July 22, 2011
I was on the train the other day when I saw the guy beside me get up and walk off to the toilet. He left his laptop unlocked. It would take, what, a second to hit Alt/Ctrl & Del to lock the screen but he didn’t bother.
With so many stories in the news about data breaches and device hacking, I can only assume that many people think it won’t happen to them, or that their data isn’t important enough to bother with. Or perhaps they picture these crimes being carried out over the internet by the stereotypical “movie hacker” locked away in their bedroom and not by the clean cut guy sitting beside them in the first class carriage on the train.
Fortunately for my fellow traveller, I’m a nice guy and I didn’t drop a remote access keylogger on his machine while he was away; instead, I just snapped this picture and kept an eye on his gear for him.
IT departments around the world work hard to implement intrusion detection and prevention systems; they develop, implement and communicate data asset protection policies and it can all be undone by one user who doesn’t take a second to lock his screen. Crazy.
Posted in security 
1 Comment »
May 11, 2011
It’s all over the news. Super-injunctions don’t work in the modern age, and as a result, the Govt feels compelled to Do Something.
Take Jeremy Hunt, Secretary of State for Culture, who said yesterday,
“Technology, and Twitter in particular, is making a mockery of the privacy laws that we have and we do need to think about the regulatory environment that we have.”
The mainstream media, of course, never miss an opportunity to tell their readers that the Internet is the modern-day equivalent of the Wild West, as the Indy ably demonstrates in “Media freedoms in the balance”:
“Mr Hunt raised for the first time the possibility of a new watchdog to ensure that social media such as Twitter and Facebook were subject to controls similar to those faced by the press and broadcasters, saying there may be a case for converging the regulation of traditional and new media.”
And, from this article in the Telegraph:
“Media outlets are supposed to be prevented from disclosing their names by a series of super-injunctions, which prevent them from being identified. Both Twitter and Facebook, however, are based in the US and outside the jurisdiction of British courts.”
The thing is, the politicians and the media seem to be forgetting that this isn’t a problem caused by social media. In fact, this “problem” has existed in one form or another for years. Go back to Jeremy Hunt’s quote and substitute “The foreign newspapers” for “Technology, and Twitter” and you’ll see what I mean.
Over the years, there have been countless examples where injunctions issued in England have no bearing on what gets published by the rest of the world (and rightly so). Here are two such examples – one fairly recent, and one from 2003:
Sure, the internet means more people in the UK have easier access to that censored information, but is that the only reason to act on this now? I smell a rat – the Govt seems to be worryingly open to censoring websites at the behest of wealthy groups with Big Media interests; from there, is it such a big leap to include censorship of overseas websites that host injunction-breaking information, too?
Posted in internet, news, politics, social-media, Twitter Comments Off
April 1, 2011
If you’re like me and you tend to be a “serial joiner”, then you’ve probably got accounts on most social networking sites, and – I’m guessing – you’ve uploaded your carefully chosen avatar to each one, too. Or, you’re smart and you use Gravatar, which allows you to upload your avatar once, where it gets propagated to each of the services that support it. Want to change your avatar; simple: update your avatar on Gravatar and the update gets pushed out.
At the end of last month, my debit card expired and until now, I hadn’t realised just how many online/subscription-based services I use which depend on that card number. Services which would stop working when the card expired. I must have spent the best part of a morning working out which services had my debit card details and then visiting each to update the number.
Wouldn’t it be cool if there was a service, like Gravatar, where I could enter my card details once and have that propagate to all the services that needed it? I see the major challenges facing a service like this as:
- Trust – it would be hard for a start-up to offer this, because who would trust their debit/credit card details with an organisation they’d never heard of
- Proliferation – tied into the first point. If, say, Paypal offered this, it would quickly gain traction because they’re a recognised brand
- Security – goes without saying. Any service that stores credit card numbers better be as secure as they come, especially if that data is being fed into other places. (And maybe that’s the showstopper?)
Perhaps Paypal is the answer, and if more services supported Paypal as a payment method, this would solve the problem – I could update my details there and have done with it.
Posted in applications, software, tech Comments Off
Recent Comments