Greater security these days tends to lead to greater vigilance. So Dave’s views on security versus privacy were quite unexpected.
“I fully endorse both. I do not see them as working at odds with each other. There are governments who would seriously disagree with me on that particular point. But I’m very much a champion of protecting folks, making sure their privacy, their data is secure. I do not believe in giving unfettered access to data by third parties.”
Dave cited his own experience of seeing websites for financial services organisations that only permitted a four-character password, ones that would expose customer data with a simple trick.
He added that these are just some examples of the errors that can happen when deploying a site. In his talk, he provided examples of poor implementations, code errors and how security can be better deployed.