Apple and "identity pollution"

["Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rmslade () shaw ca>]

Apple has obtained a patent for "identity pollution."

http://j.mp/NmsXx3

I am o not just two, but a great many minds about this.  (OK, admit it: you always 
knew I was schizophrenic.)

First off, I wonder how in the world they got a patent for this.  OK, maybe there 
isn't much in the way of prior art, but the idea can't possibly be called "non-
obvious."  Even before the rise of "social networking" I was prompting friends to 
use my "loyalty" shopping cards, even the ones that just gave discounts and didn't 
get you points.  I have no idea what those stores think I buy, and I don't much 
care, but I do know that they have very little about my actual shopping patterns.

In our advice to the general population in regard to Internet and online safety in 
general, we have frequently suggested a) don't say too much about yourself, and b) 
lie.  Isn't this (the lying part) exactly what Apple is doing?

In similar fashion, I have created numerous socmed accounts which I never 
intended to use.  A number of them are simply unpopulated, but some contain 
false information.  I haven't yet gone to the point of automating the process, but 
many others have.  So, yet another example of the US patent office being asleep 
(Rip-Van-Winkle-level asleep) at the technological switch.

Then there is the utility of the process.  Yes, OK, we can see that this might (we'll 
come back to the "might") help protect your confidentiality.  How can people 
find the "you" in all the garbage?  But what is true for advertisers, spammers, 
phishers, and APTers is also true for your friends.  How will the people who you 
actually *want* to find you, find the true you among all the false positives?

(Here is yet another example of the thre "legs" of the security triad fighting with 
each other.  We have endless examples of confidentiality and availability working 
against each other: now we have confidentiality and integrity at war.  How do you 
feel, in general, about Apple recommending that we creating even more garbage 
on the Internet than is already there?)

(Or is the fact that it is Apple that is doing this somehow appropriate?)

OK, then, will this work?  Can you protect the confidentiality of your real 
information with automated false information?  I can see this becoming yet 
another spam/anti-spam, CAPTCHA/CAPTCHA recognition, virus/anti-virus 
arms race.  An automated process will have identifiable signs, and those will be 
detected and used to ferret out the trash.  And then the "identity pollution" (a new 
kind of "IP"?) will be modified, and then the detection will be modified ...

In th meantime, masses of bandwidth and storage will be consumed.  Socnet sites 
will be filled with meaningless accounts.  Users of socmed sites will be forced to 
spend even more time winnowing out those accounts not worth following.  Socnet 
companies will be forced to spend more on storage and determination of false 
accounts.  Also, their revenues will be cut as advertises realize that "targetted" ads 
will be less targetted.

Of course, Apple will be free to create a social networking site.  They already have 
created pieces of such.  And Apple can guarantee that Apple product users can use 
the site without impedance of identity pollution.  And, since Apple owns the 
patent, nobody else will be able to pollute identities on the Apple socnet site.

(And if Apple believes that, I have a bridge to sell them ...)

======================  (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
A society in which conjugal infidelity is tolerated must always
be in the long run a society adverse to women          - C. S. Lewis
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.