Every conflict needs a villain. This is true for Thanos, the Mad Titan (i.e., the protagonist of the latest “Avengers” movie). It is true for worldwide safety and security (e.g., terrorism in general and weapons of mass destruction in particular). It is also apparently true for online security services.
While doing my casual morning browsing of news sites, I ran across an ad for “dark web” scanning (linked below). I am not necessarily recommending the services offered by Experian. I am sure that it is a fine, general-purpose service. But I did want to highlight the use of fear and uncertainty as a motivation. Today, the “dark web” is the undeniable ‘big bad’ for online users. We are now told that it isn’t trusted companies (who abuse your identity for their revenue). It apparently isn’t the NSA (who collects everything about you in order to “protect” you). Listen carefully: according to Experian, it is the ‘dark web’ that seeks to hurt you.
Please don’t misunderstand my subtle (and not-so-subtle) prodding. The ‘dark web’ does provide a hideout for those who wish to lurk. At the same time, it provides a sanctuary for those escaping tyrannical pursuit (by hostile governments or hostile corporations). The ‘dark web’ is not – in an of itself – something to be feared. Rather, it is something to be understood.
At its foundation, the ‘dark web’ is a non-indexed part of the Internet whose content is obscured via encryption. So if you desire to be anonymous (and untraceable) while on the Internet, then you are a potential user of the dark web. And if you want to host content that is neither indexed (by Google) nor unencrypted, then you are seeking some of the attributes of the dark web.
Yes, Experian (and other companies) are offering you a “detector” that will let you know whether key pieces of your identity have been compromised by known individuals, groups, or sites that are identified as part of the “dark web”. Of course, they cannot tell you if some unknown individual, group, or site has your PII data. Unfortunately, it is the unknown threat that should concern you.
So here is a novel thought: assume that anyone can access the information that you move across the Internet. If you assume that everything is possible to compromise, then you will take the right steps to protect essential data that must move across the Internet. Don’t let someone else do the hard work for you. You must decide what is important to you. And you must decide which steps are appropriate and which are too onerous. For some folks, remembering to lock their back door is an onerous task – until they learn that their neighbors experienced a break in. Then, all of a sudden, locking the doors is not too onerous. So assume that your neighbors have been ransacked. And assume that your nosy neighbor wants more than just a smile in return. Be charitable. Be gracious. And be prepared.
And if you want to check out some free resources, then consider https://haveibeenpwned.com/.
http://bit.ly/2L5Uxny