SoylentNews is people
SoylentNews
I'm just informed enough about IT security to know that I really know very very little about it. That said, I probably know ten times as much as do 99% of people. I'm an expert in my field, and while I've been a jack of all trades on many fronts, today's threats to privacy and IT security require expert knowledge to combat.
I do not have time.
- For example, I hear that Microsoft added updates to Win7/8 that threaten my family's privacy...yet I have not yet gone and removed the offending updates. I moved myself to Ubuntu/xfce, but my son is still using Win8. I'll get to it eventually.
- For example, java script is a security risk, and I have No-Script, turn off 3rd party cookies, etc, but invariably I have to turn it off for some website (i.e. to pay my bill), and eventually, I stop turning it back to full security.
- I installed Cyanogenmod and Fdroid on my phone. And for the most part its great..and I have very few apps with permissive permissions settings....but my wife is still using an iphone and ipad, with all sorts of apps...with ridiculous permission leaks..and that is a struggle.
The long winded point I have is that it is now just too damn much work to do it all right. I'm tired after a 10 hour workday. I've obviously taken more steps than most, but it is still leaky as hell...
I need a company/organization that I can reasonably trust to manage my information security/property, to manage my computers, manage my vpns, e.g., to isolate my web browser windows over multiple vpns, ... all of it, and it can't be GOOGLE. My data is my property, as long as I can hold it, so it needs to be a company/organization that built in privacy obligations (like lawyers and doctors supposedly do).
-Signed: A Frustrated Tired Old Nerd (with children)
[Ed's Comment: Does such a company exist? Is it even possible to provide such a service? Or have we just identified a niche in the market for some enterprising person to fill?]
(Score: 2) by toygeek on Monday October 05 2015, @04:26PM
I think some other commenters have touched on this, but really it is true. Yes, you can look at the Linux source code and audit it. But are you really going to? No. A bunch of people saying an OS is secure does not make it so. Who can forget the issues with OpenSSL and the like. Anything with a processor is either hackable or backdoored, or both. Your antivirus does a MITM attack so it can scan your SSL traffic. Do you trust your AV vendor?
It's much simpler to simply accept that being online with a computer is a known risk. Protect yourself at a deeper level if possible. Don't get all tin foil hat about it, but be smart about what you do and where. Don't want anyone knowing you browse 4chan looking for a particular fetish pr0n? Then don't. Simple as that. Don't want advertisers knowing everything about you? Don't shop online. Don't want $scaryentity reading your email? Good luck with that.
You don't get into your car and fret about getting into a wreck on your way to work (usually) but it could happen. A fender bender at least, or instant death at worst. It's a calculated risk you take every day. Calculate the same risk and either live with it or stop using it.
There is no Sig. Okay, maybe a short one. http://miscdotgeek.com
(Score: 2, Informative) by Anonymous Coward on Monday October 05 2015, @06:53PM
Sucks, doesn't it?
Why people don't refuse the business model, I can't really figure it out. You dont have to be a luddite that uses pen and paper, you simply have to reject the newest OSes of the past several years. There are plenty that are perfectly functional.
All of this came about due to pressing next to continue--with the upgrade to windows 10, with the upgrade to google whateverletter, what have you. I don't know what apple does but it seems everyone has their adherents who do not see the problems.
None of the privacy concerns will go away if we use the same behaviors we used to get into this mess. And thought the ask tool bar was bad -- entire OSes are out to get you now, and they come recommended by the experts.