Why should you be extra careful when posting Spring Festival travel tickets on your WeChat Moments?

Going home is the theme on the eve of the Spring Festival.

You may have been preparing to show off your flight ticket home in your circle of friends, imagining waking up from the familiar bed in your hometown in half a month; or you may be anxious now, forwarding third-party platforms to help you grab tickets in your friends and relatives group Link.

But no matter what the situation is, you may not realize that there is a huge risk of privacy leaks in the air, hotel and ticket information posted on social platforms, as well as the various third-party ticketing applications installed indiscriminately to buy tickets.

In an unseen place, someone may be entering your unintentionally exposed name and phone number into a database, which will be linked to your Weibo account or express delivery address and packaged and sold; there may also be an application quietly turning on the location. and file read permissions to record your every move.

In the era of big data, personal privacy seems more fragile than soap bubbles.

This is the meaning of "International Data Protection Day" (Data Protection Day). This global event, scheduled for January 28 each year, aims to encourage everyone to pay attention to data privacy, understand the basic rights regarding personal information protection, and take action to maintain their own information security.

But just like the thin presence of this event that is in its 18th year, we are still a long way from the goal of "maintaining information security."

Behind the information leakage is the century-old contradiction between technological progress and privacy

The main enemy of privacy in modern life is people's curiosity about other people's lives.

At the end of the 19th century, EL Godkin, then editor-in-chief of the New York Evening Post, wrote a line of commentary. The background of this sentence was that the invention of the telephone and camera at that time provided people with excellent tools to invade the privacy of others.

Godkin may have been one of the first to witness the invasion of privacy by modern technology, but he was certainly not the last.

Rather, today, more than a hundred years later, the situation is a little more serious than before. As technological progress has created unprecedented information production and extremely low barriers to information acquisition, curiosity about other people's lives combined with malice and greed have given rise to a developed gray production chain.

▲Criminals sell personal privacy information on social media platforms

According to the classic definition given by Alan Westin, author of "Privacy and Liberty" in 1967, the right to privacy is about "self-determination," that is, "the requirement of an individual, group, or institution to decide for itself when, the right to communicate information about them to others in what manner and to what extent”.

But nominally having rights and practicing rights are two different things. In today's technological advancement, we seem to be gradually losing this freedom of self-determination.

One example is that the correlation between data makes mobile phones seem to “understand” us more and more.

Something mentioned during the chat will be posted on Taobao’s homepage in the blink of an eye; conversely, something just searched on the shopping app will immediately become the subject of advertisements on other apps.

When short video apps are first installed, they always coax us to open the address book reading permission on the grounds of "optimization and recommendation"; however, once allowed, you become a "transparent person" in social circles. Even if you register an account, the platform may rely on The previously read friend relationships will push you to acquaintances.

The "understanding" of big data seems thoughtful, but it always makes us shudder.

In addition, the ever-increasing number of devices around us is also evolving into a window for criminals to peek into our lives.

Security research institutions have previously demonstrated attacks on IoT devices such as routers, smart cameras, and car systems, with almost no mistakes, and can even "spread" the attack from a single device to the entire home network.

If ensuring the security of a small number of smart devices is equivalent to guarding a pass, then today, when everyone is surrounded by connected smart hardware, what we have to defend is actually a Great Wall. The enemy is always patrolling outside the wall, waiting to find a gap. The mere existence of this gap is enough to invite a full-scale invasion.

As device owners, our role is not necessarily that of pure victims. Sometimes, we who are reckless will become "accomplices".

▲Use AI technology to pretend to be Tom Cruise

For example, it is indeed interesting to upload dozens of personal photos to generate "AI image photos" out of the mentality of "joining in the fun", but few people pay attention to whether the dozens of pages of user agreement include permission for companies to use your photos for training The terms of AI; or as mentioned at the beginning of the article, malicious applications downloaded without paying attention give a green light to privacy theft.

In the city surrounded by technology, the space belonging to personal privacy is being infinitely eroded.

Take the first step and build a fence for your privacy territory

As data-driven generative AI sets off a technological boom, the world is accelerating towards the era of "data economy". When the value of personal information is infinitely increased, building a fence for personal privacy has become a top priority.

We believe that the key to protecting privacy lies in two "laws": law and self-discipline.

Needless to say, the law goes without saying, but the importance of self-discipline is often overlooked. Modern people's lives are built on the "foundation" provided by many service providers. Considering that society lacks the means to supervise how service providers handle information, and that most users are willing to choose "privacy for convenience", it can truly deter theft. The core of the privacy phenomenon actually lies in the industry itself.

Therefore, the more urgent the issue of personal privacy becomes, the more industry leaders must take the lead in protecting personal privacy.

Huawei is one of the first domestic manufacturers to mention network security and privacy protection at the basic level of the company's strategy. Almost every year at the Huawei Developer Conference, He Gang, chief operating officer of Huawei Terminal BG, will repeatedly emphasize:

Network security and privacy protection are Huawei's top priorities. We place our responsibility for ensuring network and business security above the company's commercial interests, and use innovative technologies to protect users' privacy and security.

Earlier than these words, it was Huawei's actual actions.

Since the birth of Hongmeng system, Huawei has regarded privacy security as one of its most important concerns. After years of improvement, today’s Hongmeng system already has full coverage privacy security services for a variety of scenarios, which can be called a weapon against information leakage.

This is why, in the privacy and security science popularization video recently released by "China News Weekly", a large amount of space was spent introducing the specific privacy protection functions of Hongmeng system as a "top student".

For example, considering that in the era of the Internet of Everything, any device being compromised may cause smart hardware to become a "smart Trojan", Huawei started from the bottom , using a secure design without root permissions to build the Hongmeng kernel, and using dedicated chips to store sensitive data and applications. The structured security mechanism ensures that all Hongmeng devices are equally unbreakable.

