With Barack Obama about to take office, the privacy issues related to the digitilization of health records are being heavily debated; see this New York Times article and Slashdot discussion. Most of the controls being mentioned are legal and relate to two areas. The first considers how data may be aggregated and used (this is purely legal), and the second considers the security controls that must be implemented to prevent confidential data from being stolen (this is a combination of law of technology). The technological protections considered here are passive and relate to an organization's responsibilities to prevent raw data from being accessed (e.g., by laptops being lost or stolen or by an external attacker breaking into the organization's database). A third area that is more often ignored relates to technological solutions that enforce appropriate use of the confidential data. This starts with the simple and well-known requirement of access control; only those with a reason to look at a certain piece of data should be able to do so. However, it also extends further to more advanced controls.

In order to illustrate what I mean, let us consider for a moment the issue of ensuring that conflicting medications are not prescribed to the same patient. One way to achieve this is to provide a patient's doctor with access to a list of all of the medication that they are taking. This may make sense, but it may also suffice to have the doctor input the medication he or she wishes to prescribe and then wait for an automated response saying that this medication can be prescribed or should not be, based on the other medication taken by the patient. In many cases this is enough and it reveals much less information. (Note that although it makes sense that a patient's primary physician should have access to all of their medical history, this is not necessarily the case for others. For example, I don't think that someone's dentist needs to know that they are suffering from depression, unless there is the chance of a medication clash. If such a clash can occur, then as I have described above, it can be prevented without actually providing access to the raw sensitive data.)

It is my belief that active technological controls like the above should be considered more. Strict regulations regarding the use of medical data are essential. However, they are not enough! We can use technology to ensure that even those who are willing to break the law will have a hard time getting to data (unless they really need access to the raw data in order to carry out their job).

Recently, seven researchers succeeded in constructing a full-fledged certificate that was never issued by a CA, but will be accepted by any browser who trusts a certain CA; read more here. They did this by finding two certificates that have the same MD5 hash: the first certificate is legitimate and was issued by a given CA, while the second never would have been and can be used to attack a website. The ramifications of this result are significant, but it is important to understand them properly.

First and foremost, the attack has nothing to do with the SSL protocol, but rather is an attack on the MD5 hash function. MD5 was broken a long time ago and should never be used by any self respecting CA. So, if a CA is using MD5, we should remove it's root certificate from our certificate store. Such a CA is at best grossly negligent!

Second, this is yet another reminder that once significant weaknesses have been demonstrated on a cryptographic primitive, it should no longer be used. The argument that a revealed weakness is not yet a practical attack - and therefore one can continue to use the primitive - is a dangerous one. The MD5 collision attacks are an excellent example of this. Until now, most attacks on MD5 did not have any practical use (especially not with respect to web security). However, a real attack did not take too long to come along. Certificate authorities who did not heed this, and are still allowing the use of MD5 in new certificates, are behaving recklessly and irresponsibly.

In conclusion, SSL is fine and the problem is not there. The problem lies in our Public-Key Infrastructure and in the fact that our root certificate store comes with CAs who are irresponsible. The solution is simple: remove all such CAs from your certificate store. Since this is not trivial for the average user (indeed, as a regular user, I may not even know if a given CA allows the use of MD5), I would hope that this will be done in an automatic security patch by Microsoft and others.

Most of us are willing to connect to wireless networks at cafe's and airports. The problem is that we don't really know who we are connecting to. Let's first make it clear that this is a highly undesirable situation. Think of your favorite malicious hacker. Now, ask yourself if you would plug your laptop into his/her personal network, and surf the web via his/her router. OK, the answer is pretty clear... The easiest thing to say is that you should only use your wireless at home and at work. However, this isn't very realistic for most of us. (I would hope that users with highly sensitive information on their laptops would take greater care, but for most of us, this isn't going to happen. The "need" to be connected is just too great!) In any case, there are a few things that you can do that are of little bother and can significantly help you.

Typically, every time you connect to a wireless network, the network name is stored by your machine. You can view the networks that you have connected to by clicking on "Wireless Network Connection", going to "Advanced Settings" and then clicking on the "Wireless Networks" tabs in the dialog that opens. Most of these networks will be labeled "Automatic" meaning that next time you get in their range, you will be automatically connected. However, the only thing that your machine checks is the network name. So, if your home network is "home" or "default" (which is the case for a very high percentage of users), then anytime someone sets up a wireless router with that name, your computer will automatically connect to it without asking you. (Needless to say, the same is also true of tmobile and other popular names.) This is a really easy attack and it yields very high success. So, what can you do?

• Turn off your wireless network when you don't need it (my laptop has an external button to do this). This will also save you battery power.
• Erase wireless networks that you connected to in the past and don't need anymore. (You can erase the network that you used at a hotel after you leave.)
• Don't use a generic name for the wireless network that you have at home (change it to something specific for you).
• Require authentication on your network at home (preferably WPA-AES), and use a long key (you don't need to remember it anyway). This will prevent your computer connecting to another router with the same name (because the other router won't know your encryption key).

This doesn't fully protect you, but it greatly reduces the risk, and it's easy to do as well!

It's a well known fact that computer (or cyber-) crime is a big business today. It's been a long time since attacks were carried out by amateurs who were looking for a thrill. Today, there are large, well organized, organizations whose business is cybercrime. Their business includes selling cybercrime tools (e.g., for spamming or infecting machines with malware), stealing credit card numbers and reselling them, attacking banks in order to transfer funds to offshore accounts, and much much more. A short article summing up 2008 can be found in NetworkWorld (12/15/2008), and a more thorough and detailed description can be found in Aladdin's AIRC (Attack Intelligence Research Center) threat report. To keep up to date, I strongly recommend reading the AIRC blog as well.

So, if this is so well known, why am I commenting on it? The reason is that despite the above, user awareness regarding computer security is still horribly low. Worse still, many corporate organizations are still deploying very low-security measures. So, even though it's well-known, it's helpful to remind everyone...

In 1999, David Brin wrote a book entitled The Transparent Society. His main thesis is that the increased surveillance by governments on their citizens is not going to go away. Stated differently, the fight for our privacy by preventing surveillance is futile. Rather, he suggests that we should enforce far stronger controls upon those observing us. More specifically, we should force our observers to be transparent by observing them back. This will then prevent them from misusing their power. It is a very interesting read and is highly controversial. You are unlikely to agree with everything he says, but he definitely has some interesting points to make.

So, why am I writing about this today? First, I happened to hear him speak at the IBM T.J. Watson research center this week while I was visiting there. More importantly, the transparent society may be beginning. The inclusion of cameras into cellphones means that ordinary citizens have cameras with them all the time. They are now using these to document misbehavior by officials. The observed are now beginning to observe back! For two recent examples of this phenomena, see the videotaping of a police officer pushing over a cyclist, and a general discussion here.