An oldie but a goodie

I was clearing out my email box when I came across this little gem from the lovely Bruce Schneier. There something about that guy that I just like and I think I amuse him so that makes me happy too.

Check out his musings on the old fashioned notion of Security v. Privacy rather than private data secured appropriately to type place & time:

http://www.schneier.com/blog/archives/2008/01/security_vs_pri.html
Security vs. Privacy

If there's a debate that sums up post-9/11 politics, it's security versus
privacy. Which is more important? How much privacy are you willing to give
up for security? Can we even afford privacy in this age of insecurity?
Security versus privacy: It's the battle of the century, or at least its
first decade.

In a Jan. 21 New Yorker article, Director of National Intelligence Michael
McConnell discusses a proposed plan to monitor all -- that's right, all --
internet communications for security purposes, an idea so extreme that the
word "Orwellian" feels too mild.

The article (now online here) contains this passage:

In order for cyberspace to be policed, internet activity will have to be
closely monitored. Ed Giorgio, who is working with McConnell on the plan,
said that would mean giving the government the authority to examine the
content of any e-mail, file transfer or Web search. "Google has records
that could help in a cyber-investigation," he said. Giorgio warned me, "We
have a saying in this business: 'Privacy and security are a zero-sum
game.'"

I'm sure they have that saying in their business. And it's precisely why,
when people in their business are in charge of government, it becomes a
police state. If privacy and security really were a zero-sum game, we
would have seen mass immigration into the former East Germany and
modern-day China. While it's true that police states like those have less
street crime, no one argues that their citizens are fundamentally more
secure.

We've been told we have to trade off security and privacy so often -- in
debates on security versus privacy, writing contests, polls, reasoned
essays and political rhetoric -- that most of us don't even question the
fundamental dichotomy.

But it's a false one.

Security and privacy are not opposite ends of a seesaw; you don't have to
accept less of one to get more of the other. Think of a door lock, a
burglar alarm and a tall fence. Think of guns, anti-counterfeiting
measures on currency and that dumb liquid ban at airports. Security
affects privacy only when it's based on identity, and there are
limitations to that sort of approach.

Since 9/11, approximately three things have potentially improved airline
security: reinforcing the cockpit doors, passengers realizing they have to
fight back and -- possibly -- sky marshals. Everything else -- all the
security measures that affect privacy -- is just security theater and a
waste of effort.

Spooky thoughts to all for a Happy Halloween. Ms. Thang is Nancy Drew & Sweet Cheeks (cheekier than ever) is a very very cute dragon this year. They both hate coconut so I'm hoping for lots of Almond Joy this year.

Posted at 01:20PM Oct 29, 2009 by Michelle Finneran Dennedy in General  |  Comments[1]

What *is* the Cloud?

It's been a while & I've been very busy indeed. I hope to share a good bit of the concepts I have learned & the ideas that I have about governance in an extended computing context. Today is still not that day but I did get some great silliness from my buddy that I must share:

http://www.youtube.com/watch?v=8g9penyLM5Q

What is the cloud? Magic carpet with laptop in hand? Not really, although we did think technology would have advanced to the point where we *could* fly at this point. (Thank you Carrie's hubby: http://www.kqed.org/epArchive/R909080737)

Is it merely a buzzword for stuff we've already done for years? Ahem, some who may be richer than a few of the Pharohs may say it's so but that rant itself may turn out to be buzz too... It's a strange new world so I'll just not go there today.

This thing is that a resource that *may* be capable of
- recapturing the 80%+ of wasted computing cycles,
- may actualy trigger a meaningful federated ID strategy with meaningful RBAC,
- may force a discussion regarding ownership, retention and juristdiction,
- and may just allow faster information rich businesses to escallate using technology rather than being limited by capital start up costs for servers & networking gear

certainly catches the imagination doesn't it?

Maybe it's not a new new innovation, but rather the culmination of the Network is the Computer. From where I sit as a governance geek, not entirely unheard of is good. Capable of well planned architecture to provide audit, accountability and authenticity is nice. Understood governance and security and privacy governance models applied in a slightly more innovative business environment is good too.

Maybe the Cloud is just a good idea we've all had for a long time that has had time to become real.

I still wish we could fly.

Just a thought...

Posted at 04:22PM Oct 07, 2009 by Michelle Finneran Dennedy in Fun facts  |  Comments[1]