Ashley Madison Hacked

Can’t say I am too broken up about this one…karma and such :grin: , but just another example of the flaws in the current server model…

Help me understand how safenet would help in this situation.

Sure, the data will not be centrally located on a single server. However the services administator’s computer can still be infected with malware, their safenet credentials harvested, and the data is again available for dumping.

Safenet based services will still be vulnerable to hackers and malware. You could say that their attack surface is lower, but they’re still at risk.

No if you use a physical device to login. Something like Trezor.

2 Likes

This is correct. There is no such thing as 100% security, but SAFE makes attacks like this harder (ie more costly) which improves things a lot.

By reducing the attack possibilities to the client machine SAFE security can be increased considerably beyond even this by making it harder to attack the client machine - for example blocking all non-SAFE traffic on machines used for such privileged access.

Also, SAFE itself could be enhanced to make it hard or impossible to harvest everything with a single set of credentials.

Securing high value accounts with hardware keys etc.

All very much feasible, and a many many times more secure and more costly to attack than the current internet. SAFE represents a dramatic improvement.

3 Likes

The most important thing is that, in order to effectively secure your data, you just need to store it on the SAFE Network yourself. There is no need to have the security of millions of users’ data in one place. Just the fact of that concentration of data makes for a profitable target, no matter how difficult. And with the current arrangement, it doesn’t seem to be that difficult.

Of course, any time you share data that can be copied, you lose a degree of control. But if that is to only the people you wish to share with, you can be responsible for the decision and assess the risks. Sharing through a honey pot of millions of users’ data is a different matter. That’s where the big messes have come from, such as the one referenced here.

2 Likes

Isn’t writing the dating platform in a decentralized way the solution to this? Just like all other things there won’t be an admin able to access people data or am I missing something …

Future of hacking => screenscrapers lol

By writing decentralized I meant the user profiles etc -> no admin can change or delete profiles and no person owns all the profiles something like synereo… the people have the data in their own hands…

1 Like

Yep, decentralised apps would be good, but we’ll no doubt have both.

There will always be a risk of user-by-user attacks. That risk is substantially smaller than a server by server attack though…

There are ways to build an app so that the admin doesn’t know who the users are… The MaidSAFE self authentication helps with that. Cryptocurrencies help with that. You can have users that the network knows as 16LxWoq44L2vBEvAGPh4DErsx2Mte27qW3 and the payment record is clear on the blockchain.