Archive

Posts Tagged ‘identity’

Judge Grants Defendant’s Motion To Explore Alleged Fraud By Prenda Law

December 29th, 2012 12:22 admin View Comments

Crime

An anonymous reader writes “Prenda Law — one of the most notorious copyright trolls — has sued hundreds of thousands of John Doe defendants, often receiving settlements of thousands of dollars from each. Prenda Law principal John Steele has reportedly made a few million dollars suing BitTorrent file-sharers. Prenda Law has been accused in federal court of creating sham offshore corporations using the identity of his gardener. In other words, it is alleged that the law firm and their client are the same entity, and that Prenda law has committed identity theft and fraud. Now, a judge in California has granted a John Doe defendant’s motion to further explore the connection between the offshore entity and the law firm.”

Source: Judge Grants Defendant’s Motion To Explore Alleged Fraud By Prenda Law

Former Anonymous Spokesperson Indicted

December 9th, 2012 12:18 admin View Comments

Crime

SternisheFan sends this quote from Ars: “On Friday, a federal grand jury in Dallas indicted Barrett Brown, a former self-proclaimed Anonymous spokesperson, for trafficking ‘stolen authentication features,’ as well as ‘access device fraud’ and ‘aggravated identity theft.’ Brown has been detained since he was arrested in September for allegedly threatening a federal agent. 10 counts of the 12-count indictment concern the aggravated identity theft charge (the indictment references 10 people from whom Brown is alleged to have stolen information), but the most interesting charge is probably the first; a single count saying Brown, ‘did knowingly traffic in more than five authentication features knowing that such features were stolen and produced without lawful authority.’ But rather than a physical back-alley hand-off, this alleged trafficking happened online when Barrett transferred a hyperlink, ‘from the Internet Relay Chat (IRC) channel called “#Anonops” to an IRC channel under Brown’s control, called “#ProjectPM.”‘ That hyperlink happened to include over 5,000 credit card numbers, associating Ids, and Card Verification Values (CVVs) from the Stratfor Global Intelligence database.”

Source: Former Anonymous Spokesperson Indicted

UK ‘Virtual ID Card’ Scheme Set For Launch

October 4th, 2012 10:13 admin View Comments

Cellphones

First time accepted submitter evrybodygonsurfin writes “The UK Government will announce details this month of a controversial national identity scheme which will allow people to use their mobile phones and social media profiles as official identification documents for accessing public services. People wishing to apply for services ranging from tax credits to fishing licences and passports will be asked to choose from a list of familiar online log-ins, including those they already use on social media sites, banks, and large retailers such as supermarkets, to prove their identity.” I can’t wait until carrying a telephone is mandatory. In the U.S. at least, how else will the government send you important messages?

Source: UK ‘Virtual ID Card’ Scheme Set For Launch

Google Bans Online Anonymity While Patenting It

September 18th, 2012 09:00 admin View Comments

Google

theodp writes “‘It’s important to use your common name,’ Google explains in its Google+ ground rules, ‘so that the people you want to connect with can find you.’ Using a ‘secondary online identity,’ the search giant adds, is a big Google+ no-no. ‘There are lots of places where you can be anonymous online,’ Betanews’ Joe Wilcox notes. ‘Google+ isn’t one of them.’ Got it. But if online anonymity is so evil, then what’s the deal with Google’s newly-awarded patent for Social Computing Personas for Protecting Identity in Online Social Interactions? ‘When users reveal their identities on the internet,’ Google explained to the USPTO in its patent application, ‘it leaves them more vulnerable to stalking, identity theft and harassment.’ So what’s Google’s solution? Providing anonymity to social networking users via an ‘alter ego’ and/or ‘anonymous identity.’ So does Google now believe that there’s a genuine ‘risk of disclosing a user’s real identity’? Or is this just a case of Google’s left hand not knowing what its right hand is patenting?”

