• Complain

Daniel Dimov - Privacy and Security of Modern Technology

Here you can read online Daniel Dimov - Privacy and Security of Modern Technology full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2015, genre: Romance novel. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

No cover

Privacy and Security of Modern Technology: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Privacy and Security of Modern Technology" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

This e-book is a compilation of 43 articles, which focus on the privacy and security implications of modern technologies, such as the Internet of Things, human-implanted RFID chips, crowdsensing technologies, beacons, smartwatches, sleep-tracking devices, Google Glass, and nanorobots.
Privacy and Security of Modern Technology pays specific attention on the legal and cultural aspects of the modern technologies. Furthermore, the information in the book is easy to understand even for people who do not have extensive knowledge in the field of information security.

Daniel Dimov: author's other books


Who wrote Privacy and Security of Modern Technology? Find out the surname, the name of the author of the book and a list of all author's works by series.

Privacy and Security of Modern Technology — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Privacy and Security of Modern Technology" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make

Privacy andSecurity of Modern Technology

By Daniel Dimov andRasa Juzenaite

2015

Copyright 2012-2015 by DanielDimov and Rasa Juzenaite

All rights reserved. This e-bookor any portion thereof may not be reproduced or used in any manner whatsoeverwithout the written permission of the authors.

The content of this book wasoriginally published by: InfoSec Institute, Inc.

7310 W. North Ave

Suite 4D

Elmwood Park, IL, 60707

http://www.infosecinstitute.com

Disclaimerof warranty

The authors make norepresentations or warranties with the respect to the accuracy or completenessof the contents herein and specifically disclaim all warranties, including, butnot limited to, fitness for a particular purpose. The advice provided in thise-book may not be suitable for every situation.

FirstEdition, 2015

ABOUT AUTHORS

Daniel Dimov is an Internet law expert based in Belgium. Daniel is a fellow ofthe Internet Corporation for Assigned Names and Numbers (ICANN) and theInternet Society (ISOC). He did traineeships with the European Commission(Brussels), European Digital Rights (Brussels), and the Institute for EU andInternational law T.M.C. Asser Institute (The Hague). He has a Master'sDegree in European law (The Netherlands), a Master's Degree in Law (Bulgaria),and a certificate in Public International Law from The Hague Academy ofInternational law. Daniel is a PhD candidate at the Center for Law in theInformation Society at Leiden University, the Netherlands. Daniel Dimov hasauthored several peer-reviewed publications in the area of alternative disputeresolution. He presented his articles at conferences in Cyprus, Belgium, andthe Netherlands.

RasaJuzenaite works as a projectmanager in the IT legal consultancy firm in Belgium. She has a Master degree incultural studies with a focus on digital humanities, social media, and digitization.She is interested in the cultural aspects of the current digital environment.Rasa also regularly contributes to InfoSec Institute by writing aboutinformation security and digital culture.

For more information about authors, please visit

http://www.dimov.pro .

TABLE OF CONTENTS
PREFACE

This e-book is acompilation of 44 articles published by InfoSec Institute within the period2012 - 2015. The articles, published in the chronological order of their firstpublication, are focused on the privacy and security implications of moderntechnologies, such as the Internet of Things, human-implanted RFID chips,crowdsensing technologies, beacons, smartwatches, sleep-tracking devices,Google Glass, and nanorobots.

While there arehundreds of quality publications in the field of information security, thereare few books that analyse the privacy and security of the cutting-edgetechnologies. Thus, the present book can be an important supplement to anytextbooks and other materials dealing with information security in general.

Since one of theauthors of the present work is a lawyer and the other has a background indigital culture, the book Privacy and Security of Modern Technology paysspecific attention on the legal and cultural aspects of the moderntechnologies. Furthermore, the information in the book is easy to understandeven for people who do not have extensive knowledge in the field of informationsecurity.

