Individuals and organizations have long had a need to protect secrets from prying eyes. One way in which we protect those secrets is through the use of cryptography, from the Greek kryptós, meaning "hidden” or “secret" and graphein, meaning "writing". Early forms of cryptography were used by the ancient Egyptians, Greeks and Romans.
Phones, glasses, and headsets can now all either overlay information on the world we’re looking at or immerse us entirely in imaginary ones. The processes of overlaying information, termed ‘augmented reality’, can be seen when Pokémon appear on our mobile phones, directions appear for nearby restaurants, or our food’s nutritional information is displayed when we point our camera at our plate.
We are regularly told to block or ‘clear our cookies’, or use a private browsing mode, if we don’t want to be tracked as we visit websites. Website operators and marketing, advertising, and other tracking companies, however, have developed other ways of tracking us, called ‘fingerprinting’, which work even if you clear or block your cookies. How prevalent is this kind of cookieless tracking? How accurate is it? And what are the implications for our ability to control our personal information and protect our privacy interests?
When you drive down the road or park your car, have you considered who might be recording where your car was at any given time, and where that information is stored and shared? Public agencies and private companies are using Automated Licence Plate Recognition (ALPR) systems to track vehicles throughout Canada, today.
Traditionally, we have logged into online systems using a username and password. These credentials are often being compromised, however, when databases containing them are breached or we are tricked into providing the information to fraudulent individuals or websites (often through phishing or other social engineering attacks). Once these credentials are compromised, attackers can use them to log into the associated online services. Even worse, because people often reuse their usernames and passwords, the attackers can access multiple services.