Source: Google Bans Online Anonymity While Patenting It

UK’s ‘Three Strikes’ Piracy Measures Published

June 26th, 2012 06:56 admin View Comments

Piracy

judgecorp writes “The UK regulator Ofcom, has published details of plans to disconnect illegal file-sharers. It is the “three strikes” policy which ISPs unsuccessfully appealed against, and requires ISPs to keep a list of persistent copyright infringers (identified as usual by their IP address…). ISPs will have to send monthly warning letters to those who infringe above a certain threshold. If a user gets three letters within a single year, the ISP must hand anonymised details to the copyright owner, who can apply for a court order to obtain the infringer’s identity (or at least, an identity associated with that IP address).”

Source: UK’s ‘Three Strikes’ Piracy Measures Published

Star Wars Exhibition Explores Human Identity

May 1st, 2012 05:09 admin View Comments

Star Wars Prequels

Hugh Pickens writes writes “The Telegraph reports that a new exhibition has opened at the Montreal Science Center that explores human identity through the Star Wars saga and its quirky characters combining the latest scientific research in areas of psychology, neuropsychology, and genetics with some 200 costumes, props, models, and artwork from the Lucasfilm archives to ask the fundamental questions: who we are and how do we become who we are? Visitors to the exhibition will rediscover their favorite Star Wars characters ‘in a whole new light’ while also developing a better understanding of their own complex identity. ‘Since Star Wars takes place in a fantasy world, the characters need to be identifiable so that the audience can connect to them,’ says Star Wars creator George Lucas. ‘These larger-than-life characters come complete with friends, enemies, values, and beliefs. This exhibition examines how the Star Wars characters are like us, what we may have in common, and what makes up our individual identities.’ Each visitor is given a bracelet, which records the decisions they make during the tour and each visitor’s decisions combine to create an avatar, which is revealed at the end of the tour. ‘When I finally took the tour with the audio guide and bracelet, it was thrilling,’ says LucasFilm exhibits manager Kyra Bowling. ‘When I saw my hero (avatar) at the end, I felt like a kid again. After I was done I immediately went through a second time and made different decisions so I could end up with a different hero.’”

Source: Star Wars Exhibition Explores Human Identity

How We’re Going Fix Online Identity and Reputation

March 2nd, 2012 03:34 admin View Comments

hypothesisworkshop1.jpgLast week, I had the great fortune of attending the Hypothes.is Reputation Workshop. Hypothes.is aims to build nothing less than a peer review layer for the whole Internet. It’s a mind-boggling idea when you let it sink in. The technical challenges are formidable, and the cultural ones are even bigger. Nevertheless, the excitement around the project is intense and contagious.

It’s a project that has drawn in the likes of Wikimedia, the Internet Archive and the Electronic Frontier Foundation. The stewards of the free Web want this problem solved. To get the ball rolling on figuring this out, Hypothes.is invited a colorful panel of experts – and… me. – to a three-day think tank on San Francisco Bay to identify the challenges, parse them out, and prototype solutions. And guess what? We pulled it off.

hypothesisworkshop2.jpg

Why We Need Hypothes.is

There are two fundamental, related cultural problems with the Web that Hypothes.is wants to address: identity and reputation. Reputation is the main problem, but you can’t approach it without fixing identity. A reputation doesn’t refer to anything without a consistent identity behind it.

The goal is to build a system of reputation for, ideally, all the content on the Web. No filter exists today for us to assess what information is good and what information is bad.

Right now, the Web is vulnerable to gaming. Google’s search ranking algorithm is a fine piece of early reputation technology, and it’s constantly improving, but it’s exploitable by playing with back-links and keywords.

And now that the social filters of Facebook, Twitter and Google+ have begun to dominate the time of Web users, the Web runs the risk of becoming an out-and-out popularity contest. If we could filter the Web by reputation, we could turn it into a meritocracy.

hypothesisworkshop3.jpg

Identity & Reputation

Today, identity and reputation are fragmented by different, often competing online services. We have Facebook identities, Google identities and email identities. We have OpenIDs, but we might have a bunch of those. Some of these identities may be linked, but the links are weak.

