In army in the engineering space and in software development, there is a principle called "defense in depth". This principle should be applied in other contexts, particularly with regard to privacy. Instead, many people today put their trust in a single solution for magic-bullet security, and then get surprised when it fails.
Consider how you lock your house. Do you have a single, magic, patented E-Z-MaxoSecuro-Lock keeps your secure door entry, and to resolve this issue? No, no, you do not. You generally have two locks, deadbolts, window detectors, a burglar alarm (and a fire alarm to start), and monitoring programs district.
Consider how you drive your car. Do you have one get-out-of-free-hospital guard? No, no, you do not. You use seat belts, airbags, and defensive driving. In addition to that, the car itself has crumple zones, a protective cage, and a number of other passive and active systems to keep you safe.
This is called defense in depth . The principle is that, even if a security system completely fails, all others are always there to break the fall. In the military, this means not relying on a single result for the win, but being able to take multiple losses and still prevail. In engineering, this means having several redundant systems. In software development, this means assuming that a part of your software can (and) is compromised by an opponent, and the rest of the software must be able not to get domino compromised because of the implicit trust in this component.
Components fail. The services fail. Even for just a millisecond, which may be sufficient. That's why defense in depth must be applied to the privacy of people online.
What you need is not encrypted disk, encrypted communication, encrypted startup, the encrypted home folder or anonymous connectivity. You need all thereof. Preferably repeatedly encrypted. My data is encrypted three times in different layers, just because I know a layer might fail without warning or notice. The typical example ten years ago would be a temporary VPN connection could fail for any reason, and a box of Windows XP would just take it down, to discover that she still had connectivity (without VPN ), and quietly continue to do everything he did not even warn the user that the user was now completely exposed. Oops. Fortunately, technology has advanced in this field, but similar problems remain with all services. That's why you need secondary protection layers. And tertiary. Defence in depth.
Using digital connectivity for your delight. Using a VPN is nice. Using TOR to a VPN is much better than either one alone. But help or if your data is unencrypted on your computer, which can be stolen by an opponent. (Legal or not: does not matter, your data and your confidence yet fled)
encryptionUsing disk level is nice. But it unlocked when you bring your computer to a trusted colleague to use the guest account, or you get compromised by malware. Using encryption folder home is nice, but that is spreading tons of places unencrypted disk (swap space, for one). Use encryption at the disk and folder encryption house is much better than either one alone. But none of that matters if you communicate the content of your data carefully encrypted unencrypted over the Internet, or even worse, to communicate passwords unencrypted over the network.
Using encrypted communications and figures is much better than either one alone. Then add anonymization services, too. And protection against malicious software, if you are using sensitive operating systems like Microsoft Windows.
See how secure your home, or how you are protected by several redundant systems in your car, and then apply it to your online privacy.
Privacy remains your own responsibility.
0 Komentar