One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 596455 |
| Date de publication | 2018-04-19 13:00:00 (vue: 2018-04-19 16:02:04) |
| Titre | Let\'s be Fools |
| Texte |
The Roman poet Lucretius once wrote: “A fool believes that the tallest mountain in the world will be equal to the tallest one he has observed.”
Translation? He’s essentially saying that our lived experiences define our perspectives. They warp our sense of scale like a bit of plastic in the microwave, moulding what we consider to be large and small.
As someone with years of experience in the security industry, and the cynicism and grey hair to prove it, I’ve got a lot of appreciation for this.
Remember in 2010 when the hacker group Goatse Security (please don’t google the first word in that name) penetrated the heart of AT&T’s servers and acquired the email addresses of over 100,000 iPad users? Man, 2010 was a different time.
The AT&T iPad hack was a major news story, and rightfully so. I distinctly remember thinking that 100,000 victims was pretty big. Now, in light of the Ashley Madison and Equifax hacks, it almost seems quaint.
What I’m saying is that, my perspective of what constitutes a major incident has shifted. I noticed that earlier this week when a jewelry retailer in the US accidentally leaked the details of 1.3 million customers. This happened because it committed one of the most basic of security schoolboy errors, and failed to secure the Amazon S3 bucket where it kept its database backups.
1.3 million? Yawn. I don’t get out of bed for less than 100 million.
And while I struggle to imagine a data breach greater in size than the 2016 release of over 300 million MySpace users, or more damaging than the 2017 Equifax hack, I know this is inevitable, even if I can’t actually visualize it in my mind’s eye.
But, like, what if it’s better to be fools?
We live in interesting times. Security breaches are no longer measured in the millions, but in the hundreds of millions of records. It’s only a matter of time until the first billion-victim data leak happens.
The smaller leaks (and apparently anything less than 10 million constitutes a “smaller leak”) barely warrant a mention. But what about the big ones? After every major incident there’s the trifecta of outrage, blame, and calls for consequences, but that that eventually settles down into apathetic acceptance.
Remember when everyone was really upset about the Ashley Madison hack, and then forgot about it?
Remember when everyone was really upset about the LinkedIn hack, and then forgot about it?
Remember when everyone was really upset about the Equifax hack, and then forgot about it?
And let me ask one last question: are we any better for having done so? Are companies still making silly security mistakes? Has there been any change at the government level? Any new laws passed? Has anyone gone to jail for having screwed up in such an egregious manner?
Perhaps it’s time to treat all security breaches -- all security breaches, but especially the big ones -- as the biggest mountains we’ve ever seen, because change isn’t going to happen any other way.
I, for one, think it’s better to be a fool. Who’s with me?
 |
| Envoyé | Oui |
| Condensat | “a “smaller 000 100 2010 2016 2017 300 about acceptance accidentally acquired actually addresses after all almost amazon any anyone anything apathetic apparently appreciation are ashley ask at&t at&t’s backups barely basic because bed been believes better big biggest billion bit blame breach breaches bucket but calls can’t change committed companies consequences consider constitutes customers cynicism damaging data database define details different distinctly don’t done down earlier egregious email equal equifax errors especially essentially even eventually ever every everyone experience experiences eye failed first fool fools forgot get goatse going gone google got government greater grey group hack hacker hacks hair happen happened happens has having he’s heart hundreds i’m i’ve imagine incident industry inevitable interesting ipad isn’t it’s its jail jewelry kept know large last laws leak leak” leaked leaks less let level light like linkedin live lived longer lot lucretius madison major making man manner matter measured mention microwave million millions mind’s mistakes more most moulding mountain mountains myspace name new news noticed now observed once one ones only other out outrage over passed penetrated perhaps perspective perspectives plastic please poet pretty prove quaint question: really records release remember retailer rightfully roman saying scale schoolboy screwed secure security seems seen sense servers settles shifted silly size small smaller someone story struggle such tallest than that then there’s think thinking time times translation treat trifecta until upset users victim victims visualize warp warrant way we’ve week what when where who’s will word world wrote: yawn years |
| Tags | |
| Stories | Equifax |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.