Topic: Discussion: "Cybersecurity and Privacy" board + Poll (request v1) - page 8. (Read 3308 times)

I agree that less demand from multi-nationals would push companies less to take advantage of user data.

My analogy meant that companies are what have pushed the exploitation of user data and the consumer continues using the product because that is what they are familiar with. Consumers are people with lives, people who have jobs, people who do not have the time and probably can not put enough effort to form as a collective group to boycott a company for exploiting them. People accept being exploited because they do not have anywhere near enough power in comparison to the company in control of the product.

The analogy was about your comments in bold, about the business being a reflection of the consumer and that if consumers cared about privacy, companies would be more careful with it. This inherently isn't true. People do care about privacy and if they were fully aware of the changes over time to how their data was treated and had the power to say no to the way this transition happened, it would not have happened. Your comments said to me that the consumer is in control, and why I said that according to your logic, the consumer is the Shepard and the company is the sheep. In reality though, the company is the Shepard as they are in control of the product, how they conduct their business/how they treat their consumers and the consumers are the sheep as they ultimately have no control over the way the company conducts itself or how the company/its products treat them, and have little practical ability to change how it treats them without sacrificing their livelihoods temporarily/permanently for doing so.

I don't understand how you reached to this conclusion. It's obviously a flawed analogy to me.

So by the same logic, on a farm; the sheep would control the Shepard?

I'm not in favor of Microsoft, I don't say they're the best company that fits users' needs most appropriately; it's well known that they're fined frequently. What I'm saying is this: if people cared about stuff such as privacy, big companies would be more careful with it. Less demand for privacy preservation and high demand for personal information from multi-nationals pushes companies to take advantage of users' privacy.

A business is a reflection of the consumer.

Yes it does cost more for a company to actually focus on privacy and security instead of lying about it, which is why it is lied about instead of actually being secure

I also disagree that people would not pay for security and privacy under this circumstance that it could be opted into for a price. If the theoretical prompt to "opt in" or "opt out" of security and privacy was accurately described in great detail AND if this paid "opt in" was renowned and worked as intended with no doubt, I believe more people would opt in (pay) than not.

Yes, in an ideal world all of what I have said about what's in an ideal world and everything you have stated here would be true. Yes it sounds extreme in comparison to the way things are now, but it also sounds like how it should be.

That doesn't apply here. Focusing on privacy and security or not for a company is orders of magnitude different. It costs more to do so. If people were given a choice to have security and privacy with higher price, I'm sure lots would ignore it.

In an ideal world, there wouldn't be security, because there wouldn't be cyber attacks either. If that sounds extreme, in an ideal world, people would value their privacy and security more than they do now.

We could also talk about cybersec topics outside of only wallets, though. For instance, in the hardware wallet section we sometimes stumble about general (even though maybe related) questions like: 'how (in)secure is NFC' and such, but creating a topic like that just doesn't fit in the wallet section.

We could then also quote and link between topics e.g. if someone asks about the threats of using a wired USB connection with their hardware wallet, link to a cybersecurity board topic talking about USB exploits.

I like this idea! Privacy board going under the Cybersecurity board, wherever that may be placed.

If people were given a choice to have security and privacy over not, then the vast majority would surely choose it. People don't care about it because the reality is that it's too difficult to care about it or there is not enough easy to follow information that allows them to attain it (until the Cybersecurity and Privacy subforum here on bitcointalk, am I right folks?). As for Microsoft being a company, that's why I said that unfortunately we aren't in a world where companies care about the security of their consumers. In an ideal world, this would be a priority of a company offering proprietary software. In fact, I think it would be a responsibility in an ideal world. Again, we aren't in that world. In that respect I am talking (and have been since my original post) from a world that we don't live in.

Most average-knowledge users would believe that they are secure using these systems and wouldn't understand the pitfalls of using proprietary operating systems in comparison to operating systems like Linux until it's too late. Then only after being a victim will they look for alternatives and make the switch. It is not inherently their fault either as they are marketed into believing that using proprietary operating system is "secure enough".


+2

^--- this guy knows what he's talking about.


Not to mention that they had *many* different security products, and rebranded each of them with the "Windows Defender" moniker as they were throwing out old products, eg. The original Windows defender (which was just an anti-spyware FTW), then MS Security Essentials, and now whatever is being branded as "Microsoft Defender" is some completely different codebase, as MSE never had any of this stuff. And of course, "Azure Defender" which is just for cloud but who knows if they will port that to PCs as well.

3rd party AVs are not much better though; Norton(LifeLock) getting their password vault hacked again, and previously there was Kaspersky and others also hacked, ... these things are only good for protecting someone who is an actual idiot who clicks on "You Won" pages.

Look at the cause. Microsoft is a company, and a company always tries to maximize profit. There is no doubt that privacy intrusion, as long as it's not against the law, is profitable. And not just profitable, but the single most important asset of current Internet companies. If consumers don't care about that, don't expect Microsoft to blame their ethics. They're going to take advantage of it.

Now as for security, it doesn't have to do much with focus, but with another fundamental problem that is inherited in closed-source software, which is smaller group of code auditors.

I can acknowledge an abuse, but there are alternatives, such as Linux. If security and privacy was the top priority of these consumers, they'd have already switched years now.

No single person would ever use a service that discredits itself. But, people have already discovered that there are more secure and privacy-respecting software; most just don't care.

