Davey Winder on user privacy and transformation of online security

Hit ‘em where it hurts – their wallets: Davey Winder on businesses that don’t respect user privacy

6 Mins Read

PUREVPNAt PureVPNHit ‘em where it hurts – their wallets: Davey Winder on businesses that don’t respect user privacy

Davey Winder is an accomplished freelance technology journalist, with a career spanning over 30 years. He regularly contributes to PC Pro and Forbes. Winder has received several awards over the years, most recently ‘Cyber Writer of The Year’ in 2020 and  ‘Most Educational Content’ at the European Cybersecurity Blogging Awards’ as co-founder of Forbes’ ‘Straight Talking Cyber’ video series. 

Winder also contributes to The Register, Infosecurity Magazine, SC Magazine UK, The Times and Sunday Times (Raconteur Special Reports), and Digital Health Intelligence. In 2011, he was presented with the ‘Enigma Award’​ for his lifetime contribution to information security journalism.

You can find an u- to-date archive of Winder’s ’s work at https://authory.com/DaveyWinder

Question 1: You’ve covered three decades worth of advancements in technology. From a broader perspective, how has technology progressed over these years?

Winder: I started my career writing about bulletin boards and modems when the internet wasn’t on many people’s radar, truth be told. Getting online back at the end of the eighties was a very different proposition to now. Not only did you need a certain amount of technical knowledge to be able to navigate the modem handshakes and file transfer protocols but you also needed a lot of patience and a fair amount of cash. Patience because, well, let’s just say I was ‘fortunate’ enough that my first modem ran at a speed of 1200/75 bits/s. Yes, bits. That was 1200 download and 75 back up, perfect for connecting to BBS’s but not exactly speedy. Nor cheap. The slow rate of everything was exacerbated by the cost, with many services charging a pay-per-minute price plus the standard call rate at the time. Hence, the reason so many of us old-timers used off-line readers (OLR’s) that we’d set to connect during off-peak hours, grab all our forum messages, email and files, then disconnect so we could reply at leisure and then uploaded them all in one relatively quick fell swoop. No wonder many of us, cough, and yes I include myself here, were looking for ways to get around the costs. This is where much of the early hacking started, well, that and a thirst for more technical knowledge of the emerging online networks of the day.

That knowledge, that self-learning, that hacking, was put to good use and enabled me to become a freelance journalist covering all this and more. More being the emergence of the internet as a thing, which I enthused about in print, on the TV (anyone remember The Net series on BBC2?) and radio, and to anyone who would listen. Of course, the changing online technologies, from faster modems (28.8 kilobits per second, then 33.6kbps and, oh gosh, 56k) to packaged software suites on floppy discs complete with easier to use interfaces, and the birth of the web and in 1993, the first graphical web browsers in Mosaic and Cello, meant that threats were changing as well. Indeed, I was amazed when, as a very gobby and unorthodox individual, I won the Technology Journalist of the Year award in 1996, beating off much better folk from the likes of the BBC and the Times. That award was for a forward-looking feature in PC Pro magazine titled “Threats to the Internet.”

It’s true to say that you can pretty much map the evolution of cybercrime to the evolution of technology itself.

The more people turned onto the internet, the more threats emerged. Initially, with a few exceptions, aimed at individuals and often ‘virus’ based. Eventually, however, as more businesses got connected, more threats, more cybercrime, moved to where the real money was. A trend that has not continued to this day, I should add: while ransomware has become very much an organized cybercrime targeting business, other criminals have opted for the perceived softer consumer targets. Phishing, social engineering, a myriad of scams continue to plague ordinary users and will for as long as money is being made.

Question 2: In your opinion, are we headed in the right direction, or will we see technology collapse due to human error?

