The user knows nothing: Rethinking cybersecurity
This position — that the adversary knows your system as well as you do, if not better, as soon as it is stood up — while extreme, led to the creation of large number factorization, the basis for all modern encryption, from PGP to RSA tokens. Under these encryption schemes, as long as the key is kept private, someone can know everything about how the security system works and still not be able to crack it.
To get to a place of true cybersecurity, another stark innovation in thinking is needed. What is needed is an Inverse Shannon’s Maxim: the user knows nothing.
Coincidentally, our CTO and I were having a conversation along these lines just yesterday. It’s a thrill a minute at SecurLinx!
In a departure from our normal biometrics fare, NQ Mobile has a new report [pdf] showing that mobile devices are increasingly being targeted by, and succumbing to, malware developers.
The linked pdf also has a list of the top five most infected markets.
NQ Mobile offers their mobile security suite in both free and premium versions.
Despite warnings that too few people protect access to their mobile device with a PIN, doing so does not prevent authorized users from being tricked into downloading malware. See: The Con is Mightier than the Hack
That means mobile security services are going to be an important factor in keeping the purple bar at the far right of the picture as short as possible.
Is Your Body Your Best Defense Against Digital Terrorists? (Motley Fool)
If your digital life is linked together closely enough, the entire house of cards could be flattened in less than an hour. Family photos, email histories, business invoices, creative work, and all your connections — it could all be gone before you wake up. But the solution may be closer than you think.