German “Gründlichkeit” (Thoroughness)

What’s the difference between us Germans and, let’s say Americans, if our spying or security agencies instruct the industry to provide them with all relevant data needed to “spy on friends”?

In keeping with tradition, we don’t do things informally. We document procedures in a proper contract that obliges all parties to confirm in writing that all information within the document is accurate and complete. What can we do, we are bureaucrats.

In the “Agency Contract ‘Transit'”, which has just been published, it is revealed that the German foreign intelligence service BND has been buying available “telecommunication” information from the Deutsche Telekom for a bargain of 6,800 EUR per month. That gives plenty of room for speculation about
the real reward.

Our daily companions: Malware, SPAM and Phishing – free yourself!

Analyse, IKARUS Security Software GmbH
Source: Analyse, IKARUS Security Software GmbH

The threat level is increasing! In 2014 alone, approximately 131,000 new types of malware were discovered daily – an increase of 250% when compared to the year before. This trend is continuing unabated: 9 million samples have already been discovered in the first quarter of 2015. It is not just the quantities that are rising at a staggering rate. The methods and types of malware are becoming increasingly sophisticated and harder to detect.

For example, the current trend is moving away from malware that is distributed in the form of email attachments (e.g. trojans) towards the distribution of links to websites that are infected with malware. This makes it more difficult to detect the source, since it is no longer directly connected to the user’s email. The malware is downloaded when a link is clicked. A hacker may infiltrate a trustworthy site with the goal of planting malware on it. To the user, it is difficult to recognize a link to a trusted site as a threat. Further, the developer of the malware can put another version online at any time as soon as the previous version is detected by antivirus software.

From James T. Kirk to data security with privacyIDEA

We have all got something to hide. There are secrets and information that we only want selected individuals to know and be able to use. In business situations, the rules are often even stricter.

We have all got something to hide. There are some data that the law itself states not everybody should have access to.

Data need to be protected

Some data need to be protected. We need to make sure that we can reliably verify the identity of the individual attempting to access the data. To this end, there are systems available that we can employ to manage identities. Like Univention Corporate Server, for example. The simplest version of verifying an authorised user’s identity is also the one which has been tried and tested for the longest time: whether the user knows a secret. A password.

Yet simple passwords are falling more and more into disuse. For a long time now we’ve heard from reports across all media that simply knowing the secret “password” is no longer enough for reliably guaranteeing identities and protecting access to our data.