Get rid of the hackers' honeypot!
The latest security breach of a central key repository a few days ago probably could have been the biggest ever!
https://www.upguard.com/breaches/cloud-leak-accenture
This was a very near miss for Accenture.
However, instead of finger pointing the blame on any individual operator, we need to understand that scenarios like this will be endemic for as long as we are dependent on the authentication processes of SSL / TLS that require large centralised authentication databases of users’ credentials and their keys. Such databases are hacker honeypots and will always be targeted.
Omlis has designed a system that does not require any such authentication database so this whole risk and the massive GDPR liability it represents can be completely avoided. Instead of spending more and more time and effort protecting these databases (knowing that someone somewhere will fail), surely it makes sense to switch to a system that doesn’t need them?
Managing Director at Davy
7 年Terrifying that the public keys could be compromised in one attack. I'd thought public keys were becoming a slow and expensive system for where the Internet has gotten to, but sounds like there's a compelling security case for new system architecture all together!
Data rational approach to developing emotionally intelligent leaders | Assessment | Coaching | Facilitation | Career Transition | Charities Trustee
7 年Great article Robert