SoylentNews is people
SoylentNews
I'm just informed enough about IT security to know that I really know very very little about it. That said, I probably know ten times as much as do 99% of people. I'm an expert in my field, and while I've been a jack of all trades on many fronts, today's threats to privacy and IT security require expert knowledge to combat.
I do not have time.
- For example, I hear that Microsoft added updates to Win7/8 that threaten my family's privacy...yet I have not yet gone and removed the offending updates. I moved myself to Ubuntu/xfce, but my son is still using Win8. I'll get to it eventually.
- For example, java script is a security risk, and I have No-Script, turn off 3rd party cookies, etc, but invariably I have to turn it off for some website (i.e. to pay my bill), and eventually, I stop turning it back to full security.
- I installed Cyanogenmod and Fdroid on my phone. And for the most part its great..and I have very few apps with permissive permissions settings....but my wife is still using an iphone and ipad, with all sorts of apps...with ridiculous permission leaks..and that is a struggle.
The long winded point I have is that it is now just too damn much work to do it all right. I'm tired after a 10 hour workday. I've obviously taken more steps than most, but it is still leaky as hell...
I need a company/organization that I can reasonably trust to manage my information security/property, to manage my computers, manage my vpns, e.g., to isolate my web browser windows over multiple vpns, ... all of it, and it can't be GOOGLE. My data is my property, as long as I can hold it, so it needs to be a company/organization that built in privacy obligations (like lawyers and doctors supposedly do).
-Signed: A Frustrated Tired Old Nerd (with children)
[Ed's Comment: Does such a company exist? Is it even possible to provide such a service? Or have we just identified a niche in the market for some enterprising person to fill?]
(Score: 3, Insightful) by bradley13 on Monday October 05 2015, @01:19PM
The author has done a lot - he does more than I do in some regards (and I am pretty paranoid). We can hope that our data is reasonable safe.
What leads to despair is the general direction that security seems to be taking...
- You try to protect your identity, then organizations like OPM are hacked, revealing incredibly detailed personal information on millions.
- You try to protect your passwords, then security professionals (example: what happened at Ashley-Madison) turn out to have made stupid security mistakes that compromise those passwords.
- You try to protect your data with tools like TrueCrypt; the makers of those tools (presumably) get hounded out of existence by a government that doesn't want people to have tools like that.
- You try to protect your servers and infrastructure, then we annually have bugs like Heartbleed that publish your security keys to the world.
For the past few years, I've had the feeling that we are collectively taking 1 step forward, and then sliding 2 steps back. It's just bloody frustrating.
Everyone is somebody else's weirdo.
(Score: 1, Informative) by Anonymous Coward on Monday October 05 2015, @03:29PM
Original poster here.
Yes it is burnout...but more...Some suggest that it is laziness.or a misguided notion that complete security is attainable..but itis more an acknowledgement of the immensity of the attack surface today.
While most answers on this post focus on security, I am generally more concerned with privacy from corporate big data. A lot of money goes into stripping that data from you..to classify you, peg you, to quantify you. That kind of threat requires more than amateur endeavor of me following up on things I hear about from SoylentNews and others. It requires tools or services to manage our data assets that maintain our privacy...
(Score: 2) by Common Joe on Monday October 05 2015, @07:30PM
I think there is definite merit to these statements. 25 years ago, we dealt with viruses and the occasional trojan. F-Prot or an fdisk and everything was taken care of. Today, the vectors as tremendously more varied.
Hmmm... yes, quite a different animal. Minimize the areas of yourself that can be attacked is about the only thing you can, but just know that one day, everything you write has the potential to be public in some way. The good news is that everyone will be in the same boat. In 20 years, it will be a completely different landscape because the public is just now waking up to these kinds of threats. It will take time for the landscape to mature. Until then, just hang on because the ride will be bumpy for everyone. Minimizing your profile is the best defense, but it makes other things harder. You have to find the right balance for you.