All of the flaws you see in Microsoft today are as a result of their own intrusions into user privacy. If they never intruded privacy, and instead focused on providing a secure operating system for their consumers, Windows would not be near as vulnerable as it is today. This is called greed.


As I said, that's not the world we live in:
I stand by that providing a secure environment for the end user in an ideal world should be a top priority for an operating system provider especially when they constantly market their products as secure, which they all do.


Because most normal consumers have no choice, lack of knowledge, awareness, etc. If potential vulnerabilities or what happened to the normal consumers' information were clearly stated before you booted up the OS in a picture presentation and they were made aware that this could just as easily happen to them than anyone else, do you really think everyone would still be using Windows with no precaution, as so many do? Even julerz did, and he got hacked, but my reasoning is exactly why I think he IS NOT an idiot. The reason this information is not clear unless you look for it, is because Windows want you to THINK you are safe with their "windows defender" and other garbage painted with marketing to make the end user think that they are secure, when in reality their system is as vulnerable as swiss cheese.

To which faults are you referring to?

You can't, because there is no such thing as 100% protection, literally. You should worry when using a computer that is connected to the Internet, and that's why you should take the necessary precautions. You're responsible for your security.

Plain false. If companies don't care about consumers, why are consumers picking them anyway? Companies that are careless with the user experience, go out of business. The fact that most consumers don't care about security or privacy is the root of evil. Companies only follow demand.

You're not an idiot. If you look at things from a grand perspective, it is the fault of big companies who have opened up these flaws due to their greed, they are the "root idiot" if you will. If they focused more on protecting their consumers and eliminating these possibilities, then we would not experience or have to worry about compromise. I believe that when you are using a proprietary operating system like Windows or Mac OS X, then you should be absolutely protected to the fullest extent and you should not have to even have the slightest bit of worry. Unfortunately though, we don't live in a world where companies care about consumers, so we are left to fend for ourselves if we want adequate enough cybersecurity that will allow us to use our systems in peace.

I think it's now a solid consensus between this thread and the other thread that Other > Cybersecurity and Privacy is the best fit. Now, to build upon the reasoning, find the old topics that fit in the board, find more precedent, compile it all in this thread and get more people on board to make this happen!

Voted Yes, not only because I'm one of those idiots who got hacked, but also because it is beneficial to see all security and privacy-related threads put in one place, into one board, rather than scattered all over the forum. Easier for everyone to gather information.
I also like the idea of placing it on Other. That way, it's much easier to notice than placing it as a sub-board of Wallet software. Other is like the middle-ground between Bitcoin-related topics and Altcoin-related topics. Users will be able to discuss security and privacy-related topics for both Bitcoin and the rest of all the Altcoins on it; placing it there just makes sense.

Yes. I agree:

I think that this is definitely the best fit.

Meanwhile, I am compiling more internal and external precedent, and seeking to expand on another users' post which includes existing threads that would fit into the forum. For now, I've updated the OP with our progress. I think that Cybersecurity and Privacy under the Other board is the winner for the board's location.

Details added:

I also just added a poll to the thread, since we have ironed out some more details.

It appears that some members, even those who seem to be experienced in this field, are not fully aware of or do not fully understand the significance of securing their cryptocurrency assets, and may not be utilizing all the tools at their disposal. So, in my view, having a dedicated Cybersecurity & Privacy board within a forum discussing Bitcoin and cryptocurrencies would be extremely beneficial. This board could provide a centralized place for members to discuss, share knowledge, and learn about the security and privacy of their assets and transactions, which are crucial in this ecosystem. As cryptocurrencies involve sensitive financial data and transactions, so I think it's important to ensure the safety and privacy of users.

Given that the cryptocurrency ecosystem is constantly evolving, new threats and vulnerabilities are frequently discovered. A dedicated board would be a great way for the community to stay informed about the latest developments and threats in the field, and would provide focused discussions and resources on topics such as preventing hacking and fraud, safely storing assets, and could lead to better security practices overall. I fully support this idea.

The only logical place to put it is within Other

Other -> Cybersecurity & Privacy

best to put it besides Beginner & Help.

Topics like:
Hacking incidents or tutorials on how to prevent them
News about potential wallet exploits and bugs (BTC or Altcoin)
Tutorials about anonymity

While, I haven't given it a massive amount of though, that's probably the biggest complexity if we were to add it. Where exactly would be fit it in, and what would be allowed, and not allowed in the section. I'd like to see it implemented into the main Bitcoin sections, but then that would mean we'd likely have to limit to Bitcoin related content regarding security rather than general cybersecurity principles. Which, personally I'm okay with. Off topic can house generic cybersecurity concerns. That section needs a few quality discussions going on or potentially serious discussion, but that limits the audience that can participate.

With the recent cases of hack and loss of bitcoins even affecting more experienced users and devs, it is imperative to have a dedicated board or child board which discusses the possibilities of a breach and how one can protect themselves. It could also help with some of the complacency some users feel when they've held bitcoins for a while.

This could work and serve as an umbrella board for all posts related to security and privacy. Many of such posts will fit loosely in either the Bitcoin, altcoin or economy boards, or any of the wallet child boards. But having a dedicated section where one can find all posts in one place, or at least all related to Bitcoin would be helpful.

That's actually a neat idea. Both freedoms from risk in one board.

If it doesn't get recognition, I'm not of the opinion that we should impose it (I mean, how could ever do it anyway, this forum isn't run by regular users), but it wouldn't be bad to try it out, and see how it goes.