RFID, GPS Technology and Electronic Surveillance
EFF Reveals How Your Digital Fingerprint Makes You Easy to Track
Think that turning off cookies and turning on private browsing makes you invisible on the web? Think again.January 28, 2010
Web Monkey - The Electronic Frontier Foundation (EFF) has launched a new web app dubbed Panopticlick that reveals just how scarily easy it is to identify you out of millions of web users.
The problem is your digital fingerprint. Whenever you visit a site, your browser and any plug-ins you have installed can leak data. Some of it isn’t very personal, like your user agent string. Some of it is more personally revealing, like which fonts you have installed. But the what if you put it all together? Would the results make you identifiable?
As the EFF says, “this information can create a kind of fingerprint — a signature that could be used to identify you and your computer.”
The EFF’s test suite highlights what most of us probably already suspect — we’re readily identifiable on the web. We ran the test on a Mac using Firefox, Safari and Google Chrome, all of which leaked enough data to make us identifiable according the EFF’s privacy explanations.
The purpose of Panopticlick is to show you how much you have in common with other browsers. The more your configuration mirrors everyone else’s, the harder it would be to identify you. The irony is, the nerdier you are — using a unique OS, a less common browser, customizing your browser with plug-ins and other power-user habits — the more identifiable you are.
For example, say you’re running Firefox on Ubuntu with the Gnash plug-in instead of Flash — way to stick it to the man — but you’re also showing up with a unique configuration of browser, OS, installed fonts, plug-ins and more which can be combined to identify you via a unique online fingerprint.
So what can you do to make yourself less identifiable? Well, by disabling cookies, the Flash plug-in, the Java plug-in and most of our extensions we were able to blend in better. Actually, the fact that we didn’t have Java or Flash turned on made us more identifiable in those categories, but it also denied the test access to our installed fonts and other bits of data, so overall, less identifiable.
Obviously that approach has a downside — without Flash there’s not much in the way of online video, a lack of cookies will cause issues with logins, and without Java, you won’t be able to crash your browser or cause it to get hung up for hours.
In short, the disabling method isn’t much fun. Strange though it may seem, the best way to lose the unique online fingerprint is to blend in with the herd. As the EFF points out, mobile browsers are hardest to identify since there are few customization options and, for the most part, one version of Mobile Safari looks just like another.
By the same token, if you want to blend in, stick with stock system fonts, run Windows XP, use Firefox with no add-ons and turn off cookies. You’ll be much harder to identify.
We should point out that, no matter how well you blend in the fingerprint test, you are of course still identifiable by your ISP. Advertisers and websites generally can’t access the information your ISP has on you, but of course governments — with the cooperation of your ISP — always can. So don’t think just because you’ve eliminated your fingerprints no one knows who you are.
EFF Plans Appeal of Jewel v. NSA Warrantless Wiretapping Case
Court Rules That Mass Surveillance of Americans is Immune From Judicial ReviewJanuary 21, 2010
EFF - A federal judge has dismissed Jewel v. NSA, a case from the Electronic Frontier Foundation (EFF) on behalf of AT&T customers challenging the National Security Agency's mass surveillance of millions of ordinary Americans' phone calls and emails.
"We're deeply disappointed in the judge's ruling," said EFF Legal Director Cindy Cohn. "This ruling robs innocent telecom customers of their privacy rights without due process of law. Setting limits on Executive power is one of the most important elements of America's system of government, and judicial oversight is a critical part of that."In the ruling, issued late Thursday, U.S. District Court Chief Judge Vaughn Walker held that the privacy harm to millions of Americans from the illegal spying dragnet was not a "particularized injury" but instead a "generalized grievance" because almost everyone in the United States has a phone and Internet service.
"The alarming upshot of the court's decision is that so long as the government spies on all Americans, the courts have no power to review or halt such mass surveillance even when it is flatly illegal and unconstitutional," said EFF Senior Staff Attorney Kevin Bankston. "With new revelations of illegal spying being reported practically every other week -- just this week, we learned that the FBI has been unlawfully obtaining Americans' phone records using Post-It notes rather than proper legal process -- the need for judicial oversight when it comes to government surveillance has never been clearer."Jewel v. NSA is aimed at ending the NSA's dragnet surveillance of millions of ordinary Americans and holding accountable the government officials who illegally authorized it. Evidence in the case includes undisputed documents provided by former AT&T telecommunications technician Mark Klein showing AT&T has routed copies of Internet traffic to a secret room in San Francisco controlled by the NSA. That same evidence is central to Hepting v. AT&T, a class-action lawsuit that's currently under appeal in the U.S. Court of Appeals for the 9th Circuit.
For the judge's full order:
http://www.eff.org/files/filenode/jewel/jeweldismissal12110.pdf
For more on warrantless wiretapping and NSA spying:
http://www.eff.org/issues/nsa-spying
Health Care System: Feds Push New Paperless Effort
January 17, 2010Daily Finance - Imagine if your physician could pull up all your allergies and active diagnoses on a laptop, saving you from having to recite your conditions at each visit. Imagine a prescription getting zapped electronically from your doctor to the nearest drugstore, sparing you from having to hand over a slip of paper to a pharmacist. Imagine getting your lab and test results online, just days after your doctor got them.
