Language Selection

English French German Italian Portuguese Spanish

Worry. But Don't Stress Out.

Filed under
Security

THE theft of computer data at an Arizona company that put as many as 40 million credit card accounts at risk for fraud may have been the largest case of stolen consumer information yet.

But the incident, which was revealed last week and may have occurred months ago, surely will not be the last. In fact, the theft was only the latest in a series of incidents, not all of which involved criminal activity. Earlier this month, for example, United Parcel Service lost data tapes with personal information on nearly four million customers of Citigroup.

The problem of keeping data secure "exists on lots and lots of levels," said Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington. "You begin to see that the United States has an enormous problem that is spiraling out of control."

And like seismologists who can look at smaller tremors and know that a major quake is in the offing, consultants and others who study data security and identity theft can confidently predict that more trouble is ahead.

The question, for them, is one of magnitude, whether there will be the electronic equivalent of the Big One, an incident so widespread, compromising so much personal information, that it devastates the system of financial transactions that underpins the consumer economy.

Data thefts and accidental losses have always occurred, Mr. Tenner said. What has changed is that there is now a law in California requiring companies to inform consumers when their information is breached.

Some experts argue that protecting personal data is a hopeless task, that the emphasis should be on making transactions more secure."Making information harder to use is the key," Mr. Schneier said. "Making it harder to steal is a dead end."

One problem is that there currently is little financial incentive to improve security for transactions. "Credit card companies are putting the cost of fraud on the merchants, who put it on us the cardholders," Mr. Spafford said. A governmental role may be necessary, he said.

Whatever the improvements, few experts envision a complete solution. "Any security measures are at best only buying time," Mr. Tenner said. "It's really like the development of antibiotics - they are always trying to stay ahead of the problem."

"For the optimist, this can go on indefinitely," he added. "For the pessimist, it's like the man who jumped out of the 20th floor of a building. As he passed the 10th floor he said, 'So far, so good.' "

Full Story.

More in Tux Machines

Open source software is the only way to keep up

Between 2005 and 2010, software development accelerated so quickly that some said open source had won the corporate market. But it didn't stop there. In 2015, surveys showed that companies were using, supporting, and creating more open source software. If we look at this pattern, then we can see open source will just keep growing. It's not going anywhere. If you're not using, contributing, or supporting it, then you're going to be left behind. Read more

Following Debian's GNU/Hurd in 2015

The Debian project is best known for its stable GNU/Linux operating system, a platform which is used as a base by over one hundred distributions. However, the Debian project is home to other operating systems, including a port of GNU's Hurd. The GNU/Hurd port combines Debian packages and package management with GNU userland software running on GNU's microkernel. The project offers this description: "The Hurd is a set of servers running on top of the GNU Mach microkernel. Together they build the base for the GNU operating system. Currently, Debian is only available for Linux and kFreeBSD, but with Debian GNU/Hurd we have started to offer GNU/Hurd as a development, server and desktop platform, too. We hope to be able to release Debian GNU/Hurd for Wheezy." Read more

BackBox 4.3 review: Not just for penetration tests and security assessments

BackBox is a Linux distribution that’s based on Ubuntu and designed for conducting “penetration tests and security assessments”. If you’re not familiar with the distribution, this brief review will give you an idea what else it can be used for other than being an OS for pentesters. Read more

Canonical Apologizes for Telephony Regression in Ubuntu Touch for Nexus 4, Fix Released

On July 27, Canonical's Łukasz Zemczak sent in his daily report informing us all about the work done by the Ubuntu Touch developers in the last couple of days, as well as to apologize for a regression introduced by the Ubuntu Touch OTA-5 update. Read more