[RLUG] thinking about a project...

Anna christiana at hipointcoffee.com
Fri Jul 14 17:05:26 PDT 2006 

btw, by "'proxy' version of my information" I mean something like
this...

I tell each different business I work with that my mailing address is a
different variation on something like this:

Anna J.
0923 8942 38298
Reno NV 89523

The idea is like giving anna.nospam<rand()>@gmail.net as my email
address to figure out who is selling or leaking it.

I suppose this aspect is not absolutely necessary to make the larger
idea work.  And, this (additional? non-free?) service could be handled
by a private re-mailing company.  It would be nice though if the USPS
and like companies would do the address translation...  as perhaps
ideally would be required by law.  ;)  haha.

- Anna

PS  sorry about not noting this as an off-topic post.  I forgot.



On Fri, Jul 14, 2006 at 11:54:16AM -0700, Anna wrote:
> there are a lot of problems.  I've been thinking that security would be
> relatiely easy to handle compared to ... getting Safeway or SBC (for
> instance) to play along.  How to I get them to sign a contract before
> they access my address and/or phone number?
> 
> this makes me wonder about the feasability of giving each different
> entity a different "proxy" version of my information, so I can tell
> which entity is violating the contract.  how would that be managed?  The
> other day I thought I could perhaps cooperate with the USPS in order to
> have them replace the "proxy" version with the actual address.
> 
> another problem: how to I get people (everyone) to care enough about the
> security (ownership) of this basic personal info that they're willing to
> use these legal methods of protecting them?  The reason I say "everyone"
> is it seems to me this system would be sort of like a union, which only
> have a chance of working if you get a sizeable population involved.
> 
> As far as internet security; well, that is a tough one of course.  It
> seems like the best way to go is with two things.  1) Don't even offer
> to store financial inforamation or social security numbers or such.
> Only contact information.  Basically, you lower the target value.  2)
> make the interface as simple as possible.  only port 443 is allowed
> through a firewall.  Simple, fast web servers handle everything...  The
> cgi/whatever system itself implemented is also simple, open source, and
> developed in a very clean and modular style with the primary coding goal
> being security.  I'm sure there are other helpful tricks and strategies
> I'm not aware of.
> 
> Thanks,
> 
> - Anna
> 
> 
> 
> On Fri, Jul 14, 2006 at 09:31:13AM -0700, Rick Shepherd wrote:
> > Very interesting but that site would be the holy grail of identity thieves.
> > You would need some serious protection; yep, not going to get away with
> > administrator/null logins there...
> > 
> > R
> > 
> > -----Original Message-----
> > From: rlug-bounces at rlug.org [mailto:rlug-bounces at rlug.org] On Behalf Of Anna
> > Sent: Wednesday, July 12, 2006 6:04 PM
> > To: rlug at rlug.org
> > Subject: [RLUG] thinking about a project...
> > 
> > Hi.
> > 
> > I've been thinking about a possible project for a while, about
> > reclaiming control over my personal information.  Taking ownership of
> > it.  The latest version goes something like this:
> > 
> > I hand my personal info to an organization (hopefully non-profit and
> > free).  I then specify who is allowed to access my personal information
> > and under what conditions.  The conditions are presented in the form of
> > something like a software license.  (the standard...  you can use this
> > information as long as you abide by these rules.)   I (the
> > customer/owner of personal info) can change the rules depending on who I
> > give access to my information.
> > 
> > One of the possible rules I can apply to my friends (those I trust), for
> > instance, is the right and ability to freely disseminate my personal
> > information to other people they trust in turn, so long as they (my
> > friends) make the third party receiver of my info aware of the license
> > I've applied to third parties.  (or whatever.)
> > 
> > I imagine a web based interface for the initial setup and as a good
> > central software if/when this thing ever grows beyond the web.  A nice
> > plus of this is when I move or change my phone number, or even change my
> > email address, I only have to update one location.  I envision a
> > database like this serving as a nice back-end for potentially all
> > software and devices that need accurate, current contact info.
> > 
> > I've been thinking about for quite a while.  it's just spinning up
> > there.  I haven't really talked about it though.  anyone think this is
> > an interesting idea?
> > 
> > - Anna
> > 
> > 
> > _______________________________________________
> > RLUG mailing list
> > RLUG at rlug.org
> > http://lists.rlug.org/mailman/listinfo/rlug
> > 
> 
> _______________________________________________
> RLUG mailing list
> RLUG at rlug.org
> http://lists.rlug.org/mailman/listinfo/rlug

More information about the RLUG mailing list