I can not agree more, Barry. Very nicely put. Rainer
> On 8 Aug 2018, at 18:10, Barry Rowlingson <b.rowling...@lancaster.ac.uk> > wrote: > > On Wed, Aug 8, 2018 at 4:09 PM, Laurence Clark > <laurence.cl...@healthmanltd.com> wrote: >> Hello all, >> >> I want to download R and use it for work purposes. I hope to use it to >> analyse very sensitive data from our clients. >> >> My question is: >> >> If I install R on my work network computer, will the data ever leave our >> network? I need to know if the data goes anywhere other than our network, >> because this could compromise it's security. > >> Is there is any chance the data could go to a server owned by 'R' or >> anything else that's not immediately obvious, but constitutes the data >> leaving our network? > > You are talking mostly to statisticians here, and if p>0 then there's > "a chance". I'd say yes, there's a chance, but its pretty small, and > would only occur through stupidity, accident or malice. > > In the ordinary course of things your data will be on your hard disk, > or on your corporate network drives, and only exist between your > corporate network server and your PC's memory. R will load the data > into that memory, do stuff with it in that memory, and write results > back to hard disk. Nothing leaves the network this way. > > However... R has facilities for talking to the internet. You can save > data to google docs spreadsheets, for example, but you'd have to be > signed in to google, and have to type something like: > >> writeGoogleDoc(my_data, "secretdata.xls") > > that covers "stupid". You should know that google docs are on google's > servers, and google's servers aren't on your network, and your secret > data shouldn't go on google's servers. > > Accidents happen. You might be working on non-secret data which you > want to save to google docs, and accidentally save "data1" which is > secret instead of "data2" which is okay to be public. Oops. You sent > it to google. Accidents happen. > > "malice" would be if someone had put code into R or an add-on package > that you use that sends your data over the network without you > knowing. For example maybe every time you fit a linear model with: > > lm(age~beauty, data=people) > > R could be transmitting the data to hackers. But the chance of this is > very small, and I don't think any malicious code has ever been > discovered in R or the 12000 add-on packages downloadable from CRAN. > Doesn't mean it hasn't been discovered yet or won't be in the future. > > It used to be said that the only machine safe from hackers was one > unplugged from the network. But now hackers can get to your machine > via malicious USB sticks, keyboard loggers, and various other nasties. > The only machine safe from hackers is one with the power off. But take > the power plug out because a wake-on-lan packet could switch your > machine on remotely.... > > Barry > > > > > > > >> Thank you >> >> Laurence >> >> >> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- >> Laurence Clark >> Business Data Analyst >> Account Management >> Health Management Ltd >> >> Mobile: 07584 556498 >> Switchboard: 0845 504 1000 >> Email: laurence.cl...@healthmanltd.com >> Web: www.healthmanagement.co.uk >> >> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- >> CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole >> use of the intended recipients and may contain confidential and privileged >> information or otherwise be protected by law. Any unauthorised review, use, >> disclosure or distribution is prohibited. If you are not the intended >> recipient, please contact the sender, and destroy all copies and the >> original message.<BR><BR>MAXIMUS People Services Limited is registered in >> England and Wales (registered number: 03752300); registered office: 202 - >> 206 Union Street, London, SE1 0LX, United Kingdom. The Centre for Health and >> Disability Assessments Ltd (registered number: 9072343) and Health >> Management Ltd (registered number: 4369949) are registered in England and >> Wales. The registered office for each is Ash House, The Broyle, Ringmer, >> East Sussex, BN8 5NN, United Kingdom. Remploy Limited is registered in >> England and Wales (registered number: 09457025); registered office: 18c >> Meridian East, Meridian Business Park, Leicester, > Leicestershire, LE19 1WZ, United Kingdom.</font> >> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- >> >> >> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- >> >> >> ##################################################################################### >> Scanned by MailMarshal - M86 Security's comprehensive email content security >> solution. >> Download a free evaluation of MailMarshal at www.m86security.com >> ##################################################################################### >> >> ______________________________________________ >> R-help@r-project.org mailing list -- To UNSUBSCRIBE and more, see >> https://stat.ethz.ch/mailman/listinfo/r-help >> PLEASE do read the posting guide http://www.R-project.org/posting-guide.html >> and provide commented, minimal, self-contained, reproducible code. > > ______________________________________________ > R-help@r-project.org mailing list -- To UNSUBSCRIBE and more, see > https://stat.ethz.ch/mailman/listinfo/r-help > PLEASE do read the posting guide http://www.R-project.org/posting-guide.html > and provide commented, minimal, self-contained, reproducible code. -- Rainer M. Krug, PhD (Conservation Ecology, SUN), MSc (Conservation Biology, UCT), Dipl. Phys. (Germany) University of Zürich Cell: +41 (0)78 630 66 57 email: rai...@krugs.de Skype: RMkrug PGP: 0x0F52F982
signature.asc
Description: Message signed with OpenPGP
______________________________________________ R-help@r-project.org mailing list -- To UNSUBSCRIBE and more, see https://stat.ethz.ch/mailman/listinfo/r-help PLEASE do read the posting guide http://www.R-project.org/posting-guide.html and provide commented, minimal, self-contained, reproducible code.
