Annotated+Bibliography

Name: Long Do Article #1: Online privacy in America-Rights and wrongs Source: The Economist Tags: Privacy, Data Mining, Tracking [] Google has been accused of circumventing controls on Apple’s Safari web browser that are designed to prevent firms from tracking people’s surfing habits. There has also been an outcry over privacy breaches caused by some smartphone applications, or “apps”. February 22nd the Obama administration decreed a new set of principles about information collection on the web. In response, The Obama administration would like Congress to enact what it calls a “privacy bill of rights”. Among the principles this would enshrine are the control over what data is being collected, not collecting data for one purpose and then using them in other contexts without permission and to have personal information held securely. Companies' privacy policies would be expected to reflect these principles. Lobbyist are concerned as this is a voluntary regime, companies will simply just not comply to the negotiations. Some also doubt that FTC will be able to sanction firms that breach the codes. Although recently, the group known as the Digital Advertising Alliance (DAA), an industry group that counts many of the biggest players in the online-advertising world among its members, said these firms were now committed to respecting “do not track” technology embedded in web browsers—something many companies had previously resisted.  Name: Long Do Article #1: Security tools- Certifiably secure Source: The Economist Tags: Advertising Security, HTTPS 1. New sites are now offering more secure and encrypted access, using firefox and chrome browsers using the new and recently updated HTTPS Everywhere plug-in. Apple's Safari and Microsoft's Internet Explorer do not allow interception of an address by a plug-in before prior to sending a page request. This, their makers fear, can lead to unencrypted information leaking out at any point between a user and the website. 3. The free extension is produced by The Electronic Frontier Foundation (EFF), an internet-security watchdog. It also adds additional features that help ensure a connection is legitimate and unobserved. The EFF says over 1m browsers have the plug-in installed. 4. When a site is accessed through he plugin, the process includes rewrite an unencrypted URL reference to the appropriate protected equivalent, which may involve a slightly different host name (the part of URL before the domain name). The plug-in warns the user that they are accessing a secure page. 5. There are numerous problems have been found such as problems with recovery of encryption keys, poor controls by certificate authorities (CAs) that countersign web security documents to ensure only legitimate certificates are issued, and CAs issuing the equivalent of blank checks to corporations to spy on their own employees. 6. The EFF is working on these issues in their new revisions, which they promise to be more secure, the software features a comparison when users enter a website, from the link they choose, to the stored version of the website in their database. 7. “The plug-in alerts both a browser's user and the EFF of any mismatch between the copies of certificates for a given site held by each. This alert, in turn, allows the EFF to notify the concerned site, sometimes in minutes, says Mr Eckersley. The add-on also tells a user if a website's encryption keys are not up to snuff.”