▲Detailed results page of Huawei Hongmeng Core CC EAL6+

Of course, Hongmeng kernel has obtained the world's first and so far only CC (Common Criteria) EAL6+ level security certification in the field of general operating systems.

CC certification has always been known for its comprehensiveness and strictness. In the past, only small devices with extremely simple structures such as IC cards could obtain EAL6+ certification. In other words, Huawei allowed such a complex structure as the operating system to pass a security level test that only bank cards can obtain certification.

This is almost unimaginably difficult.

Starting from the foundation of the Hongmeng kernel, the Hongmeng system has been extended to a variety of terminals such as mobile phones, smart screens, smart watches, smart homes, and car systems with the high flexibility of "once development, multi-deployment". The hardware equipped with the system is different, but what remains unchanged is all-round privacy protection.

However, it is one thing to provide protection, and it is another thing to make users willing to be protected – there is a "security cost" consideration here: just as no one is willing to wear armor to go to work every day, once protecting privacy takes up too much time and attention, users who originally intended to be on guard will choose to sacrifice privacy.

This is why Hongmeng System chooses to use "intelligent" and "sensory-free" methods to create a pure space.

When testing the Mate 60 series, one intuitive feeling is that with strategies such as developer/application signature verification, intelligent interception of risky application installations, and default application permission minimization, Hongmeng has blocked the path for applications to do evil from the source. .

It’s not a problem to insist on installing apps. Hongmeng system will recommend that the application be added to the control, thereby restricting its access to sensitive data such as address books and calls, and automatically disabling permissions such as location information and background pop-ups. In a sense, Hongmeng's security strategy is like the Earth's atmosphere: when it is operating normally, we won't even notice that it is intercepting invading meteoroids out of sight.

Hongmeng has also noticed things that users themselves may not notice.

You know, what we think of as information is often not the full picture of the information. In a casually shared photo, the pinyin of the name on the ticket, the express delivery note on the carton, the social media account ID in the screenshot, and the shooting model and location information hidden in the original image data may all be used for ulterior motives. The key to the attacker's attack.

Hongmeng system can cope with this situation very well. The built-in "Picture Privacy Protection" will automatically erase the built-in location and shooting parameters of the photo when sharing. Then you can also choose to use AI to erase private information such as name, flight and ID number with one click. Take photos and enjoy them as you go, without worrying about the risk of privacy exposure.

Such intelligence and senselessness are more vividly reflected in the Hongmeng Smart Cockpit, which is closest to the user.

Take the Hongmeng Smart Cockpit installed on the Wenjie M9 as an example. After users get on the car, they can quickly log in to their Huawei account using financial-grade 3D facial recognition technology. Data and personalized settings between different accounts are isolated from each other to ensure that only The right people see the right data .

The application permission control strategy naturally extends to the car. When an application requests permissions such as microphone, camera, geographical location, etc., the car system will clearly remind you in real time on the status bar. With just one click, the application permissions are under control.

A major feature of the so-called "intelligence" is the ability to adjust one's behavior according to the scene. Here, the Hongmeng smart cockpit also achieves accurate scene discrimination: when multiple people are riding together, the Hongmeng cockpit will automatically recognize that there are other people riding in the car and activate "privacy mode", intelligently hiding call records, navigation records, etc. on the central control screen Sensitive personal information.

Just use it, Hongmeng will inadvertently complete the work of protecting privacy for you.

Privacy and security, a long road with no end

800 million.

This is the number of devices currently protected by Hongmeng’s security mechanism.

If you only look at the absolute value, the number has increased by 100 million compared to half a year ago; but considering the fact that today's data is widely distributed, there is still a long way to go to protect privacy security.

If the loss of privacy is compared to soil erosion, Hongmeng's root system will cover at best a small corner of the land. Outside of the land protected by roots, countless personal and private information flows into the black river at every moment.

In a future where the number of devices per capita and data production continues to reach new highs, all any one person or manufacturer can do on their own is to defend one city and one pool.

Achieving adequate data security and privacy protection is a long-term undertaking that requires the participation of the entire society.

Society is already taking action. In recent years, our country has successively promulgated and implemented a series of laws and regulations such as the "Cybersecurity Law", "Data Security Law", and "Personal Information Protection Law". Last year, the "Two High Schools and One Ministry of Finance" issued the "Provisions on Punishing Internet Violence Violations and Crimes According to the Law". The Guiding Opinions also apply the crime of infringement of citizens' personal information to situations such as organizing "human flesh searches" and illegal collection and release of citizens' personal information, filling the loopholes in personal information leakage from a legal perspective.

Businesses are also a key part of this. Equipment carrying information has penetrated into every corner of society, and is even related to the normal operation of social order. The companies behind the equipment naturally have a heavy responsibility.

It can be said that Huawei, which adheres to long-termism and continues to invest in the fields of network security and privacy protection, has set an excellent example for the industry by insisting on doing difficult but right things. There is reason to believe that more companies will join this ranks in the future.

With self-regulators taking the lead in the industry, we ourselves must also become the masters of privacy. As privacy and security are taken seriously, more and more organizations will choose to publish personal data protection tutorials on "International Data Protection Day". We can learn from it, choose safe equipment and safe ways of doing things, and avoid becoming criminals. prey.

Accompanied by many fellow travelers, this century-long battle for privacy protection is ushering in the dawn.

# Welcome to follow the official WeChat public account of aifaner: aifaner (WeChat ID: ifanr). More exciting content will be provided to you as soon as possible.

Ai Faner | Original link · View comments · Sina Weibo