In each of these networks, we also have reputations, however basic they may be. Our contributions are liked and +1d by friends and ranked by an algorithm. These services might provide APIs to be interoperable with other sites and applications, but that just extends the domain of the dominant platform, Facebook or Google. It’s not a multi-faceted identity. It’s the same monolithic identity extended everywhere.

Plus, identity providers like Facebook and Google have interests that run counter to ours. Real people are multi-faceted. We want to be able to express different aspects of ourselves in different contexts. But Facebook, Google et al have built businesses upon consistent, unchanging, public identities for all of us, despite nasty, sometimes dangerous consequences.

People with enough privileges don’t have to worry about their public identities and reputations, but marginalized or vulnerable people around the world face real danger for speaking out online. They still need the ability to participate fully. That’s why a truly Web-wide reputation system cannot be subject to any company’s “real names policy.”

We learned in the workshop that the best kind of online identity is one that is pseudonymous but expensive. It’s easy to get one pseudonym, but it’s very difficult to change or create new ones. A pseudonym could also be privately verified with a government-issued ID or some other standard, so the user remains pseudonymous to the world, but the reputation system knows who it is.

Hypothes.is needs relatable identities to build a reputation system. It will have its own reputation algorithms, mechanisms and moderation strategies. It will implement its trusted users’ contributions as a layer of reputation that can apply to all the content on the Web. Hypothes.is users will be like Wikipedia editors, but for everything.

hypothesisworkshop4.jpg

What Might Hypothes.is Look Like?

Hypothes.is wants to build a layer of annotations attached to a system of reputation. In order to do that, it also needs to create a community around the right set of tools.

In the workshop, we imagined a few different interfaces. One crucial interface decision will be the way annotations are displayed on top of the content as a user browses the Web. It could be “heat maps,” where areas of the document with lots of annotation are color-coded to indicate activity, quality or both. It could be a sidebar full of various annotations, even multimedia ones.

Once it’s in place, a user signed in to Hypothes.is will be able to judge a document’s reputation on sight or even filter a long list of documents. Participating sites will be able to stand behind their visible reputations. The Web will be less sketchy and seedy in places where clarity and transparency are needed.

And it won’t be imposed by some central authority, but rather by the work of dedicated annotators from all around the Web. Call them journalists, call them editors, call them curators, call them whatever you want. The advantages of this system over one based on blogging, hype and personality should be obvious. We could have a standard for assessing the quality of Web content, and that will help us assign real value to it.

If you’re curious about the particular, potential designs we discussed, you should visit Dario Taraborelli’s amazing notes on Wikipedia. He goes into depth about the possible solutions we considered. There’s no product news to report yet. I’m just here to update you on the state of the conversation. It’s thriving, it’s exciting, and it’s necessary.

If you want to follow along, visit Hypothes.is and follow @hypothes_is on Twitter. As Hypothes.is makes news, we’ll keep bringing it to you here on ReadWriteWeb.

Photos courtesy of Hypothes.is

Disclosure: My really good friend Randall Leeds is building Hypothes.is as the technical co-fonder. This happened after RWW started covering founder Dan Whaley’s efforts to create an annotation system for the whole Web. It’s a complete coincidence. Still, I admit that this may have an impact on my reporting. But hey, at least my fund isn’t investing in it.

Source: How We’re Going Fix Online Identity and Reputation

Introducing Your Hyperconnected Online-Offline Identity

March 1st, 2012 03:40 admin View Comments

shutterstock_online_identity.jpgYesterday we wrote about the positive and negative consequences of living a hyperconnected life. One becomes more accustomed to multitasking, shuffling through personal and work-related tasks, and a heightened ability to pick out nuggets of information that are actually useful. On the downside, one can become obsessed with the Internet, and find themselves feeling sad and lost when they do leave the glowing screen(s). As we become more accustomed to being kings and queens of our own Internet worlds, our brains do quietly adapt to new stresses and modes of cognition.

