Skip to main content

The future of data security

I recently spoke to an incredibly wise co-worker who shared with me his vision of data security, and his explanation was so insightful I couldn't help but share it with you all.

A padlock icon (credit to https://openclipart.org/detail/68533/padlock-icon)
Securing our data

Our data has no value

Today, a fundamental problem is our data has no value. Let me explain why this is a problem. To choose an example, when we use Facebook, we offer the platform access to our basic data (gender, age, name, other attributes we choose) as exchange to use the service for free. This is fair, or at least most of us would come to believe. I would certainly consider an alternative if I had to pay to use Facebook.

Regardless, this information about ourselves gets used ad infinitum in algorithms that match advertising ads that may be most relevant to you on Facebook, even when you aren't on Facebook. As your information is shared throughout Facebook (to show you ads), what additional value are you getting? What benefits are you getting from the companies who are indirectly using your information to show you ads?

I'd like to propose that you are getting nothing. The company will say that it is offering you "personalized ads," but there is more under the covers. You are giving your information away for free* without receiving any benefit besides seeing ads for products you may not need.

*Of course, buried somewhere in the terms of use is this, in legal jargon, that no one reads anyways because don't we all just click the "I accept" button?

I agree caption (credit to http://blogs.adobe.com/acrolaw/2009/11/creating_a_click-thru_agreement/)
I agree to say yes to things I have not read

Facebook isn't the only one that does this, Google does it too. Most any products that are of this vain are sharing your data without giving you anything in return beyond the initial services they provide.

Are you okay with that?

Ask yourself, are you okay with giving away your information for basically free? Or, to put it another way, are you okay with throwing away your personal value?

Fairly odd parents gif (credit to https://media.giphy.com/media/YJjvTqoRFgZaM/giphy.gif)
Burning your own value

Companies pay to get data from customers, why are you giving it away for free? 

This is called market research, where companies go out and pay users for their opinions. 

Sure, some of the money goes to upkeep the services, but how else do you really think Google is able to offer such great salaries? (They sell your data for free* and profit from it. *You of course agree to this also in their terms of service).

You are not in the best interest of the company

This is another problem today. Your personal data is being protected by companies because they have to. They need your trust in order to stay in business. Even with sweeping new regulations, companies are still catching up with data protection. I don't think that because companies are told to comply to protect your information, that they are the best advocate for protecting your data. Consider recent hacks, and how much harder it is to protect your information if every company has copies of it. 

Don't let me ask you if you have worked at a company where personal data has been compromised and you brushed it under the rug, or are not correctly protecting credit card information; the list goes on and on..

The more companies you share your information to, the more vulnerable you are to losing potential value due to data breaches, hacks, or bad security [mal]practices.

How do we secure our data better?

We take a bit of our knowledge of OAuth, jwt, nonce and blockchain concepts to secure our data.

Forewarning this is not fully technical in nature, so take it as an exercise on your own how to connect these dots. Again, this article is a theoretical explanation what we can do to make our data more secure in the future.

Because we can't trust companies to protect our data for us, who can we trust? We can trust transparency, and the blockchain offers us transparency. Acting as a public ledger that cannot be forged or altered, the blockchain can store our personal data. (Similarly how the blockchain can hold the bitcoins we own if we were in on that craze). We can store all information about ourselves in here; address, phone numbers, height, weight, etc.

The data is encrypted of course, and the way we can prove we own the data is through our private key/token.

Great! Now no one can access our data without our private key, but how to we share it to those we trust? Or, as an example, how might we share our address information to Walmart when we checkout online and want to ship the goods (but not let Walmart know it is us purchasing the goods?). For this scenario, my coworker envisioned a token that is generated (similar to OAuth) that would be given to Walmart, perhaps with some address and payment claims (jwt-like) that would only give the bearer of the token access to the address and payment information that is linked to it.

