Once again, terror is in the news and dominates much of the national discussion. A major European city, the great City of Lights, was brought to a standstill last week dealing with an awful act of terror that shocked not only a nation, but the world.
Despite some success since 9/11 made it a national priority, we are clearly not free of the threat of terrorism and will not be anytime soon. The attacks of 9/11 2001 had a profound impact on how we think of computer security and online privacy. It caused businesses to rethink their disaster recovery plans and the Congress to pass the Patriot Act that expanded the government’s powers to conduct electronic surveillance.
Some of these powers make common sense, at least to me, such as “roving wiretaps”. Previously, a court ordered wiretap was specific to a phone. The availability of cheap, virtually disposable cell phones made this limitation obsolete. Now you can apply a wiretap to any phone that the target uses.
Other provisions have potential for abuse, but have limitations. For example, the act includes made it easier to obtain access to identify your who you are communicating with over the phone or with computer messaging without revealing the contents of the communication. They can know who I am calling or emailing but won’t know what we are actually saying to each other. Is that really private enough?
Aggressive, proactive security often comes at the expense of individual privacy. We want our security and are privacy, but can we have our cake and eat it to?
Supporters of a strong government surveillance policy argue that the Patriot Act has worked, pointing to the fact that we have not had a 9/11 like event since. Even if we simply accept that, the debate is still not over. When dealing with computer and communications technology issues, each year that passes is the equivalent a much longer time than in other fields. With change comes new issues.
Consider how far we have come in technology since that awful September day. 2001 was before Facebook, Twitter, YouTube and the other social media that many people find essential to their lives today. It was before tablet computers and smartphones, not counting early Blackberry’s that wouldn’t qualify as “smart” by today’s standards. GPS was in your car, but not in your pocket. Few people could afford high definition, flat screen TVs. Most people were still using dial-up to connect to the internet. It was before multi-core processors and PC Magazine’s “PC of the Year” had 128mb of RAM and a 80GB hard drive. Today’s computers have storage capacities 10 times that!
The brothers believed to have committed the horrific bombing on Patriot’s day are reported to have used YouTube and Facebook to post radical messages and propaganda. The surviving brother was tweeting and posting on Facebook while on the run.
For the average person I think the larger point, one routinely missed, is simply that the internet is a public network. Your privacy expectations are limited and for all practical purposes you should assume that you have none.
For example, I recall the dustup in the local NY news media when it was learned that the wife of Jet’s coach Rex Ryan was frequenting and posting photos on a “foot fetish” web site. Trying to change the subject to the upcoming playoffs, he said to the media “I’m sure you understand this is a private matter”. Sorry Rex, it stopped being a private matter when your wife posted on a public web site.
And it is more than just being embarrassed like Rex.
Many employers are using software to do background checks prior to hiring a person that includes a search of all publically available information. That could turn up your opinions on controversial issue such as drug use or indiscreet photos you or a friend posted, thank you very much Mrs. Ryan. I know of cases where a job offer could not be extended because of something a company’s HR department discovered. They keep it confidential, but the person will never know the opportunity they missed and won’t have an opportunity clean up the record.
Moreover, any right to privacy that you have at work while using your company’s computers and internal network is strictly at the discretion of your employer. It’s their equipment and network and they can turnover whatever they choose when cooperating with the law.
What can you do to protect yourself?
First, simply do not post anything that could come back to haunt you. There are numerous examples of career ending mistakes, from the teacher who complained about her students the Congressman who tweeted his privates in public. It makes you wonder if you should use social networks at all.
You can protect yourself from snooping by criminals and nefarious hackers by using the best antivirus and firewall protection that will stop intruders from snooping on you for criminal or nefarious purposes.
Second use the best internet security software.
Comodo consumer and commercial security solutions are based on a unique assumption that conventional method of protection will ultimately fail and you must still be able to operate if malware invades your computer. Because of Comodo’s containerization strategy, even in the most severe threat environment.