But what of identity? How do we define who we are online vs. who we are offline? In our hyperconnected world, identities are fractured. Facebook wants to be your online identity’s one true login. Studies have shown that we perhaps divulge more online than we otherwise would offline. Social networks are strange indeed.

Will we be happier, healthier people if we follow Zuck’s advice and become one with the Internet (and give all our data to Facebook)? Or should we stick to a more 4chan-esque approach, which suggests that we’re way more complex than that?

In our real lives, we constantly struggle between who we think we are, what others think we are and what people think we think we are. The real self is saddled somewhere in the overlap between these three circles. These ideas of the self apply in both an online and offline context. This abstraction, explains ScepticGeek, may come at least partially from Carl Rogers.

Basic-Three-Circles-with-Text2.png

Online, we battle with the same conflicts, plus a few other quirks. We are a Facebook identity (or two), a Twitter account, a LinkedIn oh-so-professional account and maybe even Google+ (plus search your world, no less). Each online identity is in and of itself an identity. Maintaining them is hard, often times treacherous work. We must slog through the Internet-addled identity quagmire.

shutterstock_marsh_frog JPG.jpg

“It’s not ‘who you share with,’ it’s ‘who you share as,’” Poole says. ReadWriteWeb’s Jon Mitchell continues that thought: “In other words, we’re only presenting one, Facebook-facing aspect of ourselves when we share online via Facebook,” he writes in his story, A Proposal to Fix Online Identity. “The advertisers who make Facebook possible don’t have a full picture; they have a Facebook caricature.”

Keeping that in mind, your online persona will always be just that – a persona, a caricature of the real you. But how much should that differ from the real life you?

It all comes down to trust: Are you who you say you are? Can others trust you?

In ScepticGeek’s post, he suggests that you’ll experience quite a bit of stress if you are different online from how you are in real life. It’s not easy being two different people. But one writer argues that online it is indeed easier to make oneself vulnerable, which is part of the appeal of social networks.

“When people have the opportunity to separate their actions from their real world and identity, they feel less vulnerable about opening up. Whatever they say or do can’t be directly linked to the rest of their lives,” writes Rider University’s John Suler. He coined the term “disinhibition effect,” which suggests that people on social networking sites feel free to share very personal things that they might not share in real life. But online actions do have real, offline emotional consequences.

So consider how much of your online persona does match the offline you – not in terms of ads you look at and click or products you buy, but how you behave.

“A Marsh Frog” image courtesy of Shutterstock. Complex identity chart via ScepticGeek.

Source: Introducing Your Hyperconnected Online-Offline Identity

Nebula Cloud Pioneer at RSA: OpenStack Won’t Secure Itself

February 27th, 2012 02:30 admin View Comments

120227 Chris Kemp - OpenStack 01.jpgHe is as great a contributor to the concept of cloud computing as any individual alive today. Today, Chris Kemp, the co-architect of the pioneering NASA Nebula project – the first to encapsulate a cloud server into a shipping crate – told a meeting of the Cloud Security Alliance Monday morning at the RSA Conference in San Francisco that OpenStack is, and will continue to be, designed to support other security architectures, but not to serve as one itself.

“OpenStack was really designed around common, open source technologies,” Kemp told an overflow session, “so that if you have familiarity with securing these underlying technologies, you’re going to have a fairly easy time writing security plans and implementing security and controls and monitoring around these technologies.”

Now the CEO of the commercial Nebula firm that bears the name of the NASA project he helped lead, Kemp mentioned the newest of the various components that are all integrated into the OpenStack project. OpenStack is, after all, a stack – a conglomeration of tools, resources, and techniques that collectively, and openly, enable businesses to pool compute and storage resources into private cloud architectures. One component is the Keystone identity service – which for OpenStack has been an on-again, off-again business. Just last week, Kemp said, it was on again, with a complete rewrite that includes new back-end products.

