon experience -- when it comes to information sharing it is safer to opt-in rather than opt-out.
The above link mentions that:
"Imagine ... a wife discovering that her husband emails and chats with an old girlfriend,"
(Btw, if you are honest, you probably don't need to hide anything. Are we encouraging people to be dishonest by allowing them to hide behind the screen in the name of privacy??)
Also mentions that:
"Imagine ... a boss discovers a subordinate emails with executives at a competitor."
(When you use a free service like Google mail/chat, you don't have much control over your information - your profile, your chat logs, your contacts, your emails ... this raises the question if we should use such services for business purposes or highly private matters??)
There could be other damaging inferences as well. For example, if Bob frequently communicate with one of his doctors, John, who specializes in cancer treatment. Others will be able to infer that Bob is possibly having some sort of cancer.
Mitigating factors:
There are some mitigating factors, however. Buzz only shares information about other people who are using Buzz and have set up public profiles in Google. So currently, most Gmail users are not publicly listed by the service. Users can also "unfollow" people who they don't want to be linked to.
You can follow the steps in this to change the default settings.
The above link mentions that:
"Imagine ... a wife discovering that her husband emails and chats with an old girlfriend,"
(Btw, if you are honest, you probably don't need to hide anything. Are we encouraging people to be dishonest by allowing them to hide behind the screen in the name of privacy??)
Also mentions that:
"Imagine ... a boss discovers a subordinate emails with executives at a competitor."
(When you use a free service like Google mail/chat, you don't have much control over your information - your profile, your chat logs, your contacts, your emails ... this raises the question if we should use such services for business purposes or highly private matters??)
There could be other damaging inferences as well. For example, if Bob frequently communicate with one of his doctors, John, who specializes in cancer treatment. Others will be able to infer that Bob is possibly having some sort of cancer.
Mitigating factors:
There are some mitigating factors, however. Buzz only shares information about other people who are using Buzz and have set up public profiles in Google. So currently, most Gmail users are not publicly listed by the service. Users can also "unfollow" people who they don't want to be linked to.
You can follow the steps in this to change the default settings.
Saturday, February 6, 2010
Alice, Bob, Malloy, Jared, Tim and Eve
Yesterday I was at a short talk on watermarking. Thought of checking out some recent work on the subject. And I was think how I am going to explain it to someone who is not interested in technical stuff. Following description is adapted from a relatively old paper with the usual security characters:
Data hiding aims at enabling Alice and Bob to exchange messages in a manner as resilient and stealthy as possible, through a medium controlled by evil Mallory. Alice and Bob don't care if Mallory see the hidden message.
On the other hand, digital watermarking is deployed by Alice to prove ownership over a piece of data (a music album, movie, photo, document, etc), to Jared the Judge, usually in the case when Tim the Thief benefits from using/selling that very same piece of data (or maliciously modified versions of it). In order to convince Jared, the piece of data should have something unique that only Alice can show its existence (Ideally, Alice should be able to challenge Tim to show how to get that unique thing from the data; Tim fails to do so since he does not possess a secret that only Alice knows. This will impress Jared more about Alice's claim and Jared is most like to send Tim to jail.). Jared does not care what that unique thing is - it just needs to be unique. To be effective, Tim should be able to remove that unique thing from the piece of data (better if Alice can prove if Tim tried to tamper the piece data). For a usability point of view, that unique unique thing that Alice has attached to the piece of data should not affect the quality or any other desirable property of that piece of data.
Now in another scenario, Alice wants to send a message to Bob through a communication channel controlled by Eve and she want to hide the existence of that message from Eve (not even want to show the cryptic message which Eve cannot decipher anyway). So, Alice uses stenographic techniques here. Unlike watermarking, here the hidden message is the main data. Alice takes some public piece of data (e.g. an image) and embeds the message. For Eve, it looks all normal. Alice and Bob shares a secret so that once Bob gets the public piece of data, he can extract the hidden message. It would be even better if Eve cannot know if a communication took place between Alice and Bob. In certain situation (like in a war) knowing that two parties communicated with one another could be valuable information.
Data hiding aims at enabling Alice and Bob to exchange messages in a manner as resilient and stealthy as possible, through a medium controlled by evil Mallory. Alice and Bob don't care if Mallory see the hidden message.
On the other hand, digital watermarking is deployed by Alice to prove ownership over a piece of data (a music album, movie, photo, document, etc), to Jared the Judge, usually in the case when Tim the Thief benefits from using/selling that very same piece of data (or maliciously modified versions of it). In order to convince Jared, the piece of data should have something unique that only Alice can show its existence (Ideally, Alice should be able to challenge Tim to show how to get that unique thing from the data; Tim fails to do so since he does not possess a secret that only Alice knows. This will impress Jared more about Alice's claim and Jared is most like to send Tim to jail.). Jared does not care what that unique thing is - it just needs to be unique. To be effective, Tim should be able to remove that unique thing from the piece of data (better if Alice can prove if Tim tried to tamper the piece data). For a usability point of view, that unique unique thing that Alice has attached to the piece of data should not affect the quality or any other desirable property of that piece of data.
Now in another scenario, Alice wants to send a message to Bob through a communication channel controlled by Eve and she want to hide the existence of that message from Eve (not even want to show the cryptic message which Eve cannot decipher anyway). So, Alice uses stenographic techniques here. Unlike watermarking, here the hidden message is the main data. Alice takes some public piece of data (e.g. an image) and embeds the message. For Eve, it looks all normal. Alice and Bob shares a secret so that once Bob gets the public piece of data, he can extract the hidden message. It would be even better if Eve cannot know if a communication took place between Alice and Bob. In certain situation (like in a war) knowing that two parties communicated with one another could be valuable information.
Thursday, February 4, 2010
Tuesday, February 2, 2010
Funny..
You probably have watched this video earlier. I happened to watch it again. It's so funny :) .. there's a message as well - I don't like people bragging about their personal life in Twitter/Facebook or any other social media, but Twitter could be a useful tool if it is used in the right way.
This one is not only funny, but also very creative :) .. there is some reality as well.
This one is not only funny, but also very creative :) .. there is some reality as well.
Subscribe to:
Posts (Atom)