Académique Documents
Professionnel Documents
Culture Documents
and
CIO, Argonne National Laboratory Senior Fellow, Computation Institute of The University of Chicago and Argonne National Laboratory
China Computer Science Vision 2020 ITCS, Tsinghua University, Beijing, China October 12-15, 2009
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Todays PDA is more than an assistant helping with calendar, notes, and messaging. It is a multi-media, location-aware, personalized device capable of instantly publishing and broadcasting information worldwide. Thus the device no longer simply assists, but augments the communication and decision-making capacity of its owner.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
A common attack on a computing system, buffer overow, involves sending instructions and data that tricks the computing system into granting access that would not otherwise be allowed. This type of attack is now common with computer users, for example sending phishing email designed to trick the user into unknowingly granting access by disclosing information, installing software (malware), etc.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
% Remote Exploits
Indeed the most rapidly growing genre of computer intrusion methods is the use of web applications to gain unauthorized access to information or platforms (PDAs, laptops, desktops). Web applications are also one of the most common delivery mechanisms for capabilities on PDAs (such as the iPhone, Android, etc.)
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Now that the PDA, or even the laptop or desktop system, is so closely tied to the owner, human mistakes not only compromise the privacy and security of the device but also of the owner. The top left example is a simple mistake of sending a text message to a broadcast medium (twitter) rather than to the intended recipient (an individual). The bottom right example is of a computer thief who, while using the stolen computer, did not realize that its camera software was set up to automatically broadcast pictures, in this case to Flickr.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Computer = Security
Personal Security
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
The heart of the next-generation privacy problem arises from the similar but uncoordinated actions of individuals that can be combined in new ways... [enabling] individuals to compromise privacy more thoroughly than the government and commercial institutions traditionally targeted for scrutiny and regulation.
The Future of the Internet - And How to Stop it. (2008, Jonathan Zittrain)
Charlie Catlett (c@anl.gov)
Beyond individual use of PDAs and the potential for privacy/security problems from their actions, social networks and location-based services multiply the effect.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Adoption
100% 50%
1900
1930
1960
1990
(% of U.S. households)
Source: Visualizing Economics (http://www.visualizingeconomics.com/) Charlie Catlett (c@anl.gov)
To understand how rapidly we are seeing the adoption of the new PDA and associated services - such as social networks and locationbased services - it is instructive to look at past examples of rapid adoption.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Telephone
50 25 15 10 8
Electricity
Internet
Mobile Phone
Radio
Years to 50%
Looking at past adoption, it is not unreasonable to dene rapid adoption as reaching 50% of consumers (in this example, US households) in less than a decade or so.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Mobile Phones
20 15 Millions 10 5 0 Millions
Jan 2006
China
Source data: Chetan Sharma Consulting Charlie Catlett (c@anl.gov)
India
USA
While adoption of mobile phones in Europe and the US is still growing, that growth pales compared to growth in developing economies such as in China and India.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Smart Phones
400 300 Millions 200 100
2005
2006
2007
2008
2009*
2010*
2011*
PC
Source data: RBC Capital Markets, Source: Silicon Alley Insider Charlie Catlett (c@anl.gov)
Smart Phones
Coupled with the growth in mobile phone subscribers, it also appears that the smart phone will overtake the PC in terms of unit sales within several years. With Internet access via the mobile phone networks, the PDA will be the primary device used for Internet access as well.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Social Networks
125 Millions of Unique Visitors 100 75 50 25 0 Aug-08
Oct-08
Dec-08
Feb-09
Apr-09
Jun-09
Aug-09
Source: www.compete.com
Classmates
Source: www.compete.com Charlie Catlett (c@anl.gov)
Here we see Facebooks growth just in terms of unique visitors during a one-year period. In this same period the number of Facebook users worldwide grew to over 300 million - including a ramp from 250M to 300M between May and August 2009.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Oct-08
Dec-08
Feb-09
Apr-09
Jun-09
Aug-09
Source: www.compete.com
News Websites
Source: www.compete.com News Websites = nytimes.com + cnn.com + nbc.com + abc.com + bbc.co.uk Charlie Catlett (c@anl.gov)
During the same period that services like Facebook and Twitter grew by factors of 3-4, traditional news sites (in this case 5 popular sites) barely held even in terms of unique visitors.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
...we are continuing with the vision of enabling our 500 million customers to share and connect...
Dare Obasanjo, Microsoft (April 2009)
Not originally social networks, Yahoo and Microsoft are transforming their services into social networks, further pushing adoption. As with Facebook, Twitter, and other social networks, these providers also offer tight integration with PDAs as well as mobile and location-based services.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
These social networks are countries with 3-500M residents with evolving cultures..
Charlie Catlett (c@anl.gov)
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Upload audio Upload video Post to a wiki Publish a blog Upload photos Publish a website Tag articles, videos Post to a micro-blog Send/forward email Live in a virtual world Post to a blog forum Rate or review a product Share les in P2P network Use SN sites/publish personal page
As of January 2009 a loose denition of social network adoption (blue circle of casual contributors) was 105 million, compared to the US Census gure of 112M households. It would be sensible to interpret this as at least a 50% adoption (assuming an average of 2 adopters per household).
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
50 25 15 10 8 4
Why?
Taking all of these growth gures together, at least in the US, it appears that social networks have reached 50% adoption in perhaps 4 years (or less).
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Communication Costs
Create Distribute Consume
Memo culture
(pre PC, pre low-cost printing, pre-Internet)
Charlie Catlett (c@anl.gov)
Create
Distribute
Consume
Internet culture
(desktop publishing, email, web)
One reason social networks have reached such rapid adoption is that they address information overload caused by dramatic shifts in communication costs. With the advent of the PC, low-cost printing, and the Internet, the cost to create and distribute content has been reduced to near zero (email spam or catalogs in the mail are examples). The cost to consume information, however, is based on human capacity rather than technology and thus is now the dominant cost factor in communication.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
structure
Social networks impose a structure on information exchanged and published, which makes it easier for the consumer to parse the information....
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
control
... and as importantly, social networks also provide mechanisms for controlling the ow of information based on the structure (see previous slide) as well as the source. Additionally, social networks like Facebook allow for control over who a consumer allows to send him or her information, including the explicitly opt into any and all communications.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Initiated Automated
At the intersection of social networks, location-based services, and multimedia-equipped mobile devices is a rapidly growing set of services that can be interconnected. Such interconnections, made one link at a time, rapidly grow into a complex network with cascading effects (as seen earlier with the automatic posting of images to Flickr)
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
The interconnection of these social and location-based tools means that once one has taken an action, such as posting a status update, it is not easily withdrawn. Here is an example of posting and then deleting status. Within the particular service the deleted event is erased, as seen on the right....
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
...however, the event is still seen on a connected service (twitter), can be found by explicit search on the original service (brightkite), and can be found in cached pages at search engines like Google. Deleting a post to a social network is not so easy...
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
We also demonstrate that it is possible to accurately infer 95% of friendships based on the observational data alone, where friend dyads demonstrate distinctive temporal and spatial patterns in their physical proximity and calling patterns.
Eagle, Pentland, Lazer (Santa Fe Inst), Inferring friendship network structure by using mobile phone data. Proc Natl Acad Sci USA, Sept. 2009.
With todays PDA technology, users are allowing themselves to be tracked, and information about messaging and social connections is being kept (at the users request) by a number of service providers with varying (if any) policies regarding retention, disclosure, etc.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Terms of Service:
Daily reports to Palm:
Indeed the terms of service that are required for the use of a Palm Pre, iPhone, or other smart phone include automatic disclosure of location and device use information to the service provider.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Where is CeC?
Apple, for example, has the ability - and therefore offers a service to the user - to determine where your device is located, display a message on the device, lock the device, or even erase it.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Source: Apple transitional data sets patent application (February 2008) Charlie Catlett (c@anl.gov)
Apple and other providers have foreseen the commercial benet to knowing the location of the consumer. Apple for example led a patent for transitional data sets (Feb 2008)....
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
An increasing number of iPhone applications ask to use your current location but few of them dene the word use or the terms of use, such as retention or disclosure to other parties.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Source: www.citysense.com
... will compare your history and preferences with those of other users, and show you where you're most likely to nd people with similar tastes at that moment....we save your location when you use Citysense... to remember what you like. ...you don't have to keep a personalized nightlife prole. You can delete your data from our system anytime you want. You created your data: you own it....We never share your location, ever. We don't collect email addresses or phone numbers. We don't use passwords. In fact, we have a revolutionary new data ownership policy wherein people actually own any information they create...
Sources: http://www.citysense.com/ Charlie Catlett (c@anl.gov)
Some providers are using anonymous mobile location data obtained from vendors to develop traffic patterns for particular cities. By registering a prole with this particular vendor you can be shown where other people like you are congregating at a particular time. It is a good sign to see the privacy statement for Citysense, acknowledging the concept that the consumer owns his or her data and should have some ability to control that data.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Augmented reality is now emerging given that devices like smart phones, exploiting their ability to sense direction and orientation. Coupled with location-based services and social networks, the distinction between Internet and physical contact is removed. Device security with respect to location and other information thus equates to personal security.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Facial recognition emerged in 2009 - Apple iPhoto on the desktop but Google Picasa and other online photo providers are beginning to offer automatic facial recognition for those in your social network contact list.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
With facial recognition, an image posted to the web could end up tagging you at a particular place and time... even if you were not the subject. The man in the hat was not the subject of this photograph, but the photographer recognized him later (in this case, a human recognized the face)... and found identity information for him on the web (even a picture apparently wearing the same hat!)
