Blog Directory : Listing Details
Digital Identity Forum Blog details
Listing ID: 1474
Title: Digital Identity Forum Blog
Description: A blog from the annual Digital Identity Forum in London provides debate at the intersection of business, technology and culture in the world of digital identity
Category: Computers : Security
Owner:
listed on: July 27, 2008 04:36:53 PM
Number Hits: 2 times
Recent Posts:
| Tomi Ahonen - 2009-01-05 11:49:20 |
| Summary |
| It's always, always the same - 2008-12-22 19:13:47 |
Is there a way forward? Remember the"little sister"concept that I keep going on about. The difference between a big brother and a little sister is that a big brother stops you from doing things whereas a little sister doesn't. But if you do something wrong, little sister will tell on you.
Want we want, generally speaking, is a system that provides for individual privacy unless and until the user does something wrong. At this point, we want the system to rat them out at the earliest opportunity and deliver the audit trail needed to prove that they were misbehaving. This suggests to me that we want the connection layer to be pseudonymous, not anonymous. This means that your ISP should be providing your"real"IP address, but a pseudo address that only it can map to a real IP address. By selecting these at random, the ISP can prevent unscrupulous companies from tracking you around the web. If you do something you shouldn't, the police can then apply for a warrant and have the ISP give up your"real"IP address (which is of no interest or consequence) and your identity (which is, presumably, what the police are after). Applying this same reasoning to mobile suggests that operators adopt the"iMode model", whereby the operator delivers a unique identifier to service providers that only the operator can map to your real mobile phone number. These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted withecto |
| That'll do nicely - 2008-12-19 21:29:52 |
Is there a way forward? Remember the"little sister"concept that I keep going on about. The difference between a big brother and a little sister is that a big brother stops you from doing things whereas a little sister doesn't. But if you do something wrong, little sister will tell on you.
Want we want, generally speaking, is a system that provides for individual privacy unless and until the user does something wrong. At this point, we want the system to rat them out at the earliest opportunity and deliver the audit trail needed to prove that they were misbehaving. This suggests to me that we want the connection layer to be pseudonymous, not anonymous. This means that your ISP should be providing your"real"IP address, but a pseudo address that only it can map to a real IP address. By selecting these at random, the ISP can prevent unscrupulous companies from tracking you around the web. If you do something you shouldn't, the police can then apply for a warrant and have the ISP give up your"real"IP address (which is of no interest or consequence) and your identity (which is, presumably, what the police are after). Applying this same reasoning to mobile suggests that operators adopt the"iMode model", whereby the operator delivers a unique identifier to service providers that only the operator can map to your real mobile phone number. These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted withecto |