Category: Jeff Lanza’s Blog

Great article about why it’s so difficult to secure our online information…

http://www.cityam.com/274021/alert-but-not-alarmed-why-information-security-so-difficult

A few months ago, I saw a terrifying warning when I logged into my personal email account. It read: “Government-backed attackers may be trying to steal your password,” and boy, did it get my attention. Apparently, a number of people have received these warnings since 2012, and the summary advice on what to do about it is: “Be alert but not alarmed.”

How exactly does one do that?

This summer’s Equifax hack was the fourth largest data breach in the last few years. Hackers have targeted companies ranging from Yahoo to Verisign. It’s likely we’ll see increased information security regulation in the coming years, but it is also reasonable to expect that at some level we are all on our own.

Perfect and permanent ‘security’ is probably outside of our reach. It exists on a spectrum and requires a set of practises that are best understood as another category of hygiene. Nobody can wash their face enough to permanently eliminate all chances of ever getting a blemish. But we wash our faces because we know it mostly works.

Join investment professionals from around the continent at the 2017 European Investment Conference. Keynote speaker Jonas Kjellberg, co-creator and former managing director of Skype will be sharing his insights about innovation. You may leave thinking about how to embrace change, disrupt the industry and think critically about the challenges ahead.

My hope with this essay is to help you find an approach that mostly works and connect you with some resources to go deeper if you’d like.

It is comfortable for some of us to think about information security through an economic lens. The picture is bleak, but computer scientist Ross Anderson summarised it well in his 2001 paper, “Why Information Security Is Hard: An Economic Perspective.” I find the first paragraph of his conclusion striking:

“Much has been written on the failure of information security mechanisms to protect end users from privacy violations and fraud. This misses the point. The real driving forces behind security system design usually have nothing to do with such altruistic goals. They are much more likely to be the desire to grab a monopoly, to charge different prices to different users for essentially the same service, and to dump risk. Often this is perfectly rational.”

The world is somewhat different 16 years later, but not in a way that makes security any easier. In fact, by welcoming internet-connected locks, refrigerators, thermostats, and wheelchairs into our lives, we have broadened our collective vulnerability.

For an individual, the first step to sanity is to check if your information has already been compromised. I recommend a visit to haveibeenpwned.com to see if your email address and password have been revealed in any recent data breaches.

Hopefully, you are in the clear. But if not, it’s time to change your passwords. The best approach is to use a unique password for each of your online accounts so that if a hacker or bot gains access to one site, they can’t necessarily move on to others. That sounds quite daunting. Without some help, it means a lot of passwords to memorise.

Fortunately, many different password managers exist that can help you generate, remember, and categorise your various accounts. The most popular are 1Password, Dashlane, LastPass, and KeePass, and it’s worth spending some time figuring them out. They make life significantly easier because they will also do other things for you like fill out tedious forms.

Once you have set that up, take a look at this guide to personal information security. It contains many useful tips and is written to be accessible for your friends, colleagues, and perhaps clients. You may also want to develop a better understanding of how an attack may unfold or explore whether your firm is equipped to manoeuvre fast enough. It is past time to be alert, but hopefully thinking these issues through now will help keep you from being alarmed should they actually occur.

Sloane Ortel has worked in investment management since 2006 and joined CFA Institute in 2010.

Full Article Here:  https://www.theguardian.com/technology/pda/2010/mar/09/adblock

Using programs that screen out online advertising is fairly popular – particularly among the sort of savvy readers who spend their time reading this blog. But how much of a problem is it for web publishers? Just ask Ars Technica, the technology news and analysis site that tried a bold experiment to show its readers the real impact of ad blocking systems… and opened up a number of issues for web users and publishers alike in the process.
Ad blocking, if you aren’t familiar, is a technique used in a number of browser plug-ins that basically removes advertising from the web. Similar systems are also used to block Flash content – but basically, it looks for ads on a given web page and removes them.

That means if you’re using ad or Flash blocking, instead of seeing a page like this:

You see one like this:

Now, the common argument put forward by users is that it makes their online experience better and that since they were people who would never click on adverts anyway, it doesn’t make any financial difference to the site they visit.

That myth has been exploded by Ars, which ran a post yesterday called “Why ad blocking is devastating to the sites you love”. Last week the site, part of the Conde Nast empire which includes magazines such as Wired, Vogue and the New Yorker, tried an experiment so that users running ad blocking software also had the content blocked. Why?

There is an oft-stated misconception that if a user never clicks on ads, then blocking them won’t hurt a site financially. This is wrong. Most sites, at least sites the size of ours, are paid on a per view basis. If you have an ad blocker running, and you load 10 pages on the site, you consume resources from us (bandwidth being only one of them), but provide us with no revenue.

The analogy they make is to a restaurant: ad blocking users are dining for free, even if they don’t think they are.

It’s an interesting dilemma in a world where publishers are increasingly looking at paywalls, but users remain far from enamoured by the concept of having to pay for website subscriptions. So what do you do?

Well, ad blockers are popular online – I certainly know from the comments that plenty of you use plugins like Adblock plus. Indeed, a few weeks ago during a discussion here about the iPad, somebody in the comments asked me if I used AdBlock, and if not, why not.

I don’t, not only for these reasons put forward by Ars Technica, because money made through advertising pays a good proportion of my wages and other reasons. It would be more than a little two-faced to want people to pay for my content with their attention and then effectively remove my attention from other peoples’ sites. But I accept that it’s an argument that isn’t made enough by publishers – and that it may not brook much sympathy with you.

None of this is to say that adverts aren’t often annoying, intrusive or unwanted – but it’s an argument that isn’t made enough by publishers, and even so it may not brook much sympathy with you.

So: is putting up with ads possible worth it to support the sites you love? Or are there other options?

Full article here:  https://www.asecurelife.com/best-shredders/