Security and Privacy Concern about Logos4 Phonning Home

Page 7 of 15 (285 items) « First ... < Previous 5 6 7 8 9 Next > ... Last »
This post has 284 Replies | 8 Followers

Posts 13379
Forum MVP
Mark Barnes | Forum Activity | Replied: Sat, Apr 24 2010 9:21 PM

They use the https protocol for transferring your data to Logos. That's as secure as it gets. No-one knows how the data is stored when it arrives, but a reasonable guess from the traffic is that it's stored on a Logos Windows 2008 server located at FiberCloud.

Posts 80
Ray Timmermans | Forum Activity | Replied: Sat, Apr 24 2010 10:08 PM

Floyd Johnson:

So if LOGOS has a security hole and a third party gets a hold of your confidential prayer requests or other notes, LOGOS is not responsible.  

Correct. If I am using Logos as a prayer diary, I am not using it properly--in fact I would be using it outside the terms of the EULA. That would not be Logos' fault, it would be mine. Furthermore, knowing that this type of information is of the kind not protected via the EULA, a case could easily be made that I would have a professional responsibility NOT TO use it in this manner because of the EULA. I expect Logos Bible Software to save my searches and give me the ability to make my research easier, not to manage every aspect of my life. And, just as I don't use a spreadsheet program to do my word processing, I don't and shouldn't use a research tool to store prayer requests. That's not its function.

Floyd Johnson:

But that does not keep you from being sued by a parishioner or his or her non-believing spouse.  Of course, you have the opportunity to turn off Internet access, work offline, etc., etc.  But then how many of us have really done this?

I'm thinking probably more should.  ;-)

Posts 27927
Forum MVP
MJ. Smith | Forum Activity | Replied: Sat, Apr 24 2010 10:32 PM

Mark Barnes:
a reasonable guess from the traffic is that it's stored on a Logos Windows 2008 server located at FiberCloud.

If my memory serves me, it was mentioned that Logos is not running their own site but is buying services from Amazon.

Orthodox Bishop Hilarion Alfeyev: "To be a theologian means to have experience of a personal encounter with God through prayer and worship."

Posts 18822
Rosie Perera | Forum Activity | Replied: Sun, Apr 25 2010 12:44 AM

Ray Timmermans:

And, just as I don't use a spreadsheet program to do my word processing, I don't and shouldn't use a research tool to store prayer requests. That's not its function.

 

But the whole reason this has become such an issue with some folks is that is part of its function. Logos has a Prayer List feature, specifically for storing your prayer requests and tracking when they are answered. Why should people be expected not to use that feature, just because of some fine print in the EULA, when it is part of the software?

Posts 13379
Forum MVP
Mark Barnes | Forum Activity | Replied: Sun, Apr 25 2010 12:51 AM

MJ. Smith:

Mark Barnes:
a reasonable guess from the traffic is that it's stored on a Logos Windows 2008 server located at FiberCloud.

If my memory serves me, it was mentioned that Logos is not running their own site but is buying services from Amazon.

They use services from Amazon to provide static files (distributing the program and resources), but syncing is not done at that server. So downloads.logos.com is an Amazon S3 server, but sync.logos.com is likely to be co-located at FiberCloud (though it may be that it's at Logos HQ and FiberCloud are just Logos' ISP).

Posts 1931
Donovan R. Palmer | Forum Activity | Replied: Sun, Apr 25 2010 6:22 AM

Bob Pritchett:
We're hoping to hire someone just to monitor the forums, but haven't had time to do that yet (let alone train them!). We do it as we can, and to save energy and time I sometimes avoid coming back to an argument we've already had thoroughly. (You'll find many explanations already on the forum for why we don't allow you to choose what to update and what not to update. For example, http://community.logos.com/forums/p/7813/62089.aspx#62089)

The trouble is a situation like this... You have over 1 GB of updates and because you don't have access to high speed internet, this is not a possibility.  Fair enough.  You just run an older version of software.  Until the last few years, software updates were much more infrequent.

HOWEVER, you want to buy a new L4 ebook to use.  Buying this book is not a problem as it is only 1mb or so.  Yet, the website says: "If you're using Logos Bible Software 4, you must choose the DOWNLOAD option."  This means the only way you can get this new book is to download all the hundreds of megabytes of updates and then you get your new book. If you cannot download the updates, you are stuck.

OK, so we can't for various technical reasons selectively download updates and materials.  Then the issue to address is the way which updates can be obtained. At present, the only way they can be obtained is via high speed internet.  The next logical solution would be DVDs. After all, for years this is the way software developers obtained much of their code for some time. 

