|
|
|
|
|
|
by urb
4214 days ago
|
|
|
Hi Peter, Thank you for your comprehensive and insightful comments. We have a great team at LogDog and a product that can really help people. I agree that this is a complicated field and that the "bad guys" are really really smart. But you must agree with me that that is no reason not to push forward with ideas and technologies that can help people better protect themselves. In the short time since we launched, our system has already made several confirmed catches - where we were able to warn users of unauthorized access to their accounts. We put tremendous effort into securing the privacy of our users' data. We have undergone an external security audit and will continue to do so periodically. We look forward to a fruitful discussion with the security community and to providing a service that we know to be both necessary and important. |
|
|
My two greatest concerns reflect this: Without sufficient forethought, planning, and implementation, 1) your servers will be compromised and that anonymized data stolen and misused, and 2) users will have a false sense of security, especially the naive who have no reason to doubt the bold claims.
Think of the recent attacks on CurrentC systems after participating retailers disabled NFC to prevent use of Apple Pay: That brought them a lot of attention and that attention revealed that they were not ready for prime time, they simply did not grasp the enormity of the threat environment in which they hope to operate.
If you have the DevOps experience for defense-in-depth and PDRR, excellent! Hats off to you for attacking an interesting problem in an interesting manner.