Digital Security Exhaustion

October 18, 2016


It’s official: a study has found that the large part of the public is overwhelmed with “security fatigue” and can no longer properly and intelligently respond to digital threats.

The public needs tools to help in the ongoing fight for personal security and freedom. In some ways, the tech community has failed the public by not providing easy, powerful tools. However, on the other hand, the individual has a responsibility to do their best to secure themselves, and they have been either unable or unwilling to step up to this responsibility on the digital front. In fact, most people aren’t really stepping up to that responsibility for their physical security either.

Tech communities, including the ever-popular FaceBook and Google should have used their far-reaching technical prowess to create and circulate PGP public security keys for their users. These keys are not only used to encrypt data, but are useful as a web-of-trust key, to allow individuals to democratically decide trust/distrust of other individuals, depending on their links along a web-of-trust. It may help to think of a web-of-trust as a game of “Six Degrees of Kevin Bacon”. In effect, if an unknown individual is trusted by someone you trust, they are automatically considered trusted to you. In effect, the friend of my friend is my friend. Likewise, if an individual loses trust with someone, that distrust can quickly and easily spread across the web-of-trust, potentially preventing fraud.

Large online organizations, including the powerhouses of Facebook and/or Google had a golden opportunity to introduce this system to the general public, but they failed to integrate it, instead focusing on “newer” technologies like OpenID for convenient logins. The loss that comes from this lack of webs of trust is incalculable. Who knows what might have come about if the human race had been blessed with web-of-trust technology? It might have revolutionized job-hiring. It might have revolutionized cottage industries. It might have revolutionized a proper global economy. It might have revolutionized interest in technology education. There are lots of good things that may or may not have happened, but now we may never know. Maybe a new social network will arise and take advantage of the PGP web of trust concept.

If you are interested in your digital security, I strongly urge you to investigate PGP technology, using the GNU Privacy Guard (GPG) software. If you are a software developer, I encourage you firstly, to investigate DevOps and integrate that into your workflow, including the integrated security. Secondly, investigate GPG and look for ways to introduce it to the public in easy-to-use ways.

Try not to be discouraged about digital security, explore it at your own pace while having fun, and have a happy National Cyber Security Awareness Month.