aRTy News – 2018-12-11
aRTy News is now listed on Stitcher Radio
If your audio app of choice is Stitcher Radio, you can now get your weekly tech news fix from Raymond Tec right in the app.
We’re officially listed! Yay!
We’re still waiting to hear back from iTunes, Google Play, and Spotify.
Google+ Shut Down Accelerated
For those of you still using the Google+ social network, the shut down has been moved up four months, from August to April of 2019. Google has apparently discovered another leak exposing the data of 52.5 million users.
This breach isn’t the end of the world, but it did expose data that you may have set to private, such as your full name, email address, occupation, age, and other info.
And, for the record, this was a leak not a breach. Meaning, Google discovered it themselves and told on themselves.
Facebook Launches Instagram Voice Chat
I’m not entirely sure why Facebook doesn’t integrate all of their different chat apps into one, but I’m sure there will be some people quite excited for an Instagram voice chat feature.
Here’s a video of cute kitten demonstrating the new feature:
House Report on Equifax Data Breach
The just-released house report on the Equifax Data Breach is telling of what is really wrong with how we force large companies to approach security. This article from Tech Crunch details much of what went wrong and how.
Here’s how security for large corporations is handled now: the government defines a set of hard standards that companies of a certain size or scale or industry must meet. This is known as compliance security. Where you assure your company’s data security through compliance with the government’s laws.
Compliance security doesn’t work, because threats are always evolving. In the cyber security world, threats may come from Russia one day, Canada the next, or internally the following day. There is no set standard that can predict that.
Here’s how I always approach security, whether it’s personal, physical security or security for a client. First, perform a risk assessment. What’s the value of any potential target? How is security currently handled? What are the weaknesses in the existing security? Second step would be to perform penetration testing, to find any vulnerabilities that may not be obvious. Third is create a comprehensive report for how to address the vulnerabilities and a plan for identifying and mitigating new risks going forward.
Why am I giving you all this boring detail? Because the internet is here to stay, and it will be part of the world for the rest of our lives. Everyone should approach security this way. You needn’t hire an outside firm to try to breach your home network security or your pin code for your phone. All I’m saying is, sit down, think about what you might have that others may want to take, figure out how you’re securing it, figure out if you can secure it better, and be vigilant in the future.