Xconomist of the Week: Stefan Savage on Computer Security
(Page 3 of 4)
issues in automobiles since the transformation is still in progress and thus there is much more potential to influence how security is introduced.
As for how the collaboration was born, we have a long-standing close relationship with the University of Washington. For example, I was a Ph.D. student there before coming to UCSD and Yoshi (now a professor at Washington) was originally a Ph.D. student here at UCSD. [More questions and answers about their automotive research is here.]
X: There was a dustup earlier this year between the hacker group Anonymous and a government defense contractor, G.B. Gary Federal. Who is at higher risk—companies or individuals—from organizations that seek to mine information from social networks?
SS: I think the Wikileaks meme, that online data leaking can be used as a kind of weapon, cannot be put back in the bottle. The effect that Anonymous, AnonOps, LulzSec and others have had in publishing data leaks makes this clear. I suspect that companies face more risk from this phenomenon than individuals because they are larger targets and have a broader set of damages that can be experienced.
Now the second question is about who faces risk from mining social networks and again I think this depends on what kind of risk you’re talking about. Most of these companies are doing this mining in support of marketing activity. While I don’t particular care for this, I’m hard pressed to identify it as a major security risk. However, depending on who you are there may be individual risks that could be exposed (e.g., your true address to a stalker, suggestions of infidelity for someone involved in an affair, evidence of drug use to an employer, etc.) The extent to which this is happening is an open question. It clearly is happening, but it’s hard to quantify the risk.
X: Do you have any concerns about organizations that have developed software that enables them to create fake online personas to mislead and … Next Page »