Things That Would Not Have Happened On Safe

privacy
security
features

#122

Yes, unless the app itself is harvesting data and giving it to a company then the data remains safe. I wonder though it there is any means to know if a company is using an app on safe to harvest data - maybe there is a way to warn a user if an app is doing something unsafe … really though any app would have to request that data from you and you’d have to provide it - apps wouldn’t just be able to take data without your consent … but they can still harvest meta-data like your app usage time and all things related to your usage of their app … On the up side, so long as you don’t give them any identifying information they’d have a difficult time linking anything to you using meta-data alone. The key to privacy on safe is to never identify yourself IMO, and apps that ask for identifying info should be avoided like the plague.

Maybe we need a ‘SAFE’ App store where apps can be vetted for privacy concerns.


#123

I would hope there is a permission that allows the user to prevent writing to any MD that is not owned by the user. So some apps (eg forums perhaps for indexing) will need to be able to write to “3rd party” data (MDs) and some apps (eg word processors) that do not

Maybe @whiteoutmashups is already planning this for his app store.


#124

But the app can also store personal data in a database on its own server. To prevent this, you must configure the firewall to authorize the app only with the (ip address, port) pairs from the crust config file. You have also to ensure that this file is from a trusted source (e.g Maidsafe) and not from the app. You must also empty the cache file. You cannot authorize its entries because a pair may have been added by the app to “call home”.

This is very complex to configure and not being able to use the cache file is a problem if the network is attacked by entities trying to block its known public addresses.

I think the simplest security is to only use open source apps and/or web apps.


#125

Bad news…

…just got worse:


Error on updating IP address
#126

Another example of why we need SAFE Healthcare


#127

The people can only blame themselves for buying and using Amazon products in my opinion. I have no idea what’s the point of buying products of centi billionaire company when you’re poor person having full time job 2000 pounds a month.
Then you buy their product and get frightened cuz it appears it is a possessed device. :grin:


#128

Not sure if the network can help here, but it’s a crazy enough story , so it shouldn’t feel too out of place. :ship::ferry:

ggriefCapture


#129

27 M accounts breach for Ticketfly :

Who is next ? Please line up and calm down, everybody will be served !


#130

A post was split to a new topic: What if a site or app demands you release your location to use it? Won’t this nullify what the SAFE Network is supposed t protect?


#131

Uni and Safe perfect combo


#132

#133

Category Censorship

Article 13 is a provision in the proposed EU Copyright Directive mandating that all content uploaded to the internet be monitored and potentially deleted if a likeness to existing copyrighted content is detected.



#134

The EU will implode in the next decade. No need to concern ourselves with anything from them


#135

That would be sad, they are leading the world with GDPR!


#136

Just reading Dug´s interview… and I read this which I think is fascinating!!

On the SAFE Network, each individual has to actively consent to each use of his or her data. What’s more, access to that data could be removed in the future. Data portability – best explained as the ability to take all of your personal data, including the links to your social circle and the history of your activities, when you leave a service such as Facebook – is a crucial part of the SAFE Network. If you don’t agree with the surveillance, you would no longer have to take it on accept it – you could simply move on, taking your data and preventing any further damage.

wow


#137

#138

#139

https://krebsonsecurity.com/2018/07/hackers-breached-virginia-bank-twice-in-eight-months-stole-2-4m/


#140

This is an old one, but worth mentioning it:

These are the details of what happened: the classified intranet was supposed to be airgapped, and the antivirus updates were supposed to be done manually with thumb drives.
Someone thought it was too cumbersome so they connected directly to the internet bypassing the dmz while doing some maintenance by some outsourced contractor, and after finishing the maintenance forgot to unplug the jack.

The classified network stayed directly connected to the internet for more than a year

The hacker got control of the internal Hauri AV update servers in the DIDC network (Defense Integrated Data Center), which allowed them to implant malwares in the AV update… allowing them to simultaneously infect almost every single computer in the military cybercommand in one blow. (I find this amusing though, no controls of hashes and digital certificates? Or did the North Koreans also hack the signing keys from the AV company?)

The top secret plan for preemptive strike and decapitation of Kim Jong Un was codenamed OPLAN 5015, and it was exfiltrated in this attack and probably it is on Kim’s desk.

Then the OPLAN 3100 are the plans for defensive measure if North Korea initiates an attack to the South, also was exfiltrated in the hack.

Contingency plans and detailed reports on the military exercises were also leaked.


#141

For once a news about scalability issues and not security nightmares: