Developing Trust: Online Privacy and Security

Written in 2002 and with scarcely two years passing, Curtin's message is more timely this year. He warned of the perils of malware and of cracker attacks on corporate databases. Especially by social engineering. He presents several case studies of insecure privacy applications. He analyzed the commercially deployed systems of Alexa, DoubleClick and others. Showing how cookies and server side bugs could lead to users being tracked. In some cases, as they perused many different websites that reported their activities to a central site. Other books have talked about how cookies could be misused in this way. But Curtin's analysis goes beyond a typical generic treatment and can be more instructive to you. The malware of 2002 that he warned of has increased in sophistication and danger. No sign of abatement, so keeping the book's ideas in mind is a good idea.

Security and privacy are not "sexy" subjects and I was ready for a dry dissertation but this book was anything but.Although the subject matter is serious and is treated seriously, Curtin has a light and deft touch that make the book a pleasure to read.And while this book's target audience is programmers responsible for dealing with the issues of Privacy and Security, I would recommend this book to a much wider audience. Every top manager of a company that has a web site should read this book so they can understand how Online Privacy and Security could affect them and so they can ask the questions that someone needs to be asking the folks who are running and developing websites.I would also recommend the internet savvy who are curious about these two buzzwords because this book will provide them a much better understanding of the stories that have and will appear in the news related to privacy and security. The real world examples are ones that we all can relate to.

Privacy means radically different things to different people as it is an abstract and often elusive term that is often difficult to effectively define.In a nutshell, privacy is the ability of an individual or organization to decide whether, when, and to whom personal or organizational information is released.While defining privacy is difficult, ensuring on-line privacy is even more challenging. Those required to ensure that their corporate systems and web sites are secure against prying hackers will find Developing Trust: Online Privacy and Security to be an important resource.Curtain writes in an entertaining and easy to read style; especially when he introduces topics such as attack models, privacy concepts, and threats.The book suggests prevention mechanisms and includes a few real-world case studies. If you have anything to do with electronic privacy, Developing Trust: Online Privacy and Security is a great book to read.

This book examines the social, legal and technical issues surrounding online privacy. Not only is the consumer side of privacy examined, but the business side from a marketing point of view is also discussed to present a balanced view of the key issues from both sides of the equation.Mr. Curtin is an expert in privacy and security issues, as well as cryptography and security technology. The approach he takes in the book is to explain both the theory and concepts of privacy in social and legal contexts, and to examine the threats and exposures. From there he leads you through the design of a solution that starts with principles, then a thorough examination of the underlying online technologies and how they work for and against you. An obvious example of one technical element that works for and against is the 'cookie' which can provide a major convenience (it remembers you and your preferences) and an invasion of your privacy (it remembers you and your preferences - and can also 'stalk' you in a manner of speaking). How to best balance the strengths and weaknesses of not only the technology, but the business imperatives driving commercial uses of the internet are addressed.My personal vuiew is that this book blends the best of Bruce Schneier's Secrets and Lies and Richard Hunter's World Without Secrets. Schneier's book covered the full range of security issues, social and technical. Hunter's book is more focused on social aspects of privacy. What sets this book apart from those two are the focus on privacy and the multiple contexts in which the book addresses it: social, legal and technical. If the author keeps this book up to date it is destined to become a classic. The challenge is to remain abrest of emerging legal issues and technical breakthroughs - both of which are inevitable.