There are two problems with this:

1. The DVD Media disk for sale on the Logos site is at 4.0a, so it isn't updated very often. 4.0c is already in beta.

2. From what I understand, the DVD Media disk does not include everything that Logos sells. So if you have invested something like an encyclopedia with pictures and it has been updated, you are sunk if if is not on the DVD media disk and you don't have access to high speed internet.

So, what is needed is a regular set of disks which include all of Logos resources and programme updates which users can purchase.  Until there is something like this, users who are stuck on the other side of the digital divide, cannot keep current, let alone buy new materials.

 

Posts 82
James Ng | Forum Activity | Replied: Sun, Apr 25 2010 7:17 AM

Mark Barnes:

They use the https protocol for transferring your data to Logos. That's as secure as it gets. No-one knows how the data is stored when it arrives, but a reasonable guess from the traffic is that it's stored on a Logos Windows 2008 server located at FiberCloud.

Thank you. I fired up wireshark and it does indeed use SSLVPN (HTTPS) and goes to FiberCloud.

Now, was this written somewhere?

Thx!

Posts 611
Graham Owen | Forum Activity | Replied: Sun, Apr 25 2010 9:52 AM

Russ White:
Find a real reason creating such a feature would cost Logos money, explain it, and given an example.

I think that the real reason that Logos created the feature was to avoid the cost of helping users synchronise their files between two or more systems. This was always a challenge in Logos 3 especially for users who actively use two systems and never knew which if any version of a user file was the master. When we first started looking at the feature in the Beta the discussions centred on the ability to synchronise and not backup files. As I see it the backup capabilities in Logos 4 are a side effect of the synchronise feature rather than a carefully planned backup solution.

God Bless

Graham

Pastor - NTCOG Basingstoke

Posts 8967
RIP
Matthew C Jones | Forum Activity | Replied: Sun, Apr 25 2010 12:30 PM

I just thought the myopic paranoia of this thread needed to read this common sense statement one more time:

Mike Binks:

Logos is a tool and it has uses for which it is appropriate and uses for which it is inappropriate.

As a study tool - a sermon preparation tool - as a reference tool it is wonderful.

In the example given with the young lady leaving the office with tears in her eyes - it would imagine that having visited a pastor for a pastoral visit she would be crying because all he seemed to do was play with his computer.

I am bemused by the concept of a prayer list that requires so much detail that it could become compromising! Maybe I work in a completely different way but my list contains just a list of names or situations. If I can't remember what I am to pray about for that person for they probably won't benefit from my prayers.

My hammer doesn't have a rubber cushion so I don't hurt my thumb - some of the things necessary to protect confidential information would affect the usefulness of Logos for its prime purpose - which seems to me to be a portable - personal - bible reference tool.

Something really bugs me about a bunch of Pastors who document sensitive, potentially devastating data on their computers.......................Or is everybody having an episode of career envy?

 

 

Logos 7 Collectors Edition

Posts 13379
Forum MVP
Mark Barnes | Forum Activity | Replied: Sun, Apr 25 2010 1:07 PM

Matthew C Jones:
Something really bugs me about a bunch of Pastors who document sensitive, potentially devastating data on their computers

I don't store personal information in Logos, but most pastors will "document sensitive, potentially devastating data on their computers", so I'm not at all sure the right attitude is to be 'bugged'. Where else would you store minutes of elders' meetings, pastoral letters to members of the congregation, notes of church discipline issues, etc.?

(In my case, my entire HDD is encrypted; my Windows-logon is secured with a password; and any highly sensitive material would also secured with a document password. Backups are done offsite, doubly encrypted. That makes store data on my computer significantly more secure than storing it in a filing cabinet, or even a safe.)

Posts 8967
RIP
Matthew C Jones | Forum Activity | Replied: Sun, Apr 25 2010 2:10 PM

Mark Barnes:
Where else would you store minutes of elders' meetings, pastoral letters to members of the congregation, notes of church discipline issues, etc.?

I wouldn't keep specific details. I did not realize the Church had to do that these days. My memory is still painfully clear regarding every spiritual crisis I had to deal with as an elder. The church discipline meetings, the visits, legal ramifications; it's all something I wish would fade with the years. My goal was to retsore a brother to right relationship with God and cover a multitude of sins. The less documentation extant, the less chance of accidentally destroying a person. Granted, that was before computers were dominant.  I understand having to documernt everything when dealing with the world (politics, business, litigation, etc.) But even then, we went in to executive session (off the record) to discuss sensitive issues.

Mark Barnes:
data on my computer significantly more secure

I'm glad you are thoughtful. But what if a court subpoenas your computer? It is easier to answer "I do not keep such records."  than to have to choose between refusing or complying. It is not a position I would want to put myself in.

