All the more reason why one should choose an email service that doesn’t collect your data 
-
-
-
Whatever. With email there are other considerations. For me, it is the likelihood that the email provider will get hacked (again). I'm willing to bet Google has invested orders of magnitude more than other providers in making sure that doesn't happen again. I hope that's true.
-
As a security researcher you absolutely should run your own email server. It takes 30 minutes and its extremely easy. Here https://mailcow.email
-
Because Brian is a well-known security researcher, he would be better served by Google's advanced protection program. Ignoring privacy here.
-
Spoken like someone who is selling mail server software/services. In my experience, very few people know how to run a mail server securely.
-
My mail server loads from 27 floppy disks, and is air gapped from the outside world. It can’t send or receive, but it’s like... so secure.
End of conversation
New conversation -
-
-
How much is laziness and how much is intentional?
-
I think a lot of it is sheer incompetence.
-
That’s depressing. As someone who is 6 months from their bachelors in Cyber Security this is troubling to hear. Frequent reader of your website btw. A professor of mine at SNHU steered my class in your direction
-
That's how I look at it. As an Information Security Specialist I don't have any fears of not ever having a job. My job just gets harder every day
End of conversation
New conversation -
-
-
Do you think GDPR may drive some improvements in securing personal information?
-
I'd like to think so. What I think it probably is driving is improvements in compliance with the letter of the law.
-
Compliance is not security
End of conversation
New conversation -
-
-
- 1 more reply
New conversation -
-
-
Someone had a rule "data eventually becomes public or deleted"
-
Public and not deleted
End of conversation
New conversation -
-
-
I switched from IT security to app sec, and I hate myself a bit less, but the same lack of concern exists. No one wants to budget for handling/addressing bad things, in any way shape or form.
-
I second this sentiment. Years in appsec and hwsec and I keep seeing developers trying to skirt around the controls and practices we put in place to keep bad things from happening.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.