RE: [iwar] Computer and Network Security vs. Information Privacy and Confidentiality

From: e.r. (fastflyer28@yahoo.com)
Date: 2001-08-10 21:16:18 

Return-Path: <sentto-279987-1586-997503379-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 10 Aug 2001 21:18:11 -0700 (PDT)
Received: (qmail 24506 invoked by uid 510); 11 Aug 2001 03:18:24 -0000
Received: from n24.groups.yahoo.com (216.115.96.74) by 204.181.12.215 with SMTP; 11 Aug 2001 03:18:24 -0000
X-eGroups-Return: sentto-279987-1586-997503379-fc=all.net@returns.onelist.com
Received: from [10.1.4.55] by ef.egroups.com with NNFMP; 11 Aug 2001 04:16:19 -0000
X-Sender: fastflyer28@yahoo.com
X-Apparently-To: iwar@yahoogroups.com
Received: (EGP: mail-7_3_1); 11 Aug 2001 04:16:19 -0000
Received: (qmail 26302 invoked from network); 11 Aug 2001 04:16:18 -0000
Received: from unknown (10.1.10.27) by l9.egroups.com with QMQP; 11 Aug 2001 04:16:18 -0000
Received: from unknown (HELO web14508.mail.yahoo.com) (216.136.224.71) by mta2 with SMTP; 11 Aug 2001 04:16:18 -0000
Message-ID: <20010811041618.20487.qmail@web14508.mail.yahoo.com>
Received: from [12.78.117.83] by web14508.mail.yahoo.com; Fri, 10 Aug 2001 21:16:18 PDT
To: iwar@yahoogroups.com
In-Reply-To: <4.3.2.7.2.20010810105852.00b6b3c0@poptop.llnl.gov>
From: "e.r." <fastflyer28@yahoo.com>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Fri, 10 Aug 2001 21:16:18 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: RE: [iwar] Computer and Network Security vs. Information    Privacy and Confidentiality
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit


--- Tony Bartoletti <azb@llnl.gov> wrote:
> At 12:56 AM 8/10/01 -0700, you wrote:
> >--- Tony Bartoletti <azb@llnl.gov> wrote:
> > > At 03:06 PM 8/9/01 -0400, you wrote:
> > > >Tony wrote..
> > > >To Tony: Cheers to you on the soapbox. I agree with a good deal
of what you say- a guy with cyber common sense- and I guess what I
> >Wanted to say was, in this net of virtual lock pickers, we have
already seen  identies stolen and it is hard to get your real record
back. The recent case of a few hundred thousand people having their
credit card info inadventantly end up on the net is also a bummer.
Theft of person, or simple "errors" like the credit card matter might
make the average Joe to no longer want to be a Netizen.
As the web will only get more porus unless there is a technologic
break-through, what can be done to "safe" a persons privacy and protect
them from theft, be it whole person identiy or simply info like credit
cards, both of which can used and it is tough to stop this abuse. Even
malicious alteration of records fall into this group.  Might you have
any ideas as to how not we in IWAR world, but how Joe and Jane Q
Six-Pack can be convinced it is safe to e-wander, or shop, or publish
to the net....etc.? Ideas?
Sorry I was not clearer, Tony.
> 
>The web is already an anonymus venture in some ways, however, if we
> are
> >forced to accept pervasive encryption as the only manner in which we
> >can protect out privacy,  we are headed toward a  type of
> >compartmentation that only our pals in the intelligence community
> have
> >to deal with.  Protecting information about classified programs  is
> one
> >thing.Protecting info that is critically private is another matter.
> 
> I'm not sure what you mean by a "classified person".  If you mean
> that 
> persons who protect themselves vie encryption will yet be able to
> invade 
> the privacy of those who do not use such protections, then you are 
> right.  But those who choose not to protect themselves are at fault,
> not 
> the the ones who do.
> 
> As Fred indicates, it is far more troubling when it is government
> that 
> holds the "we can see you and you can't see us" card.  We imbue
> government 
> with extraordinary powers in order to do a job on our behalf, yet we
> must 
> scrutinize the application of that power at every turn, for power
> easily 
> grows unchecked into abuse.  Unlike troublesome individuals,
> government 
> wields extensive powers to investigate and coerce behaviors across
> the 
> broad spectrum of citizenry, and the threat is ever present that such
> power 
> will be used to thwart the people's ability to effect legitimate
> control 
> over government activities.
> 
Right. Last time I checked, the Constitution  said something that "it
is the right of the PEOPLE to alter government, or abolish it to
protect the goverened"  It is actually the sam idea as above, but the
government is the bad guy.
> >There is clearly a
> >significant problem when the issue of computer security and personal
> >liberties are conflicted.  How can we "deconflict" this situation,
> or
> >without a oversight body, will the net become more like the "Dodge
> >City" of old?  It will be people v security v verification.
> >This has already become a problem with online businesses.  What's
> next?
> >
> >Tony's possible solution is interesting, but does it require all on
> the
> >net to be as cyber-literate as many on this space? I would like to
> hear
> >any suggestions.
> 
> There was a time when one needed to be very "cyber-literate" in order
> to do 
> something as simple as FTP a file, or send an e-mail.  I have
> forgotten 
> most of the command-line flags that were then necessary to configure
> such 
> activities.  Today, folks just point and click, and there are helpful
> 
> dialog boxes for exceptional cases.
> 
> Ok, it is still not a simple proposition.  A robust key-management 
> infrastructure is required, and although (average) users would prefer
> to 
> remain blissfully ignorant of those mechanics, key management is
> precisely 
> the core "trust issue" that must remain in the hands of the
> individuals, or 
> else the resulting "security" is illusory.
> 
> Regarding the "compartmentation" issue:  With ubiquitous encryption
> and 
> authentication controls in place, the "providers" of either
> information 
> content or discussion fora will always have the freedom to allow, or 
> disallow anonymity and confidentiality on a venue-by-venue basis. 
> Here in 
> "meatspace" I can join with select individuals and carry on a very
> private 
> conversation, or choose to stand on a soapbox (as I am right now) and
> 
> express my views publicly.  The ability to choose among such venues
> should 
> not have to suffer in the cyber realm.
> 
> Cheers!
> 
> ___tony___
> 
> 
> 
> Tony Bartoletti 925-422-3881 <azb@llnl.gov>
> Information Operations, Warfare and Assurance Center
> Lawrence Livermore National Laboratory
> Livermore, CA 94551-9900
> 
> 
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.
http://im.yahoo.com/

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Small business owners...
Tell us what you think!
http://us.click.yahoo.com/vO1FAB/txzCAA/ySSFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/

This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:39 PDT