Wednesday, June 12, 2013

Wednesday Q &A: Privacy? Are You Kidding?

Frequent readers of the blog know I’m retired from a little west coast startup named Intel.  (Yea, that Intel.)  All this flap over privacy cracks me up.  Let’s go back to “the old days” of 1999.  Intel had just come up with a great technology for the “new” Pentium III processor.  Each chip would have (basically) a serial number.  This would be a great boon to large companies for the management of computer assets.  The IT Department could do all sorts of things to keep the TCO (Total Cost of Ownership) down, manage the software on each computer, target updates to specific machines and streamline troubleshooting problems.  Only problem was that every chip, not just the ones in large companies, would have the serial number (identifier).  Conspiracy theorists went nuts and claimed “Big Brother” had arrived and everything you did would be subject to being tracked.  Intel backed away from including the ID'r code.  Scott McNealy, then CEO of Sun Microsystems, was asked by a reporter (Stephen Manes) to weigh in about the noise.  His quote was (and remember this was 1999) “You have zero privacy anyway.  Get over it.”  Things haven’t changed.  You have zero privacy.  Every time you make a phone call, send an email, tweet what you had for lunch, post an instagram, or use a credit card, someone is gathering information.  To see an example of what can be done and why you have no privacy, hit the “Read More”.

Have you ever heard of the Video Game World Championship?  There is such a thing and I had to cover for a buddy of mine during one.  Thankfully my role was behind the scenes and I didn’t have to attend.  My thing was to be the interface between a big time game company and the “tournament” folks.  Intel wanted to show off the latest, hottest gaming rig they could come up with a not yet released “next” big game.  I dealt with the VP of the game company and the internal Intel folks.  What we had at the show was a special build specifically created for this one purpose.  How did I know that?  It had our internal guy’s name and cell phone number in the upper right corner of the screen.  Nice!  Well, someone attending the tournament videotaped (over the shoulder of the person playing) the screen as the demo of the game was played.  He then posted it on the web for all to see.  The VP of the gaming company came back to me saying Intel had leaked the game and people were playing it “in the wild”.  We went back and forth and he showed me that it was definitively the Intel build.  We (Intel) determined it was a video of the screen while someone was playing and not a screen capture.  The game company demanded we find out who was the responsible party.  Rather than go through a lot of red tape at Intel, the easiest way for me to track down the culprit was to enlist my son’s help.  He was a Systems Administrator at a small company.  I called him and asked how I could track the guilty party down.  The answer was pretty simple.  DOS had a routine named Trace.  All we had to do was get a copy of the video's IP address on the internet and run a Trace on it.  By then there were several repostings of the video.  The Trace routine could track the address through however many servicers it went through and get back to the original source.  Tracking about three repostings of the video all lead back to a specific MAC address.  (A MAC address is the id of the network interface adaptor of a computer to the outside world.)  From there we tracked down the street address there the computer was located.  With the street address we found out the address was owned by a doctor and his wife.  With the last name we cross referenced the attendee list of the tournament and matched an attendee to the doctor’s address.  It was the doctor’s son who attended the show.  I gave the kid’s name and address to the game company’s VP and told him he could pursue it to whatever extent he wanted.  I could almost hear his jaw hit the floor when heard the amount of data we had been able to come up with.  The trick is???  It was all done within a half hour by a system administrator at a small company and a peddler from Intel.    Not the Intel IT department, not the NSA, or CIA, or FBI, or other big time cyber sleuths.  Just two guys.

Do you have a credit card?  It has a magnetic strip on the back of it doesn’t it.  You probably wouldn’t believe the amount of information contained on the little strip.  Want to check?  Go to one of the credit card companies offering to consolidate your credit cards.  With just a little bit of information from you, they will come back (instantly – well almost – it’ll be while you’re still on the website) with every credit card you have and how much you owe on each one.  They’ll ask you to check off which cards you want to merge onto the new card you’ll be getting from them. 

So, anyone shocked by the “news” that the NSA is checking your phone records must be just crawling out from under a rock somewhere.  You want privacy?  Get off the grid.  Pay for everything cash.  Stuff your extra money in your mattress.  Don’t own a home.  Don’t drive a car. 

In other words, the only people with any privacy are those we all look down on.  The bum living in a tent, panhandling for money has some degree of privacy.  The rest of us?  Not so much.