-
A thought on these privacy breaches and the punishments received…
Apple’s net worth is $3.27 trillion. Does anyone really thing a paltry $95 million fine is going to even be noticed. That’s a measly 0.003% of net.
These big companies need to be hit with appropriate fines when they harm our security. How about $3.3 billion dollars instead, divided amongst everyone who was affected. That would make them think twice in the board meetings when they discuss stealing peoples data.
-
-
-
-
Amusingly, your initial question requires an alarmingly simple answer…
Absolutely no entity other than yourself. Period.
Even the most well meaning and conscientiously administrated service will, not might, experience some failure that exposes your precious data. It could be machine, but more likely will be human error.
Keep your information private within your own environment, protect it appropriately, pay for quality consulting if you can’t handle this yourself, and never ever use other people’s servers to store your data, except for a few special cases that simply must be handled by a third party due to the logistics of doing it yourself. VoIP and E-Mail services come to mind. If you must store data in the cloud, perform the encryption locally and only place pre-encrypted data on cloud servers.
As for why Apple seems to get less push back from its users… I don’t think “trust” is the answer. My experience with Apple users are that they blindly use the features on their devices without thinking because they are more interested in the “cool new features” than in what they just compromised to get them.
1 user thanked author for this post.
-
Nothing will happen. You delete the current passkey on the old device and create a new passkey on the new device. You better create passkeys on two devices. Passkeys aren’t saved or compared on servers like passwords do.
I’m under the impression that passkeys are unique for each user/device combo, so if you get a new phone, you have to create a new key and then register it everywhere you’d use it again. Sounds like a process most won’t look forward to doing each time a device changes.
With the “key” now being stored on the device instead of on the server; if I can grab that key off your device and mimic the “complicated communications taking place under the covers between your device and a server that you don’t need to know anything about”, then can’t I compromise you everywhere that key is used?
I think this is just shifting the attack vector and exploits will be found once there is a critical mass of usage with this method.
3 users thanked author for this post.
-
I’m not convinced this is a good idea on several levels. I am immediately repulsed by the requirement of carrying a smartphone everywhere. We should be actively figuring out ways to decouple mankind from these wretched devices. And the thought of using a third-party passkey credential provider, which (as you wrote) is similar to an online password manager, seems ludicrous when most, if not every, online password management service has been breached already. The reality is that any digital entity of any size or importance will be breached at some time. It is never a matter of “if”, but of “when”.
I’ve always believed using any method involving biometrics was already dead before it even started because no authentication method should relay on any component that can’t be changed. Last I looked, resetting your fingerprints, voice, retinas, or face was not a viable option for most people.
I know how much I’ve enjoyed changing an email address and then having to notify everyone, change the email address in every service I use, re-authenticate everywhere, and so on. And I especially enjoy that special Hell one is trapped in when a little used entity using a two factor authentication method relies upon an email address or cell phone that has been retired months ago. What’s going to happen when we change phones every two or three years. Regardless of the hype and assurances, I’m betting it will turn out to be a despised experience.
But at the most basic level, this is just another type of challenge/response system. You can be sure a method of compromising it will be found because there is no such thing as, nor will there ever be, a perfectly secure system. And when that happens, instead of the compromising agent having access to only one protected entity (such as you have when using different passwords for each entity requiring one), it will have access to all the supposedly protected entities you secured with that single security token.
I’ll admit we have problems with passwords, and a new, usable, well thought out methodology for authentication would be welcome, but this is not that solution.
8 users thanked author for this post.
-
-
-
-
With the ribbon came some right click feature enhancements that I did actually find beneficial, but even now, many years later, I still hate that ribbon! So many things that could be done with one click in the old 2003 menu and toolbar setup now require two. And things that were two clicks away in 2003 are now three or more.
I had one of my accountant power users remark, after a few years of using the ribbon in Excel, “I think I’m now almost as efficient as I used to be before this change!”
I suspect the opinion on this will hedge on how well optimized one was using the earlier menu and toolbar. For myself, I find having to continuously click on a heading first to get to the subgroup of functions to be counterproductive. I know I can modify the ribbon and add some icons to the little “custom” area Microsoft was so generous to give us, but I still find myself favoring the older menu and toolbar approach.
1 user thanked author for this post.
-
Yes, certain clients will be mandated to move to the next version when Win 10 goes end of life due to HIPAA and other regulatory dictates. And if any substantial flaw in Win 10 should be discovered after end of life, then that can also force an upgrade.
But, I do not blindly subscribe to the idea that just because Microsoft is no longer updating the software, it is now inherently insecure. Could it be, yes, of course. But automatically so, no. As long as the applications in use are up to date, and the network the computer is on is isolated from the internet by a firewall, realistically, there is little chance of that computer being compromised. Not zero, but substantially reduced. And it’s been plainly apparent that even a fully updated operating system can’t protect against the person that clicks on a poison link or attachment in an email, which these days represents the number one malware issue most users face.
