But what many people don’t realize is that Americans’ cybersecurity is also at risk. That’s because privacy and security are two sides of the same coin: privacy is about controlling who has access to information about you, and security is how you maintain that control. You usually can’t break one without breaking the other, and that’s especially true in this context. To show how, here are five ways repealing the FCC’s privacy rules will weaken Americans’ cybersecurity.
Read the article for more details on each of these five ways, including technical and easy to understand examples of how it works.
Risk #1: Snooping On Traffic (And Creating New Targets for Hackers)
Risk #2: Erasing Encryption (And Making it Easier for Hackers to Spy On You)
Risk #3: Inserting Ads Into Your Browsing (And Opening Holes In Your Browsing Security)
Risk #4: Zombie Supercookies (Allowing Hackers to Track You Wherever You Go)
Risk #5: Spyware (Which Opens the Door for Malware)
In the end, the cybersecurity implications of repealing the FCC’s privacy rules come from simple logic. If the privacy rules are repealed, Internet providers will resume and accelerate these dangerous practices with the aim of monetizing their customers’ browsing history and app usage. But in order to do that, Internet providers will need to record and store even more sensitive data on their customers, which will become a target for hackers. Internet providers will also be incentivized to break their customers’ security, so they can see all the valuable encrypted data their customers send. And when Internet providers break their customers’ security, you can be sure malicious hackers will be right on their heels.
The net result is simple: repealing the FCC’s privacy rules won’t just be a disaster for Americans’ privacy. It will be a disaster for America’s cybersecurity, too.
Share other articles or offer your point of view. This isn't just an EFF issue. You could argue that Google, Amazon, and Facebook do the same thing, but the difference with ISPs (like Comcast, Verizon, AT&T, Cox, etc.), is that you don't have a choice about which ISP or cable company you use, and they have vast amounts of customer data that they can use however they want. The risks are disastrous. It wasn't clear what choices we have, either.
Ok I'll comment. I'm going to keep this discussion going, even if you don't follow tech news (which, btw, you should, if you want to consider yourself an MIS professional.)
ReplyDeleteTo reiterate, in a 50-48 vote mostly along party lines on Thursday, the Senate moved to strip consumer privacy rules that had just been created in October. Next week, the House is expected to go along with the Senate measure, and the rule changes would then head to President Trump for his signature.
The move by the Senate means Verizon, Comcast or AT&T can continue tracking and sharing people’s browsing and app activity without permission (see Thursday's article here), and it alarmed consumer advocates and Democratic lawmakers. They warned that broadband providers have the widest look into Americans’ online habits, and that without the rules, the companies would have more power to collect data on people and sell sensitive information.
But as we learned earlier about end-to-end encryption, there are options, if you are willing to consider them (which you should). Here is another (and similar) list:
* A number of browsers, for example, have “stealth” settings that make it difficult to track a web surfer’s activities.
* Other software can make it difficult to pinpoint where that traffic is coming from. Perhaps the best known is Tor.
* There are also a number of apps that can encrypt internet messages. Signal, free software offered by a company called Open Whisper Systems, may be the best known of them.
*Another example among many free software packages designed to prevent eavesdropping and hide a user’s internet address is the Hotspot Shield software offered by AnchorFree, a company based in Mountain View, Calif.
Now is the time to look again at encrypted devices. Of course, you probably don't care that your phone is not secure from cyberattacks or that your ISP can sell your data without you knowing. So why worry ... until it happens.
Do you know what the 1% difference between Sprint's and Verizon's network is? Does it have to do with network speed, reliability especially in the context of net neutrality and the court ruling banning Verizon to charge more for faster speeds.
ReplyDeleteGood question. I'll look it up and ask and get back to you.
DeleteI think the Apple vs. FBI case (see link below) is an interesting case that addresses similar concerns. I think it's interesting to see the perspectives between Apple and the FBI. The case essentially revolves around the battle between the FBI ordering Apple to unlock the phone of San Bernandino terror suspect Syed Farook. The FBI asked Apple to unlock the phone using a trapdoor. Apple refused to unlock the phone noting that unlocking the phone would make their phones much more vulnerable to security breaches and overall a much weaker product. A much weaker product for Apple, leads to a decline in revenue. The FBI was able to unlock the phone using a third party device and refused to tell Apple about the security flaw with their phones. Thus, ensues the battle between the two entities. It's important to note that Apple's priority was protecting their product, and used their priority of customer data privacy as a guise for protecting the security and vulnerability of their product.
ReplyDeleteApple vs. FBI article
https://www.cnet.com/news/apple-vs-fbi-one-year-later-still-stuck-in-limbo/