Security / Privacy Advice?

← Back to Stories (view on slashdot.org)

Posted by kdawson on Thursday September 17, 2009 @11:27AM from the all-ears dept.

James-NSC writes "My employer is changing its policy towards employee use of social networks. I've been asked to give a 40-minute presentation to the entire company, with attendance mandatory, on the security and privacy concerns relating to social networking. While I was putting it together, I ended up with some miscellaneous information that pertains to security/privacy in general, for example: the emerging ATM skimming (mainly for our European employees), a reminder that email is not private, malware/drive-by in popular search results, etc. Since these topics don't directly relate to the subject I've been asked to address, I've ended up with a section titled 'While I have you...' I'm going to have the mandatory attention of every employee and I thought it would be a great opportunity to give advice on security/privacy issues across the board. As it's an opportunity that one seldom gets, I certainly want to utilize it fullly. If you had the attention of an entire company with employees in the US, UK, Asia, and Australia, what security / privacy advice would you give?"

1 of 260 comments (clear)

Min score:

Reason:

Sort:

Closed Source Open Source by erroneus · 2009-09-17 11:49 · Score: 0, Offtopic

With Closed Source software, it has been shown time and again that you don't always know what it will do beyond its stated and obvious functions. Windows Genuine Advantage, for example, has been shown to store and send out more information than Microsoft has stated. Other closed source software has been shown to do similar things as well. Ultimately, the software for which source code is not openly available (and which is often encrypted to avoid disassembly or other analysis) simply cannot be checked or verified the way Open Source software can. And while the vast majority of apps do actually behave, you still have to understand that each program is a "black box" and you simply have to "trust" it. With Open Source software, this is much less the case.
The lesson here isn't necessarily that everyone should use only Open Source software either. The lesson is that adequate suspicion and caution should be exercised when installing software onto a computer keeping in mind various factors. Such factors might include how much it is needed versus how good its reputation may be. People tend to put more trust into strange software than they would a stranger asking to have access into their computer system and this is rather strange. When installing strange software into a computer system, it is actually worse in many ways to having someone personally and directly have free access into your computer system. It is important to remind everyone what it is they are granting access to when they install strange software that is, in the end, "a black box."