Archive

Posts Tagged ‘technology’

What’s a citizen to do about Equifax?

My professional career has revolved around software contracts. Initially, I negotiated and managed them; now I reference them heavily while performing a different kind of work. Throughout, I’ve been especially interested in terms related to Information Security (“InfoSec”).

Some software publishers offer customers fairly robust InfoSec protections. I generally felt pretty good about companies (1) whose starting positions guaranteed specific measures to ensure protection of customer data and (2) who promised some kind of compensation if customer data became available because of the publisher’s software and/or hardware offerings. Such software publishers had “skin in the game,” or incentive to really ensure their customers’ data was protected. Why would they be lax when they’d experience specific, sometimes severe consequences for breach resulting from failure to do so?

On the other end of the spectrum were publishers who offered vague assurances with no guaranteed compensation for any breach. This was the opposite of having skin in the game: “We’ll totally check our software once every other year for major flaws and give commercially reasonable efforts to fix them. If there’s a breach that reveals bunches of your data, we’ll send you cake.” I was much more concerned with these publishers, whose lackadaisical approach to InfoSec practically screamed, “We care more about the money you’re required to give us than your ability to stay afloat!”

This all left me with a keen interest in InfoSec, especially when I saw how much less care companies give individual citizens* compared to paying corporate customers. If corporate customers at the very least got a cake, individual citizens got … nothing. Giving more than nothing would cut into profit margins!

I’ve subscribed and unsubscribed to bunches of InfoSec newsletters over the years. The only one I continue to follow now is KrebsOnSecurity.com. Brian Krebs’s coverage of the Equifax breach is a perfect example of why. He critically analyzes the breach and presents it in language even distant non-experts can follow. More importantly, he lets individual citizens know what they can do to limit their exposure.

If you’re concerned about what to do following the Equifax breach of 143 Americans’ credit data, Brian’s “The Equifax Breach: What You Should Know” is a great place to start. If you’d like more excellent analysis of the breach, I’d suggest “Here’s What to Ask the Former Equifax CEO.” His proposed questions for U.S. legislators to ask reveal a great deal about companies that give prominent indications they care much, much less about citizen data protection concerns than for whatever revenue they can milk from citizens. If protecting citizen data costs money (uuuuugh, maintaining software and hardware is expensive!), they’ll cut corners and hope for the best.

As individual citizens, we don’t have the financial leverage to demand better protections the way individual corporate customers can. This means that it’s critical for individuals to (1) find and use those protective measures that are available to individuals (thanks for highlighting them, Brian!) and (2) consider how re-regulation** impacts citizens’ ability to collectively mitigate citizen costs created when some corporate entities treat InfoSec not as a valuable investment in citizen well being but a drain on profits.

Otherwise? It’s important to remember: Unlike corporate customers, we individuals won’t even get a cake. 

* I originally typed “consumer,” so prevalent is such phrasing in reporting, but I reject that. We individuals are far more than consumers. We are citizens, and are far more valuable than the dollars we spend.

** There is no such thing as deregulation, only reregulation. Changes to regulation typically called “deregulation” aren’t neutral but heavily lobbied for by specific corporate beneficiaries. As Kate Raworth puts it here,

There’s always going to be regulation shaping what can and can’t be done, you’re just shifting the regulatory space. You ask how are those shifts benefiting, or how are the costs and benefits of that shifting re-regulation falling on other people? So financial deregulation actually just shifts the costs and benefits of financial crisis onto a different group of people.

 

Advertisements

Hello, iPad, goodbye

Two and a half months ago, I chose to trade URLs for stars.

It was such a fantastic trade, I told my husband I’d go ahead and misplace my iPad again if I did find it.

“No way!” he protested. “If you find it again and still don’t want it, I’ll have it. Mine is about to brick.”

I considered this. “Yeah, I could do that, if you wanted to give yours to the boys afterward.” Read more…

Ditching URLs for stars

image

Scintillating stuff, it was

I’ve kept a journal since I was eleven or twelve.

My mom read my journal starting when I was eleven or twelve.

I sought out every possible hiding spot in hopes I’d find the one she couldn’t discover; she, knowing me and our house better than I understood, found them all.

I couldn’t admit defeat. Hope compelled me to keep searching for that mystical place of unfindability.

The search became ingrained. We’re talking the kind of ingrained where I instinctively still hide anything and everything containing any journal-like text a full five years after my mom’s death. Because, as you can see from reading my blog at this very moment, my life is shrouded in secrecy.

I recently hid my iPad. Read more…

O, terrible, terrific technology!

Alarms boomed and vibrated around me. I locked eyes with colleagues, each apparently as bemused as me. What on earth was happening? This wasn’t like any fire drill.

Having just read an alien invasion story, a tiny part of me decided that aliens were the culprit. We’d soon be incinerated, at least if we didn’t get under our desks quickly enough. (Desks have protective force fields, right?)

Trail signs are also good for throwing aliens off the scent

Trail signs are also good for throwing aliens off the scent

After a few moments, we collectively realized the alarms were coming from our phones. Everyone on a particular cellular network had received an AMBER Alert warning of a child abduction in the vicinity. This discovery led to awed, joyful exclamations over the good technology is capable of working.

I’ll be honest. For all the time I spend online, I’m wary of technology. It’s easy for me to see all its pains and pitfalls, and to agree with my mom’s sentiment on the matter: Read more…

Dream, reach, explore, Endeavour

Space research: fascinating, but not an especially good use of money with our own world full of hunger and unresolved needs. That’s how I would have characterized my take on space research early last year, before I read a couple of compelling posts on its merits.

Thanks to changes in thought and heart rippling out from my reading those posts, I knew enough to stand atop a roof and watch for the space shuttle Endeavour as it passed over my office today.


That shuttle was not so very long ago among the stars. It was among the stars because we have minds great enough to dream up, create and send not only technology but life into space. With minds out there great enough to accomplish these things, I cannot help but have faith that time will see many more wonders worked both in the sky and on our own home planet.

To do things, we must first dream them. As I stood and watched the shuttle fly by, I was heartened by the vastness of human dreams, and by the amazing impacts of our drive to see them come true.

And let us hope that all the other leaders in all the other fields look up into the night sky and ask, “What do I want?  Would I be happiest to see the stars from here on Earth, or to fly amongst them?”
— Kristina, “Want Versus Need…Stuff and Space

%d bloggers like this: