Measure this.

--Originally published at TC2027 – Blog will Tear us Apart

After a much needed password therapy let’s take on the generals of what are we protecting. We may know some techniques, and we already know that we want to be safe, but how can we measure it?

giphy (2).gif
Measure like its hot

 

Luckily for us, there are already some guidelines to measure how a safe a system is. But before, just like Rick Lehtinen stated on his book, Computer Security Basics:

No man, or computer is an island.

Nowadays everything you have is connected, even just to properly work and be up to date so don’t start shouting out load that you’re a not a potential target, because you definitely are.

So in order to measure safeness, we can stick to the core C-I-A  three pillars concept, which states that in order to be safe, a system must guarantee:

  • Confidentiality
  • Integrity
  • Availability

Pretty straight forward, no? Lets tackle one by one. Again, I’m talking user/client-side, so don’t expect server-side practices.

Confidentiality

Here is where privacy is at play. As you may remember from my first post, security and privacy are not the same, and that security makes privacy possible.

And that’s precisely what confidentiality is all about, keeping what you want secret in secrecy and what you want public, public. You definitely want you bank accounts, passwords, chats, and perhaps some of yours spicy pictures secret (which you shouldn’t be sending to anyone, by the way); meanwhile you definitively want everyone to know your spoiler free (I wish) Game of Thrones death -rant tweets.

How can my confidentiality be compromised?

Easy, there are some really easy steps in which anyone interested, without even having to be a hacker can destroy your confidentiality, here are some possible breaches.