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
+1000s
+120 +75 25
2800-2100 pixels (~6 Mpixel)
In this 6MP picture there are 25 faces readily recognized, at least 75 that could be recognized with better algorithms or higher resolution, and well over 100 more that could be recognized with both better algorithms and higher resolution. Indeed at 30-40 MP one could recognize thousands....
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
RFID
Source: Wired Magazine, "Digital Contacts Will Keep an Eye on Your Vital Signs," September 2009
Already RFID has been embedded in some credit cards, new US Passports, and many consumer products. These devices can be read from several feet away with low-cost detectors. As more sophisticated health monitoring devices are adopted, with the ability to communicate with a users PDA, that communication will also be subject to potential unwelcome monitoring.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Driver Rated
From Future of the Internet (and how to stop it), Jonathan Zittrain
Whether by our PDA or by our vehicle, Jonathan Zittrain discusses peer rating systems in the book The Future of the Internet (and how to stop it). And the potential for abuse based on racism or other factors unrelated to the rating metric. Will my insurance rates go up if I display a bumper sticker with an unpopular view, triggering an unusual number of bad ratings?
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
...our devices will communicate information about who is allowed to record who.
If I chat with Ted and Mary, Ted may consent to my recording while Mary does not. My log of the conversation would then have all images of Mary blurred and all of her speech erased. At the same time, she might have allowed Ted to record her.
Total Recall (2009, Gordon Bell and Jim Gemmell)
Bell and Gemmell discuss privacy in the context of devices exchanging and capturing information on behalf of their owners, suggesting privacy settings that would rely on software and services respecting those settings (in similar fashion to search engines respecting the wishes of sites with robots.txt les declaring they do not wish to be indexed).
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
It would be more powerful to have devices and services behave with explicit opt-in protocols, such as the way bluetooth requires agreement to peer with or browse devices.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Trusted LBS
Untrusted LBSs
Source: Meyerowitz, Choudhry; Duke University, "Hiding Stars with Fireworks," MobiCom'09, September 2009, Beijing, China
Source: Meyerowitz, Choudhury, Duke University, Hiding Stars with Fireworks, MobiCom09, (c@anl.gov) Charlie Catlett September 2025, 2009, Beijing, China
Location based services increase the exposure of the individual because the value of a location based service is inherent in its knowing the users location with a high degree of precision. Fortunately there is a body of research looking at various proxy and anonymizing capabilities that preserve the value of precise location information while protecting the consumer from disclosing that information to providers other than those they select as trusted.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Delete history
(declare bankruptcy?)
Private navigating
What can be done at the consumer end? We have applied some level of privacy mechanisms on the web... could these apply to my PDA, and to my identity?
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
The ad hoc mechanisms presently used to mash up social network interconnections (as illustrated earlier) make it difficult to trace the path taken by a piece of data I post. It would be useful to have the equivalent of tracert (trace-route), used to map the hops taken by a packet between two points on the Internet, but such capabilities would require standards.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
A data bank
in which I can deposit (and control) my data?
Microsoft and Google have begun to offer health information services that allow the consumer to gather and curate (and protect) his or her own medical records, including disclosure to service providers. Such an approach taken with location based services and social networks, particularly if coupled with anonymizing or proxy services, would offer consumers better control over personal location information.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Just as with robots.txt, cooperation between service providers and individuals is essential. Combined with clear mechanisms, people should be able to manage their privacy. Facebook can be seen as an ongoing social testbed in which privacy settings and sensitivities are being explored across cultures and demographics. As such, the privacy settings available in Facebook are evolving in a way that is instructive for other providers.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)
Location Status Recognition Interests Photos Video Ratings Calendar Applications Telephone
Thank you
c@anl.gov
Charlie Catlett (c@anl.gov)
Indeed it would be ideal for our devices to have privacy settings similar to Facebook but with aspects appropriate for mobile PDAs - such as who is allowed to capture video or audio of the holder of the device, or whether the owner wishes to opt out of facial recognition. But the challenge is that these controls would rely on cooperation (or threat of legal sanction). The question is whether one can inuence device and software providers in a direction that makes it difficult to break such controls.
Presented October 2009 at Tsinghua University "China Computer Science Vision 2020" (http://conference.itcs.tsinghua.edu.cn/ChinaCS2020/) Beijing, China, Charlie Catlett (c@anl.gov)