26 March 2009

"It's different, this time"

Winston Smith

The British born, formerly American investment manager, Sir John Templeton, is attributed the following as to his craft:

The four most dangerous words in investing are 'This time it's different.'

I suspect the quip is over-constrained in limiting it to just investing. But I am meditating about another Briton's work

At last night's COLUG meeting, the presenter addressed the emergence of the latest round of internet based 'social networking' applications: twitter, facebook, blogging, multi-features personal information devices (cell phones, Blackberries, iTouchs, digital cameras and the like). I say latest round, because the assertion was made that: "Terrorists have never used photo reconnaissance" and contrarian I suggested that the people of Dresden might have a different point of view

The takeaway from the matter had to be a thoughtful person needs to be mindful of the obvious and non-obvious implications of these new technologies

The ability to build a 'mosaic' image of a person, from their public 'internet persona' is only getting easier, and more accessible to a wider audience of potential prying eyes. What once required the resources of a government or major multi-national corporation to 'dig out' are perhaps thoughtlessly revealed with all good intention. See, e.g., the 'Sarah' PSA: ("Online Sexual Exploitation - Everyone Knows Your Name"), which ends with the outline: "... so think before you post"

But the information leakage is much broader than that already, and at this point not controllable by any individual. When a member of a 'private' or 'backwater' mailing list uses GMail to subscribe, every poster suddenly is added to Google's indexing corpus; when someone at a local meeting snaps a cell phone picture and posts it publicly, it feeds the automated identification algorithms publicly known (Google's Photo), and otherwise (Think: the Tampa Bay Super Bowl photo identification effort of the crowd). Note the date of the Register article just cited: 7th February 2001. This was no Bush-ian crypto facist over-reaction to the 9/11 hijackings

During the presentation last night, the first advert link offered was for anti-aging patent drugs, along side the meeting photo (full of several grey haired and bald male persons; the second link was of 'Valerie Bertinelli -- Bikini Babe!' and had a weight loss advert in the 'doubleclick' advert box on the top right; but our presenter is interested in and follows a television show 'The Biggest Loser' and is browsing weight control related sites and mailing lists. A third, rather personal example from the presenter's prior experience completed the circle to make it clear that Google's advert engine is reading every word we read or write

The first time is an occurence; the second a co-incidence; after the third, one has to stop shaving with Occam's razor as the blade has gone dull

blank advert

I took a screenshot (full-size image) of what I am offered as to Valerie, and you'll notice that the upper right panel is blank. This is because some years ago, I amended the DNS records which computers using my DNS servers are provided, to return '127.0.0.2' for all of 'doubleclick.net'

[root@xps400 conf]# grep -i doubleclick *.conf
NULLROUTE.conf:127.0.0.2 ad.doubleclick.net.
[root@xps400 conf]#

Adding that value (which causes the request for an advert to never reach the central advert monitoring and image feeding servers), and several more was part of a campaign for a corporate client I was consulting for at the time. The Windows 98 desktop computers which were issued to the staff did not have effective software installation access controls, to preventing addition of random malware and time wasters. Memos and meetings had not stopped the practice of a staffer downloading, say, Yahoo! Instant Messenger, and showing all her friends in that department how to do the same. Bandwidth exhaustion was becoming an issue; I assume that management also had some thoughts about lost productivity

As a technical fix the IS department was asked to remove it when found (done, but not persistent without effective access controls), and asked again. I was escalated in, and went to work with tcpdump

It turns out that the software designers at Yahoo knew their craft well. From memory, it first tried the universal Firewall Transversal Protocol (http), and then secure http and FTP

I blocked each new approach in turn. It fell back to nntp, and as I recall ntp. I do not recall that it tried to use dns content tunneling, but I certainly would have. The eventual solution had both port blocking and domain blacklisting

There is nothing new, nor indeed to my thinking, wrong for the owner of an asset to seek to profit maximize with it. But I think my thoughts and my words are my property, and on occasion on a 'think piece', I'll add the copyright reminder tag


.-- -... ---.. ... -.- -.--
Copyright (C) 2009 R P Herrold
herrold@owlriver.com
My words are not deathless prose,
but they are mine.
Number 6

I also hold to the quaint notion that I am not a number, but an individual and the property of no one but my God. Silly, I know, but there you are




edit: typo fix