dfm covers
 
 

Hacker Halted 2013: Whistleblowers required!

Print PDF
Monday, 23 September 2013 19:22 Written by DFM News

On September 19 2013, at the Hacker Halted conference, Taylor Banks called on the information security industry to adopt whistleblowing activities to transform the security and privacy landscape of the future.

Heis address to the audience began with claims that “Government spying programs have nothing on the commercial organizations we opt-in to share our information with every single day.”

Mr Banks went on to remind the audience that every time they use a credit or debit card, they are putting their own privacy at risk. This included the times that a loyalty rewards program was used, a mortgage is taken out or an ATM is used. Banks asked the audience the innevitable question, "But who watchers the watchers? People need to feel safe by knowing there is a watcher of watchers."

Banks explained that the information security community were the perfect watchers of watchers, “the perfect whistleblowers. Without us, our users would be nothing more than a wall of sheep”, he said. “We need to sound the alarm when we see data being touched and used inappropriately.” Security practitioners, he argued, are responsible for the protection of privacy.

Responsible disclosure, “whenever it is safe and practical, is the difference between hostility and hospitality”, Banks said. “By recognizing misconduct and dishonest activity taken place, we can protect users from those actively doing them harm.”

Information Security professionals have the appropriate qualifications to make a determination about whether data is being managed responsibly or in a way that does its owner harm. “Let’s call attention to the negligence and misconduct we see everywhere.”

In addition to their role as whistleblowers, information security professionals should also be tasked with “eating their own dog food”, said Banks. “Let’s practice what we preach. Encrypt your emails today. At the very least, sign your emails. Stop using passwords and use two-factor authentication. Finally, review all SSL certificate warnings.”

Banks finished his address by illustrating a future in which you could “email your wife, knowing only she will read it. Imagine a world where WiFi is free, but secured. To realise this dream”, he explained, “we need to blow the whistle louder. We have to eat our own dog food.”




 
Please make cache directory writable.
 

Submit an Article

Call for Articles

We are keen to publish new articles from all aspects of digital forensics. Click to contact us with your completed article or article ideas.

Featured Book

Learning iOS Forensics

A practical hands-on guide to acquire and analyse iOS devices with the latest forensic techniques and tools.

Meet the Authors

Scott C. Zimmerman

Scott C. Zimmerman is a CISSP qualified Information Security consultant and presenter

 

Coming up in the Next issue of Digital Forensics Magazine

Coming up in Issue 42 on sale from February 2020:


Forensic Syntactical & Linguistic Investigation

Mark Iwazko presents a case study regarding a Forensic Syntactical & Linguistic investigation: Instructed by the Moscow General Council of one of the actual big four accountants. Read More »

Forensic Readiness: A Proactive Approach to Support Forensic Digital Analysis

An increasing number of criminal actions are inflicting financial and brand damage to organizations around the globe. An impressive number of such cases do not reach the courts, mainly because of the organization’s inefficiency to produce robust digital evidences that are acceptable in the courts of law. Read More »

Subscribe today


Using Error-Patterns for Attribution: An Applied Linguistics Technique

Corpus Linguistics within Second Language Acquisition has developed models of error patterns made by defined groups of second language learners. This knowledge base can be leveraged by a knowledgeable analyst to attribute content to a subset of authors. Read More »

Every Issue
Plus the usual Competition, Book Reviews, 360, IRQ, Legal

Click here to read more about the next issue