This token would be linked to my data in the blockchain. Walmart would pay some nominal amount in order to access this data in the blockchain, mostly for bookkeeping purposes (to keep the lights on - the blockchain needs constant processing to stay maintained), perhaps some of it goes to you, the owner of the data itself?

Walmart would be able to see my address and payment, and complete the order on their side. Using some nonce, the token that Walmart just used would become invalid and would no longer return any information about my address and payment to anyone else who happened to get their hands on my token.

The order would be sent to UPS, and through some process, I would authorize another token, this time just with my address claims onto UPS. Once UPS used my token, UPS would know nothing about me, except where to drop the package off at my front door. I would get my package, and neither Walmart nor UPS would be holding my data, nor who I am (protecting my identity). 

The whole series of handoffs of my data is publicly stored in the blockchain, so I can see any party who used my information.

The resistance

Obviously, the government would not like this anonymity. Companies would not like this either, as they are greatly profiting of your data today. 

How might you incentivize parties to help convince and implement better data security for everyone?

Thank you

Thank you for reading this blog post, I hope it inspires future data scientists.

Comments

  1. i am ERIC BRUNT by name. Greetings to every one that is reading this testimony. I have been rejected by my wife after three(3) years of marriage just because another Man had a spell on her and she left me and the kid to suffer. one day when i was reading through the web, i saw a post on how this spell caster on this address AKHERETEMPLE@gmail.com have help a woman to get back her husband and i gave him a reply to his address and he told me that a man had a spell on my wife and he told me that he will help me and after 3 days that i will have my wife back. i believed him and today i am glad to let you all know that this spell caster have the power to bring lovers back. because i am now happy with my wife. Thanks for helping me Dr Akhere contact him on email: AKHERETEMPLE@gmail.com
    or
    call/whatsapp:+2349057261346










    i am ERIC BRUNT by name. Greetings to every one that is reading this testimony. I have been rejected by my wife after three(3) years of marriage just because another Man had a spell on her and she left me and the kid to suffer. one day when i was reading through the web, i saw a post on how this spell caster on this address AKHERETEMPLE@gmail.com have help a woman to get back her husband and i gave him a reply to his address and he told me that a man had a spell on my wife and he told me that he will help me and after 3 days that i will have my wife back. i believed him and today i am glad to let you all know that this spell caster have the power to bring lovers back. because i am now happy with my wife. Thanks for helping me Dr Akhere contact him on email: AKHERETEMPLE@gmail.com
    or
    call/whatsapp:+2349057261346










    ReplyDelete








  2. i couldn't believe that i would ever be re-unite with my ex-lover, i was so traumatize staying all alone with no body to stay by me and to be with me, but i was so lucky one certain day to meet this powerful spell caster Dr Akhere,after telling him about my situation he did everything humanly possible to see that my lover come back to me,indeed after casting the spell my ex-lover came back to me less than 48 hours,my ex-lover came back begging me that he will never leave me again,3 months later we got engaged and married,if you are having this same situation just contact Dr Akhere on his email: AKHERETEMPLE@gmail.com thanks very much sir for restoring my ex-lover back to me,his email: AKHERETEMPLE@gmail.com or call/whatsapp:+2349057261346
























    hindi ako makapaniwala na kailanman ay muling makiisa ako sa aking kasintahan, labis akong na-trauma sa pananatiling nag-iisa na walang katawan na manatili sa akin at makakasama ko, ngunit napakasuwerte ako sa isang tiyak na araw upang matugunan ito malakas na spell caster na si Dr Akhere, matapos sabihin sa kanya ang tungkol sa aking sitwasyon ginawa niya ang lahat ng makataong posible upang makita na ang aking kasintahan ay bumalik sa akin, sa katunayan matapos na ihagis ang spell ang aking dating kasintahan ay bumalik sa akin ng mas mababa sa 48 oras, dumating ang dating kasintahan ko. bumalik sa pagmamakaawa sa akin na hindi na niya ako pababayaan, 3 buwan mamaya kami ay nakipag-ugnay at nag-asawa, kung nagkakaroon ka ng parehong sitwasyong ito makipag-ugnay lamang kay Dr Akhere sa kanyang email: AKHERETEMPLE@gmail.com maraming salamat sa sir sa pagpapanumbalik ng aking dating kasintahan bumalik sa akin, ang kanyang email: AKHERETEMPLE@gmail.com o tumawag / whatsapp: +2349057261346

