Census censored2011-05-11, 23:41:37
Two days ago a census was conducted throughout Germany. About a tenth of all households has been interviewed about their private data. Many are protesting since they have been forced to answer the survey. Unfortunately I was not among these "victims". But I would like to drop my own thoughts on private data to emphasize on certain aspects.First of all I should define "data". Initially I declared the term as "assigned or linked information". I still find this applicable. Per Brinch Hansen, a most important and early operating system principles developer, has given this widely shared definition in his book "Operating System Principles" (1973 Prentice-Hall): "physical phenomena chosen by convention to represent certain aspects of our conceptual and real world". In Hansen's view, "information" is the meaning of the representation of these aspects. Since my definition of an information is the whole or partial representation of a real or imaginary object, I am sure to have found a close view to Hansen's. In my lectures on System Security, we use his definition.
In the next step I need to find a suitable statement on the ownage of certain data. Some people insist to remain hidden from the public. This request becomes clear very easily when one feels uncomfortable to share certain information. The actual wish is to keep private information from being assigned to data. The question remains who is allowed to possess them.
The existence of data means visibility, transparency and thus the loss of privacy. On the other hand, non-visibility and non-transparency enables dishonesty. In IT Security, we try to find a solution to prove and provide both: honesty to maintain trustworth and privacy to maintain unconcern. One way is to define privacy policies, implemented e.g. through encrypting data or simply setting access rights.
Finally I need to distinguish between public and private information. This is the philosophical and legal part of the subject. In my humble opinion all data should belong to the public. Most people are afraid of having their data published though.
... to be continued
Macro and micro, large and small2011-03-30, 02:16:49
The prefixes macro and micro, originating from Greek referring to a scaled point of view, could be applied to many subjects. In economics, microeconomics deals with individuals whereas macroeconomics studies the behaviour of whole regions, often nations. Microphysics means the exploration of smallest objects, less in size than molecules; macrophysics explain what can be directly seen.If I wanted to view data in similar ways, I would like to compare least amounts of bits including escape characters, xml structure sheets etc. to greatest streams like databases or multimedia files. My reason to do so is to point out statistics on the usefulness of data being transferred or stored. Have you ever received an e-mail containing a raw video file? Hopefully not! We do have broadband access provided to many households, but time is still limited. Download nor upload rates are endless. On the other hand, there are also response times. A network admin's main task includes to maintain a certain balance between all their clients' traffic and speed. For that purpose QoS was invented, automatically distributing data packets in specified orders with reasonable limitations.
We are still working on improvements though. Even if current methods like compression, scheduling and policing fulfill our basic needs of networking we are facing new problems. We have reduced microdata to a minimal amount but receiving HD multimedia streaming via cell phone wireless lines won't work yet. The desired networks are only available in larger cities on one hand. On the other hand licensing matters plague the ISPs. Germany is having a hard time finding a solution to deploy LTE radio network coverage one day.
I hope this little overview gives you some hints on what troubles us today and why sometimes you have to wait for a video on YouTube to load.
... to be continued
Get your motor runnin' - watch out on the highway!2011-03-29, 18:03:21
Your hard drive has a little motor running inside working similar to an LP player. First things first: I highly recommend under any circumstances to NOT OPEN YOUR HDD CASE! This one I had bricked already by laying on too much current.
I have thus replaced it.
Anyway, this time I would like to report on certain aspects of privacy. It already starts with your local hard drive. Many people secure their operating systems by passwords. So if their devices get stolen which sadly does happen sometimes others should be unable to access data on the disk.
Right?
Well, the assumption seems true as long as an average user might be the thief. But people gain more and more knowledge on engineering (without even noticing sometimes). Besides software attacks like booting a dedicated OS from USB or DVD it is quite simple to unscrew a laptop's case, take out the internal hard drive and mount it as an external one plugging a USB hdd case available for a few bucks. The chair for Embedded Security at my university deals a lot with such physical attacks specifically against embedded cryptographic devices.
Maybe one should rather encrypt the entire disk instead.From that little introduction I would now like to move on to another issue in the physical world. On social networks we can find a whole bunch of privacy settings (not piracy
). As long as you are not aware of who is able to view or even replicate or manipulate your data, this is the first place to look at. It might turn out that you set all your intimate information to be shared only with a certain group of friends. Now guess: They are the target of physical attacks to a social engineer.On a well-known German network mostly used by students I have been noticing a couple of groups popping up labelled just like 'We are the largest group ever!'. That worked out easily since the first members invited their friends who invited theirs and so on. This way any user joining that group who published their data to it published it to the whole network. Even worse was the fact that the admins of that group could view a simple list of its members which a bot could have crawled to visit all their pages and extract all their e-mail addresses if available. I don't know what happened to these groups then but I remember that a few months later I received scam messages sent via the accounts of a few friends of mine. They got hacked.
