Never say security, which will be valid for a day only

There are too many clever guys, either good or bad. Just read "Researchers Find Way to Steal Encrypted Data" and it seems that more will come.

Technology has created a way to terminate previous technology, so another challenge for some to move forward. This is kind of evolution. We may need to know when will we have the technique to keep our data safe forever.

That is why I always tell my clients not to be fooled by those security protection. It is always the owner of the data to work it out. Why put the data online to face such threat? If one goes for business trip but cannot remember the needed information, then one should not be the right one to do the job. To risk the company because of such case is something management should not do. If information is needed suddenly, it is simple to have some one back in office to deliver by email. At least, the risk is just for that document only, not the full documents of the company.

Wireless connection is said to be safe. Forget it. That is just another simple way for hackers only.

Is resignation or dismissal a solution for lost of your personal data?

Data loss seems to be a normal event now. Either a commercial body, or a process center, or the government department, it happens and happens again and again.

The recent case, "HMRC loses records on 25 million people in the post", let me think about whether someone resigns or be dismissed would be a solution. Will any one, affected or suffered, be comfortable about this outcome? I believe that everyone would prefer not to face such situation. Why those people fail to do thing right? The duty should be to safeguard other's data and not just to resign.

Some years ago in Hong Kong, some managers of SMEs already have to handle shipping documents by themselves. That was because messengers might lose these important documents due to their carelessness. This is a sad thing to say, management would not be effective unless all members from high to low would abide to their duties. The only factor is human. It seems that the original management was based on some type of human in the old days. Now, we have new breed of human, who would not care about duty, who count how much he/she get etc.

Of course, there is no way to avoid giving out our personal data. We have to face government, medication, insurance, banking etc. and we cannot say no. So, we must be prepared since we shall not be safe forever.

Is encryption the savior of data loss?

The loss of data, either by hacking or by the loss of a notebook, is so common today that we become so helpless because our privacy information must be handed over to governments, banks, chain stores etc.

Basing on the essay, "Full-Disk Encryption Is Partial Protection, Analysts Say", it seems that if those companies etc. will follow the guidance, we are safe even if our data would be taken by some bad guys.

I have checked about hacking, PC forensic, encryption for sometimes. What I know is that there is nothing safe. It depends on the skill of the bad guys and unfortunately most bad guys are experts. Certainly, encrypted data is better than without, at least, not easy to crack by anyone.

The simple truth is that if we are not the target, we are safe.

Can encryption protect all sensitive data?

Due to the frequent loss of data not only from our online PC, also from government, organization etc., there are numerous advice that we have to use encryption to protect our data.

I am also working on encryption for my clients for a number of years. Frankly speaking, I am still not confident that protection is true.

First, if we use encryption for our data, that means there is a decryption tool in our PC for us to work with the data. Will hacker just take the data files and not the decryption tool? Can we suppose that hackers did not know that our data is encrypted?

Second, it is certain that no program of any level can be protected again reverse engineering. That is, the encryption method cannot be protected. Once a hacker found out the encryption method, the encrypted data would be at risk.

Last, I still wonder why so few people have that knowledge that a cracking method called Rainbow, can decrypt any know encryption method no matter how long the key is. Some still assume that hackers would need a giant computer and work for a year to decrypt. In simple words, they thought that hackers are stupid as them.

I have thought of putting the program in a removable media like CD, USB disk etc. But it may not be accepted by users for such trouble. No one would care without suffering experience. By doing so may let my clients turn away from me.

There is a fact; hackers will not spend time on everything. It is their cost. They may prefer to get the credit card information from clearing centers, banks etc. instead of picking one by one from individual.

Until now, the best way is to have the data files stored away from networks.

Free anti-rootkit offered by AVG

If you have not read any information about rootkit, it is better to check Rootkit From Wikipedia, the free encyclopedia.

You can download AVG Anti-Rootkit Free.

It is easy and fast to install. After installation, you have to reboot the computer. It is better to run it instantly.

Whether we have to buy the premium version depends on individual situation.

Although there are some sayings about the death of Internet, yet it is not possible for us to live without Internet. Communication and information have become a vital part of our daily work and personal lives. Therefore, it would be better to keep our computer as secured as possible.

Some may feel helpless when there are so many cases of personal data loss by famous retailers etc. The worst thing may be if loss was due to our carelessness.

I am upgrading my USC Password Security System to Light Version 2.7 for better performance. This is used by me daily for various activities including my bank accounts. That would protect my passwords from keylogging threats etc.

If you need to protect your passwords, I do recommend you to check it.

The simple truth is there is nothing called data protection

With another case, "Stolen TJX Data Used in $8M Scheme Before Breach Discovery", it is simple to know that it is almost impossible to protect our sensitive data, unless we would give up the best thing of modern time and live in the old way, paying cash and never let anyone, perhaps, including the govenment takes our identities.

Of course, we cannot. We need to show the personal data to the government, to our dentists, to our doctors, to air lines etc. I do believe that all parties including their executives/leaders would never intend to have any problem with our data. But no one can guarantee that there were no identity thieves, inside or outside. Anyone who is good in history might turn out bad by many reasons.

I think that the only way to protect all of us is to have serious punishment so that no one would dare to risk. Just like the old days, death penalty was the only way to keep peace. With the kind of forgiveness in mind to govern our world, there is no way to protect any lawful citizen.

In a way, I do feel that law makers were preserving the escape for themselves instead. Just like some countries where men used to rape and punish women for all reasons, there was no law to punish men at all.

As I have mentioned, the lack of updated knowledge is the major problem we face today. Any law-maker without the ability to protect us must not be elected anymore.

It is better than black gold!

Every one of us must have received SPAM, some even sick of this problem and some might try to get rid of them.

From "Sheriff awards damages of £750 for single spam email", it is so attractive that I may get a fortune because on average I have over ten SPAM daily. Just think about £7500 daily income, no one would object to this solution. Of course, this may not be applied to everyone everywhere yet.

There had been numerous arguments about SPAM and most government would not dare to have laws or penalty or such kind of compensation. Certainly, the definition of SPAM is the major factor. What is SPAM? Is any email sent to someone without previous permission be taken as SPAM? Can we classify them, or have legal SPAM if they are sent by government departments, election candidates or non-commercial organizations?

For case like SPAM, the best solution is to have all judges of the world follow the example this time, making SPAMMERs to pay £750 for each email per receiver. If not, then the only way is to suppress them by another means. Do not count on your government or law-makers to do anything. They would never be able to solve this type of problem.

By going into the Internet age, we shall face more proofs that our law making or enforcement bodies are so weak and ignorant. Next time, do not vote for those who know nothing about new technologies. We do need government officials from the top and all law-makers to have education or training that is suitable for the modern time.