@cerberus I’d be showing far greater concern for those elastic search databases being stored in unencrypted S3 buckets. Research and previous media reports show this area as the most common source of attack.
You have hundreds of “boutique” firms scraping LinkedIn data and storing it completely unsecured, and without addressing this elephant in the room, the problem will not subside - it will only get much worse.
Welcome to the Community, and thanks for joining us. We’re very into security and technology, and are always happy to meet people who feel the same way. We want everyone to get the most out of the platform, so we ask that you please read and follow these guidelines. And enjoy your visit here! We have some relatively simple rules here, so please take the time to read the below
Make Yourself Heard
Spend some time browsing the platform, familiarise yourself with the tag system, and do a few searches for keywords related to your topic: it could be someone has already started a discussion about it. If you don’t search, you won’t find ? When you’re sure you’re ready to start a discussion, please keep the following points in mind:
Give it a good title! You’ll get the best results if your title makes it clear what you want to talk about.
Choose the right tag(s). This will increase the likelihood your post will be read and answered promptly.
Don’t post repeatedly about the same topic, as doing so will tend to have the opposite effect.
If not using a tag set aside for multilingual use, post in English only. We can’t help if we can’t read you!
Remember, you don’t need to sign your posts. We’ve got your profile to let us know who you are.
Please make the effort to help us keep things organised.
Make Your Reply Count
You’re taking the time to participate in a discussion, in the hope that others will read your ideas and take them into consideration. So why not make the effort to make your reply worth reading?
Don’t reply to a title. Take some time to read the original post, and at least scan the rest of the conversation first.
Ask yourself if your reply adds to the discussion. If it doesn’t, give it some more thought before posting.
Avoid making one-word posts just to agree with someone; you can use the “upvote” link for that ?
Avoid making multiple posts in a row when one would suffice. This is a forum, not Facebook.
If your reply is likely to divert the course of the discussion, consider starting your own discussion instead.
If you just want to post a bit of nonsense as a test, please do it in the Test Posting tag instead.
Make sure your replies provide constructive feedback and support to allow for an inclusive community.
No one’s going to complain about the occasional joke or smart remark. We like to keep the mood light – but, to keep things productive, as well, we ask that you try to avoid derailing a discussion altogether.
Above All, Be Polite, and Professional
We’re all here to talk about the things that matter to us, and to work together toward making it an even better experience. Criticising ideas (by means of reasonable arguments, of course) is an important part of that. But let’s not get carried away and devolve into personal attacks, because negativity only gets in the way. We also ask that you avoid the following:
Offensive or abusive language, as well as any kind of hate speech
Posts intended to harass, impersonate, or defame others
Unnecessary deletion of posted content
Attempts to abuse or expose the private information of others
Obscene or sexually explicit content
Spam, phishing posts, and any actions intended to deface this site
Discussion of software piracy and similar topics
All the above are grounds for moderator action. If you have an issue with another member, we ask that you please don’t confront them yourself. Please just use the Report command on the post in question, then leave it up to the admin to deal with the situation.
Our moderators may edit or delete any content that is offensive or disruptive to the flow of communication. Serious or repeated offences will lead to suspension of the offending user’s account. So, you know, be polite, and professional. Courtesy costs you nothing to give and receive, so let’s all be mindful of that please.
Your privacy is important to us. It is Hostrisk’s policy to respect your privacy regarding any information we may collect from you across our website, https://hostrisk.com, and other sites we own and operate.
Information we collect
When you visit our website, our servers may automatically log the standard data provided by your web browser. This data is considered “non-identifying information”, as it does not personally identify you on its own. It may include your computer’s Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details.
We may ask for personal information, such as your name and email address. This data is considered “identifying information”, as it can personally identify you. We only request personal information relevant to providing you with a service, and only use it to help provide or improve this service.
How we collect information
We collect information by fair and lawful means, with your knowledge and consent. We also let you know why we’re collecting it and how it will be used. You are free to refuse our request for this information, with the understanding that we may be unable to provide you with some of your desired services without it.
Use of information
We may use a combination of identifying and non-identifying information to understand who our visitors are, how they use our services, and how we may improve their experience of our website in future. We do not disclose the specifics of this information publicly, but may share aggregated and anonymised versions of this information, for example, in website and customer usage trend reports.
Data processing and storage
We only retain personal information for as long as necessary to provide a service, or to improve our services in future. While we retain this data, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorised access, disclosure, copying, use or modification. That said, we advise that no method of electronic transmission or storage is 100% secure, and cannot guarantee absolute data security.
We use “cookies” to collect information about you and your activity across our site. A cookie is a small piece of data that our website stores on your computer, and accesses each time you visit so we can understand how you use our site and serve you content based on preferences you have specified.
