Information Security, Privacy & Compliance

hiveminder

All things related to IT security, privacy and compliance.

Don’t forget to check out #InfoSecAndCompliance on Jaiku.

Hiveminder Security Only For Paying Customers

UPDATE: Thoughtful response from Jesse @ Hiveminder in the comments.

Fans of Getting Things Done [GTD] are on a never-ending quest for the ultimate solution to help them get and stay organized. Remember The Milk [RTM] is one Web 2.0 site growing in popularity amongst the GTD-followers which allows you to perform task management via a slick web interface, from instant messaging services, on Twitter and even has a robust API for custom integration (not to mention some very interesting Google Apps interfaces). Amazingly enough, it even allows you to perform actions over SSL so your credentials and task bits remain secure (if you’re into that whole security thing when it comes to putting your information on Web 2.0 sites).

Contrast that with another contender I just learned about - Hiveminder. It has the similar integration points and facilities (some not as spiffy as RTM), but an entry in their FAQ gave me pause:

You’re not using SSL; how do I know my password is safe?
If you have a Javascript-enabled browser (most of them are these days), then your password will be encrypted when logging in, before being sent to us over the internet. But we also offer SSL encryption as a feature to pro users.

In other words: we don’t care about the security of your data unless you pay us to.

That is a fairly cavalier attitude given that their competition lets you encrypt all web traffic whether you are entering login credentials or just plain browsing.

In many cases, Web 2.0-ish sites put features first and security second (or third), and my concern is that others will either adopt this model of “Features? Sure, you can have ‘em! You want security? Cough up some dough!” or alter their terms of service to switch to this business model at some point after they gather a decent user-base.

This is yet another example of why you need to read the fine print when choosing a product or service and - especially for Web 2.0 sites - ensure that you have complete control over your data.

Technorati Tags:

Posted in

| »