Tag: ISP

Apple and Privacy

Privacy is something that none of us who live in the digital connected world really have.  While we would like to believe that we are safe from prying eyes by using the tools provided by the different vendors who design security solutions that incorporate into our systems, I think that this ship has sailed.  The moment you decided to be a part of the Internet, be it on the social media, or be it for simple browsing, or e-mail, or chatting, you created a door into your device, and a means for your information to become available to the snoops, and also for folks who want to misuse your device. The security solutions I mentioned before can barely keep up with the hacking world in this regard. And it only takes one mistake to open the backdoor into your system! The best you can do is try to limit the damage.

There are all kinds of snoops.  There are the ones trying to get at your confidential information to do something bad to you. There are those who are trying to misuse your personal information for other illicit purposes. There are those who are trying to legally or illegally gain some commercial advantage, trying to sell things to you by learning more about you from your computer.  And then there is the government that might suspect you of doing something illegal on your computer.

Why has it been so easy for people to get into our private systems?  For one thing, most of the systems that we work with have fundamental software design flaws that can be exploited.   Next, whenever you are connected into the Internet, you have an address at which you can be reached.  Then, for reasons of convenience, and for supporting required functionalities, systems also include means for others to get access to your working environment for legitimate purposes.  (For example, remote login capability exists for debugging purposes.)

Once you have an identity on the network, there are ways for people to try to access your system for both legitimate and nefarious purposes.  Every time you visit a website you are executing code from the website on your computer.  Websites leave cookies on your computer regularly when you browse them.  And sometimes you give outsiders access inadvertently by going to a website that interacts with your computer in a malicious manner.  Once you have have hit the wrong button on the browser screen, or in an e-mail, or even opened a malicious application file that you downloaded, you could be at the mercy of the entity on the the other side of the communication link established.

And then there are many of us who are willing to give up our privacy willingly in return for something  that we want.  It happens all the time when you give your information to companies like Facebook, or Google, or LinkedIn or Microsoft, to name a few.  It happens when you make a purchase at any online shopping  site like Amazon or even an Expedia.  And then the systems that these organizations use for storing all this information are not foolproof.  Personal information for millions of people have been stolen from the records of more than one government agency.

Your digital communications are themselves not safe from snooping.  Communications from your smart phone can be intercepted by fake cell towers, and communications through an ISP can be snooped upon directly.  Both the bad guys and the good guys take advantage of this approach.

There are rules and regulations meant to address many of the above scenarios to try to protect your privacy, but in many cases rules cannot keep up with either the technologies nor the human ingenuity when it comes to creating problems and creating chaos. Then there are the human tendencies that make us disregard the speed-bumps in the  processes that are meant to make us slow down and think for a minute.  We make mistakes that allow our privacy to be compromised. When was the last time one read a EULA?   When was the last time one read and reacted to the privacy statement (mandated by law) they received from their financial organization?  Do we accept and store all cookies offered up when browsing a website?

Tim Cook at Apple has decided that the privacy of the owner of a device must be protected at all costs.  In this case, he is talking about access to the contents of a device by a third party that has your device in their hands and wants to look into its contents without asking you.  They want to make it extremely difficult, if not impossible, to do something like this. Recently Apple introduced the concept of having all the contents of the device encrypted, and limiting access to the decryption key to the the owner of the device (i.e., even Apple does not know what it is).  In order to be able to use the key, the user has to first get access to his or her device with a password.  If somebody tries to hack the password too many times, the device stops working completely.  The system is “bricked“.  The only way to break the system is to guess the password without too many attempts.  Apple does not have a back door in its current software that lets it bypass this security.

This is where government access to a device becomes the topic of discussion.  What the FBI has asked Apple to do is to hack into their own system so that they can read the contents of another person’s smartphone.  Apple is refusing in spite of being under a court order.  They are in a difficult place. If they attempt to break their own system and are successful, it could indicate that others could also find a way to hack into their supposedly super-secure system.  They designed the system to work this way for a reason!

Is Apple justified in refusing to cooperate with the FBI?  Under ideal conditions I would say that they are not, since once you become a part of a society and its systems and use it to your benefit, you have some responsibilities to the system also.  But we also know that the system is not infallible, and can easily be manipulated and misused (as shown by Edward Snowden).   And the tendency for misuse is somehow inbuilt into the system because of human nature and can perhaps never be fixed.