    ReplyDelete
  3. I was diagnosed as HEPATITIS B carrier in 2013 with fibrosis of the
    liver already present. I started on antiviral medications which
    reduced the viral load initially. After a couple of years the virus
    became resistant. I started on HEPATITIS B Herbal treatment from
    ULTIMATE LIFE CLINIC (www.ultimatelifeclinic.com) in March, 2020. Their
    treatment totally reversed the virus. I did another blood test after
    the 6 months long treatment and tested negative to the virus. Amazing
    treatment! This treatment is a breakthrough for all HBV carriers.

    ReplyDelete

  4. Help That Really Work Fast,

    Contact him for permanent solution to herpes

    Robinsonbuckler11 (@) gmail.com..........................

    ReplyDelete
  5. The future of data security is very sensitive issue. Sensitive issues needs a proper maintenance. Now its time to avail napa limo service for more information.

    ReplyDelete
  6. The future of data security is evolving with advanced technologies to safeguard personal and organizational information. Seeking guidance from professional CV writers in Dubai helps showcase relevant skills in this crucial field.

    ReplyDelete

Post a Comment

Popular posts from this blog

UI redesigns are mostly a waste of time

To preface the article, I primarily work on, and prefer, back-end code. I've been involved in both web and software development for over 4 years now and worked with many front-end and back-end frameworks. New Twitter UI Before all of the UI designers that read this go out and riot and champion against me for saying UI redesigns are a waste of time, let me say that I do value design . I think at the bare minimum, a product or website needs to be usable , and if you possess a good eye and steady hand , you should feel compelled to create something that looks pleasing. David Just stop redesigning the UI all the time . UI redesigns, in my opinion, are a waste of time 95% of the time. Let me explain further. No one cares Come see our fresh new look ! What about our new  material design , come see! I'm sorry, but besides fixing the UI where it impacts the usability of your application, no one is raving about how a redesign makes the application any better. ...

[Fix] - ASUS PCE-AC68 adapter (no internet)

There seem to be a lot of problems with this adapter, even with such strong performance . Why so many issues? I'm not quite sure, but I needed to find a fix because I kept on losing wifi. The ASUS PCE-AC68 The fix Keeping it short - this is how I fixed the issue: Downloaded the driver for my OS from ASUS's support page -  https://www.asus.com/us/Networking/PCEAC68/HelpDesk_Download/ (in my case it was Windows 10 64-bit). Open Device Manager by holding the Windows key and pressing R, then typing "devmgmt.msc" and hitting Enter. (Don't worry, this isn't a scam . We are simply opening Window's Device Manager through the Microsoft Management Console snap-in .) Navigate to the yellow warning sign sitting under Network adapters and right click it. Select Update driver . Select Browse my computer for driver software  and choose the following path of the OS that you have installed on your computer. (The path for the driver on my computer was C...

Logging into a website with Powershell

Powershell is great, and it's lately been my go-to shell while I'm working on Windows. Sorry command prompt I really don't do a lot of work in the shell, but I do like to play with low-level interfaces from time to time. The article is about Linux shells, but goes into good explanation about what a shell is if you don't know. Log into a website Today, I wanted to do something that I have never really tried before and that is logging into a website using Powershell . The concepts behind this are quite simple really, as Powershell has support to send HTTP requests  and that's usually all we need, unless the server has CSRF protections in place (which it should). We are going to attempt  to log in to my favorite website for buying socks, Absolute Socks : Is that a turkey?! In order to do that, we need to have a login. So if you don't already have an account on www.absolutesocks.com , go make one now. Viewing the login request On websites,...