View profile

Big Revolution - Feeling insecure about security

Revue
 
Welcome to the start of another week at Big Revolution. Today I'm thinking about how much we should (
 
March 4 · Issue #362 · View online
Big Revolution
Welcome to the start of another week at Big Revolution. Today I’m thinking about how much we should (or shouldn’t) really trust our internet connections…
– Martin from Big Revolution

Big things you need to know today
  • The mystery around the recent death of the operator of a cryptocurrency exchange has deepend. It was thought the Quadriga wallets holding customers’ currency were now permanently inaccessible, but auditors have now found that it seems the wallets had been empty since April last year. Hmm…
  • North Korean hackers continue to attack Western businesses. The New York Times reports that the attacks even continued as Trump and Kim met for last week’s summit. In truth, some Western countries are no doubt performing similar attacks on their rivals too – we just don’t get to hear about it.
  • Facebook lets you add a phone number to make your account more secure – but then lets others search for you using that number, with no way to opt out completely. This is the latest example of Facebook playing fast and loose with user privacy.
  • Huawei’s CFO has sued the Canadian government, alleging ‘serious breaches’ of her constitutional rights. Meng Wanzhou has been detained since December at the request of the USA, which alleges she was involved in activities including money laundering, stealing trade secrets, and bypassing sanctions placed on Iran.
The big thought
Should I trust this bear with my internet data? Credit: Tunnelbear
Feeling insecure about security
Internet security is on our minds more than ever, and one common piece of advice is ‘use a VPN.’ Virtual private networks encrypt your data so the ISP you’re connecting through can’t see it. This is useful if you’re connecting to an access point you can’t 100% trust, such as in a coffee shop. But is a VPN really much of a better option than just trusting the coffee shop?
A piece on Slate last week highlighted the problems with VPNs. They get all your data, tied to your account details and thus have a very good idea what you do online (they don’t get sensitive stuff sent through secure connections like HTTPS, for example, but just having the metadata about the sites you access can be valuable enough). And often you don’t know who really owns a VPN service, or what they really do with your data.
My to-do list has for a long time had an entry called 'Roll my own VPN.’ This is easier than it used to be and means you’re in control of your own data in a way that you’re not with a normal VPN. This TechCrunch article explains the process of setting up a remote VPN (you can also host one at home using a dirt-cheap Raspberry Pi computer, but this might not be a good option for everyone).
Rolling your own VPN isn’t 'click a button and you’re done’ simple though, so it’s not for everyone. And even if you get it up and running, you have to rely on third parties to an extent when it comes to ensuring your data doesn’t somehow get hacked at some point.
Personally I use TunnelBear as my VPN, as it’s simple to use (featuring a fun cartoon bear), is owned by McAfee – a company trusted by many and at least a well-known name – and it makes a big deal of the audit it undertakes each year. That’s still not a guarantee of 100% privacy, but at least it’s a start.
There are no certainties in internet security, but there’s definitely more room for transparency when it comes to VPN providers. Who is going to come along and establish itself as a trusted VPN for the masses? Maybe Apple, with its reputation for security and desire for more services revenue, could launch a VPN service tightly integrated with its own hardware?
For now, I’ll keep trusting the cartoon bear while meaning to sorted out my own personal solution some time soon – and thinking that really this should all be a lot simpler.
One big read
Status as a Service (StaaS) Status as a Service (StaaS)
An in-depth read about the nature of online social networks, and why they work the way they do. You might need to carve out some time in your lunch break to get through it!
One big tweet
When Lyft released details of its finances ahead of its upcoming IPO, some people remarked that for the amount it was spending on cloud services, it could build its own data centre. Click through below for an interesting thread about why that makes less sense than you might think…
Hemant Mohapatra
So @lyft is paying $8m/mo to @AWS -- almost $100m/yr! Each ride costs $.14 in AWS rent. I keep hearing they could build their own DC & save. My early days at @Google cloud, heard the same from customers: "at scale, owning is cheaper". It wasn't - they all came around. Here's why:
2:53 AM - 4 Mar 2019
That’s all for today...
Back tomorrow with more. See you in your inbox then!
Did you enjoy this issue?
 
Become a member for $5 per month
Don’t miss out on the other issues by Martin SFP Bryant
You can manage your subscription here
If you were forwarded this newsletter and you like it, you can subscribe here
Powered by Revue