View Single Post
  #3   (View Single Post)  
Old 14th November 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Perhaps I was not sufficiently clear. Anyone can make mistakes that unknowingly puts privacy at risk. Not just Adobe. It does not matter if we trust another entity, or if we trust only ourselves.

Example:

A privacy advocate ensures that her personal connections to the Internet are always through Tor. She keeps all of her software up to date and watches for security announcements that affect any of her components: OS, Tor, browser, and other tools. She also uses the P2P protocol BitTorrent from her main workstation. It does not work very well, and she is unaware that the BitTorrent protocol publishes her real IP address, eliminating the privacy she works hard to maintain.

Example:

An OpenBSD user sets up a small application server, and sets up PF rules that pass traffic to all of his daemons, blocking everything else. He thinks he has secured his system, because he is using OpenBSD with PF, both of which surely enhance his security. He is unaware that his pass rules have exposed his new application server's internal database to the Internet.

Example:

An OpenBSD user gets an Email from Adobe, telling him that they had a security breach. He doesn't know when it occurred, or the extent of the breach, but the userid was one he used commonly, and he had been using the same easy to remember password on a lot of his network accounts that did not have personal information within them. He spent the next week changing passwords on all of his network accounts anyway, and he is still not sure if he got all of them, more than a month later.
Reply With Quote