Tag Archives: privacy

Content hosting for the modern web

Posted on by

In our applications, we take a risk-based approach. Generally speaking, we tend to use three strategies:

  • In higher risk situations (e.g. documents with elevated risk of URL disclosure), we may couple the URL token scheme with short-lived, document-specific cookies issued for specific subdomains of googleusercontent.com. This mechanism, known within Google as FileComp, relies on a range of attack mitigation strategies that are too disruptive for Google applications at large, but work well in this highly constrained use case.
  • In cases where the risk of leaks is limited but responsive access controls are preferable (e.g., embedded images), we may issue URLs bound to a specific user, or ones that expire quickly.
  • In low-risk scenarios, where usability requirements necessitate a more balanced approach, we may opt for globally valid, longer-lived URLs.

via Google Online Security Blog: Content hosting for the modern web.

Skype makes chats and user data more available to police

Posted on by

Skype, the online phone service long favored by political dissidents, criminals and others eager to communicate beyond the reach of governments, has expanded its cooperation with law enforcement authorities to make online chats and other user information available to police, said industry and government officials familiar with the changes.

via Skype makes chats and user data more available to police – The Washington Post.

P3P: The Platform for Privacy Preferences

Posted on by

P3P: The Platform for Privacy Preferences.

The Platform for Privacy Preferences Project (P3P) enables Websites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents will allow users to be informed of site practices (in both machine- and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus users need not read the privacy policies at every site they visit. Have a look at the list of P3P software.

Facebook stores up to 800 pages of personal data per user account

Posted on by

If you live in Europe, then you have the right under a European data protection law to request a copy of all information stored about you on any given service. In the case of Facebook, you can demand such information via the Personal Data Requests form.

via Facebook stores up to 800 pages of personal data per user account | Geek.com.

Facebook is relatively new and the average person doesn’t value their privacy — thus, Facebook has been able to acquire a huge amount of personal information on each member.  Organizations might soon value privacy and see value in the data they generate,  in which case local highly available onsite (or perhaps offsite)   SANs will become a useful investment.  Associations without a central authority (i.e. Facebook) might become desirable.  It is however not feasible for an average person or small business to run their own web server.  They should, however, be in complete control over the data their web site generates.  Users of Facebook have no control over the dissemination of the data they and their connections generate.