“If you’re in the identity management business, and you’ve got products in that area,” said Kemp, “we’re trying to make OpenStack much more out-of-the-box compatible with these products.” But to do this, he went on, OpenStack has adopted a plug-in architecture, so as to specifically avoid placing itself in the role of identity provider – as an authoritative source of credentials. “The intent is for OpenStack to exist in an environment where you already have some sort of identity management provider. We’re not trying to authenticate anything outside of the rest of the APIs, and we’re definitely trying to provide a common security framework for role-based access control in all the different components of OpenStack.”

Openness means friendliness – at least, that’s what implementers expect, as Kemp pointed out. Friendliness, in a technical sense, means integration. So any existing component with the facilities to integrate with Active Directory or LDAP, such as monitoring API accesses, successful and failed attempts to authenticate, logging, and correlation, should be capable of being integrated with OpenStack. He advised attendees to plan their implementation of OpenStack around how best to use their existing security information management (SIM) tools, not to change their processes to make way for it. A best-practices implementation of OpenStack, he said, would introduce no new management domains.

120227 Chris Kemp - OpenStack 02.jpgKnowing that, Kemp warned that OpenStack certainly does not add security where little or none exists. “Out of the box, it’s a framework and a reference implementation. It is not secure out of the box.

“Just like installing BIND on a Linux box doesn’t give you a secure DNS infrastructure, installing OpenStack out-of-the-box does not give you a scalable, secure OpenStack-based private cloud,” he emphasized. “It’s not intending to, either.” That should not dissuade careful implementers from implementing OpenStack, he added, because it does contain the building blocks for a private cloud which – when combined with best practices – can improve security and reliability.

The Cloud Security Alliance holds its annual Summit event as part of the RSA Conference, complete with its own panel session, keynote speaker, and innovator awards.

Source: Nebula Cloud Pioneer at RSA: OpenStack Won’t Secure Itself

Pseudonyms Now Available for ‘Facebook Famous’ People

February 16th, 2012 02:45 admin View Comments

shutterstock_facebook_dislike.jpgStarting today, Facebook will quietly “poke” users who have many subscribers, and ask them to verify their identity with a government-issued photo ID. After doing so, such famous Facebookers can drop in an “alternate name” which will be displayed in parenthesis next to their real name.

Verifying accounts can be helpful for artists and others who perform under one name, and want to share their alter-ego name – think Nicki Minaj’s alter-ego, Roman Zolanski. Nicki’s real name is actually Onika Tanya Maraj – is that something she would want to share with fans? And for journalists like ThinkProgress’ Matt Yglesias, who use their real name as byline (Yglesias has 3738 Facebook friends and 10,203 subscribers), there is apparently no point to verifying a Facebook account. Or is there?

Users who verify their accounts will receive higher priority in Facebook’s “People to Subscribe to” suggestions box. This serves as another way to keep important figures on Facebook, at a time when interest graph-driven social network Pinterest is ramping up.

Matt-Yglesias-profile.jpg

Of course, this doesn’t really divert from Facebook’s real name policy, which it outlines here. Users still have to register with their real names. For the not-so-Facebook famous people, note that Facebook does currently recognize “alternate” names, such as nicknames or maiden names. But of course, that is completely different from perceived or real pseudonyms or alter-ego identities.

Did someone at Facebook finally started listening to what 4chan’s Chris Poole said at last year’s Web 2.0 – that we are not mirrors, we are prisms, and Facebook is doing identity wrong. That or Facebook just realized that while many people have alter-egos/identities, if Facebook changes the rules for perceived Facebook famous people, perhaps one day regular users will get the same benefit. But that surely won’t happen for awhile, anyway.

Facebook verified accounts.jpg

Image courtesy of Shutterstock.

Source: Pseudonyms Now Available for ‘Facebook Famous’ People

YOYOYOOYOYOYO