My strong advices are to remain aware of what you share with whom and especially use only cryptographically secure passwords. Although many sign up forms already do a quick check on password strength which might be annoying you should still feel encouraged to follow the guidelines given: Mix special characters, numbers, upper and lower case letters. A short password like 34g8§Z is way harder to break than finding mymothersname using a so-called dictionary attack. This is a matter of key space which means the number of keys you can generate out of a certain alphabet (set of characters): You will find a whole lot more 6-character words or keys mixing digits and letters than words in a dictionary of your language. The key space measures (#lower case letters + #upper case letters +#digits)^#(key length) = 62^6 = 56,800,235,584. In words: fifty-six point eight billion passwords possible. Countercount the number of entries in your collected volume encyclopedia in the attic.
... to be continued
Chunks of junk!2011-03-18, 12:12:55
Programmers sometimes have to handle chunks of data. Just google for that term and you will find many requests on reading and copying and whatevering data chunks. That is for the presentational part of dealing with data. I care a lot more about keeping data consistent as mentioned before. That is, I prefer full integrity. Usability over usefulness roughly repesents my view on (web) services. What is a toy for a child looking nice but its sharp edges scratching the infant's hands?I found a helpful question on pr://ip today asking if the social web was facing an end. Since the social web is my main hobby I had to comment on that post: I think that the current amount of data flooding the web has started to prevent people from finding what the seek already. But most social networks on the other hand feature categorizing data by tagging or assigning to certain lists to again improve this lack. Yet in my humble view there is still a lot more data available unsorted than the nice searchable information which comes up first when googled. That was one hint I received during my session on video learning and e-learning at VideoCamp3.
When I started to develop Orange CMS, my goal was to divide content, the information part, from layout, the presenational part of a website as it is a fundemental concept of programming in general. My next step should be semantics, allowing data to be structured internally and later exported, e.g. to RSS, but I've been missing time to go further. So I released a paper to share my basic ideas of how a CMS should work today in general. This blog is a next attempt to work out my creativity.
... to be continued
Where's my love? It is growing!2011-03-11, 23:31:10
There are numerous multimedia devices on the world. I would like to share where I store and display data. I have an attitude to keeping data clean and sorted, free of redundancy and well synchronized. Being concious of where my data goes amazes me, making me feel comfortable.A new day starts. When I wake up, my primary laptop is not too far away from me, my Logitech G15 keyboard to my right. I am sleeping in a small 11 square metres dorm room, living takes part downstairs in the common rooms. Anyway, that nice keyboard serves me RSS feed data anytime. It has a small, programmable display, coming with a lot of plugins by factory. I could as well view RSS feeds on my two mobile phones, an HTC Touch Diamond and a Samsung G7500 Night Effect.
I actually own two laptops, one missing its lid (haha, it broke during some celebration...) and a netbook, all three by MSI. Each of them contains a 160GB HDD plus I own two USB external hard drives of 320GB each and a Buffalo Linkstation Pro Duo 1TB. That is more than 2TB in total plus numerous SD cards and USB dongles.
Then again there are two older desktop PCs unused remaining in my room. I have converted one of them into a common toasting device when I changed the CPU. Their HDDs are... small! Not in physical size, both are 3.5 IDE, but one of them measures only 4GB of capacity! Recall the progress from times around 1997 (I think that is the manufacturing year of my Compaq Presario 4550) until now, 2011: There are USB dongles these days offering 320 (!) GB of space! There are even HDDs of 3TB capacity. Marvellous!
to be continued
INIT2011-03-10, 17:25:00
Hello world out there,I am very now starting some blog about DATA LOVE, this year's motto of the NEXT conference.
First of all I would like to provide my personal definitions of terms used which I consider to be most important:
information partial or full representation of any real, physical, meta-physical or imaginary object
TMI haha, good one... I can never get enough!
data assigned or linked information (that is, e.g., an object's properties)
integrity the assertion that data yields true
knowledge a set or collection of data
media a presentor of data
And this is me:
My name is Daniel, I am studying IT-Security at the Ruhr-Universitδt Bochum (Germany) and guess what I love data! Truly, I do. Before high school I have been working in a large call center for two and a half years, dealing with data every day. That was mostly personal data, yes. But there is a lot more.
My DATA:
There is public data, just look at wikipedia. There is a whole bunch of data in your hand, telling your organism how to build an entire functional human body. There is concentrated data in your room most probably on your external or internal hard drive. Data is never local; data can be presented anywhere by certain media.
My LOVE:
I have a horrible human habit called curiousity. I like finding out how things work. I like cooking recipes! I am an engineer. I am not much of a scientist. I don't care much about the why. I am not necessarily a philosopher. God knows enough. I only want to take a little part. I initially stated that I cannot get TMI. I also don't care much about my own privacy. You will find much information on me on the web, just google. Although I am into data integrity and data protection, I still have a trusting
beating. Beating for data, yours, ours, the world's!to be continued
