A ten-point plan to reduce NSA/GCHQ/MOUSE spying

[thewayne]

Edward Snowden was a featured speaker last month at both TED and SXSW, he teleconferenced in. From his talks, Wired came up with a list of ten things that can be done to improve security and privacy of our information. It's a pretty good list, but not one that the individual can do much with, it's pretty much entirely dependent on being implemented by ISPs and web sites and engineers. Still, it's not a bad start.

http://www.wired.com/2014/03/wishlist/

Comments

[silveradept]

Those are all great suggestions, and we wonder why they haven't been implemented, especially since it seems to be changes that wouldn't affect user experience.

[thewayne.livejournal.com]

For most of the suggestions, it's a question of time and money, and money drives the will to do things that are not strictly required in corps. I think the last two, eliminating Flash and funded software audits, would be the most difficult to do.

There was a post on Slashdot yesterday(?) about a sysadmin whose overlords decided that ALL server patches had to go through change management, and he works with something like 50 servers. The guy is screwed. Yes, change management is important, but the level of documentation that they want was truly stultifying.

[silveradept]

Yikes on that server admin.

It's odd to say that money would keep them from doing this, because it seems like the possible liability for stolen data and/or irate customers on a breach would be greater than the actual cost of the upgrades needed to insure against that. But, since companies can be short-sighted abot potential future costs, I suppose it's not as odd as I thought.