Logos 7 Collectors Edition

Posts 1874
Alan Macgregor | Forum Activity | Replied: Sun, Apr 25 2010 2:51 PM

Matthew C Jones:
But what if a court subpoenas your computer?

That's obviously an issue that matters more in the US than it does here in the UK. In Scotland (which actually has a different legal system than that of England), if I am asked to produce documentation for a court proceeding, I can refuse on the grounds of pastoral confidentiality. To have any chance of getting its hands on my material, the prosecution in a criminal case would have to prove in advance that I had something which was material, say to a crime of murder or theft, to the proceedings, before a court would even try to insist. It's a defence that has always been accepted in the past, as with the Roman Catholic confessional. In a civil case it wouldn't even get that far. In Scotland, say in a divorce case, I am free to refuse to testify if I choose. Being a witness in a civil case is entirely voluntary. I have in the past refused to testify and that was that!

What I think this little example points out is just how fraught international business is and how careful Logos has to be in trusting to its EULAs. (Microsoft was fined eye-watering amounts by the EU for infringing EU anti-competition law. And though it fought it to the bitter end, Microsoft lost and had to cough up and comply, or stop selling in the EU.) When Logos used resellers in the UK, first Hodder & Stoughton and then Sunrise Software, the resellers were responsible for ensuring that they operated within EU and UK law. Since Logos now sells directly online into the EU, then they have to take responsibility for that. There are subtle and not-so-subtle differences. The relatively common language and culture that we share disguises important differences under law.

I just wouldn't use Logos 4 to hold that kind of information. I wouldn't put pastoral stuff on it, simply because I respect my people's confidentiality. I don't even write it down. My memory is such that I just lift "Jeannie Smith" and her situation before the Lord and I trust Him to know the details that I know – and much more! What my folks have told me, will die with me!

iMac Retina 5K, 27": 4GHz; 16GB RAM;MacOS 10.12.2; 1TB FD; Logos 7

MacBook Air 13.3": 1.8GHz; 4GB RAM; MacOS 10.12.2; 256GB SSD; Logos 7

iPad Pro 32GB WiFi iOS 10.2

iPhone 5s 32GB iOS 10.2

Posts 18822
Rosie Perera | Forum Activity | Replied: Sun, Apr 25 2010 11:32 PM

Graham Owen:

Russ White:
Find a real reason creating such a feature would cost Logos money, explain it, and given an example.

I think that the real reason that Logos created the feature was to avoid the cost of helping users synchronise their files between two or more systems. This was always a challenge in Logos 3 especially for users who actively use two systems and never knew which if any version of a user file was the master.

I think even more of a support cost for them was the much larger number of users who had only one computer and couldn't figure out the arcane unlock mechanism for buying books that were already on a CD they owned but which they didn't have access to. The move to L4's new system of having purchases all occur over the Internet was designed to simplify things for the users and cut down on support calls. That I think it has done. We all love it now when we buy a new book and all we have to do is restart Logos and it's there! It does mean more of a headache for those who have bandwidth issues, though. I wonder if Logos ought to go to some sort of compromise solution which gives users who have broadband the simpler experience, but still allows others to get their products the "old fashioned" way of unlocking stuff off a CD. I doubt Logos would be too thrilled about having to put back in that feature from L3 which they had grown weary of. But I think it might be the best answer to this dilemma facing missionaries in the field and such.

Posts 611
Graham Owen | Forum Activity | Replied: Mon, Apr 26 2010 1:10 AM

Rosie Perera:

Graham Owen:

Russ White:
Find a real reason creating such a feature would cost Logos money, explain it, and given an example.

I think that the real reason that Logos created the feature was to avoid the cost of helping users synchronise their files between two or more systems. This was always a challenge in Logos 3 especially for users who actively use two systems and never knew which if any version of a user file was the master.

I think even more of a support cost for them was the much larger number of users who had only one computer and couldn't figure out the arcane unlock mechanism for buying books that were already on a CD they owned but which they didn't have access to. The move to L4's new system of having purchases all occur over the Internet was designed to simplify things for the users and cut down on support calls

In the context of the original issues that synchronising was designed to address I think that everyone would agree it has simplified the way that we manage Logos and is a general improvement. I think that the issue is that it has also introduced a new type of complexity because the act of storing data to synchronise it has created a 'backup' of our data (as well as our licenses) on a central server. I'm pretty sure that Bob will not want to introduce a mechanism that will allow us to control what files are synchronised on an individual file level as that will not be consistent with the design goal for Logos 4 to reduce configuration options as a way to drive down support calls.

