Since “The Snappening” happened last week and tens of thousands of photos and videos leaked onto the internet several people have asked my opinion about it. During conversations some have said things like, “Don’t take naked pictures of yourself and send them to people if you don’t want them going public!” Others have exclaimed, “We entrust these companies with our stuff, they should be sued out of existence when this happens!” No matter which side of the issue you come down on there are larger discussions we should be having about technology and the perceived safety of our information.
Your Information Is Not Safe
Before going any further, understand this truth: Your information is never completely safe once it hits the internet. Emails, banking information, credit card information, healthcare information, family photos, nude photos. None of it. Hopefully that isn’t a revelation? Any information you send or share over the internet has a chance of being seen by someone you didn’t intend to see it. Sometimes things you don’t think are being stored are being saved by web browsers, search engines, Internet Service Providers, mobile devices, and the applications you use.
Corporate and Industry Responsibility
Somehow it seems the public forgets that technology is subject to all the same human paradigms as any other product or service we use. There are people who develop apps who make mistakes. People maintaining hosting infrastructure who simply aren’t very good at their job. People responsible for penetration testing who are distracted because of strained relationships with their significant others. People who work as Chief Technology Officers at major corporations who are lazy. Corporate decision-makers who determine it’s “cheaper” to keep older, vulnerable technical infrastructure rather than invest in newer and better technologies. People in other positions of importance who do wrong on purpose for whatever reason. Unfortunately on top of all these possible failure points are arguments and power struggles in our industry over best practice standards. Also factor in that newer technologies are often adopted in their infancy without significant testing. And in the midst of all that criminals are waiting for the perfect storm of human conditions to come together and provide a golden opportunity to score big.
Who knows how many of the possible failure points listed above contributed to The Snappening, the Target breach, Home Depot breach, Dairy Queen breach, Jimmy Johns breach… but hackers have been sending a crystal clear message there are gaping holes in our systems. So what steps are we taking to put better systems in place? To insure better quality control? To test newer technologies before introducing them to the mainstream ecosystem? We know that costs money. Are companies willing to make the investments? Are consumers willing to bear some of that cost that will inevitably trickle down to us? Only if consumers get concerned, involved and demand it will meaningful change happen. We could hope that Washington would get their shit together and begin passing meaningful legislation in this area, but the unfortunate truth is that our federal government is typically years behind the technology curve, and of course highly susceptible to lobbying efforts.
Education and Personal Responsibility
It’s not in my place to make moral judgements here about people sending naked pictures of themselves, and that’s not the purpose of this article. I do however believe just as it is an app developer’s responsibility to use best practices, thoroughly test their products, and clearly communicate best practice security measures to their users (not bury them in the T’s and C’s), it is also the responsibility of users to become educated and responsible technology consumers. Most people should be aware by now you should have anti-virus software installed on your devices, and you should use strong passwords. But yet there are so many people out there who don’t! If you don’t use anti-virus and you’re still using passwords like “password”, then I have a hard time feeling sorry for you if someone breaks into your computer or cloud storage account and steals your stuff. For the cost of a week’s worth of latte’s at your favorite coffee shop you can have a trusted anti-virus program on your computer. For a fraction of that you can also buy a password keeper program to help you generate and store secure passwords for every website you use. These programs are crucial to practicing safe surfing habits online, and they are not expensive. What you decide to send and share from there is up to you, just understand the risks involved.
Risk Versus Reward
No matter how many best practices you and the services you use follow, there are still failure points in all the technologies we use. As with anything else in our lives we need to weigh the risks versus the rewards, do our best to educate ourselves, try not to make bad decisions, and then hold on tight! In my opinion the benefits of the internet and technology far outweigh the risks when developed and used responsibly by all parties involved. Unfortunately right now WWW is still the Wild Wild West, and it’s going to keep getting uglier until everyone involved commits to a safer, more secure web. How we achieve that is the real discussion we should be having.
_