|
|
|
|
|
|
by mikeash
3803 days ago
|
|
|
Maybe we could go a bit further and say that a proven security breach (i.e. an unauthorized person actually accesses your device) carries some concrete liability, for example $500 plus a refund of the purchase price? It's a bit like the laws for junk faxes or illegal telemarketing calls. You don't have to take them to court or prove actual damages, you just press the "statutory damages" button when an actual violation occurs. I could see some difficulty arising from people who are breached not because of some fault with the product, but because the people made their password "password" or whatever. But maybe this would just encourage manufacturers to make it difficult to set up their devices insecurely. There might be problems with people knowing that they're breached. To combat this, you might make the $500 (or whatever amount) payable to anybody who accesses such a device in good faith. These "find an insecure web cam pointed at a baby" web sites would go from voyeuristic amusements to money makers. Just some random ideas.... |
|
|
Yeah, that's exactly the kind of thing I was thinking about for market incentives. Right now the immediate cost to a company is zero so the only question is whether it'll cost them future sales. Even a simple refund of the purchase price would be a big shift.
I rather like the bounty idea, too, particularly if we could combine it with some sort of clearing house so e.g. the person who finds an unprotected webcam doesn't have a reason (or excuse) to identify the owner.