Securing your digital life, the finale: Debunking worthless “security” practices

 In Biz & IT, feature, Features, infosec, securing your digital life, snake oil

Securing your digital life, the finale: Debunking worthless “security” practices

Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Extreme close-up photograph of jar of pills labeled

Enlarge / Take one daily to keep Evil Hackerman away! (credit: Aurich Lawson | Getty Images)

Information security and privacy suffer from the same phenomenon we see in fighting COVID-19: “I’ve done my own research” syndrome. Many security and privacy practices are things learned second- or third-hand, based on ancient tomes or stuff we’ve seen on TV—or they are the result of learning the wrong lessons from a personal experience.

I call these things “cyber folk medicine.” And over the past few years, I’ve found myself trying to undo these habits in friends, family, and random members of the public. Some cyber folkways are harmless or may even provide a small amount of incidental protection. Others give you a false sense of protection while actively weakening your privacy and security. Yet some of these beliefs have become so widespread that they’ve actually become company policy.

I brought this question to some friends on InfoSec Twitter: “What’s the dumbest security advice you’ve ever heard?” Many of the replies were already on my substantial list of mythological countermeasures, but there were others that I had forgotten or not even considered. And apparently, some people (or companies… or even vendors!) have decided these bad ideas are canon.

Read 30 remaining paragraphs | Comments

We tear down some infosec conventional wisdom—there’s a lot of bad advice out there.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt