It is really simple to end all the personal data leaks that we read about all the time, make the penalty of the leak so high that no company would ever allow it to happen. Further, make the fine be paid directly to the impacted persons, so it isn’t the class action lawyer or some neutral party being paid.
A few years ago, my college leaked 20,000 transcripts on the internet. Mine was not one of the leaked, but if I were going to cost $2,000, per instance, for the fine, I suspect my University would be more careful. That fine would have cost them $40M. Yep, they wouldn’t leak anything, that’s for certain.
There are a number of systems out now that are known to leak private data, MySpace, Facebook, and Paypal are constantly found to be deficient with security practices. If there was a $2,000 fine for each failure, I bet they’d fix it or refuse all private data. Or, they’d go out of business, which would give them an opportunity to come back with better security after bankruptcy. Further, venture capitol would demand excellent security processes to prevent any private data breaches.
How is any of this bad? I suppose the companies (slime?) who make money offering bogus privacy insurance would be harmed. They would convert into audit companies or fold. I suspect lawsuits against Microsoft for common program breaches would increase, forcing them to create a secure OS if they wanted to retain customers. I can get behind that. The people and companies certifying private data won’t be leaked will be held accountable if their system fails too.
Is financial data the only private data or is anything not found in either the telephone book or government documents to be considered private? Is there an expectation of privacy for all other information that should be protected?
If you install test and virtual machines, this is a real time saver. A few clicks to select your apps, I selected about 10, then about 5 minutes of downloads and installs. Only once did I have to “Accept”, but that was a Windows7 UAC.
Have you seen any issues with this solution? Let us know.
For example, I did have to decrease the security so ninite could create and download the custom installation package, but that was expected. That part was expected AND necessary. After all the installations were completed, I removed it from my trusted sites. Good enough.
Some of the installed apps were not the latest and had updates available. Doing an update rather than searching for the apps, downloading, installing, is much quicker. Of course, addons for Firefox still needed to be added.
Which apps did I install?
- Java 6
Which Firefox addons did I install?
- Sage (Sage Too forbids AdBlock)
- AdBlock Plus
- Tree Style Tab
You don’t want too many firefox addons or it will get slow.
To get your piece of the internet as it were, you need a host, DNS, and a domain registrar. Some companies make this really easy as a 1-stop shop. Yes, it is easier, but you really don’t want to do it that way.
Step 1 – backup your data.
Step 2 – recover your data as a test from a friends home or business.
The stuff you learn in step 2 is critical. We don’t backup data just to see it complete. We intend to get that data back at some point.
- Do you have access to the encryption keys used during backup? No encryption? – WHAT!? ARE YOU CRAZY?
- Do you have enough of the backup software (or can you down load it) to recover your data from bare metal, if needed?
Testing is critical to know what does and what doesn’t work. Don’t forget to fix the uncovered restore issues.
You hear all the time that to be secure on your PC or server, you need to disable unused services. A few of us have done this, but even for the most experienced person, knowing what each service does isn’t easy.
What are we all to do?
How do you explain to a non-technical person what they need to do?
This guy at BlackViper.com is a trusted source of this type of information. At a minimum, turn off MS-Messenger if you don’t use Microsoft Live. You know, that icon that nags you to login using your old passport login.
BTW, I’ve NEVER had an MS passport login. It hasn’t always been easy since they NAG, but it was worth it to me.
Came across an old and interesting solution to login security … one-time passwords.
OTPW – A one-time password login package
These are the main links I send friends:
- Security Now!
- http://manifestinvesting.com/ – [[NAIC-based|http://www.betterinvesting.org/]] Investing Site; [[M* Dashboard:TinCup|http://www.manifestinvesting.com/dashboard/20]]; [[M* Dashboard: Solomon’s Select|http://www.manifestinvesting.com/dashboard/334]] [[M* Dashboard: NAIC Growth|http://www.manifestinvesting.com/dashboard/1222]] [[NAIC Discussions|http://community.compuserve.com/n/pfx/forum.aspx?webtag=ws-naic]] on CompuServ
- http://earnings.com/ – quarterly company conference calls.
- http://www.jdpfu.com/dr/ – Disaster Recovery Lists for Home Evacuation
- http://www.zkoss.org/zkdemo/userguide/ – ZK – Simple AJAX/Scripting WOW!
/. article – which spam filter is best?
Fast forward to 39:42 into the movie to see his rankings.
Here’s what I saw (YMMV):
4) spamasas-b (learning only)
5) crmSPAM3 (1:40 ham eaten)
Of course, he immediately showed other views of the data and had different rankings. Basically, you need to decide how much real email you are willing to lose to fight any spam getting in.
New Gizmo and router forwarding settings!
Ok, I logged into the Gizmo to make these settings: according to it (the gizmo) the following ports are reserved: 68, 16384-16403, 5060. Better than what Linksys support is suggesting. I’ll forward these from my router. VoIP quality should be perfect once this is done.
The Gizmo also has configuration settings for bandwidth management – but they aren’t clear whether they have anything to do with VoIP quality or if they help when the LAN traffic doesn’t flow thru the Gizmo.