Post #1415

​​🗝Planning for the worst The New York Times quietly announced a positive new security measure yesterday. Its Lock & Key system will keep an eye on public dumps of stolen usernames and passwords, and if any match your New York Times login, they’ll let you know and make you change your password. In other words, if you’re using the same password across multiple services (not advisable), this makes you that little bit safer. It doesn’t sound like that much of a big deal on its own, but it made me think about how too much online security work is reactive, rather than preventative. Just think about the recent story about fitness tracking company Polar. A flaw in the way they’d set up their service meant anyone could browse through the activity records of all Polar users, simply by adjusting the URL in their browser. That’s the kind of flaw that shouldn’t make it past the earliest stages of development. How did no-one at Polar think about that potential problem? Software developers have lots of different priorities to juggle, but security should underpin them all. It’s in the best interests of users, and also the software publisher’s legal budget. I’m generally an optimist, but when it comes to planning or developing anything involving the public, I always assume the worst outcome. It probably won’t happen, but at least you’ll be prepared if it does. Read more in today's Big Revolution: prs.pctvix.co/2uuMGd9 Martin Bryant, 🚀@PerspectiveIX