But how can you change the situation, if consumers don't care enough to educate themselves? A government decree wouldn't help in this case, as governments can't be trusted with protecting privacy.
Since you ask, I think a neglected part of the solution might lie in getting businesses to communicate securely. Unlike individuals, businesses actually care quite a lot if their data leaks.
I think maybe people have wasted a lot of time trying to peddle crypto to hippies and politicos, when lawyers and insurance companies might have been a more receptive audience. The only way PGP was ever going to get any adoption was if people feared getting fired for sending unencrypted private info.
And of course once there's a critical mass of people who know what a private key is due to their work, it's a smaller step to get individuals to encrypt things voluntarily.
>businesses actually care quite a lot if their data leaks.
How are you coming to that conclusion? Companies may say they take security seriously and they want to avoid becoming the next Sony or Home Depot, but how many actually allocate resources accordingly? It's much more efficient to just issue a press release and offer to pay for credit monitoring services that virtually nobody will actually use.
What do you think that lawyers and insurance companies have to gain from better crypto (than HTTPS)? Most leaks come from poorly secured servers and compromised credentials. I have a hard time thinking of a realistic threat that an insurance company or law firm could mitigate with PGP everywhere.
I'm curious how other industries handle similar issues. It's possible this is one of those things where we just need enough people to be hurt by it before anyone pays attention. I hope we can stop it before it gets to that level, though.
Joeboy|9 years ago
I think maybe people have wasted a lot of time trying to peddle crypto to hippies and politicos, when lawyers and insurance companies might have been a more receptive audience. The only way PGP was ever going to get any adoption was if people feared getting fired for sending unencrypted private info.
And of course once there's a critical mass of people who know what a private key is due to their work, it's a smaller step to get individuals to encrypt things voluntarily.
794CD01|9 years ago
How are you coming to that conclusion? Companies may say they take security seriously and they want to avoid becoming the next Sony or Home Depot, but how many actually allocate resources accordingly? It's much more efficient to just issue a press release and offer to pay for credit monitoring services that virtually nobody will actually use.
sjy|9 years ago
CaptSpify|9 years ago