Winder: I think that ‘collapse’ might be just a tad too hyperbolic even for a long in the tooth, and short in the hairline, journalist like me. The information security sector is heading in the right direction for sure. More people have the training and experience to help protect business and data than ever before. At the same time, ordinary users, outside of the cybersec industry bubble, are becoming ever more aware of the types of threat that exist and how to mitigate them: case in point, good password hygiene and the part that password managers play in that. Unfortunately, cybercriminals are also becoming more experienced and adept at finding ways to bypass our protections. Whether that’s through social engineering or server misconfiguration (the human error you mentioned) or exploiting hardware/software vulnerabilities that remain unpatched, the end result is still increasing levels of cybercrime at an increasing cost to end users and business alike. Will tech collapse under the strain? Nah. Tech will evolve and improve, for both sides, and we’ll continue to teeter on the edge for the foreseeable future.

Question 3: The digital transformation brings its own set of challenges. From a cybersecurity perspective, is our digital IT architecture secure enough to combat cyberattacks?

Winder: Depends how you define ‘our’ and ‘cyberattack’ to be honest. Do nation-states have robust enough critical IT infrastructures to withstand attack? Mostly, it would seem on the surface, but when a ransomware actor can disrupt the energy supply to a large swathe of the United States, as seen during the Colonial Pipeline attack, you must question that assumption. The hope, the only hope in fact, is that enough lessons are learned and changes implemented, in a short enough time, to prevent similar disruptions across other critical sectors. Does business have robust enough defences? Again, the pragmatic answer has to be no, at least that’s what the number of data breaches and ‘successful’ ransomware attacks would suggest. If I were marking school reports on this one, it would be a resounding C and a note saying ‘must do better.’

Question 4: What’s the one thing businesses and individuals aren’t doing right regarding the privacy and security of user data?

Winder: The glib, but largely accurate answer nonetheless, is they are not taking it seriously enough. Be that the mega-corporations that exist largely to scoop up our data and monetize it by selling access to it, and our privacy at the same time, to whoever has the money to pay, or the companies that cut corners to save time and money when it comes to protecting our data. Stricter regulations, such as the GDPR in Europe, have helped focus minds through the threat of serious financial penalties, but there haven’t been enough of them. I’ve said it before and will say it again, we must do better. All of us. Individuals need to vote on the issue with their feet, stop using services that don’t actually take their privacy or security seriously. Hit those businesses where it hurts, right in the wallet. It’s the only way that things stand any chance of improving. The Apple app tracking transparency framework for iOS users being a prime example of how easy, from the user perspective, and hard-hitting, for the advertising business, this can be. Of course, with the developing controversy about Apple child sexual abuse material (CSAM) on device has led to people questioning even those companies whose culture is almost built around privacy: ‘What happens on your iPhone stays on your iPhone’ suddenly has a lot less marketing impact.

Question 5: Apart from the buzzing world of technology, how do you spend your holidays?

Winder: You know I’m a self-employed, freelance writer, right? I don’t do holidays as such, and even if I do manage to grab a couple of days away somewhere then my iPhone and iPad are always going to be with me so that I can respond to some breaking news story or other. Deadlines wait for nobody, and I am fortunate enough to have regular work that requires me to hit them month in, month out. Now, if you were to ask what I do to relax, then that’s a bit easier. I like to do some Viking exploration in Assassin’s Creed Valhalla or shoot some random people in Call of Duty on the PlayStation 5. I enjoy reading, on a current generation Kindle Oasis. I collect vintage (1990’s) Matryoshka dolls depicting Soviet leaders as well as pre-Columbian pottery depicting the monkey form. So, I can often be found relaxing by scanning eBay and other auction sites for these. Ah, did you say apart from the buzzing world of technology? Erm, I like to go for long walks in the West Yorkshire countryside that I’m blessed to live amongst, although I do listen to music via Spotify on my iPhone and a pair of Sony WF-1000XM3 earbuds. Damn, failed again.

Thank you very much Davey for the interview. Our readers will definitely love this interview. As for our readers, you can follow him through his Twitter where he often tweets @happygeek or follow him on Linkedin https://www.linkedin.com/in/happygeek/.




November 24, 2022


2 years ago

PureVPN is a leading VPN service provider that excels in providing easy solutions for online privacy and security. With 6000+ servers in 65+ countries, It helps consumers and businesses in keeping their online identity secured.

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.