Security: Difference between revisions

(3 intermediate revisions by 2 users not shown)

Line 1:

'''Security''' is an engineering ~~principal~~ whereby the risk of an unauthorized malicious agent gaining control of a product, its information, or its environment is minimized. Security of programs and physical products is critical to consumer protection.

'''Security''' is an engineering principle whereby the risk of an unauthorized malicious agent gaining control of a product, its information, or its environment is minimized. Security of programs and physical products is critical to consumer protection.

==Security vulnerabilities==

Line 8:

Security vulnerabilities primarily show up in software products but they can also exist in real life. Home security often depends upon locks which are themselves physical security implementations that prevent intruders from entering but this does not stop someone from just smashing the window: a physical security vulnerability

==Audit==

Security auditing is a review process by which a system is inspected to ensure it complies with a specification and to check that it satisfies the desired security levels.

==How security relates to consumer rights==

Security is both a blessing and a curse towards control over the things consumers own. Being forced to login to a laptop to use it is a sensible decision, being forced to connect your treadmill to the internet and gain authorization just to run on it (as seen [[Peloton ~~Removes~~ Just Run ~~Feature~~|here]]) is not. Companies may use [[Deceptive language frequently used against consumers#"For the safety of the consumer"|security as an excuse]] to reduce consumer control and so it is important to identify these misuses. If a company takes away consumer rights using security as an excuse consider that "the emperor may not have any clothes" and their security is not as strong as they portray it. {{Citation needed|reason=needs verifiability}}

Security is both a blessing and a curse towards control over the things consumers own. Being forced to login to a laptop to use it is a sensible decision, being forced to connect your treadmill to the internet and gain authorization just to run on it (as seen [[Peloton removes Just Run feature|here]]) is not. Companies may use [[Deceptive language frequently used against consumers#"For the safety of the consumer"|security as an excuse]] to reduce consumer control and so it is important to identify these misuses. If a company takes away consumer rights using security as an excuse consider that "the emperor may not have any clothes" and their security is not as strong as they portray it. {{Citation needed|reason=needs verifiability}}

===Poor security principals harm the consumer===

Line 28:

Line 32:

===How to avoid losing rights in the name of "security"===

#Avoid using physical and software products that needlessly [[Forced cloud|require connection to the internet]]. Your fridge does not need to be "smart". Choosing to use a smart appliance opens the door for companies to take away your rights as well as open you to security vulnerabilities.

#Avoid using physical and software products that needlessly require connection to the internet. Your fridge does not need to be "smart". Choosing to use a smart appliance opens the door for companies to take away your rights as well as open you to security vulnerabilities.

#Avoid using physical products that require a proprietary app to use. While the product itself may not connect directly to the internet, your internet device now serves as a bridge to it. This opens the door for companies to take away your rights via the app. In addition, the app itself may have security vulnerabilities of its own.

#Avoid using physical products that need a subscription to use. For example, a normal treadmill won't brick itself if the company goes out of business, or decides to [[Peloton ~~Removes~~ Just Run ~~Feature~~|eliminate a subscription free feature]] in the name of safety or security.

#Avoid using physical products that need a subscription to use. For example, a normal treadmill won't brick itself if the company goes out of business, or decides to [[Peloton removes Just Run feature|eliminate a subscription free feature]] in the name of safety or security.

#Avoid using closed-source products if equivalent open-source products exist. Open source products are not necessarily more secure, but they are far less likely to violate a consumer's rights simply because the consumer has the ability to change the product as they wish.

==Further reading==

*[[End-user license agreement]]

*[[Terms of service]]

Line 42:

Line 44:

==References==

~~<references />~~

[[Category:Common terms]]

~~[[Category:Articles in need of additional work]]~~

@@ Line 1: / Line 1: @@
-'''Security''' is an engineering principal whereby the risk of an unauthorized malicious agent gaining control of a product, its information, or its environment is minimized. Security of programs and physical products is critical to consumer protection.
+'''Security''' is an engineering principle whereby the risk of an unauthorized malicious agent gaining control of a product, its information, or its environment is minimized. Security of programs and physical products is critical to consumer protection.
 ==Security vulnerabilities==
@@ Line 8: / Line 8: @@
 Security vulnerabilities primarily show up in software products but they can also exist in real life. Home security often depends upon locks which are themselves physical security implementations that prevent intruders from entering but this does not stop someone from just smashing the window: a physical security vulnerability
+==Audit==
+{{Main|wikipedia:Information_security_audit}}
+Security auditing is a review process by which a system is inspected to ensure it complies with a specification and to check that it satisfies the desired security levels.
 ==How security relates to consumer rights==
-Security is both a blessing and a curse towards control over the things consumers own. Being forced to login to a laptop to use it is a sensible decision, being forced to connect your treadmill to the internet and gain authorization just to run on it (as seen [[Peloton Removes Just Run Feature|here]]) is not. Companies may use [[Deceptive language frequently used against consumers#"For the safety of the consumer"|security as an excuse]] to reduce consumer control and so it is important to identify these misuses. If a company takes away consumer rights using security as an excuse consider that "the emperor may not have any clothes" and their security is not as strong as they portray it. {{Citation needed|reason=needs verifiability}}
+Security is both a blessing and a curse towards control over the things consumers own. Being forced to login to a laptop to use it is a sensible decision, being forced to connect your treadmill to the internet and gain authorization just to run on it (as seen [[Peloton removes Just Run feature|here]]) is not. Companies may use [[Deceptive language frequently used against consumers#"For the safety of the consumer"|security as an excuse]] to reduce consumer control and so it is important to identify these misuses. If a company takes away consumer rights using security as an excuse consider that "the emperor may not have any clothes" and their security is not as strong as they portray it. {{Citation needed|reason=needs verifiability}}
 ===Poor security principals harm the consumer===
@@ Line 28: / Line 32: @@
 ===How to avoid losing rights in the name of "security"===
+#Avoid using physical and software products that needlessly [[Forced cloud|require connection to the internet]]. Your fridge does not need to be "smart". Choosing to use a smart appliance opens the door for companies to take away your rights as well as open you to security vulnerabilities.
-#Avoid using physical and software products that needlessly require connection to the internet. Your fridge does not need to be "smart". Choosing to use a smart appliance opens the door for companies to take away your rights as well as open you to security vulnerabilities.
 #Avoid using physical products that require a proprietary app to use. While the product itself may not connect directly to the internet, your internet device now serves as a bridge to it. This opens the door for companies to take away your rights via the app. In addition, the app itself may have security vulnerabilities of its own.
-#Avoid using physical products that need a subscription to use. For example, a normal treadmill won't brick itself if the company goes out of business, or decides to [[Peloton Removes Just Run Feature|eliminate a subscription free feature]] in the name of safety or security.
+#Avoid using physical products that need a subscription to use. For example, a normal treadmill won't brick itself if the company goes out of business, or decides to [[Peloton removes Just Run feature|eliminate a subscription free feature]] in the name of safety or security.
 #Avoid using closed-source products if equivalent open-source products exist. Open source products are not necessarily more secure, but they are far less likely to violate a consumer's rights simply because the consumer has the ability to change the product as they wish.
 ==Further reading==
 *[[End-user license agreement]]
 *[[Terms of service]]
@@ Line 42: / Line 44: @@
 ==References==
-<references />
+{{Reflist}}
 [[Category:Common terms]]
-[[Category:Articles in need of additional work]]