Whether you design websites, as I do, or build apps or are a casual user of the Internet, this effects you.
Security is being compromised to a greater degree, lately.
Whatever the reason for this trend, the real question is "How do I deal with it?"
This ZDNet(r) article has some suggestions, which I think are reasonable and do-able by everyone. Yes, you need to change the way you do some things... Change is a fact of life.
http://www.zdnet.com/article/serious...de-on-hackers/
The three suggestions are:
"...We as consumers need to understand the value of our data and then hold those that store it to account."
"Second, companies should design security as a fundamental part of the services we use, not a nice-to-have addition...."
"Third, the use of strong encryption should be the standard, not the exception...."
If you follow the threads here on Kubuntu forums, you will have seen reports, by myself and others, of the recent failures of Major 'net companies (e.g. Yahoo(r), Google(r) and others). These are indicators of the problem as well as being part of the problem.
So, what are you doing to address the three points of the linked article?
My actions:
1) I'm moving my custom to businesses which are more likely to protect my data and identity.
2) See #1. That means moving my email away from Yahoo(r) and/or Google(r). It means hosting on more secure servers, when I can find them.
3) If I must send valuable and private information, I do it with strong encryption (Minimum 2048 bit encoding, 4096bit preferable). I design websites with two points in mind;
a) My end users bear a part of the responsibility to use secure email addresses and
b) The contact information stored on servers which run my website code are ASSUMED A PRIORI to be IN-SECURE and vulnerable to hacking. There is no free lunch.
Yes, I design with encrypted database(s) and use "secure" HTTPS links, but that is NOT guaranteed to protect all data.
No, I cannot make a guarantee to my customers (who order my designs) that the website will be 100% secure from attack. Don't believe anyone who tries to tell you otherwise. "There's a sucker born every minute...".
This is NOT an ad for my business (you can't find me from here...).
Again, what are you doing to preserve your security and privacy?
Security is being compromised to a greater degree, lately.
Whatever the reason for this trend, the real question is "How do I deal with it?"
This ZDNet(r) article has some suggestions, which I think are reasonable and do-able by everyone. Yes, you need to change the way you do some things... Change is a fact of life.
http://www.zdnet.com/article/serious...de-on-hackers/
The three suggestions are:
"...We as consumers need to understand the value of our data and then hold those that store it to account."
"Second, companies should design security as a fundamental part of the services we use, not a nice-to-have addition...."
"Third, the use of strong encryption should be the standard, not the exception...."
If you follow the threads here on Kubuntu forums, you will have seen reports, by myself and others, of the recent failures of Major 'net companies (e.g. Yahoo(r), Google(r) and others). These are indicators of the problem as well as being part of the problem.
So, what are you doing to address the three points of the linked article?
My actions:
1) I'm moving my custom to businesses which are more likely to protect my data and identity.
2) See #1. That means moving my email away from Yahoo(r) and/or Google(r). It means hosting on more secure servers, when I can find them.
3) If I must send valuable and private information, I do it with strong encryption (Minimum 2048 bit encoding, 4096bit preferable). I design websites with two points in mind;
a) My end users bear a part of the responsibility to use secure email addresses and
b) The contact information stored on servers which run my website code are ASSUMED A PRIORI to be IN-SECURE and vulnerable to hacking. There is no free lunch.
Yes, I design with encrypted database(s) and use "secure" HTTPS links, but that is NOT guaranteed to protect all data.
No, I cannot make a guarantee to my customers (who order my designs) that the website will be 100% secure from attack. Don't believe anyone who tries to tell you otherwise. "There's a sucker born every minute...".
This is NOT an ad for my business (you can't find me from here...).
Again, what are you doing to preserve your security and privacy?
I didn't want to use a cloud service and was curious as to why they would predicate a firmware update on a subscription to their cloud, even if it was "free". I did some investigation and discovered that MANY folks received the same upgrade "offer" almost independent of the hardware model, and there were links to sources suggesting that the NSA had a hand. That's when I went to the DD-WRT website and downloaded the firmware for the E2500 and installed it. It turned out to give COMPLETE control to the E2500, something that the Cisco firmware did not. And, it had no back doors in it, either.
Comment