I’ve just finished reading Matt Honan’s (Wired Senior Editor) exhaustive, but very good piece, Kill the Password: Why a String of Characters Can’t Protect Us Anymore. For all its merit and accurate advice I feel there’s on issue that wasn’t adequately addressed, and it’s something that’s particularly relevant to people in emerging markets.
I have long advocated, albeit only in my personal capacity, the advantages of keeping as much of your digital life as possible offline. Yes, there are certain modern-day conveniences that are nigh unavoidable: online shopping, online banking, social networking, etc. However, that does not mean you have to export your entire life to the digital realm. As evidenced by Honan’s article, the cloud (for the purposes of this article, the “cloud” refers to all data stored online, not specific services) is not secure.
No buts, it’s not safe. If there’s someone out there with enough determination and half decent computer skills they will find a way to access your data. Why is this particularly relevant to us? Because we’re not entirely there yet.
As much as the local capacity for internet usage is growing, and as a result the infrastructure is improving, we’re simply not at first world levels yet, which for once could actually be a good thing. Because we’re not at that level yet we tend to rely on offline alternatives; flash drives, external hard drives, more capable laptops. These, for the time being, are safer than their online counterparts because you need to have physical access to use/exploit them.
However, there is a crucial caveat — these only remain secure as long as you’re offline. Once your personal information has been accessed, it’s only a few more steps until your whole digital life is at a hacker’s mercy. Of course, your hard drive could always crash (which has happened to me more times than I care to remember) and then you’ve lost most of that data anyway. Yay for technology.
Although Honan says passwords are all but obsolete, there currently is no widely-used alternative and there doesn’t seem to be a viable one anywhere in sight. So, make the best of a bad situation. First of all, if your password is stupid, you deserve to be hacked. Using “password”, your phone number, the name of your holiday home or anything of that nature is akin to leaving a front door key under a pot plant on your stoep. Think outside the box, make something up on the spot that’s not related to anything in any way and then do the unthinkable, write it down.
People say don’t write down your passwords, and although I agree to an extent, it’s only really a bad idea if you’re stupid about it. Of course it’s a bad idea to write down your passwords anywhere digitally, hackers don’t care if it’s some arbitrarily named text file, as before, if they want it they’ll find. What’s the alternative? Good old paper. Find a book or journal that you don’t necessarily keep on you at all times, and use it as a password key. Again, the “don’t be stupid” rule applies. If you’re going to leave it somewhere for anybody to find you’re asking for trouble, similarly, if you always have it on you it can easily be lifted and along with it your digital life.
Lastly, and this is more a lifestyle tip than an online security one, if you don’t want people to find incriminating photos/files/documents etc, don’t put them online. As simple as that sounds, it’s astounding how many people are blissfully ignorant. You think your lover is the only one who saw that steamy pic you sent them? Think again, how do you think it got there? Sure, it’s not legal to access those files but when has that stopped anyone before — how do think those countless “leaked” images reach the press (not including the majority of celebs who post them themselves). What about that time you had to take your phone/laptop/camera in for repairs… did you completely wipe the memory? No? Someone’s getting a little something extra in the repair shop tonight!
I’m not trying to paint technicians/repair people or any other persons in the digital service industry as the bad guys, I’m sure that they are the exception rather than the rule, but the reality is that the bad guys do exist. And that’s true for all aspects of the digital world.
I’ll leave you with this little pearl of wisdom which my grandfather passed onto my mother and she in turn passed onto me, “If you’re dumb, then you must suffer,” (translated from Afrikaans, “as jy dom is, moet jy suffer”). Be vigilant friends, and think twice before tweeting that pic.