Stolen Pixels #260: The Dark Fortress
- Thread starter Shamus Young
- Start date
Oh jeeze... Come on Sony, that might be taking things too far! You might injure your employees in your mad pursuit of security!
they should just hash everything. then you don't have to worry about your info getting stolen! XD
They gotta have a hash table to unhash the information (e.g., credit card numbers) so it can be used when needed and that hash table has to be stored on a server. If the hash table is taken along with the hashed information, then whoever has both can easily unhash the information.DTWolfwood said:
Like the poster above said, the only foolproof way to safeguard a server is to disconnect it and leave it disconnected.
hash the hash tables and store that table on the janitors computer. no1 will look there! XDJDKJ said:
A well we'll always fight a losing battle against determined hackers, unless they get that fiberoptic light disturbance security thingy working.
I'm totally making a scary face on my PC case as an additional firewall/antivir solution. I'll even go a step further and make the scary on both sides on the case, outside and inside. The inside one will be responsible to scaring off anything that might have already got through due to lack of barbed wire and scary face on the outside.
At later stage i may also plant some bear traps around my PC, just to be sure.
At later stage i may also plant some bear traps around my PC, just to be sure.
No security is perfect.
The best you can do is try to remember not to hire crazy or untrustworthy people and then not to piss them off after you hire them. Segregate your really important data so that even if you have a general security breach, they still don?t have access to your very sensitive data and treat any employee who has access to the really sensitive data really well also run financial and security checks on them several times a year, and keep the number to less than 10 and no the CxO group is not part of that 10. Review and update your security model annually. Patch and update your own code every quarter or as vulnerabilities are discovered. Patch and update 3rd party systems within 30 days of them releasing a patch if not sooner.
But here is the thing. Sony knows how to run data security. They really do. But doing so it expensive and takes resources. Adding a second database layer so that the credit cards data isn?t stored with the rest of the data would probably have stopped them from being stolen, but it would have cost Sony extra money to setup and extra money to run. But If Sony really wanted to make data hacker proof or heavily hacker resistant. They could, and they very likely have. Lots of information they consider sensitive trade secrets that they don?t want to ever get out. For those they?ll spend the extra money. For your credit card they will not.
The best you can do is try to remember not to hire crazy or untrustworthy people and then not to piss them off after you hire them. Segregate your really important data so that even if you have a general security breach, they still don?t have access to your very sensitive data and treat any employee who has access to the really sensitive data really well also run financial and security checks on them several times a year, and keep the number to less than 10 and no the CxO group is not part of that 10. Review and update your security model annually. Patch and update your own code every quarter or as vulnerabilities are discovered. Patch and update 3rd party systems within 30 days of them releasing a patch if not sooner.
But here is the thing. Sony knows how to run data security. They really do. But doing so it expensive and takes resources. Adding a second database layer so that the credit cards data isn?t stored with the rest of the data would probably have stopped them from being stolen, but it would have cost Sony extra money to setup and extra money to run. But If Sony really wanted to make data hacker proof or heavily hacker resistant. They could, and they very likely have. Lots of information they consider sensitive trade secrets that they don?t want to ever get out. For those they?ll spend the extra money. For your credit card they will not.
Just have the ToS rolled up into a scroll on the side which unfurls when people get close. It'll scare anyone away.
i came here just to ask that exact thing. screw literature, i need me some webcomics.SirBryghtside said:Just in case anyone's wondering, Shamus put this on hold to write a book. I *think* it's done now