terriko

Cross-posted from Web Insecurity

I often get into discussions about whether people really do care about privacy, given that they give away personal information regularly when they share with friends via Facebook or other services. A recent report suggests that people do care, at least when it comes to banking and shopping:

The Edelman study released in February 2012 shows that consumer concerns about data privacy and security are actively diminishing their trust in organizations. For instance, 92% listed data security and privacy as important considerations for financial institutions, but only 69% actually trusted financial institutions to adequately protect their personal information. An even sharper disconnect can be seen with online retailers, with 84% naming security of personal information as a priority but only 33% trusting online retailers to protect it.

The blog of the Office of the Canadian Privacy Commissioner (from which I drew this quote) sums it up in the title: Privacy: Not just good business, but good for business.

But I have to wonder, do these numbers indicate that privacy-preserving businesses will be winning customers, or will we simply see claims of privacy that aren't backed up by carefully constructed systems? Do consumers really care about privacy or do they just say they care? How will consumers evaluate potentially spurious privacy claims? In Canada we at least have the privacy commissioner who brings issues to light, and worldwide we have the Electronic Frontier Foundation, but while both organizations are astute and do their best, privacy claims are something that will need to be evaluated by organizations like Consumer Reports that are used by consumers when making decisions about where they spend and keep their money. Right now, by and large, we only hear about the relative privacy of an organization when a breach occurs.

I attended a talk on Internet voting yesterday and the speaker quoted an official in DC who claimed that, "voters like internet voting, so it must be secure," which is really quite a terrifying quote if you think about it. The speaker joked, "does this mean that because my kid likes cake, it must be healthy?" It really clearly demonstrates first that users of the system have very little understanding of its safety (despite strides in the area, internet voting as currently implemented is rarely secure) but also that officials who roll out such systems have little understanding of the flaws of the system and are much too willing to overlook them for convenience sake. If this is the case with voting, it's hard to believe that business would avoid such cognitive mistakes.

Honestly, I think I make more resolutions after GHC than I do at new year's. I'm always so inspired!

Thing 1: Pushing the development of the GNU Mailman UI

Two things came together for me at the conference:

1. One thing I heard frequently while working the free and open source software booth is that there are plenty of folk interested in getting involved with open source, but they're not sure where to start.

2. I came home with a suitcase full of paper prototypes and pictures from the Mailman 3.0 part of the codeathon for humanity on Saturday. I was looking at spending my evenings digitizing them and turning them into functional prototypes.

So... I asked for help! Transcribing paper prototypes isn't the most glamorous of work, but it's a great place for a beginner to start, and given that we're hoping to have a Mailman 3.0 release as soon as possible, new contributors would have a chance to ramp up to doing real code commits very quickly. Plus they'd be able to see their code go out and be used in the real world sooner rather than later!

I posted to the Systers list knowing I wasn't the only one feeling the post GHC rush, and I posted to the Mailman list knowing we had a would-be contributor who wanted to help.

What I wasn't expecting was that I'd have talked to NINE volunteers in less than 24 hours. How awesome is that? And most of them are women as well!

Now I have the problem of making sure I have enough for everyone to do, but with a variety of skill levels I'm sure we won't have any trouble finding stuff for everyone. I'm so excited, and I hope they are too!

Associated goals:
- Allocating more of my time to serious Mailman development.
- Getting more women involved in open source.
- Improving the usability of Mailman 3.0
- Speeding up development of the Mailman 3.0 UI.
- Doing some teaching/mentoring since I love it but won't be doing it at work this year.

Thing 2: e-textiles

The first thing I did after I got home from GHC11 was sleep. But when I woke up in the middle of the night, the second thing I did was order stuff from SparkFun. :)

I've ordered a couple of simple e-textiles kits and the goal will be to play with them. I made an awesome monster at the GHC e-textiles workshop and I was eager to do more. The end goal is to build a set of lights into my new coat that respond to my movement in some way (See the tentative wishlist), but for now I'm going to make a lit cuff/armband for walking at night and experiment with the neat little aniomagic chip 'cause it looks like so much fun!

Associated goals:
- meeting more people in the local community
- actually becoming a member of a hacklab to support my projects
- making it safer for me to walk home in my beautiful-but-not-visible new black coat
- experimenting with e-textiles
- doing some more hardware-oriented projects
- making sure I had a project that would take me away from the computer

Not-quite-a-Thing 3: Not biting off more than I can chew

A common theme at GHC is reminding people that we have to really be careful about time management so that we don't get overloaded, so I'm choosing those two things that cover lots of my personal goals, and I'll aim to do them well and save the other things I want to try for later. Wish me luck!

I'd love to hear how other people are using what they learned at GHC11!