Simon Willison’s Weblog

Subscribe
Atom feed for privacy

43 items tagged “privacy”

2008

eval() Kerfuffle. The ability to read supposedly private variables in Firefox using a second argument to eval() will be removed in Firefox 3.1.

# 2nd July 2008, 9:24 pm / firefox, eval, security, privacy, javascript, john-resig

Since 9/11, approximately three things have potentially improved airline security: reinforcing the cockpit doors, passengers realizing they have to fight back and - possibly - sky marshals. Everything else - all the security measures that affect privacy - is just security theater and a waste of effort.

Bruce Schneier

# 29th January 2008, 12:14 pm / bruce-schneier, privacy, security, securitytheatre

2007

Google Reader ruins Christmas (via) New sharing feature automatically reveals shared items to Gmail contacts, causing political rows.

# 25th December 2007, 2:59 pm / google-reader, sharing, politics, socialnetworking, google, privacy

Deconstructing Facebook Beacon JavaScript. How Facebook’s new Beacon service (also known as “Facebook ruined Christmas”) actually works.

# 25th November 2007, 9:20 pm / javascript, facebook, beacon, privacy

Is Facebook Really Censoring Search When It Suits Them? Apparently MoveOn’s group “Petition: Facebook, stop invading my privacy!” stopped showing up in search results for “privacy”—the search claimed 17 results but suspiciously only showed 16.

# 23rd November 2007, 7:50 am / facebook, censorship, conspiracy, moveon, privacy

Amazon Gets an SLA (But I Still Can’t Use It). “Ontario’s Freedom of Information and Protection of Privacy Acts (FIPPA) don’t allow me to store sensitive information (e.g., students’ work) in jurisdictions that permit secret warrants, like those mandated by the USA PATRIOT Act.”

# 9th October 2007, 3 pm / patriotact, privacy, canada, ontario, fippa, gregwilson, s3, amazon, aws

Designing for a security breach

User account breaches are inevitable. We should take that in to account when designing our applications.

[... 545 words]

9:29 pm / 30th September 2007 / accounts, csrf, designingforabreach, openid, phishing, privacy, security, xss

Firefox 3 Antiphishing Sends Your URLs To Google. Stories like this crop up every now and then, but no one ever seems to mention that the Google Toolbar has been doing this since it was released (more than five years ago) provided you have PageRank display turned on.

# 25th September 2007, 11:04 pm / pagerank, google, privacy, firefox, mozilla, firefox3, toolbars, google-toolbar

Sun’s OpenID IdP: Real vs Fake. The thinking behind Sun’s decision to allow users of their OpenID provider to pick fake names and assign personal e-mail addresses.

# 25th September 2007, 10:39 pm / privacy, identity, openid, pii, sun, sunmicrosystems, lauren-wood

Sun’s OpenID IdP: Data Governance. Lauren Wood explains the checklist used to ensure Sun’s OpenID provider adequately respected user privacy and data governance (what happens to the data that is stored).

# 22nd September 2007, 8:50 pm / openid, sun, sunmicrosystems, lauren-wood, governance, data-governance, privacy

It's still a privacy concern. If, for example, I work at and post from Microsoft all day and my identicon is that of the MS Proxy Server then I would be able to identify other mefi users who are my co-workers because our identicons would match.

vacapinta

# 29th January 2007, 4:12 am / identicons, privacy

Visual Security: 9-block IP Identification. Smart (and pretty) trick for showing a representation tied to a commenter’s IP address without affecting their privacy.

# 18th January 2007, 4:55 pm / ip, donpark, 9block, privacy

2004

non-consensual http user tracking using caches. Interesting security issue involving HTTP caching headers

# 20th January 2004, 10:37 pm / security, caching, privacy

Related