I keep telling folks but they don’t listen. They think the internet is a delightful playground. Well, sorry, but if it’s online:
It’s going to get stolen
The internet was not designed for security. It was designed for openness. This is its structure at the base level. It’s hard coded. Like you’re hard coded to love puppies.
Don’t listen to people (Apple, Microsoft, anti-virus frauds) who swear they’re so smart you can’t get robbed. Such arrogance is foolish. It’s like somebody telling you they’re so smart they can reengineer the sun’s rays to cool instead of sear your flesh. It makes no sense. Sorry, but nobody can secure your data completely.
You need to think not in terms of what will happen if your data is stolen. You need to think in terms of what you’ll do when it is. I recommend this formula:
Item: What’s online
Threat: What can happen to that data
Recourse: What you or somebody else will do when your data is stolen
Item: Your online financial account
Threat: Somebody takes your cash
Recourse: If you’re FDIC insured, you’ll be okay, if not, you’re potentially fucked
Item: Your cloud sexual pictures
Threat: Some creepy dude steals them and posts them online
Recourse: You could sue, but essentially you’ll have to deal with it
Item: Your credit card
Threat: Somebody takes your number and buys fancy jewels or hats
Recourse: Via your credit card company you get a new card, number, and the offender is flagged as fraud in the credit database
Item: Your precious bitcoins
Threat: Your bitcoins just became somebody else’s bitcoins by virtue of their actions
Recourse: You’re fucked
Item: Your degenerate, pointless blog
Threat: A bunch of grizzled lunatic alien exiles hijack your blog
Recourse: You meekly accept this outcome as reality
Item: Your shopping site account
Threat: Somebody steals your password
Recourse: You change your password
See how each of these has a different level of awfulness depending on the importance of the data at hand. There are also different mitigation options available to you on each area. Each piece of data you own online is unique. You need to think about each portion of your online life. How much risk are you willing to take?
If the risk of loss is too high for you to deal with? It needs to come offline.
Because I assure you, nobody can defend it. If somebody targets you, if somebody wants your data, they’re going to get it.
If they’d designed the internet to be secure, it would look absolutely nothing like it does today