| IMHO its because they are quite accurately measuring the value of investing the time. What is the likely damage? - if your photos etc. are backed up then most people (as in most of 7 billion) can get new system up and running in probably less than 100th of the time it would take them to even begin to understand how to secure their system / accounts. Secondly what are the chances of your security efforts actually making a difference? very very very low i would have thought.. you are either a low value target or you need to be an absolute expert to do anything about it. Its a bit like locking your front door or car.. we like to kid ourselves that it is what is making a difference whereas what is really important is that most people are actually not evil and don't mean you any harm. in reality both can be broken into in seconds with the most rudimentary of tools. Hacks seem to be in the categories of:
-Mass data collection to find nudes etc. (you need to have something to hide to make this an issue)
-Mass data collection to sell your data (this is being done anyway legally in broad daylight by google et al)
-You have something of value (you need to hire a security team to have any real hope of defending this) If any form of mass hack really became an issue it would be an issue for millions to billions of people, so in all likelihood it would be a world changing event for everyone if there was an issue (regardless of if they were specifically the victim or not). not to mention how much of your data will be leaked through other peoples insecurity anyways. I think more of the issue is actually the developers and the people selling software being so desperate to make money or show off they have pushed the world forward so fast that for most (all?) people being up to date with technology and secure is an either or situation never a both. Also the generally public don't believe how little major services have thought about the security implications of what they do.. the erodes their motivation in two ways: if the zuck himself cannot get security right how can I and there is no way that these companies would suggest i do something or offer a service that was inherently insecure. so a lot of random thoughts there.. but overall i would say: it takes time and those in tech need to take it more seriously first. |
Your system may provide access to other systems and it is is not to hard to make sure you are not low hanging fruit for an automated hack.. so its totally worth investing the time and effort.. plus your online persona etc. is statistically probably more important to you for all kinds of reason..
but really that type of user accounts for a very low percentage.
Also note that corporate PCs (which are a much more valuable target for general hacks) often have lots more security including hardware 2 factor etc.
Also note i am no security expert, i am just talking about what its like trying to get people i talk to to care about security / privacy.