This website does not knowingly target or collect personal information from children. As a parent/guardian, please contact us if you believe your child is participating in an activity involving personal information on our website, and you have no received a notification or request for consent. We do not use your supplied contact details for marketing or promotional purposes.
Limits of our policy
Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices.
Changes to this policy
At our discretion, we may update this policy to reflect current acceptable practices. We will take reasonable steps to let users know about changes via our website. Your continued use of this site after any changes to this policy will be regarded as acceptance of our practices around data and personal information.
Your rights and responsibilities
As our user, you have the right to be informed about how your data is collected and used. You are entitled to know what data we collect about you, and how it is processed. You are entitled to correct and update any personal information about you, and to request this information be deleted.
You are entitled to restrict or object to our use of your data, while retaining the right to use your personal information for your own purposes. You have the right to opt out of data about you being used in decisions based solely on automated processing.
Feel free to contact us if you have any concerns or questions about how we handle your data and personal information.
By accessing the website at https://phenomlab.com, you are agreeing to be bound by these terms of service, all applicable laws and regulations, and agree that you are responsible for compliance with any applicable local laws. If you do not agree with any of these terms, you are prohibited from using or accessing this site. The materials contained in this website are protected by applicable copyright and trademark law.
2. Use Licence
Permission is granted to temporarily download one copy of the materials (information or software) on Phenomlab’s website for personal, non-commercial transitory viewing only. This is the grant of a licence, not a transfer of title, and under this licence you may not:
modify or copy the materials;
use the materials for any commercial purpose, or for any public display (commercial or non-commercial);
attempt to decompile or reverse engineer any software contained on Phenomlab’s website;
remove any copyright or other proprietary notations from the materials; or
transfer the materials to another person or “mirror” the materials on any other server.
This licence shall automatically terminate if you violate any of these restrictions and may be terminated by Phenomlab at any time. Upon terminating your viewing of these materials or upon the termination of this licence, you must destroy any downloaded materials in your possession whether in electronic or printed format.
The materials on Phenomlab’s website are provided on an ‘as is’ basis. Phenomlab makes no warranties, expressed or implied, and hereby disclaims and negates all other warranties including, without limitation, implied warranties or conditions of merchantability, fitness for a particular purpose, or non-infringement of intellectual property or other violation of rights.
Further, Phenomlab does not warrant or make any representations concerning the accuracy, likely results, or reliability of the use of the materials on its website or otherwise relating to such materials or on any sites linked to this site.
In no event shall Phenomlab or its suppliers be liable for any damages (including, without limitation, damages for loss of data or profit, or due to business interruption) arising out of the use or inability to use the materials on Phenomlab’s website, even if Phenomlab or a Phenomlab authorised representative has been notified orally or in writing of the possibility of such damage. Because some jurisdictions do not allow limitations on implied warranties, or limitations of liability for consequential or incidental damages, these limitations may not apply to you.
5. Accuracy of materials
The materials appearing on Phenomlab’s website could include technical, typographical, or photographic errors. Phenomlab does not warrant that any of the materials on its website are accurate, complete or current. Phenomlab may make changes to the materials contained on its website at any time without notice. However Phenomlab does not make any commitment to update the materials.
Phenomlab has not reviewed all of the sites linked to its website and is not responsible for the contents of any such linked site. The inclusion of any link does not imply endorsement by Phenomlab of the site. Use of any such linked website is at the user’s own risk.
Phenomlab may revise these terms of service for its website at any time without notice. By using this website you are agreeing to be bound by the then current version of these terms of service.
8. Governing Law
These terms and conditions are governed by and construed in accordance with the laws of United Kingdom and you irrevocably submit to the exclusive jurisdiction of the courts in that State or location.
What is a cookie?
A cookie is a small piece of data that a website stores on your device when you visit, typically containing information about the website itself, a unique identifier that allows the site to recognise your web browser when you return, additional data that serves the purpose of the cookie, and the lifespan of the cookie itself.
Cookies are used to enable certain features (eg. logging in), to track site usage (eg. analytics), to store your user settings (eg. timezone, notification preferences), and to personalise your content (eg. advertising, language).
Cookies set by the website you are visiting are normally referred to as “first-party cookies”, and typically only track your activity on that particular site. Cookies set by other sites and companies (ie. third parties) are called “third-party cookies”, and can be used to track you on other websites that use the same third-party service.
How you can control or opt out of cookies
If you browse websites from multiple devices, you may need to update your settings on each individual device.
Although some cookies can be blocked with little impact on your experience of a website, blocking all cookies may mean you are unable to access certain features and content across the sites you visit.
However, if you want to opt out of certain cookies, this can be managed from your browser settings. The exact steps vary from browser to browser, but the links below go to the relevant documentation for most popular browsers: