a thoughtful web.
Good ideas and conversation. No ads, no tracking.   Login or Take a Tour!
comment by Dearon
Dearon  ·  3464 days ago  ·  link  ·    ·  parent  ·  post: Controversial exploit manufacturer "HackingTeam" hacked

I think we should expect high security from anyone who is dealing with sensitive information, no one wants to see their data leaked after all.

But in practice it's not realistic to expect that companies have perfect protection, if you face an APT like a nationstate for example you're generally pretty screwed (e.g. Kaspersky). But when you do have a company which is in the business of security, like HackingTeam, it's much more reasonable to expect them to at least have the basics in order (like strong passwords). Their company as a whole knows how important those basics are after all given that they are demonstrated time and time again (like the recent successful phishing attacks on a number of US-based healthcare companies).