Trader Note

Look at the market and say which way it is going, "Up or down?" Then figure out why or why not.

Insecure Data

Personal tales of hacking….

This website was recently hacked. If that inconvenienced you, I apologize. Hopefully, the spam and redirections were kept to a minimum.

From a site developer perspective, it is a real pain in the ass. After three days and countless hours, I am still not sure that this website is secure (I’m sure it can be hacked, but I’m not sure if it has been hacked).

To clean up after a hack is a challenge. All the passwords have to be changed, and there are many from FTP, hosting account, database, user accounts and more. That is actually the easy part, if you can remember all of your initial passwords.

Once that hole is plugged, then the malicious code must be removed from the site. This website used over 14000 files, so it cannot be done by going through every line of code. I was trying that, but my abilities to read PHP code are insufficient to be able to trace every dependency and subroutine.

Most programmers are lazy (especially the good ones) and I am no different. So I chose the easy way out: Delete everything and do a clean installation from a previous backup. The backups of the two months in between a supposedly secure setup and the current setup meant that all the existing data had to be re-entered manually. Hopefully, you were not looking back on May’s charts to plan your next trade.

After such an installation, I found that there were still remnant fingerprints of a hack on this site (too many users). So after scrubbing those users, out of date code and upgrading used code, I am still not sure that this site is secure.

If you find any malicious code or spam, please send an email to admin(at)addlepated.com.au

 

Modern data is not secure.

Many operating systems are moving towards “the cloud.” What that actually means is that data is being stored in random remote locations on many different servers. Few people are aware of the exact server or location of their data. Less of them would be aware of their data being compromised. Even Hilary Clinton’s data was compromised. Hackers, on the other hand are very good at tracking data flows.

Every system has flaws. Let me repeat that for dramatic effect: EVERY SYSTEM HAS FLAWS.

What that means is that every severer has exploitable potential. Every storage location is potentially able to be breached. Data in transit can be scalped (copied) and is often duplicated.

It seems that as a society, we have given up on data security for convince. That convince is for us to use the same data across platforms. That data that cross talks between your phone, tablet, and desktop means that lightly secured systems can access your data. This data is relatively easy to compromise. Putting all of your data on a remote server (cloud) that you have no control over also puts the security of that data out of your control.

Most operation systems are moving to cloud storage. This is because it makes them more money. They can sell the storage. They can also scan your data for metadata that they can sell on to people interested in you as a customer… or a target.

Should you upgrade to MS10? Probably not.

Should you dump Apple for a good operating system like Ubuntu? Probably… but unless you are computer literate, it is unlike to suit your needs.

So we give up our privacy for convince. We give up our security for easy. We give up our hard earned money to thieves because the retailers we are working with, and the banks we expect to have secure files, are more incompetent with our data that we are.

2018  www.addlepated.com.au  globbers joomla templates