As Strong As Your Weakest Link

As the old saying goes "You are only as strong as your weakest link".  Interestingly, in the recent rash of data disclosures from Edward Snowden and his predecessors, the weakest link could well turn out to be of America's own making.

Outsourcing key data activity to contractors rather than keeping it in-house means your online security is only as good as their employees are; in keeping mum about what they discover about your operations in the course of their daily duties.

Consider the fact, expounded by James Sensenbrenner in a recent editorial, that there are some 500,000 employees of private firms with access to the government's most sensitive secrets.  And this is just the States.  There are surely more in other countries contracted to undertake similar surveillance.

Some regard the actions of Manning, Assange and Snowden as heroic and others consider them heinous, but which ever side of the the ethical debate you sit on, the fact remains that confidential data was accessed and shared with those it wasn't intended for.

It is a sobering realisation (or maybe reconfirmation) that it is the low level IT guy who poses your greatest threat. These techs seem to be able to rummage through systems and make discoveries that evade all of the so-called safeguards that the governments throw at them.

Consider for a moment what you might have accessed online or sent to others via email in the past year.  I would suggest that many people who would feel less than comfortable in having a total disclosure of their online habits revealed to the world without their permission.

But is there anything you can do to mitigate the risk that others can and do spy on what you do?

Part of the answer could well have been given by NSA whistle-blower Snowden.  In reply to an online discussion set up by the Guardian newspaper he said that:

"Encryption (of email) works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it".

So there you go.  Even encrypting your email can only assure safe passage between systems and if the systems themselves have a weakness an IT tech on a mission can crack it or share it. Not the most comforting of thoughts and if the technician in question has a thumb-drive (as Snowden is reported to have by Senator Saxby Chambliss of Georgia), then your data could be shared and leaked well beyond the boundaries of your network.

Am I alone in thinking that these revelations could well have profound implications for the future of the Cloud? The 'contracting out' of data storage from your own servers to a third party based in another country could well have become a far more difficult decision for businesses to make.

And if you wish to mitigate some of the damage your email might cause you could always try using encryption yourself.  Here is one suggestion: GNU Privacy Guard for Windows which is free software.  Mind you I cannot guarantee that a low-level tech at the NSA hasn't already cracked it.

Related articles

• NSA Leaks Show Low-Level IT Worker as Secrecy's Weak Link - Bloomberg
• NSA-proof encryption exists. Why doesn't anyone use it?
• NSA leaker: No chance of fair trial
• Encrypting Your Email Works, Says NSA Whistleblower Edward Snowden
• Establishment Assertions that Snowden is a Chinese Spy are "Predictable Smears" (+video)

Mixed Reviews For Facebook's "Non-Email"

In an earlier post we revealed that Facebook has plans to launch a competitive email platform.

There have been very mixed reviews of Facebook's new "email" system since its announcement by CEO, Mark Zuckerberg.

"Emailing by Facebook? Good luck" says the Guardian who describe it as fiendishly tricky.

Forbes describes it as a "big deal for business" and  social media in general as "the next big thing to improve productivity".

Gizmodo has the most practical analysis detailed the system as having every email, text, and chat in one place.

Facebook's stated aim is to automatically deliver messages where it thinks a user is most likely to see them, create a unified history of the messages, and filter the threads by relationship with the sender to create a Social Inbox.

But if the complexity of Facebook's new non-email system floors you, why not do the next best thing and follow comedian Jimmy Kimmel's advice in the video below; celebrate  "National Unfriend Day".




Related articles

• Emailing by Facebook? Good luck (guardian.co.uk)
• "Facebook Messages" Is Cool But Email Isn't Going Anywhere ! (techpluto.com)
• Why Facebook Messages Will Not Be My Primary Email (ghacks.net)
• In-Depth Review: Facebook's New Message Inbox Product (insidefacebook.com)

Should be Sceptical?

News International is claiming 105,000 paying customers for The Times and Sunday Times. 

This is five months after the introduction of their paywall, touted at the time as being the way things would be for all online publications moving forward.

According to a UK journalism site, "the sites charge £1 for a day's access and £2 for a week's subscription, though an introductory offer allows 30 days of access to both sites for £1. Access to the sites is also bundled with a seven-day print subscription to either title."

However there is much debate as to what the figures really mean and how successful the paywall model actually is?

Average traffic for May has actually halved compared to the previous year according to Hitwise and the BBC goes further claims there has been an 87% drop off in site visitation.

They also question how many of that 105,000 paying cystomers are currently in the introductory £1 for thirty day trial period?

Colin Greenslade, the Guardian's media commentator says the figures simply don't stack up as a new business model.

As he puts it:

"Most importantly, there is no clear breakdown of the 105,000 total figure to show how many people have subscribed monthly, weekly or daily. "
 
If you compare the reach of The Times with that of a more traditional online model, the Guardian, the decline is very noticeable.
 

Rob Brown of PRMedia Blog believs that the paywalll could well tumble.  He makes the point that where this really doesn’t add up is when you look at ad revenue.
 
"The Guardian is pulling in £40 million a year in online revenues more than double that of the Times and bear in mind that doesn’t account for the fact we are not looking at a full year position for The Times.
 
It looks like online ads at the Guardian represent serious value in comparison. From their pre-paywall high point the audience for the TimesOnline has dropped almost 90%."

"These figures very clearly show that large numbers of people are willing to pay for quality journalism in digital formats." says Rebekah Brooks, chief executive of Rupert Murdoch's News International. 
 
This to us looks like an attempt to put a postive spin on a less than positive result, albeit after just five months of moving to the paywall model.
 
While we love an optimist, Rebekah Brooks's conclusion could well be premature.  There is not yet conclusive evidence that such a business model is viable in the medium or long term.

Related articles

• Why the Times paywall numbers are meaningless. (malcolmcoles.co.uk)
• Times's paywall figures don't add up to a new business model (guardian.co.uk)
• The successes and failures of the Times's paywall (newstatesman.com)
• Is The Times Paywall Ready to Tumble? (pr-media-blog.co.uk)