2013-Jun-20 - Always assume the worst

The latest NSA surveillance and PRISM news (aka Snowden leak) seems to have gotten a lot of people by surprise. Who would have thought that the NSA was doing that?

Seriously? Where else would they be spending their $10 billion budget? Or using their 40,000 employee force? Or how could they be the largest consumer of power in the state of Maryland?

Of course there was something going on.

What about the Chinese hacking the rest of the world? Are they really? Of course they are. But so is the USA and most developed countries. Did we forget where Stuxnet came from?

I know there are differences in targets, but any country not investing in their cyber force is not really paying attention to our world.

And governments are not the only ones. Private companies are watching us all the time.

Oh, and I didn’t even get started on criminal and hacking activities. Who knows how many servers and companies out there they have owned and are monitoring lately.

Always assume the worst

And I am not trying to go into the Politics of what is right or wrong, but trying to point out that we always have to assume the worst. That either a government or company or criminal (or even a friend) might be monitoring what you do in “private” online.

Some rules to remember:

  • Always assume that you are being monitored. Specially online. It could be your government, a foreign country, your ISP, or even from within your network. Someone might be watching you.
  • Always assume that your network is compromised. Because it might really be and you don’t know yet.
  • Always assume that all your emails are being read.
  • Always assume that all your IM (instant messages) are being read.
  • Always assume that any “private” content you put online is going to be public someday.
  • Always assume that your data will be lost.
  • Always assume that some servers or computers that you own are already compromised.
  • Always assume that some of your employees (or co-workers) can’t be trusted. And you really don’t know which ones are.
  • Always assume that there is someone, right now, trying to hack you. This one is really true.
  • Always assume that there is someone, right now, that is smarter than you, trying to hack you.

When you make those assumptions, you become a lot more careful and vigilant on what you do online. And this is not to make anyone paranoid, but to at least know the risks so you can know what to share or what to say online (within limits). Plus, you can take extra measures to minimize the chances of any of these things happening.

I know it is sad, but it is the reality of the world we live in.


By Daniel B. Cid - Tags: sec - Notes index.

Quick Links

Social

External Projects