Scott Walters Exploring Stuff

Here is the example of misuse of personal data from a Mashup.

Owad looked up the Amazon wishlists of everybody whos first name was Mark. Finding 124,887 public wishlists Owad then proceeded to identify a few books he found subversive and mapped the addresses of the individuals concerned.

If you imagine what next steps would happen with this project is becomes a little frightening how information that may have been thought private or obscure can easily be used to give a clear picture of you. Imagine if knowing your name and reading preferences Owad next extracts your address and telephone number from the public telephone directory; next he gets the property values in your street or even the last sale price of your house; next census data detailing general details about people in your area; next, do you have a myspace profile, or a blogger account that could be tied back to this growing profile.

I’ve got to say, none of this seems particularly difficult and its a real issue.

From an ebusiness perspective the requirement to keep someones private information private will need some real thought as these technologies move forward.

Refs:

Data Mining 101: Finding Subversives with Amazon Wishlists viewable at
http://www.applefritter.com/bannedbooks

Thinking about distributed applications and you fairly quickly get to Google. Initially and predominantly a search company Google has expanded into the application space in recent years. Now the Google Search is an obvious distributed application in that a client (the browser) uses search to interrogate Google’s search index but a deeper dig and you find gems like the Google File System which according to Ghemawat, Gobioff and Leung (2003) manages “largest cluster to date provides hundreds of terabytes of storage across thousands of disks on over a thousand machines.”

Indeed, Google appear to be developing / acquiring the tools to create a complete distributed application suite for performing all the functions previously performed by desktop applications according to Boothby (2006) and others. Google itself does not view its content sharing tools as Microsoft Office competitors, as Dr Eric Schmidt, Google CEO has stated on numerous occasions:

We embarked on a strategy to build apps that are search centric and very sharable….as something use in normal life. We are not arguing it is an [Microsoft] Office replacement, but a different way of manage information. I dont think it replaces Office. – Dr Eric Schmidt 2006 quoted in Bogatin (2007)

Google has also taken full advantage of Web 2.0 technologies and according to Tim O’Reilly is the standard barer for Web 2.0. I liked the concept that Google was a middleman or enabler between the user and his or her online experience.

Refs:

Ghemawat, Sanjay., Gobioff, Howard., and Leung, Shun-Tak.; Aug 2003.; The Google File System.; http://216.239.37.132/papers/gfs-sosp2003.pdf

O’Reilly, Tim.; 30/Sept/2005.; What Is Web 2.0 – Design Patterns and Business Models for the Next Generation of Software.; http://www.oreillynet.com/pub/a/oreilly/tim/news/2005/09/30/what-is-web-20.html?page=1

Boothby, Rod.; 11/Jan/2006.; Google Replacement for Office.; Innovation Creators.;http://innovationcreators.com/wp/?p=87

Bogatin, Donna.; 17/April/2007.; Google 2.0 redux: Eric Schmidt meets John Battelle again.; ZDNet.;http://blogs.zdnet.com/micro-markets/?p=1233

In Mashup websites are a hacker’s dream come true Marks details some of the risks associated with Mashups in this article, as I read it he has a few major issues:

1. The information could be inaccurate or false
2. There has been little thought about security and privacy
3. The possibility that viruses could propagate through a mashup
4. The possibility that a mashup could be used to cause havoc by misrepresenting information.

The scope for causing havoc is obvious. If you look at http://www.chicagocrime.org/ which shows crime statistics and locations on a Google map it would be a reasonable assumption that high crime areas have lower property values but what if the crime statistics feed was modified to show certain areas have higher crime levels in an attempt to artificially lower property values.

Marks does recommend that installation and authentication of servers with SSL certificates will alleviate some of these problems.

Refs:

Marks, Paul.; 12/May/2006; Mashup websites are a hackers dream come true.; New Scientist; http://www.newscientisttech.com/article/mg19025516.400

Interesting item on use of web technologies for intelligence. Most of the issues raised would be applicable to the general ebusiness area.

“The Defense Intelligence Agency is seeing mushrooming use of various Web 2.0 technologies, which are becoming increasingly critical to accomplishing missions that require analysts to share intelligence, said Lewis Shepherd, chief of the DIAs requirements and research group at the Pentagon. ” – Havenstein

The use of mashups is interesting and is the equivalent of commercially sensitive material using mashup technology for a normal business.

Refs:

Havenstein, Heather.; Military Intelligence Goes Web 2.0.; Computerworld.; http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=284174