I often wonder about security. Recent news, where people are saying things about breaches like “it can’t be prevented”, “you will be hacked” and “If you want to be connected, you need to be protected” makes me really ponder whether or not certain devaluation tactics might not be the best thing to do. After all, if having knowledge of what you are about to do is enough to destroy you, then you might be in the wrong line of work. Clearly, then, these tactics won’t work for those whose lives are founded upon cowardice and sneakiness.
- Dismantle your email systems. Use Jabber or some other point-to-point secure chat for all communications. Smash your phone.
- Use a secure file drop to securely draft and share documents. Let security be their problem.
- Publish all previous emails from everyone in your company.
- Publish all salaries. Be truthful. If you lie, eventually someone will talk.
- Refresh your computer every hour. Do not store ANY data locally.
- reset your password at the beginning of every hour. Heck, write a code that will refresh it every 10 minutes. You don’t need to know it, you are resetting everything in an hour.
- Change operating systems every day.
- Perform any sensitive work at the beginning of the hour, right after a refresh and password reset.
- Publish all of your financial information.
- Post your credit report online.
- Any computer that is not in use for more than 15 minutes should power down and auto-air gap (lest the hackers hack WOLAN).
- Make multiple videos of yourself in compromising situations and post them online. Better yet, get a distant friend to do it for you – someone who nobody can connect to you (I happily volunteer myself for this).
- Expose your desktop. Broadcast a live feed of your desktop. Let everyone see what you are doing.
- Expose your self and publish on the internet. This will of course only work if EVERYONE does it. Let’s face it, if every hollywood actress posted nudes on the internet, nobody would care anymore.
Does all of this seem ridiculous? What if everyone did this? What would there be left to litigate, I wonder…it should be obvious I am being somewhat tongue in cheek. There are of course things I do online that I don’t want anyone to know. But if the world did find out, frankly I doubt they would mind.
If I ever start my own company, I may try this out. I may keep all systems completely public and all conversations would be mandatory public, even salary negotiations.
Bonus materials
When I wrote the line about smashing your phone, it reminded me of this. Here is a fun little email exchange I had once with someone about phones:
To: several coworkers:
Subject: I understand that you all look to me for leisurership in these technical matters, so here it goes…
Body:
I apologize for the confubulation earlier when we were chattering by the waker upperer maker. Allow me to clarsify. The thinga majobber doodad on the squawk box is connected to the whirly curly doodad, which attaches to the bobble doohicky, on which there is a dipswitch thingamajigger. This attaches to the ringer thinger dinger. You push the little numerified bicker tickers on the thinga majobber doodad to yackify a whatsit to some whosit on their blinking squawk box. Once you are yackified to the whosit, you yack into the ringer thinger dinger or get yacked at, depending on whether you are a dooz-its or a says-its.
Thanks you,
Scott
Whatsit Architect