SoylentNews is people
SoylentNews
from the isn't-it-about-time-to-move-on dept.
Submitted via IRC for TheMightyBuzzard
A global study from IBM Security examining consumer perspectives around digital identity and authentication today, found that people now prioritize security over convenience when logging into applications and devices.
Generational differences also emerged showing that younger adults are putting less care into traditional password hygiene, yet are more likely to use biometrics, multifactor authentication and password managers to improve their personal security.
With millennials quickly becoming the largest generation in today's workforce, these trends may impact how employers and technology companies provide access to devices and applications in the near future. Overall, respondents recognized the benefits of biometric technologies like fingerprint readers, facial scans and voice recognition, as threats to their digital identity continue to mount.
Source: https://www.helpnetsecurity.com/2018/01/29/authentication-today/
(Score: 3, Informative) by anubi on Tuesday January 30 2018, @06:47AM (3 children)
My main beef with password managers is monoculture.
Once the encryption algorithm of *that* manager has been compromised, all the others are apt to be compromised as well.
Once the word is out how a "bump key" works, nearly all mechanical locks of that design are degraded as far as security goes.
Personally, I consider the lock as nothing more than evidence that I intended no access, and violation of my lock is only evidence that entry was gained without permission. I have other methods ( covert cameras ) to document the act so I can seek redress in a court of law.
Everybody has known for years that locking your car is no defense against a Slim Jim. I have even had to use that way myself a couple of times when I locked my keys in the car.
The thing that concerns me these days is how impersonal identity theft has become. All done by scripts. I never will know who is dinging me, and nearly every business demands my info with the quite legitimate reason that they need to vet me... problem is they keep sharing that information, willingly or accidentally, so that slowly but surely, everyone's private affairs get cross-referenced and indexed onto darkweb databases. Nothing is private anymore. I don't have anything that can't be replicated sufficiently to deceive a sensor so as to perform actions in my name.
The number one reason for my failure to accept even "micropayments" on the web is because in order to pay, even one cent, I have to reveal my payment credentials. I can trust NOBODY. Not even Equifax! They all *say* they can be trusted, but their fine print all says "if you actually believe what we told you in large print, you are a big trusting fool!".
I can't shut down everything, but I will avoid any kind of payment / identification for certain things, well known to be highly risky, such as porn, warez, pirated stuff, anything illegal, gambling, and games. I don't even have a google account yet. I use an anonymous email account, which I would pay for, if I knew beyond a shadow of a doubt, that they would not share my real info. I have researched through Spokeo and already there is far more stuff out there on me than I feel comfortable with. As a result of the Equifax breach, I know that there is enough out there to confuse the entire population of the world as to who is really who.
Its no longer a function of being careful.
Its now a function of pure statistics as to when my identity is going to be misused.
My best attempt to cope with this was to adopt a much lower lifestyle, so little is at risk. Own your stuff outright and pay cash when possible, using credit cards if necessary for telepurchases. Pay your debts off. If you have money laying around, keep it in some sort of investment which requires you to interface with your banker/broker. Personally. Something fishy come over the wire, and they will question it.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2) by c0lo on Tuesday January 30 2018, @07:46AM (2 children)
Yes, but recall that joke with the guy donning his runners and telling his companion: 'i don't need to run faster than the lion, I only need to run faster than you'.
If a hacker targets you, it's only a matter of time before he gets your identity. If you are only one of the many, you only need to be a bit 'more secure' than the most of others.
True, given how many companies store data about you, you have little control on what/when the things go south. Minimising your profile involve indeed minimising the number of companies you share your data with.
Also, which devices you use to interact with them.
I'm using a single payment processor and that is linked with a debit card account which is loaded only minutes before making a purchase. If a webshop doesn't accept that payment processor, I don't buy from that shop.
And I do my online shopping and ebanking only from a laptop at home, laptop that runs Linux (thanks deity the era of IE-only supported is dead), laptop that never leaves my home and is powered off most of the time.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by arslan on Wednesday January 31 2018, @12:59AM (1 child)
Eh? That analogy only stands for instance when the hacker is targeting individuals, not when they're targeting data dumps. The analogy to that would be you running faster than me is useless if there's a tsunami coming at all of us. I have to be running faster than that...
(Score: 2) by c0lo on Wednesday January 31 2018, @02:09AM
Works in this case too. Assuming your passwd is not based on dictionary words, the digest of it in the dump will be harder to crack. After getting enough passwords reversed, I have a feeling the attacker will just let yours be.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford