It has been interesting over the last week to read the rhetoric around Kaspersky and the fact that, it being a company run from Russia, we now seem to believe that the Russian government will be using it to spy on our lives, turning Eugune Kaspersky into the latest iteration of the Anti–Christ.
I have long since given up on having any notion of privacy. If I choose not to have my opinions known by anyone I have taken to the habit of keeping them to myself in my own head. At least for now, they are safe there.
There have been so many breaches in the last year that I think it’s fair to suggest that any knowable information about me is pretty much known to anyone who wants to know it. Such is the extent of data breaches, people I don’t even know are sending me letters in the post, people that I have never actually dealt with in person, (one assumes they got my data through a data sharing agreement with another company) apologising that they had sprung a leak and my data dribbled out with everyone else’s. A horrible thought shuddered through me at that moment.
I had been working on the assumption that as this problem gets worse, as we know it will, customers would just get so frustrated that they would in the end react against companies that leak their data. I think the insight was that once GDPR actually hits in May we are going to have potentially such a deluge of letters from all over that we will end up being numbed. Never a day goes by without some news of some monumental data breach, Uber and Morrisons just in the last week. I realised this as I caught myself do a “meh” moment when I received this latest letter and I am someone who cares passionately about security.
In the middle of this we are to believe that the threat to our privacy is going to come from Russia gradually exfiltrating our documents while the Anti–Virus is updating. This in the very same week we have Nadine Dorries disclose that her whole office knows her password and they regularly shout it round the office. There are few things that draw my ire more than someone who knows so little about IT that they almost wear it like a badge of honour. We then watched the Twitterverse light up as other politicians, like lemmings, followed Nadine’s lead and leapt off the cliff after her yelling “No, I am Numpticus! Aaaah! Splat!”
Really Nadine? Constituents that email you about their deepest problems have no expectation that their emails are dealt with in a sensitive manner? I would think if I emailed my MP I would maybe have an expectation that the email would be read by the MP him or herself, or by a trusted PA. Not that it’s being dumped into a pool that is picked up by the whole office, staffers, temps and people helping with campaigning. This is just an utter contempt for…. Everything. It’s just plain contemptuous.
As Nadine says, she has no access to state secrets. However, the missing word here is YET! Do we really believe that these lumbering dinosaurs in IT terms suddenly change the second they get access? Well I’ll leave that to you to make your own decision.
Vladimir, if you’re listening. Don’t bother with the whole hacking the Anti–Virus thing. It will be costly and almost certain to be detected. Go buy yourself a cappuccino in the Starbucks next to the Houses of Parliament and wait for some plonker to shout you the password. Job done. Even better save the airfare and just ring their office, tell them you’re working from home and they’ll probably give it to you over the phone.
While I’m on the subject, I am going to continue to bang my “security is simple” drum. Good, or at least much, much better security is cheap, very mildly irritating and very possible. If you still haven’t bought into the idea, you need to. If you are a Nitec customer, ask to see your security score sheet and work with us to improve it. Your future self will thank you. The costs, in all likelihood, will be minimal but the savings could be immense.