God Bless

Graham

Pastor - NTCOG Basingstoke

Posts 13379
Forum MVP
Mark Barnes | Forum Activity | Replied: Mon, Apr 26 2010 1:39 AM

Graham Owen:
I'm pretty sure that Bob will not want to introduce a mechanism that will allow us to control what files are synchronised on an individual file level as that will not be consistent with the design goal for Logos 4 to reduce configuration options as a way to drive down support calls.

It would be relatively simple to introduce a 'private' tick-box that we could place on individual note fields if Logos wished to do so, or indeed to switch syncing off all together. Again, I have no need for such a feature.

It may be worth adding that the sync feature is a very significant deterrent against piracy, and this shouldn't be ignored.

Posts 611
Graham Owen | Forum Activity | Replied: Mon, Apr 26 2010 1:52 AM

Mark Barnes:
It would be relatively simple to introduce a 'private' tick-box that we could place on individual note fields if Logos wished to do so, or indeed to switch syncing off all together. Again, I have no need for such a feature.

Hi Mark

I agree that it would be easy to program but I'm pretty sure that a mechanism like this will be seen as costly to support because it will generate calls about why certain files are not on my other system, etc. A major principle in the design of Logos 4 is that it is easier to support than Logos 3 a technical reality for the users of this decision is that we inevitably have fewer configuration choices.

God Bless

Graham

Pastor - NTCOG Basingstoke

Posts 2964
tom | Forum Activity | Replied: Mon, Apr 26 2010 9:57 AM

Russ White:
P.S. It frightens me that a group of people should be so unaware of the privacy and security implications of their actions, and even actively support losing their privacy

Hi Russ,

It sounds like to me that you have the same privacy concerns that I have.  I recommend that you, if you live in the U.S., contact your senators and/or your congressperson of your privacy concerns (not just with Logos, but with your personal data being stored out in 'cloud' in general).  I also recommend that you also contact privacy activist groups like EPIC (Electronic Privacy Information Center).  We are not going to change the privacy laws in the U.S. if our leaders do not know how we feel about the issue.

Posts 8967
RIP
Matthew C Jones | Forum Activity | Replied: Mon, Apr 26 2010 12:30 PM

tom collinge:

Russ White:
P.S. It frightens me that a group of people should be so unaware of the privacy and security implications of their actions, and even actively support losing their privacy

Hi Russ,

It sounds like to me that you have the same privacy concerns that I have.  I recommend that you, if you live in the U.S., contact your senators and/or your congressperson of your privacy concerns (not just with Logos, but with your personal data being stored out in 'cloud' in general).  I also recommend that you also contact privacy activist groups like EPIC (Electronic Privacy Information Center).  We are not going to change the privacy laws in the U.S. if our leaders do not know how we feel about the issue.

The forums are for discussing Logos, I don't think Congress cares about that issue (cloud synching.) Are we going to start posting URLs for our representatives next?

The greatest Constitutional mind of the 20th Century is Robert Bork. He was right to say privacy rights are NOT enumerated in the US Constitution. The US 9th Circuit Court of Appeals agreed when they allowed the FBI to hack a 15 yr old's computer to catch him making bomb threats.

Logos synching with the Cloud is not a new threat to your privacy. Pandora's box was opened years ago. Your private details are all over the web. Ever bought from Am@zon? They use a half-dozen database mirrors located around the world. Mainland China hosts one of their server farms. The US Govt. secured 100,000 blank, reusable, re-assignable, domestic wiretap warrants to fight "terrorism." Are there really 100,000 terrorists out there? Recently millions of credit card numbers were stolen in one breach.  Madison Avenue hs been collecting your purchasing data for decades. Your new cable TV boxes can report back what you watch and what commericials you skip. It's a little late to start worrying, if you haven't already been wary. Logos 4 is the least of your worries.

When Lady Godiva rode the horse through town nude, she gave up her rights to privacy! So did the Emperor when he donned his new clothes.
(If I were the Feds in charge of watching you, I would use the "privacy tick" box (the one you are demanding Logos add) to help find the data I should watch closer.) Indifferent

Logos 7 Collectors Edition

Posts 80
Ray Timmermans | Forum Activity | Replied: Mon, Apr 26 2010 12:59 PM

Matthew C Jones:

The greatest Constitutional mind of the 20th Century is Robert Bork. He was right to say privacy rights are NOT enumerated in the US Constitution.

I needed a laugh today and you gave it to me!

Matthew C Jones:

When Lady Godiva rode the horse through town nude, she gave up her rights to privacy! So did the Emperor when he donned his new clothes.

And so do Logos users who store sensitive, private information in spite of Logos' specific warnings not to in the EULA.

