Security usually comes up as a list of nagging advice — use long passwords, don't reuse them, don't click on attachments, encrypt your hard drive. It's often bullet-pointed like this because there are a some basic, practical things you can do to keep your information more secure. But it's also because the underlying issues are very complex, increasingly weird, and their full implications can be difficult to explain, let alone fully confront.
Because at general level, information security is about who you are and who you trust. Systems that control passwords and accounts are often called "Identity Management," asking variations on the old question, who goes there? And as it turns out, proving you're you can be surprisingly tricky, especially if you need to make the process as easy as possible. It's also terrifying when someone else is able to successfully prove they're you, which is happening more and more — "identity theft" is one of the world's fastest growing crimes.
Information security also has a kind of herd immunity. You may assume your identity isn't worth stealing, but if your accounts are taken over, they can use your identity to target everyone you've ever known. And even if your computer has nothing particularly special stored on, it could be dragooned into service of a global army of malicious bots, which in turn could bring down websites, block services, or just flood the world with spam.
And information security goes far beyond having good passwords and looking for the little "lock" icon on your bank's website. Anything that connects to any network can be targeted or hijacked, which leads to situations like an army of zombie lightbulbs cutting off a research university. Which sounds like a ridiculous cyberpunk sci-fi scenario, but which is also the kind of real thing that happens in the world now. It's very strange.
But don't panic. Just don't re-use your passwords. And make sure you have multiple backups, cause these days, you just never know.
Resources and News:
- How to Keep Messages Secure - Teen Vogue, 02 Mar 2017
- How secure is your face? The worrying world of biometrics - The Memo, 2 Mar 2017
- It's very hard to maintain an anonymous Twitter account that can withstand government-level attempts to de-anonymize it - BoingBoing, 20 Feb 2017
- Infected Vending Machines And Light Bulbs DDoS A University - Forbes, 13 Feb 2017
- Top Ed-Tech Trends of 2016: Education Technology and Data Insecurity - Hack Education, 17 Dec 2016
- Some Basic Security Tips for the Clinton Campaign (and Anyone Else) - Wired, 13 Oct 2016
- The Motherboard Guide to Not Getting Hacked - Motherboard, 2 Aug 2016
- Monty Python and the Holy Grail: 3 Questions (video)