Security shortcuts – they do not exist
17SaturdayAUG 2013
There are security needs – please don’t go snooping in my bank account, or note the websites I’ve perused.
Then there are security needs – please don’t kill the people who are trying to help the downtrodden masses. Thanks.
Here are a few ways to think about a security tool: When someone offers you a security tool, ask yourself: who holds the keys? Can an attacker get my keys? Can an attacker read my passphrase? How does the cryptographic software get to my computer? Can I review it? Authenticate it? Can an attacker steal my passphrase? Where is my trust placed, and what does it mean to trust? These can be useful questions to keep in mind. When it’s really important to keep your data secret, it’s worth consulting an expert.
Patrick Ball in Wired – I liked the article, it’s well thought out.
When you are dealing with lives you have to make the hard choice, put in the extra effort. Tie it into a different article that dealt with documentation becoming stagnant and forgotten (search Zoo Dog) and a totally different one regarding Barnaby Jack’s warnings we all need to heed (medical devices being taken over by bad people is worse than ATMs being 0wned!) – will those who have the future in their hands be able to see the wise moves?
Mr. Ball makes a wise statement – consult an expert – it’s worth it.
::s::