Posts 1692
LogosEmployee
Bob Pritchett | Forum Activity | Replied: Mon, Apr 26 2010 1:34 PM

I'm sorry we're unable to make everyone happy.

We're not anti-privacy. I like it myself. But taking on privacy needs for others is a massive responsibility, and an expensive one to implement well. So we go out of our way to disclaim responsibility and to encourage you to NOT store private or confidential information in our software.

Making lots of tough privacy policy and promises just creates a higher standard that we could be legally held to. If we were a bank, I'd consider that a cost of doing business. Since we're (largely) a sermon preparation tool, and sermons are designed to be preached aloud in public, it seems like a wiser use of our resources to put money into content, user interface, and service, rather than building a fortress to protect sermon notes.

I understand the sensitivity of prayer lists. If yours are that sensitive, don't use our prayer list feature. (It was just a "freebie add-on" to our core function; it's not the heart of our software.) If we get pressed to the wall, we're more likely to remove the prayer list feature than to implement guaranteed iron-clad security.

The world is moving to cloud-based web services over installed desktop apps. (Don't freak out -- we'll continue to support offline use for as long as a significant percentage of our users want it.) Some of us wish this wasn't so, or aren't prepared for it mentally, but it's happening none-the-less. We're designing our application for this future. I know this future is not exactly present today (that's why it's the "future!" <smile>) but it is clearly coming. In the future, our product offerings will store all the data you choose to maintain with our tools in the cloud. So implementing "hold some of my calls!" type features to pick and choose what goes to the cloud now seems like a waste of time. Relevant today, but just creating problems for the future, when you'll expect ALL of your data to magically appear on your iPhone, iPad, web site, Android, BlackBerry, iSlate, etc.

The good news:

I don't want to read your private data. :-) We're designing our systems for reasonable privacy. We just recently changed the way we store passwords, so that no one at Logos can ever see your password. (Now we can't even give it to you if you ask; we can only reset it.)

We are also bound (through a non-government, private contractual obligation) to comply with stringent credit-card security rules. This PCI Security Standard is an obligation of large merchants who charge credit cards. (See https://www.pcisecuritystandards.org/) PCI compliance has required us to implement name badges, visitor logs, run background checks on certain employees, implement two-factor authentication for certain systems, and to physically and digitally reconfigure our networks. It took us a year to comply, and we get audited.

Are your synced documents as secure as your credit card number? Probably not. Sync is new to us, and we're still working on the system. In the course of debugging things, ensuring there's no data corruption, etc. I imagine some user text (mixed in with lots of <xml>tags</xml>) appears on programmers' screens. Right now it's on a server we control, but in the future it'll probably move into Amazon's cloud based storage system. I don't know that we encrypt it at the moment.

In the future, I can see us implementing some more security. We could allow you to add a client-side-only password that would be used to encrypt your personal data before it was sent to our sync servers. Of course it would create more customer service -- if you lost it we couldn't recover it, and if you wanted to see that data on one of our future web sites, or a mobile device, you'd need to decrypt it there, etc. But if that's what eveyrone wants, we can go that direction. But it won't be immediately -- we've got what we think are higher priority tasks to get done first. (Getting sync to work with shared documents -- for people who want to share their documents -- and moved to the even more reliable Amazon servers, etc.)

I'm not trying to be difficult or insensitive. But security is complicated, expensive, and a huge responsibility. And since we get more people asking "how do I share my documents with my church/class?" than "how do I keep my document private with 256-bit military grade encryption, even when it's sent over the Internet?", it seems like the first is a better place to put our resources. (Your credit card number, which I imagine you don't want shared with your church, is locked down according to the massive PCI protocols.)

-- Bob

PS If you care enough that you want to know which algorithms, etc. then you're probably wiser to just disconnect your computer from the Internet physically. This is what real security is -- locked, windowless rooms and computers without network connections, electromagnetically shielded. Because anyone sophisticated enough to be sniffing your traffic is probably much more likely to attack through the never-ending, always-a-new-one-found hole in your operating system or web browser, or by attaching a key-logger to your physical device, than by bothering to decrypt data. Even in the most plausible "it was a secret I stored in Logos Bible Software that someone wanted to get" scenario -- say, an abusive estranged spouse wanting access to counseling notes / prayer requests? -- I would imagine that planting a spy device (voice activated recorder, key-logger, remote "laser off window" listening device) ordered off the Internet, or hacking your machine directly, would be more likely and easier than finding and extracting your data on our servers.

 

Page 7 of 15 (285 items) « First ... < Previous 5 6 7 8 9 Next > ... Last » | RSS