Legal and Technological Concerns Regarding theUse of BIOS Anti-theft Technologies

1.Introduction

In 2006, a laptop containing personal and health data of26,500,000 veterans was stolen from a data analyst working for the USDepartment of Veterans Affairs. The data contained the names, dates of birth,and some disability ratings of the veterans. It was estimated that the processof preventing and covering possible losses from the theft would cost betweenUSD 100 million and USD 500 million.

One year later, a laptop used by an employee of the UKslargest building society was stolen during a domestic burglary. The laptopcontained details of 11 million customers names and account numbers. Theinformation was unencrypted. Subsequently, the UKs largest building society wasfined with GBP 980,000 by the Financial Services Authority (FSA). The reasonfor the fine was failing to have effective systems and controls to manage itsinformation security risks.

From these two examples, it can be inferred that laptoptheft is a serious problem that concerns both businesses and individuals.Victims of laptop theft can lose not only their software and hardware, but alsosensitive data and personal information that have not been backed up. Thecurrent methods to protect the data and to prevent theft includealarms, anti-theft technologies utilized in the PC BIOS, laptop locks, andvisual deterrents.

This article is focused on the BIOS anti-theft technologies.It starts with an overview of these technologies (Section 2). Next, the work discussesthe legal (Section 3) and technological problems (Section 4) arising from theuse of BIOS anti-theft technologies. Then, it recommends solutions to thoseproblems (Section 5). Finally, a conclusion is drawn (Section 6).

2. Overviewof BIOS anti-theft technologies

BIOS anti-theft technologies are embedded in the majority oflaptops sold on the market. They consist of two components, namely, anapplication agent and a persistence module. The application agent is installedby the user. It periodically provides device and location data to theanti-theft technology vendor. In case a laptop containing an installedapplication agent is stolen, the anti-theft technology vendor connects to theapplication agent with the aims of determining the location of the computer anddeleting the data installed on the laptop.

Upon a request of the owner of the laptop, the anti-thefttechnology may permanently erase all data contained on the magnetic media. Inorder to make sure that the data have been deleted property, some anti-thefttechnology vendors overwrite the data sectors of the deleted files.

The persistence module is embedded in the BIOS of mostlaptops during the manufacturing process. The BIOS is the code running when thecomputer is powered on. It initialises chipset, memory subsystem, devices anddiagnostics. The BIOS is also referred to as firmware.

The persistence module is activated during the first call ofthe application agent to the anti-theft technology vendor. The persistencemodule restores the application agent if it has been removed. For instance, incase a thief steals a computer and reinstalls the operating system, thepersistence module will restore the agent. It should be noted that, until theapplication agent is installed by the user, the persistence module remainsdormant.

Even if the BIOS is flashed, a persistence module that hasbeen enabled will continue restoring the application agent. This is because thepersistence module is stored in a part of the BIOS that cannot be flashed orremoved.

3. Legalissues

Principally, if the buyer of a laptop agrees with theinstallation of an application agent on her computer, there is nothing illegalin the use of anti-theft technologies. However, in some cases, a seller of alaptop may either accidentally activate the application agent before sending itout or sell to the buyer a machine that was originally meant for a customer whoordered a computer with an installed application agent.

When an application agent is installed without the consentof the user, it falls into the scope of the definition of backdoor. Backdoor isa program that gives a remote, unauthorized party complete control over asystem by bypassing the normal authentication mechanism of that system.

The application agent is not the first case of a backdoornot specifically designed to damage and/or disrupt a system. In April of 2000,several e-commerce websites discovered that their Cart32 shopping card softwarecontained a backdoor password enabling any user to obtain a listing of thepasswords of every authorized user on the system. The purpose of the backdoorwas to enable technical support personnel to recover the users passwords.Because the backdoor password was embedded in the program code itself, anyonewith access to the software could exploit it undetectably.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Privacy and Security of Modern Technology»

Look at similar books to Privacy and Security of Modern Technology. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Privacy and Security of Modern Technology»

Discussion, reviews of the book Privacy and Security of Modern Technology and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.