Language Selection

English French German Italian Portuguese Spanish

Worry. But Don't Stress Out.

Filed under
Security

THE theft of computer data at an Arizona company that put as many as 40 million credit card accounts at risk for fraud may have been the largest case of stolen consumer information yet.

But the incident, which was revealed last week and may have occurred months ago, surely will not be the last. In fact, the theft was only the latest in a series of incidents, not all of which involved criminal activity. Earlier this month, for example, United Parcel Service lost data tapes with personal information on nearly four million customers of Citigroup.

The problem of keeping data secure "exists on lots and lots of levels," said Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington. "You begin to see that the United States has an enormous problem that is spiraling out of control."

And like seismologists who can look at smaller tremors and know that a major quake is in the offing, consultants and others who study data security and identity theft can confidently predict that more trouble is ahead.

The question, for them, is one of magnitude, whether there will be the electronic equivalent of the Big One, an incident so widespread, compromising so much personal information, that it devastates the system of financial transactions that underpins the consumer economy.

Data thefts and accidental losses have always occurred, Mr. Tenner said. What has changed is that there is now a law in California requiring companies to inform consumers when their information is breached.

Some experts argue that protecting personal data is a hopeless task, that the emphasis should be on making transactions more secure."Making information harder to use is the key," Mr. Schneier said. "Making it harder to steal is a dead end."

One problem is that there currently is little financial incentive to improve security for transactions. "Credit card companies are putting the cost of fraud on the merchants, who put it on us the cardholders," Mr. Spafford said. A governmental role may be necessary, he said.

Whatever the improvements, few experts envision a complete solution. "Any security measures are at best only buying time," Mr. Tenner said. "It's really like the development of antibiotics - they are always trying to stay ahead of the problem."

"For the optimist, this can go on indefinitely," he added. "For the pessimist, it's like the man who jumped out of the 20th floor of a building. As he passed the 10th floor he said, 'So far, so good.' "

Full Story.

More in Tux Machines

NSA recommends several Samsung smartphones

The list of allowed smartphones, which US officials may share confidential information has become a bit longer. The National Information Assurance Partnership (NIAP) - a product tester under the supervision of the NSA - announced Tuesday the green light for the S5 Galaxy, Galaxy Note 4 and the tablet Galaxy Note 10.1 (2014 Edition). Read more

Ubuntu 14.10 Linux 32-bit vs. 64-bit Performance

Given yesterday's story about Ubuntu 16.04 LTS potentially being the last 32-bit release if that proposal goes through, and given the number of people still running 32-bit Linux distributions on Intel/AMD hardware that is 64-bit capable, here's some fresh x86 vs. x86_64 benchmarks using Ubuntu 14.10. Using Ubuntu 14.10 with the latest daily development ISOs today -- just ahead of this week's official Utopic Unicorn debut -- I did clean installs of both x86 and x86_64 flavors and carried out the same benchmarks with the same settings. Using the open-source Phoronix Test Suite automated benchmark framework made all testing easy and effortless. Read more

U.S. government releases open source gamification software

The United States' National Geospatial-Intelligence Agency has made some of its internally-developed gamification software available for free on GitHub under the MIT free software license. Developers may find it useful as a tool for configuring a server to track "gamification" systems like points or badges against user accounts on apps or websites; at the very least, it offers interesting insight into how the NGA is using game design tenets in its training programs. Read more

Let's Pay for Open Source with a Closed-Source Software Levy

This column has often explored ways in which some of the key ideas underlying free software and open source are being applied in other fields. But that equivalence can flow in both directions: developments in fields outside the digital world may well have useful lessons for computing. A case in point is a fascinating post by James Love, Director of Knowledge Ecology International (KEI), a non-governmental organisation concerned with public health and other important issues. It is called "The value of an open source dividend", and is a discussion of the problems the world of pharma faces because of the distorting effect of patents - problems it shares with the world of computing... Read more