In this networked world, in which we are thoroughly digitized, with our identities, locations, actions, purchases, associations, movements, and histories stored as so many bits and bytes, we have to ask – who is collecting all of this – what are they doing with it – with whom are they sharing it?
To which I’d add ‘and how are they securing it?’.
It’s amazing how much a useful information we store and share on email and social networks and how easy it is for someone malicious to access it.
Exhibit one: Firesheep; a plug-in for the popular Firefox web browser that enables someone to hijack an account on many popular websites when accessed over open WiFi
Exhibit two: a nice writeup in Ars Technica on how public WiFi can protect users from exploits like Firesheep.
But why, as an industry, do we make this soooo hard for people? The onus is on us to provide secure solutions not for users to figure out how to use the solutions we provide securely.