Where should the line be drawn with regards to trying to protect privacy under these circumstances? It is certainly a dilemma…

 

 

The FCC and Set-top Boxes

The dramatic headline “The FCC is going to war over set-top boxes” brought back memories of the time I was dealing with regulatory issues in the world of entertainment.   I think some things will never change as long as there is big money involved and there exists the institution of lobbying.  The battle to change the existing paradigm regarding processing and delivery of entertainment content to consumer eyes from signals that are delivered to the home by the cable companies, and to a certain extent satellite TV companies, has been ongoing for years.  It is the traditional television content delivery guys trying to protect their turf against the home entertainment guys who want to expand the reach of their systems and control how the consumers interface with the cable TV guy’s signals.   If you think that the opposition to the current cable TV signal handling paradigm in the home comes from organizations that are trying to protect the consumer and have their goodwill at heart, think again.  It is companies like Google and Sony who are on the other side, with their own business interests at heart.

It is all about business and money at the end of the day.  And I have to throw up my hands and laugh at the absurdity of all of it, because all of this fuss, and the use of significant monetary resources, is about entertainment and the distraction of the population, something far removed from the more basic needs of the people at large.  While reading the article above I came upon this video from John Oliver from a long while back on the topic of Net Neutrality.  It is dated at this point but still hilarious!

There is another battle well underway in parallel in the entertainment world where the forces of business are trying to change the way entertainment actually gets into your home.  Companies like Netflix and Amazon actually deliver entertainment content via the Internet, which is of course a very non-traditional approach to doing things.  Considering that the Internet Service Providers (ISPs) are almost always the cable companies themselves, this leads to the development of interesting business strategies by the cable companies to try to optimize return to their shareholders, all of which is supported by suitable lobbying of the government that is hoped to result in regulatory regimes that benefit one company or the other.

For heaven’s sake, it is only entertainment!

T-Mobile’s Binge On service

I wrote a blog on the subject of Net Neutrality a while back when the FCC was in the process of putting into place rules for the Internet Service Providers (ISPs) with regards to how they manage traffic from different sources within their networks.  Essentially the FCC ruled that all traffic has to be treated the same, i.e., in a fair manner. At that time I noted that this was easy enough to say, but could be difficult to implement, considering the diversity of the data and the kinds of traffic carried on the Internet.  At that time I noted that the FCC should act with a soft touch with regards to enforcement of regulation.

It turns out that we did not have to wait that long to see an implementation of traffic management in a ISP’s system that seems to violate the FCC’s rules.  But this implementation is being presented by the vendor as a feature that benefits the customer.   Witness T-mobile’s Binge On service.

The data service paradigm for most mobile service providers in the US is that you pay the vendor based on the amount of data that you use, or wish to use (if you sign up for monthly quotas).   So anything that reduces the component of the data that you receive that actually counts towards measurement of your usage should be considered a positive for the customer according to T-Mobile.  (Of course, this assumes that the customer has signed up for receiving an amount of data that really matches what he or she needs.)

But what has happened in the recent past is that the mainstream service providers have been trying to force customers into service packages that include a lot more data than they need, with the hope that they get hooked onto new services that will chew up this additional bandwidth resource.  This is what happens when folks start streaming video services on mobile networks.  As usage increases and begins to match what the customer has actually subscribed for, he or she will become more inclined to pay for additional data services on the network.  (This will also serve as justification for the mobile service providers to lobby to buy up more of the nation’s bandwidth resources for their own networks.)

Enter T-mobile.  They say that they will not count the amount of data that a customer who has signed up for Binge On receives for certain video streaming services (Netflix, Hulu, etc..)  against the customer’s data usage limits.  It sounds good, but what they are also doing is controlling the amount of the data in those video streams for people who are signed up.  They are in fact lowering the quality of the video being delivered, i.e., they are treating these video streams differently from how they would treat them normally in their networks.

You might say that this is OK since the customer knows that this happening.   It turns out that the customer really may not know what is going on.  It seems like this service is being offered today as an “opt out” service, i.e., unless you mention anything, you are signed up for it.  Also, it has been observed today that the customer’s video services are throttled even for video service providers that have not signed up with T-mobile for supporting the service.  It is not clear if the customer still pays for the data being received in such circumstances.

What is happening is exactly along the lines of my expectations.  Due to the nature of the Internet today, there are bound to be scenarios that develop to do not meet the notion of net neutrality in a simplistic fashion.  The FCC will have to adapt, and as it does, the set of detailed regulations that need to be considered will tend to change and continue to expand.

When people complain about government and bureaucracy, it is useful to remember that most of this happens a result of people and organizations creating situations where they try to manipulate the system to their own benefit, where simplistic approaches for enforcement will no longer work.  Very often this is done in the pursuit of big money, not necessarily the betterment of man.  After all, who will argue that entertainment, which is the application for most of the streaming video that tends to dominate the bandwidth usage of the Internet today, is most essential for our living, and should dominate the use of our resources.

Its a crazy world we live in!