Language Selection

English French German Italian Portuguese Spanish

Worry. But Don't Stress Out.

Filed under
Security

THE theft of computer data at an Arizona company that put as many as 40 million credit card accounts at risk for fraud may have been the largest case of stolen consumer information yet.

But the incident, which was revealed last week and may have occurred months ago, surely will not be the last. In fact, the theft was only the latest in a series of incidents, not all of which involved criminal activity. Earlier this month, for example, United Parcel Service lost data tapes with personal information on nearly four million customers of Citigroup.

The problem of keeping data secure "exists on lots and lots of levels," said Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington. "You begin to see that the United States has an enormous problem that is spiraling out of control."

And like seismologists who can look at smaller tremors and know that a major quake is in the offing, consultants and others who study data security and identity theft can confidently predict that more trouble is ahead.

The question, for them, is one of magnitude, whether there will be the electronic equivalent of the Big One, an incident so widespread, compromising so much personal information, that it devastates the system of financial transactions that underpins the consumer economy.

Data thefts and accidental losses have always occurred, Mr. Tenner said. What has changed is that there is now a law in California requiring companies to inform consumers when their information is breached.

Some experts argue that protecting personal data is a hopeless task, that the emphasis should be on making transactions more secure."Making information harder to use is the key," Mr. Schneier said. "Making it harder to steal is a dead end."

One problem is that there currently is little financial incentive to improve security for transactions. "Credit card companies are putting the cost of fraud on the merchants, who put it on us the cardholders," Mr. Spafford said. A governmental role may be necessary, he said.

Whatever the improvements, few experts envision a complete solution. "Any security measures are at best only buying time," Mr. Tenner said. "It's really like the development of antibiotics - they are always trying to stay ahead of the problem."

"For the optimist, this can go on indefinitely," he added. "For the pessimist, it's like the man who jumped out of the 20th floor of a building. As he passed the 10th floor he said, 'So far, so good.' "

Full Story.

More in Tux Machines

Top 4 CDN services for hosting open source libraries

A CDN, or content delivery network, is a network of strategically placed servers located around the world used for the purpose of delivering files faster to users. A traditional CDN will allow you to accelerate your website's images, CSS files, JS files, and any other piece of static content. This allows website owners to accelerate all of their own content as well as provide them with additional features and configuration options. These premium services typically require payment based on the amount of bandwidth a project uses. Read more

Bash Bunny: Big hacks come in tiny packages

Bash Bunny is a Debian Linux computer with a USB interface designed specifically to execute payloads when plugged into a target computer. It can be used against Windows, MacOS, Linux, Unix, and Android computing devices. It features a multicolor RGB LED that indicates various statuses and a three-position selector switch: Two of the positions are used to launch payloads, while the third makes Bash Bunny appear to be a regular USB storage device for copying and modifying files. Read more

openSUSE Leap's New Versioning Scheme Finally Syncs with SUSE Linux Enterprise

openSUSE Board Chairman Richard Brown informed the community about a major version number change for upcoming releases of the openSUSE Leap operating system. As some of you might know already, openSUSE Leap 42.2 is the current stable release of the GNU/Linux distribution based on the sources of the commercial SUSE Linux Enterprise (SLE) operating system designed for enterprises, and the next scheduled release is openSUSE Leap 42.3, which is currently in development. Read more

Leftovers: OSS

  • Top 4 CDN services for hosting open source libraries
    A CDN, or content delivery network, is a network of strategically placed servers located around the world used for the purpose of delivering files faster to users. A traditional CDN will allow you to accelerate your website's images, CSS files, JS files, and any other piece of static content. This allows website owners to accelerate all of their own content as well as provide them with additional features and configuration options. These premium services typically require payment based on the amount of bandwidth a project uses. However, if your project doesn't justify the cost of implementing a traditional CDN, the use of an open source CDN may be more suitable. Typically, these types of CDNs allow you to link to popular web-based libraries (CSS/JS frameworks, for example), which are then delivered to your web visitors from the free CDN's servers. Although CDN services for open source libraries do not allow you to upload your own content to their servers, they can help you accelerate libraries globally and improve your website's redundancy.
  • Users stand up, speak out, and deliver data on OpenStack growth
    Last week, the OpenStack Foundation announced the results of its ninth user survey. OpenStack users responded in record-breaking numbers to participate, and their voices as revealed in the data tell the real story of OpenStack. The OpenStack community is growing, thriving with new users, deployments, code contributions, and collaborations, all on the rise. User diversity is expanding across geographies and organizational sizes. And OpenStack's ability to integrate with innovative technologies is paving the way for advancements not even dreamed of just five years ago.
  • How to get started learning to program