Then slap as much security on the interfaces between these layers

Then slap as much security on the interfaces between these layers

You want to secure your site, split the web handling/presentation from the data processing, and the processing from the data extraction. Do not trust the webserver one bit. Assume the webserver is already hacked. Hell, do not trust the middle tier either – allow it only the limited data it needs for each part of the processing.

Re: ( Score: 3)

You could do things like splitting email addresses off into a different database on a different server and just keeping a hash in the main one, but it’s only mm marginally better. Basically you can’t be both secure and provide this kind of service.

As well as the terrible male to female ratio (16:1) the other big issue here is that deleted accounts were not really deleted. The European sugardaddy ia Right to be Forgotten is designed to force companies operating in the EU to really delete accounts, and this illustrates why

Re: ( Score: 3)

The European Right to be Forgotten is designed to force companies operating in the EU to really delete accounts, and this illustrates why it is needed.

I think you’re confusing two different things here. The “right to be forgotten”, as much discussed recently with regard to Google and the like, is primarily about search engines digging up old information that would otherwise naturally fade into obscurity, and in particular the danger of finding old information that looks plausible but may in fact be misleading without context or now incorrect/outdated.

Re: ( Score: 3)

The search results thing is not the right to be forgotten. Some stupid journalists got confused and called it that, but that was actually just existing data protection rules dating back to the mid 90s.

The right to be forgotten is still being looked at, but basically will allow EU citizens to require companies to delete data supplied by them (accounts, uploaded photos etc.) on request. …