These are just some of the standards for electronic medical records that U.S. health officials are proposing to nudge the nation's paper-based health-care system into the cyber age.
Today, only a fraction of U.S. hospitals and doctors' offices are fully computerized, and many database and software systems aren't "interoperable" -- meaning they don't talk to each other. If you show up in an emergency room in Phoenix with a broken leg, the electronic medical records of your doctor back in Nashville, which could flag your allergies to certain pain medications, wouldn't necessarily be available.
Flu Or Influenza?
But the U.S. Department of Health and Human Services is getting serious about resolving this mess. It's trying to standardize four categories for both health-care providers and the information technology companies that are computerizing the medical records.
Content-exchange standards would let providers share clinical information like prescriptions. Vocabulary standards would standardize naming conditions and procedures -- do you call it "flu" or "influenza"? Transport standards would establish the communication protocol among computer systems, and security standards would determine how to control and authenticate access to sensitive information.
Together, the standards could help the U.S. move closer to the goal of wiring up every doctor, hospital, pharmacy and insurance carrier into the so-called Nationwide Health Information Network -- an enterprise expected to cost as much as $276 billion over 10 years.
"The standards are going to go a long way toward improving interoperability," says Patricia Wise, VP of the Healthcare Information and Management Systems Society, an association in Arlington, Va., focusing on information technology. "I would characterize the standards as a road map," she says. "It does not mean that everyone wants to follow it. But it's clear the journey has been laid out."'Meaningful Use' Criticized
Another set of related proposals, issued by the Centers for Medicare & Medicaid Services, has drawn criticism. These rules would require health-care providers to demonstrate "meaningful use" of electronic medical records to qualify for federal incentive money. (As part of the national stimulus program, medical providers can receive some $44,000 in federal incentives if they truly go paperless.) The requirements that spell out how electronic medical records should be used -- such as recording smoking status for patients 13 and older -- are intended to keep providers from buying the software and then keeping it on the shelf.
But the American Hospital Association, which represents more than 5,000 U.S. hospitals and health-care organizations, says the new rules could "severely limit" its members' ability to seek federal incentive money. The problem, the group says, is that the proposal's meaningful-use standards are too stringent. Hospitals that already use electronic medical records to track quality and reduce medical errors -- but not as the requirements suggest -- could lose out, AHA says.
"The eligibility requirements for hospitals and physicians are too restrictive," the group says in a statement. "Unless significant changes are made and the timelines reexamined, it is unlikely that the vast majority of hospitals can meet the proposed standards."Work In Progress
Wise concedes that the proposed standards are a work in progress. (Proposed standards will have a public-comment period before the rules are finalized, which is anticipated to happen this year.) A hospital must meet 25 criteria to be considered a "meaningful user," she says.
One rule necessitates that 10% of all patient-care orders must be entered digitally by a licensed operator. But Wise wonders how a hospital would determine that it's reached that 10% computerized physician-order mark while processing thousands of handwritten orders every day.
'A High Bar'
Companies whose software lets medical providers ditch paper are racing to ensure that doctors and hospitals using their programs can meet the new criteria.
"The bar that has been set by the new guidelines is high," says Ryan Howard, C.E.O. of Practice Fusion, a San Francisco software company whose Web-based electronic medical records are used by more than 25,000 medical providers. Howard praises the new standard: "It really is pretty impressive -- it really does affect the quality of care."Meeting the new requirements, Howard says, could take longer for what he calls "legacy vendors." Companies like All Scripts (MDRX) and eClinicalWorks offer electronic medical records systems as software that must be installed; Practice Fusion's system is Web-based, hosted on an outside server.
"Let's say they knew exactly what steps they had to take to meet the new criteria," says Howard. "It's still going to be a two-year process."Rivals disagree. Allscripts said in a January 11 statement that it's rolling out a program guaranteeing that its electronic health-record system will quality for federal incentives.
"Allscripts is making it safe and easy for physicians to adopt and use EHRs through our guarantee, financing and implementation programs," says Allscripts CEO Gren Tullman.Worth the Effort?
There's still lots to be worked out before doctors' offices and medical providers, many still awash in paper, go electronic. Will the effort be worthwhile? A study from the Center for Studying Health System Change warns that electronic medical records can have the unintended consequence of "creating information overload that complicates providers' efforts to discern key clinical information."
Still, proponents of the switch from paper say that electronic records will improve care: They'll reduce medication errors by flagging potential patient drug allergies, for example, or providing wellness prompts reminding patients to get prostate or breast exams, they say.
"There are about a million ways points of care can be improved with electronic medical records," Howard says. With the U.S. health system on track for reform, even just a few improvements would be welcome.
0 comments:
Post a Comment