Skip to content
(A barefoot woman and man, both without noses. The woman is speaking.) Apparently there's been another huge data breach. They got users' names, passwords, noses and shoes.

Once more unto the breach

Once more unto the breach published on No Comments on Once more unto the breach

Another day, another data breach —this time with a British teleco called TalkTalk. Unlike the Ashley Madison breach, the very fact that someone’s profile is in their database isn’t damaging, but the personal information attached to that profile could be.

There’s a ton of good common-sense security advice out there for users (the folks we used to call “consumers”). Use a different password on every site. Use hard-to-guess passwords. Be careful of public Wi-Fi. Don’t have children.

That’s fine for locking up our own front doors. But how to protect ourselves when someone breaks into the bank vault and raids our safe deposit boxes? In terms of defending ourselves from third-party security breaches, there isn’t a lot of advice out there — other than “don’t share any more information than you have to.”

Unfortunately, many of the companies we deal with make sharing more data than necessary part of the price of doing business with them. And that’s not just the data they gather in a registration form; they track how we use their services relentlessly, and cross-reference that data with information from other services.

Everything they have on us is there on their servers, ready for an enterprising hacker to swoop in and harvest if the company fails to mount an adequate defence. There isn’t a lot you can do about that; we don’t even have a good sense of how well the companies we deal with are protecting our data, because they’re notoriously tight-lipped about their security practices, citing security concerns.

The key message is just “Trust us,” which doesn’t inspire confidence with the mounting pile of headlines suggesting many data warehouses aren’t impregnable fortresses so much as all-you-can-download buffets. That’s especially frustrating if you’re otherwise careful about protecting your privacy. It doesn’t do you a lot of good to cover your tracks if your partner in crime (or data) sings like a canary.

Worse yet, you don’t have to be a customer to run afoul of a company’s disregard for your privacy and security. In their quest for ever-harder-to-ignore ads, companies have embraced Flash-based tools that expose browsers to gaping security holes.

Which is why the breaches we’ve seen so far are probably just prologue. As Cory Doctorow put it, “Ashley Madison and the Office of Personnel Management weren’t the big leak-quake: they were the tremors that warned of the coming tsunami. Every day, every week, every month, there will be a mounting drumbeat of privacy disasters. By this time next year, it’s very likely that someone you know will have suffered real, catastrophic harm due to privacy breaches. Maybe it’ll be you.”


All the other kids’ moms let them

All the other kids’ moms let them published on No Comments on All the other kids’ moms let them

When I say I’d be thrilled if my kids grew up with some degree of hacker ethic, I don’t mean I want them breaking into credit card files, downloading password lists or making every traffic light in Tacoma flash “POOPYPANTS” in Morse code.

I mean something like this.

I want them to see the instruction manual as a starting point, as training wheels, as the prosaic preface to the poetry of “Now what else can we do with this?”

I want them to see a gleaming new gadget (or a bashed-up older one), and look for the retaining screws… and a matching screwdriver.

I want them to see two utterly disparate machines, systems or ideas, and start dreaming up ways they could mesh.

I want them to be able to quell the inner voice that says “That’ll never work,” and seek a path around, over, under or through.

And one of the things that makes me happiest is that I see that in them already, every day. Not just with technology, but with words, ideas, relationships, images and much more.

Which probably isn’t a great surprise, if you’ve met their mother.

Great moments of 2011: PlayStation Network outage

Great moments of 2011: PlayStation Network outage published on No Comments on Great moments of 2011: PlayStation Network outage

No review of the great online moments of the past year would be complete without the disastrous PlayStation Network hacking attack and subsequent damn-near-six-week outage… not to mention Sony’s lengthy failure to address it publicly… and the hacking a month later of Sony’s Online Entertainment Network, exposing 24 million users’ info… and Sony’s imposition of new terms of service in September that require users to agree not to sue the company or join class-action suits.

By the way, I love Little Big Planet. Love it.