Uber - sleeziest company around?
Jurisdictions where Uber is considered illegal should remember that they can simply e-hail the miscreants. Seize their cars, issue the summons and call them a taxi to get home. Three weeks max, done.
This week brought with it cruddy security, an expensive business opportunity and a free lunch. Here are some of our favourite quotes from along the way: Looking for a bit of *nudge, nudge, wink, wink* "adult" companionship? Here's hoping you didn't go to AdultFriendFinder. The hookup-as-a-service site had a rather …
Rather amused that you posed this question when the same article mentions AdultFriendFinder and their, "Meh, shit happens." attitude about not properly securing the intimate, embarrassing personal details that people trusted them with.
There's Uber's sleazy business practices, and then there's just... sleaze.
On one level, AdultFriendFinder's response is straight to the point - breaches will occur. The missing part, however, is that once your have acknowledged this your focus should turn to making sure that when a breach occurs, as little data as possible is taken.
That means strong encryption, separation of information (like billing info from profile info) and strict access control around who at the company can see what. None of which lets you off the hook on the prevention side, however - the goal being that your system should be hardened enough to prevent all but the most dedicated attacks and then, accepting that those well-financed, highly-skilled attacks may get through, ensure they can't get too much.
Maybe they actually mean this and are working in this direction but the bite released was too vague and so not reassuring. (Which is what is called for.)