My real world experience starts in 1982, but the largest growth of my business came in 2001 when Sircam arrived and really changed the face of malware delivery and propagation. It has been an uphill battle ever since. But one thing has been glaringly obvious. Very few operating system security updates make any meaningful headway in fighting off these threats. Yes, such operating system updates like those addressing SMB and SSL/TLS were beneficial, and a clear reason why older operating systems that can’t support the newer and/or updated and repaired protocols do have to be retired. But what seems to make the most difference is keeping the application software up to date, and really training the users to not do stupid things.
As for Windows, ever since forced updates became the norm, even though my client base has experienced zero downtime from malware, we’ve had more downtime from Windows Updates than we ever had with malware in the past. Printing issues with no solution in sight, RDP connectivity issues requiring work arounds, no access to SysVol because of a security update that helps no one, issues with iCloud, Office 365 deactivating entire offices even with paid up contracts in good standing, failed updates crashing computers, and on, an on…
3 users thanked author for this post.
-
Concerning the right click menu, I feel that the items in the “Show more” group should be the primary group, and all the other now standard primary menu items should be under “Show more”. Apparently I am not alone because this is a fairly common complaint and there are now fixes that aim to return the true functionality of the context sensitive right click menu.
And quite frankly, the need to go multiple levels deep in any of the new material design style settings pages is frustrating. Many versions ago, one could do an amazingly large number of configuration tasks from a single screen. This began dumbing down with Win 8, and then much more so with Win 10. Win 11 continues the trend. This is why power users don’t want the new settings app. They want a comprehensive control panel.
Power profiles are a good example of lesser functionality in the control panel in Win 10, and more so in Win 11. One used to be able to specify, in the power profile itself, what the power, sleep, and lid close actions should be. That was later removed and handled in a different place. Now, the only way I know of to preset those choices is through a group policy change.
Setting file associations has become a bit more difficult too. And heaven forbid you want to change anything that Microsoft has preordained as to be handled by Edge or some other sub-par solution! Expect that to change back on you every so often even after you tell Windows what default program you, the user, want to use.
And have you ever counted the steps to select your default printer? Piece of cake back in the Win 7 days – Click Start, devices and printers, right-click your printer, set as default. Win 10 – Click Start, click the Settings gear, click Devices, click Printers & Scanners, click on your printer, click the Manage button, click Set as Default.
I just can’t see the improvement! It ranks right up there with the same brutal efficiency killing “improvement” we were forced to live with when the “Ribbon” was forced upon us.
3 users thanked author for this post.
-
Short answer – It is still prudent and desirable to avoid Windows 11 like the plague that it is. I will not use, nor will I migrate any of my clients to Windows 11 Pro, until Windows 10 Pro can no longer be used. So Windows 10 end of life means nothing. As long as the user’s key software products run on Windows 10, there is no need to go to Windows 11. In a business scenario, we will continue to test Windows 11, but I have no expectations for this sad excuse for a Windows 10 successor.
It took me long enough to finally get Windows 10 Pro to a usable point where enough of the garbage can be removed to make it tolerable and most of the design flaws can be dealt with using third party software. Because of the substantial number of settings changes and software removals, doing this by hand is a monumental task so this kind of clean up is only viable through a series of .bat and .ps1 scripts run with admin privileges. And realistically, some of the required changes can only be done via scripting since no user interface method exists. I still have no love of Windows 10, but have tamed it enough to be able to use and maintain it. Of course every windows update still manages to screw something up!
Windows 11 Pro has turned out to be a different beast altogether. With the removal of key control panel tools that made Win 10 tolerable, Win 11 continues to be a colossal pain to configure. And with the removal of such basic tools as a proper right click menu and convenient control panel, it is no joy to use. It truly makes one wonder if the people designing and coding Windows have actually even used Windows before. Every time I am forced to help someone with just about any issue in Windows 11, it becomes a frustrating task of tracking down once simple and complete tools that have been dumbed down beyond belief or removed completely. I would be hard pressed to be able to mention even just one new feature in Windows 11 that has any actual value. But I can say jumping through hoops to create local user accounts may be one of my biggest grievances.
4 users thanked author for this post.
-
I do not use Edge, nor do I have any plans to use it. I have not enjoyed jumping through hoops to turn off all the embedded crap that comes up every time the thing opens. The only reason I don’t completely remove it is because I’m not sure what in Windows is relying on it to be there. I have made sure it is not used in any file associations.
I don’t normally use or recommend anything that’s not fully tested and vetted over years. AI, for the public’s use at least, is brand new and full of issues. These predictive engines don’t know truth from falsehoods, right from wrong, or even what they are spewing forth. All they know is what usually follows what. The blind leading the blind. It does lots of things wrong, just at really impressive speeds!
I do not want AI helping me with anything. So far I have not been impressed. I’m pretty sure there’s a horrific train wreck coming; the only questions are where, when , and how bad.
3 users thanked author for this post.
Viewing 15 replies - 1 through 15 (of 28 total)
Author
Viewing 15 replies - 1 through 15 (of 28 total)
