2005 Internet Privacy Survey

On October 28, 2005, In Misc., By Peter Harsha

NC State prof and former CRA Digital Government Fellow Annie Antón sends word that The Privacy Place is conducting its 2005 survey of online privacy policies and user values. The Privacy Place is an inter-disciplinary team of researchers at North Carolina State University’s Computer Science and Business Management departments as well as the Georgia Tech College of Computing, the Purdue University Computer Science Department and the University of Lugano Communication Sciences department — all committed to disseminating information and creating tools and techniques that help IT professionals and policy makers bring privacy policies and system requirements into better alignment.
They hope to get a few thousand respondents to their survey, so Annie’s asked for some help getting the word out. I just took the survey and it only took me a few minutes (and I’m pretty dense). Here’s Annie’s request with all the details:

ThePrivacyPlace.Org 2005 Privacy Survey is Underway!
Researchers at ThePrivacyPlace.Org are conducting an online survey about privacy policies and user values. The survey is supported by an NSF ITR grant (National Science Foundation Information Technology Research) and will help us establish with our investigations of privacy policy expression and user comprehension thereof.
The URL is: http://survey.theprivacyplace.org/
We need to attract several thousand respondents, and would be most appreciative if you would consider helping us get the word out about the survey which takes about 5 to 10 minutes to complete. The results will be made available in 2006 via our project website.
Prizes include
$50 Amazon.com gift certificates
and
IBM sponsored giveaways!

On behalf of the research staff at ThePrivacyPlace.Org, thank you!
Annie Antón

 
0 Comments
Leave A Response

Governors Urge President to Support Fundamental Research

On October 26, 2005, In FY06 Appropriations, Funding, Policy, By Peter Harsha

The governors of 27 states have sent a letter to President Bush urging him to “ensure that federal funding for university-based research remains a top national priority” in FY 2006 and beyond. In their letter, the 16 Democratic and 11 Republican governors make the case that basic research has been the fuel for innovation in their states — as well as a creator of high-wage jobs and an enabler of workforce productivity — and they credit the universities and labs performing the research with being “the training ground for our country’s next generation of highly-skilled workers.” They also cite the changing competitive environment that challenges current U.S. dominance in technology innovation:

Through economic globalization, competition in research and development has risen dramatically in the last few years. Asian and European countries have committed new resources to scientific and engineering research programs at nearly unprecedented rates. While the U.S. currently remains a global leader in science and technology, we must continue to be at the forefront of discovery and development. Only by investing in the research of today can we take full advantage of the innovations of tomorrow. Despite a period of scarce resources, basic science and engineering research is a vital national investment.

This is an important message for the President to hear, especially as the Administration is working now to put together his FY 2007 budget in time for its February release.
Unfortunately, the U.S. basic research enterprise is going to need all the help it can get. As we’ve noted before, it appears that pressures will be high on Congress to cut mandatory and discretionary spending (including federal science agencies) to offset the spiraling costs for hurricane relief and a possible tax cut. Yesterday, House Majority Leader Roy Blunt noted that Congress will be focusing on three pieces of budget legislation before they wrap up the current session this fall: a package carving savings from mandatory programs, an across-the-board cut in discretionary spending and a new hurricane relief package. Any across-the-board cut is likely to once again fall on agencies like the National Science Foundation, which suffered a similar 2 percent cut last year.
So any effort by an influential group like the 27 governors who signed this letter (and thanks to the Science Coalition for “working” this letter), is useful in the attempt to reverse what is becoming a very damaging trend of cutbacks in federal support for fundamental research.
Here’s the full letter (pdf, 1 mb). Did your governor sign?

 
0 Comments
Leave A Response

HASC to Review DOD Cyber Security Efforts Tomorrow

On October 26, 2005, In Security, By Peter Harsha

With short notice, the House Armed Services Committee Panel on Asymmetric and Unconventional Threats will hold a hearing tomorrow to examine cyber security, information assurance and information exploitation issues at the Department of Defense. I say short notice because the witness list for the hearing didn’t appear until today and the hearing’s lead witness, CRA Board member and Purdue professor Eugene Spafford, didn’t receive an invitation to attend until Tuesday. Joining Spaf on the panel are David Grawrock, Principal Engineer and Security Architect at Intel, and Paul Kurtz, Executive Director of the Cyber Security Industry Alliance.
Spaf has already submitted his written testimony (pdf) and it’s excellent (especially given the time constraint). In it, he notes that DOD faces some worrisome trends in defending itself from cyber threats:

  • The number of reported attacks of various kinds is generally increasing annually;
  • Attacks are becoming more sophisticated and more efficient;
  • Few perpetrators are ever caught and prosecuted;
  • An unknown (but probably large) number of attacks, frauds and violations are not detected with current defenses;
  • A large number of detected attacks are not reported to appropriate authorities;
  • The problem is international in scope, both in origin of attacks and in location of victims;
  • The majority of the attacks are enabled by faulty software, poor configuration, and operator error.

Exacerbating these trends at DOD are a number of factors:

  • An over-dependence on commercial-off-the-shelf products (COTS);
  • A lack of metrics measuring the safety, security and quality of IT products in a general and meaningful way;
  • A lack of deterrence — vandals and criminals operate with the knowledge that there’s almost no chance of being caught unless they are exceedingly careless;
  • A lack of fallback alternatives — no planning for how to proceed with critical mission responsibilities with degraded or disabled IT resources;
  • An under-investment in research, especially long-term research at DOD and throughout the federal research portfolio; and
  • An ill-informed application of classification by agencies like DARPA that prevent some of the best minds in the country from working on cyber security problems.

Spaf has a number of recommendations of actions to take to reduce the threat to DOD IT systems, but I thought I’d list his primary recommendation here, especially as it echoes recommendations we’ve made many times in the past:

1. Most importantly, increase the priority and funding for scientific research into issues of security and protection of IT systems. This was the conclusion of the PITAC, and of numerous other studies cited in the PITAC report. Too much money is being spent on upgrading patches and not enough is being spent on fundamental research by qualified personnel. There are too few researchers in the country who understand the issues of information security, and too many of them are unable to find funding to support fundamental research. This is the case at our military research labs, commercial labs, and at our university research centers. Increased spending for research is an investment in national defense and national economic competitiveness, and is not in other expenditures for basic and applied research.

The hearing begins at 9 am, October 27th, and will be webcast (click on the microphone icon next to the hearing notice) and archived.
Spaf’s full testimony is here. (pdf)

 
0 Comments
Leave A Response
« Previous Entries
Go To Top »