top | item 30903065

(no title)

pseudobry | 3 years ago

I'm glad I saw this, it looks like an excellent resource.

However, I can't help but feel a bit of despair while looking at it. There is so much stuff to do / know about, that it's incredibly far beyond what the average person could understand, let alone follow. Most people won't get close.

I'm capable of doing everything described (and I follow a good chunk of it), but I have hundreds of accounts. The shear effort required to thoroughly roll out these protections for just myself (let alone my less-technical-than-myself-technical-family) across a such a large digital surface area make it seem an insurmountable task.

Maybe I need is a service that can automatically audit my networks / devices / accounts and give me security health scores, give me 1-click paths to enable protections, or even auto-fix security gaps. But that sounds like dropping an enterprise security blanket on my digital life, and any system capable of taking care of this for me is another single point of failure whose compromise would be catastrophic. Convenience and security must be inversely correlated.

discuss

VPenkov|3 years ago

It's better to start late than never. You probably have only a handful of high-value accounts. Emails, hosting, domain names, utility providers, social media.

Then you can focus on anyone who has your private data. E-shops and such that store your address. Realistically those can be pretty damaging if they get breached - even if your password doesn't leak in plain text, your name and address would be up for grabs.

But think about adopting the habit of gradually building up your discipline and addressing old issues as you revisit old accounts.

euphetar|3 years ago

This so much. It's good its all in one place, but come on, it's a checklist of four whole screens.

I would prefer a minimal checklist instead: what measures give you the most (security) bang per buck (effort spent)?